You can rely on the traditional unix groups (sort of) Just:
- create a new group
- addusers to the group “$ adduser user group” is the way to go
- make a directory owned by this group to share files
- change the umask to 002, which allows group write access to all new files. For Debian systems this is set in:
An additional thing you might want to try is that if you make umask 002, this means all members of the group (which appears to be everyone with an AD login) can read and write the files you create on the unix box. To avoid everyone reading and writing your files you can change the group of your home directory to a local group and then set that directory sgid as well.
Of course this may introduce a huge security hole but it seems to work o.k. for me.
Don’t follow this advice unless you actually know what you are doing..