I'm accesing SMB share simply using Windows Explorer (on WIndows 11) using UNC path.
As I mentioned above, if group entry is added for GID 2000, everything works ok. But somehow it does not feel right that both group@ and group (same GID) has to be added with same permissions :)