Hey there everyone.
I have an FreeNAS Mini XL that we bought a few years back for our main company NAS. We're running FreeNAS-11.2-U8 and we have a half dozen Windows SMB shares set up. The other day I noticed that the shares weren't propagating their permissions the way they should (ie. I was domain admin, but there was a directory in which I could not create a subdirectory, despite owning that directory in Windows. Also I couldn't "replace all child object permissions..." to overwrite perms for child files and folders that I couldn't currently see. Super weird...)
But I think I may have found the problem... Apparently, when I originally created the Storage Pool it was set up as a Unix ACL type, rather than a Windows ACL type. I now see that the newest docs explicitly say "Unix permissions do not support Windows ACLs and should not be used with Windows (SMB) Shares." (-Section 9.2.12) The tricky part is that it's been this way for a long time already and we'd just never noticed the issues...
So my questions are thus:
- Is it safe to change the ACL type From Unix to Windows after the fact (without losing access to our existing files)?
- If so, what should my settings be typically?
Any help would be greatly appreciated... Much thanks in advance! :)
Frank.
I have an FreeNAS Mini XL that we bought a few years back for our main company NAS. We're running FreeNAS-11.2-U8 and we have a half dozen Windows SMB shares set up. The other day I noticed that the shares weren't propagating their permissions the way they should (ie. I was domain admin, but there was a directory in which I could not create a subdirectory, despite owning that directory in Windows. Also I couldn't "replace all child object permissions..." to overwrite perms for child files and folders that I couldn't currently see. Super weird...)
But I think I may have found the problem... Apparently, when I originally created the Storage Pool it was set up as a Unix ACL type, rather than a Windows ACL type. I now see that the newest docs explicitly say "Unix permissions do not support Windows ACLs and should not be used with Windows (SMB) Shares." (-Section 9.2.12) The tricky part is that it's been this way for a long time already and we'd just never noticed the issues...
So my questions are thus:
- Is it safe to change the ACL type From Unix to Windows after the fact (without losing access to our existing files)?
- If so, what should my settings be typically?
Any help would be greatly appreciated... Much thanks in advance! :)
Frank.
