Having major issues with cifs/smb and permissions

[Laser411]

Honestly I don't even know where to start, ever since I updated to a new nightly things have been messed up. I am currently back on 9.10 stable.

I have a couple users, Chris (me), transmission, house (for my IP cams). I have a share names private that has the owner and group as Chris with only Owner having any access and it's under Unix type. I was able to access it with root (sometimes) for some reason and not Chris. Says invalid password for Chris (trying to access through windows 10). Under Linux when trying to access the cifs server as a whole I get No Route To Host. I am decently new to Linux and pretty new to permissions. What do you guys need from me to help troubleshoot?

 

[m0nkey_]

https://forums.freenas.org/index.php?resources/freenas-and-samba-smb-permissions-video.8/

 

[SweetAndLow]

Screen shot of dataset settings and screen shot of share settings.

This is not Linux, it's FreeBSD, they are different. What is your client OS?

 

[Laser411]

Here are the screenshots as requested, are there any logs that would help as well? I am attempting to connect to my shares using Windows 7, 10, and Kali (debian based I believe). All with mixed results. Kali cannot connect at all saying no route to host, windows 7 says cannot connect and it doesn't know why, but it sees the shares. Windows 10 has had the best luck with being able to connect under root credentials and had access to private which it should not have but after reboot it no longer did. Chris credentials aren't working for any of them, even media which has been 777'd. Sometimes it asks for a password when connecting to the cifs/smb server as a whole (not the shares individually). I am so confused :(

 

[SweetAndLow]

For your Chris user uncheck the Microsoft account box. Or are you actually trying to use your Microsoft account to log in? Usually that is an email address. Does Windows prompt you with a dialog box to login? And your saying it didn't work? Try rebooting everything.

As for Linux it sounds like your networking is messed up on that machine. Specifically you have a bad gateway or it's on a subnet that can't reach your freenas server.

Sent from my Nexus 5X using Tapatalk

 

[Laser411]

The Linux machine is wirelessly connected and is DHCP'd, everything else works fine on it. I have tried unchecking the Microsoft account previously but I probably changed other things as well, I will try that and reboot and let you know the results.

As for the dialog box, yes windows prompts me for a login when I click FreeNAS on my network. But the behavior is supposed to ask me for credentials when logging into a share and not the server as a whole right? That is what used to happen pre-update anyways.

 

[SweetAndLow]

I wouldn't worry about if it asks you for credentials. Also don't use the freenas icon under network. Use an IP in a file browser window or map a network drive.

The no route to host is a very straight forward error. It means your wireless client can't route to a certain IP. Maybe your wireless network is septated from your normal network.

Sent from my Nexus 5X using Tapatalk

 

[Laser411]

The Linux machine sees FreeNAS, and can ping and ssh into it and I've connected to the shares in the past using the wireless. Nothing had changed on the router for sure. Still haven't had time to troubleshoot further, will update when I uncheck MA

 

[Laser411]

So I unchecked the Microsoft account and rebooted and I still don't have access to the private share, still asked for a password when initially connecting to the main folder which is not behavior I want as I want anyone to be able to access the media share in which I also cannot connect to but should be 100% public.

 

[SweetAndLow]

for the media share just set the 'only allow guest access' checkbox in the share settings. This will allow no password usage.

As for your private share I think you are goofing up something. Is the password you set for your FreeNAS user 'Chris' correct? Try resetting it to something simple for now so we can eliminate typo's. Any logs on FreeNAS, check /var/log/messages?

 

[Laser411]

Yes it is definitely correct as I have changed it to be sure, it also allows me to connect to the root of the share and SSH. Even if I set it to only allow guest access for that share, it still requests a password to connect in general, a behavior it has never done to me before.

 

[SweetAndLow]

what do you mean by root of share? If you are trying to share out the root dataset you need to not do that. You should only share datasets under the root and nesting them might cause strange behavior also.

 

[anodos]

Post contents of /usr/local/etc/smb4.conf enclosed in [ code ] tags.

 

[Laser411]

The picture shows the root, when I tried to get there it asked me for a password, then when I got there and tried to connect to media or private, both asked for a password and said access is denied.

 

[Laser411]

Here is the configuration file requested, how do I enable SFTP so I can get this in a bit more readable form as I manually added the returns on this?

Code:

[global]
server max protocol = SMB2
encrypt passwords = yes
dns proxy = no
strict locking = no
oplocks = yes
deadtime = 15
max log size = 51200
max open files = 939431
syslog only = no
syslog = 1
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
getwd cache = yes
guest account = nobody
map to guest = Bad User
obey pam restrictions = no
directory name cache size = 0
kernel change notify = no
panic action = /usr/local/libexec/samba/samba-backtrace  

 

[anodos]

I need to see the complete smb4.conf file. You can enable SFTP by enabling the SSH service on the server, (and perhaps adding the following settings under services -> ssh "Login as Root with password" "Allow Password Authentication") then use an SFTP client to authenticate and download the file. I do not recommend leaving "Login as Root with password" enabled.

 

[Laser411]

I can login as root with SSH, but SFTP is not working. Btw, unless I am missing something, that is the full configuration file?

 

[SweetAndLow]

I can login as root with SSH, but SFTP is not working. Btw, unless I am missing something, that is the full configuration file?

No there should be a section for every share you have created.

Sent from my Nexus 5X using Tapatalk

 

[anodos]

I can login as root with SSH, but SFTP is not working. Btw, unless I am missing something, that is the full configuration file?

You could also generate a debug file and PM it to me. "system" -> "advanced" -> "save debug".

 

[Laser411]

I will do that as soon as my replacement UPS battery comes in. Unfortunately my UPS died and I rather not risk having the NAS being on without a UPS. Should be in on Tuesday. BTW, thank you for all your support guys!