Can do everything except modify files

Status
Not open for further replies.
J

Jéan-Pierre Schutte

Cadet
Joined
Nov 24, 2014
Messages
3
Hi guys, newbie here.

Short story: I can create, rename, delete, move, copy files with no problems. But I just can't modify them? They are read only.

I'm having issues with sharing using CIFS. Basically all are Windows PCs. 4 datasets, one for the owner, his wife, main folder for many users and a scan folder for the scanned documents to go into.

I know this isn't right, but I'm just trying to get rid of permissions issues with the ACL. Basically, I've tried setting the storage volume to Unix share all boxes check, and each of the datasets the same (With windows share, I can't even create a file as it throws up access denied). The users and groups are set to nobody and nogroup for the storage volume as well as the datasets. The CIF share also has Allow guest access checked for each dataset.

What am I doing wrong?

Thanks a lot guys.
 
Last edited:
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
Jéan-Pierre Schutte said:
What am I doing wrong?
Click to expand...
Short answer - all of it. :)

Samba on FreeNAS involves one of two sorts of hacks: big ugly ones (Unix permission type) or small pretty ones (Windows permission type). Using "Unix permissions" seems natural for many of us because we are used to *nix servers. The problem is that with samba we are trying to replicate behavior of a Windows server.

Well, enough yammering. I'll try to keep this short and sweet. Do as follows:
  • Configure all shares with windows ACL Type.
  • Create two groups: <owners> and <users>
  • Create minimum of 5 users: <admin>,<husband>, <wife>, <users>, <scanner> The admin account will be the one that you use to authenticate to the server. You can make it easier for yourself by setting passwords so that they are identical to their windows login passwords. Make husband and wife members of <users>.
  • Configure ownership of ownership of shares as follows:
    • <husband share> - <admin>:<owners>
    • <wife share> - <admin>:<owners>
    • <main folder> - <admin>:<users>
    • <scanner> - <admin>:<users>
  • Apply permissions changes recursively
  • Remove all "valid users", "force users", and guest-related parameters that you have set (non-default).
  • Go into the share config for each of your four shares and check "apply default permissions".
  • Using your computer and your <admin> account, navigate to \\server. For each share: right click on it, click "properties", click "security", check the "modify" block for the group (either <owners> or <users>) and delete the "everyone" ACE.
  • Go make yourself some coffee. If you don't drink coffee, learn to start drinking coffee. :)
 
J

Jéan-Pierre Schutte

Cadet
Joined
Nov 24, 2014
Messages
3
Thanks for the quick response Anodos! :) I figured I was doing everything wrong ha ha. See, I set up a NAS for a client of mine, everything worked fine until the power went out and the server rebooted, then permission problems crept in. I can't (don't want to drive there and log into every pc) get access to the users pcs so pretty much everyone sees everything at the moment. The <users> are comprised of about 6-8 pcs excluding the owner and his wife so the easiest solution would be to have a "free-for-all" setting for the users on the main folder as I don't know each of their usernames and passwords (some don't even have passwords). I really appreciate your help on this, thank you. Coffee is no stranger to me :-D ha ha.
 
Last edited:
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
Jéan-Pierre Schutte said:
Thanks for the quick response Anodos! :) I figured I was doing everything wrong ha ha. See, I set up a NAS for a client of mine, everything worked fine until the power went out and the server rebooted, then permission problems crept in. I can't (don't want to drive there and log into every pc) get access to the users pcs so pretty much everyone sees everything at the moment. The <users> are comprised of about 6-8 pcs excluding the owner and his wife so the easiest solution would be to have a "free-for-all" setting for the users on the main folder as I don't know each of their usernames and passwords (some don't even have passwords). I really appreciate your help on this, thank you. Coffee is no stranger to me :-D ha ha.
Click to expand...
Easiest way to do that is to create a generic user account and add it as a member of the group <users>. Write the username and password on a whiteboard and be done with it. If needed, you can go to "services" -> "CIFS" and set the new generic user account as the guest account and then go to your share config and check "allow guest access".
 
Last edited:
Status
Not open for further replies.

Similar threads

Soloam
  • Locked
File Sharing, can´t modify
Replies
12
Views
3K
ultimate
ultimate
B
  • Locked
Multiple protocols for same files?
Replies
4
Views
4K
cyberjock
C
ethereal
  • Locked
can I do what i want to do with sharing?
Replies
6
Views
1K
ethereal
ethereal
Z
  • Locked
Can't modify files on OSX
Replies
2
Views
1K
zol
Z
N
  • Locked
User 2 cannot modify file created by user 1
Replies
2
Views
934
dlavigne
D
Top