SOLVED ACLs configuration problem

[bhoriss]

Hi,
I am new to FreeNAS, linux and ZFS.
In the past months, i have followed many guides and read many forums concerning FreeNAS and ZFS. I have always had an interrest in linux.

I have setup a server machine that I use as a NAS. Freenas 9.10 installed on it.
I have setup my root access. I manage to have access to the FreeNAS GUI via my browser on my windows machine.
I have setup a group called Admins and a user called cp.
I have setup a volume with different datasets. One of them is called Audiovisuel. The owner user is cp, the owner group is Admins, permission type windows.
I have setup an SMB share for that dataset called Audiovisuel with default permissions.
My SMB service is setup as such: NetBIOS name: freenas workgroup: RX (same as my windows machine) local master ticked, time server for domain: ticked Guest account: cp rest of the settings are the default ones.

On my windows 7 machine, I see my share without problem. I can map it as network drive by using my cp (and password) credentials without problem.
I have all the required privileges when login-in as cp.

My issue is the following: I want to setup read only rights to a specific group (readers) that I setup in my Freenas GUI.
When I open the properties>security on my network drive, I can see the following:
(view attached file).

Problem one: my Group doesn't show up. Instead, I see this "Account unknown".
Problem two: when I go to edit and type my group name "readers" or any other group/user name, I always get the message that it can't be found.

I know your time is precious, but I have searched many videos and forum posts and guides without finding anything that can help me here.

If you can help, I would really appreciate it.

Charles

 

[m0nkey_]

Check out my SMB permissions video: https://forums.freenas.org/index.php?resources/freenas-and-samba-smb-permissions-video.8/

 

[bhoriss]

Check out my SMB permissions video: https://forums.freenas.org/index.php?resources/freenas-and-samba-smb-permissions-video.8/

HI, thanks for the quick reply.
I did check out your videos. Watched them, paused and made sure that I had every step correctly. It is because of those videos that I am posting here, since I think i followed your guides, but still can't get it to work.

 

[bhoriss]

Ok, since I really don't want to be wasting your precious time, i am trying my best to troubleshoot my situation.

What I did this morning:
I rewatched your first video. Instead of working on the dataset and share I had already setup previously, I created a new dataset, new group and new share just like in your video.

The new group I created appears properly... maybe the name "Admins" is causing a problem. Will try to modify it and keep you updated.

Charles

 

[bhoriss]

Update #1:

Here is my permissions for the dataset "audiovisuel"

Here is my share for the dataset "audiovisuel"


Here are my members of the group "administrateurs"


Here is my security tab from my windows 7 machine for the network mapping of the "audiovisuel" share (GREAT NEWS #1: the group name shows correctly now)


The problem that persists: when I want to add a new user or group to the permissions, I can't. Also, now that NOBODY is the owner user, I can't edit the permissions (which was perfectly described in your video):



So when I set user owner to nobody and group owner to "administrateurs", i see the group name properly, but can't edit anything or add anyone.
Problem #1 solved, my group "admins" was somehow causing troubles. now that "administrateurs" is the new name, it is solved.

Problem #2: adding users and groups to give them the proper permissions (not solved)

when I set user owner to "cp" and group owner to "administrateurs"


i see the group name properly, can edit permissions of already listed user and groups, but can't find anyone to add them.
(notice I was able to remove "everyone" which confirms I can edit permissions. Just like you described in your 2nd video, I changed the owner user from "nobody" to "cp")

unlike in your video, I can't find users or groups:

 

[m0nkey_]

The dataset, is it a Windows or UNIX type? In order for permissions to work correctly, it must be Windows.

 

[bhoriss]

Here is my dataset settings:

Wait... let me try to change the permissions for the dataset "audiovisuel" is nested under and I'll get back to you on that.

 

[bhoriss]

For some reason, when I created my volume "home_multi", I also created a dataset "home_multi" under which I created all my other datasets, including "audiovisuel".

My mother dataset "home_multi" was set incorrectly as Unix permission type. I corrected that. I set it as user owner "cp" and group owner "administrateurs".

That change, after I've rebooted my server and windows machine, didn't remove any of the previous progress we've made before (I still have access to everything as "cp" and I still see the group "administrateur" properly.
I still am able to remove "everyone".
I still am able to created a subfolder with specific access for cp but not every "administrateur".

problem is, everytime I want to EDIT and ADD a new user or group, I can't find them.

Also, strangely, I always get prompted to give the NETWORK PASSWORD when I click EDIT, ADD and CHECK NAME:

My setup is:

Freenas machine network tab:

 

[bhoriss]

WOW... all I had to do was input my windows username in the "NETWORK PASSWORD" prompt and now everything works perfectly....

I can't believe it... FINALLY!

Thanks m0nkey_ for your incredible help!

sidenote: it wasn't the name "Admins" that was the problem, i'm still looking into it...