Hey all,
Firstly, i'm migrating from another NAS box and I am testing access as I migrate from old NAS (QNAP) to TrueNAS Scale.
I am using Emby as an application on a windows box elsewhere. I have set the permissions for my dataset and SMB share to match the same as the existing share.
My box is AD integrated and share permissions are everyone/full, SMB (NFSv4 permission type) share is
domain\media user /modify
domain\media group /modify (contains AD computer account of Emby server that runs the emby server application, and AD user account that runs the emby client application
domain\admins /full (for admin and general troubleshooting but would love to remove this down the track as it's not how I use it on old NAS so not required long term
My problem is this. The server application can see the share, it can traverse the contents and read all the media content so the application can play videos. WIN. BUT any new content is not added to the database. Looking at the server logs, I'm getting access denied messages.
Is anyone able to help out on if computer accounts are handled differently for permissions? I cannot currently change the service to run under a different user account other than a domain admin (which fixes it but I don't want this). I've checked with the application side and it is confirmed what user account i'm troubleshooting is the one running the service (in this case, the AD service account of the computer, which is part of the AD security group "media group".
Firstly, i'm migrating from another NAS box and I am testing access as I migrate from old NAS (QNAP) to TrueNAS Scale.
I am using Emby as an application on a windows box elsewhere. I have set the permissions for my dataset and SMB share to match the same as the existing share.
My box is AD integrated and share permissions are everyone/full, SMB (NFSv4 permission type) share is
domain\media user /modify
domain\media group /modify (contains AD computer account of Emby server that runs the emby server application, and AD user account that runs the emby client application
domain\admins /full (for admin and general troubleshooting but would love to remove this down the track as it's not how I use it on old NAS so not required long term
My problem is this. The server application can see the share, it can traverse the contents and read all the media content so the application can play videos. WIN. BUT any new content is not added to the database. Looking at the server logs, I'm getting access denied messages.
Is anyone able to help out on if computer accounts are handled differently for permissions? I cannot currently change the service to run under a different user account other than a domain admin (which fixes it but I don't want this). I've checked with the application side and it is confirmed what user account i'm troubleshooting is the one running the service (in this case, the AD service account of the computer, which is part of the AD security group "media group".
