Our school has gone dual platform by adding Macs. The infrastructure is still Windows, but there is a problem when Mac users connect to their home folder. Initially it was a matter of staff having access to others folders by virtue of the group they belonged to if we gave that group access right at the root folder it propagated down. If we removed the group from the root and gave the access just to the home folder, users found that when opening documents, the were unable to save changes, would have to perform a save as, which produced clutter.
I now see that if I share the users individual folder and allow them to connect all seems to work as it should, plus can restrict access.
Not sure if this is the best way, also wondering if there is a down side to having so many shares, because this would need to happen for all staff (mac users) 110+ and possibly students. If there is something that would work better, open to other ideas.
hope it helps