Hi. I have samba on centos 7, verion 4.8.3. It set up it with this instruction https://www.freeipa.org/page/Howto/Integrating_a_Samba_File_Server_With_IPA Difference only - security = user, becose with ads I cant connect. Also I have AD integrations and linux acls on shares, all works fine. Now I want to migrate on Oracle Linux 8. There is samba versions from 4.9.1-8.el8 to 4.16.4-2.0.1.el8. I make same settings on new server. But with versions 4.15 - 4.16 I can't connect to the server from windows clients. And can connect from Linux client (Ubuntu 20.04). With versions 4.9 - 4.14 I can connect to the server from both types clients, but there is strange situation with acls. setfacl -m user:username@ad_domain:rwx -R dir/  - ad user can write,read setfacl -m group:ipa_group:rwx -R dir/ - ad user can't into directory, from ubuntu doesnt see dir   I add AD group wia external group to ipa. With centos 7 all works fine. On the new server I can see ad user into ipa group and ad group. Also, I can work with this dirs via NFS - all works properly for IPA and AD users and groups.   Any ideas? What did I miss?