We need to setup share access to both Ux and Windows clients from 2 seperate domains. User authenication to be controlled by Windows AD credentials. We are not running any Services for Ux on Windows DCs, no LDAP, etc. Ther eis a windows trust between the 2 domains.

The reason for using windows creds is to avoid having to create local Ux accounts on the samba server.

We've setup samba on a RH 6.4 server using security=ADS (Windows domain) with access to a share controlled by group membership. As it is, the setup works for windows client access from both domains however Ux users are getting permission denied in write operations. They can mount and read. (On Ux client side there are mounting a CIFS share.)

What needs to be in place/configured in order to allow user access to the same share from both Ux and Windows? (Client or server config change)
My current samba config -

[global]
workgroup = DEVENG
netbios name = arc
bind interfaces only = yes # to get rid of host/address mismatch
interfaces = lo eth0 127.0.0.1 10.128.xx.xx/24
hosts allow = 127. 10.128. 192.
smb ports = 139 445

----------------------- Domain Members Options ------------------------

realm = DEVENG.LOCAL
security = ADS
encrypt passwords = yes
password server = *
template shell = /bin/bash
idmap uid = 500-1000000
idmap gid = 500-1000000
winbind use default domain = yes
winbind nested groups = yes

----------------------- Browser Control Options ----------------------------

local master = no
preferred master = no
os level = 33

============================ Share Definitions ==============================

[neteng]
comment = Network Engineering share
path = /fs_neteng
browseable = yes
writable = yes
valid users = @Neteng

And the kerbos config:
/etc/krb5.conf

[libdefaults]
default_realm = DEVENG.LOCAL
dns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true

[realms]
DEVENG.LOCAL = {
kdc = DEVENGDC1.DEVENG.LOCAL
}

[domain_realm]
.DEVENG.LOCAL = DEVENG.LOCAL