How to set permissions so a user can makes folders/files on a share but not acess other users

Hi, This should be easy but I'm having trouble. We have a AFS server running 10.5.x that our users use to store video on. The network is AD based and the server is bound to the domain. Here is what I want to do. Upon logging in to the server with their domain credentials we want the user to make a folder for themselves. They should have access to this folder but not folders made by others on the share. Right now we've got it set-up so users can do this but all other folders are read-only. We want them to be set to deny. How can we set the permissions to accomplish this? Right now we have made a local group and put our domain\all users group into it. On the share we this group has Read & Write in the ACL. The POSIX is set for Read & Right on Root, Admin, Other. At first blush this seem very open but locking it down futher has caused users to not be able to access the share. I would appropriate any input. Thanks!