creating CIF shares/permissions

[robertw]

hi all,

i have created a RAIDz volume "/mnt/data"

i have made a user and group called "administrator" and a user "robw"

i have changed the permissions for "/mnt/data"and made the user and group owners to "administrator", changed the permission type to "widows" and "ticked" set permission recursivly

also the user "robw" i have made it part of the administrator group

i have created a windows CIFS share the path is "/mnt/data"

i can connect to the share on my domain windows pc, logged in as domain\robw

now my question -

basically i want to create sub folders within "mnt/data" ie space1 space2 space3 to space16

on each subfolders i create i want to create permissions

is this possible

many thanks

rob

 

[SweetAndLow]

Yes what you want to do is possible but first I would like to suggest a different layout. It isn't wise to share out your main root dataset like that and it also isn't wise to modify it's permissions like you have. What you are going to need to do is either fix your current dataset back to the way it was or destroy it and start over. After you have done that create a new dataset under your main one like /mnt/data/dataset1. Don't use those names though because they are not very descriptive. I use /mnt/tubby/movies and /mnt/tubby/homes. Once you have that data set configured you can share it out.

One other thing is to have more directories you should be able to create them over your share and add permissions.

 

[robertw]

im going to detach/delete my volume and start again from scratch

so i have created a volume with all my disks called "volume" and made it RAIDz

when i created the volume, its automatically created a dataset underneath that volume called volume, is this normal?

so once, its created a dataset for the root partition, do i create another dataset or zvol?

thanks

rob

 

[SweetAndLow]

Yes that is normal and you want to create another dataset under that. Have you read the manual? If you had you would know that you don't want a zvol. you should also not call it "volume" and you should not be using raidZ you should use raideZ2 in most cases when using drives over 1TB.

 

[robertw]

thanks for the heads up sweet and low

for the new dataset "client_data" i have changed permissions to user and group to both administrator, changed the permission type to windows and made it recursive

i have created a windows CIFS share, the path is "/mnt/main/client_data"

i can access my share from my pc but in the share i can create subfolders but how do i make each subfolder have different permissions ie subfolder space1 user space1 can only access it, space2 subfolder only space2 user can access all the way up to space 16

thanks

rob

 

[SweetAndLow]

first create your users in freenas gui. Then you can right click on the folders and select the security tab. On this screen you can modify the permissions and add users.

 

[robertw]

that's exactly what I thought

create the credentials for each user on the freenas server

on my windows pc when I'm on the client data share create sub folders within the client data share calling space 1

then I right click on that sub folder go to the security tab, add my new user, I've created on the freenas server, when I try to check the name, it can't find the user?

 

[SweetAndLow]

What error message was there on the freenas side? look in /var/log/messages or use the setting that puts the logs in the footer of the gui. Also just try the root user to test, it should work almost all the time.

 

[robertw]

I will have to let you know tomorrow sweet and low as I'm not in the office now but I will keep you informed

thanks

rob

 

[robertw]

hi

i have enables SSH service on the freenas server, log in as root and i have tailed the /var/log/messages

when i try to add my user to the sub folder in the dataset (share) i dont get any updated messages in the log files

why cant it find the user "space1" as i have made the user on the freenas server?

i attach screen shots

cheers

rob

 

[robertw]

success,

on my windows pc i logged in the share using the administrator credentials for the dataset/share and once in there i created 2 sub folders

space1 and space2

i created on the freenas server the respected users aswell and for each user i gave them there respected group (space1 in space 1, space 2 in space 2)

once i created the sub folders i could right click > security > add the respected user to the sub folder and grant them full access to thier folder

but this is my problem -

on a windows pc, i log in as space1 and access the space 1 folder i have read/write/execute access

i create folders files in folder

if i try to go into space2 folder obviously i get a permission denied error

but

once i log off and log in as space 2 i can read all files/folders in the space 1 folder

how do i get rid of this please

many thanks

rob

 

[robertw]

sorted it all out

it was permissions issue

once i was in my root folder (share) it listed all the sub folders for the respected users on my freenas server i then right clicked a sub folder "user1" unticked inherit permissions then i could remove "everyone" from the list and add the respected user to the list with all access, i unticked the one that says "full control"

so now when i log into a pc as "user 1" when i open the share all i can see is the respected users folder and add delete files folders

rob

 

[Rilo Ravestein]

It isn't wise to share out your main root dataset like that and it also isn't wise to modify it's permissions like you have.... What you are going to need to do is either fix your current dataset back to the way it was...

So what are the default permissions on the main root dataset? (and what share type is it, i'm guessing UNIX). I'm asking, because i think did something wrong with those permissions too and can't seem to find the answer to this anywhere.