I'm going to do my best to explain.

In Windows 2003 AD has a Terminal Services GPO where you can define a terminal services home directory and profile directory and map it.

It expects an SMB share so that when it maps the drive it map roots it.

We put in a CIFS share like:
"do not append username to directory" is disabled (so that it DOES put on the \username)

The issue:

If you were in "pure windows" land, you would create a share in Windows and give the SHARE the following rights:

Create Files/Write Data
Create Folders/Append Data

Then, when you logged in, the GPO would apply and it would create a folder for you and give you rights to the folder.

Unfortunately it seems that with CIFS I cannot give "share" level rights and in order to get it to create a folder I have to give it WC rights.

But then I don't see any way to let it give the necessary rights to the FOLDER to actually create/modify files in the subfolder

I am assuming that the GPO is expecting native SMB calls to assign the rights and that just won't work with CIFS, yes?

If that's the case, unfortunately DSFW won't work for us either because you can't map to an entire tree, but can only map to partitions, plus we already have IDM for syncing.

In which case we'll have to use regular Windows shares/servers for this.

But was hoping to do this with CIFS.