Multiple share with individual permission

[Adnan]

Hello,
I want to make a CIFS share where the dataset will be organized according to the given tree

So, there are four users here; Jon, Tom, Erik, Elin. I want to make a system so that

• Everyone can access the Common folder but only the person can delete/modify the item of Common folder who created the file/folder under "Common" folder.
• Under the Sub Organization folder (SubOrg1 and SubOrg2), each user will have their own Public and Private folder.
• The Public folder will have every one's access to read the data but the user only would have data read/write access. The private folder will be only available to the user. Other user would not have read/write access to that folder.

Please guide me thoroughly as I am very new to FreeNAS.

 

[dlavigne]

Were you able to accomplish this from a Windows client?

 

[Mirfster]

Here are some threads to help you out:

• 9.10 Manual Section on Sharing: http://doc.freenas.org/9.10/freenas_sharing.html?highlight=sharing#windows-cifs-shares
• See Page2; where I did an extensive example with instructions: Help - Permissions don't seem to be working as intended
• Checkout @m0nkey_ 's thread: [How-to] FreeNAS and Samba (CIFS) permissions (Video)

https://forums.freenas.org/index.php?threads/how-to-freenas-and-samba-cifs-permissions-video.41210/
Aside from that I would like to comment on a couple things:

1. If you are wanting "User Home" Folders, consider a separate dataset specifically allocated for "Home Directories" (Can search the manual for this info)
2. Maybe reconsider wanting a User's "Public" folder; since this seems like overkill
   • Things that you may want to be available to the entire company should be vetted and place in appropriate locations higher up
   • You really don't want User's just willy-nilly putting things out there for everyone to see
3. Try not to go more then 3 levels deep with permissions, this leads to a lot of Administrative Overhead and confusion on where permissions are actually set
4. Consider a "Transfer" folder, that User's can Read/Write to but on a temporary basis. Usually the contents of this folder is deleted at standard intervals (like every week)
   • Would simplify having to track down and "Data Leaks" where questionable information may have been made Public (think of having to check each User's Public folder opposed to a single Transfer folder..)

 

[Adnan]

Aside from that I would like to comment on a couple things:

1. If you are wanting "User Home" Folders, consider a separate dataset specifically allocated for "Home Directories" (Can search the manual for this info)
2. Maybe reconsider wanting a User's "Public" folder; since this seems like overkill
   • Things that you may want to be available to the entire company should be vetted and place in appropriate locations higher up
   • You really don't want User's just willy-nilly putting things out there for everyone to see
3. Try not to go more then 3 levels deep with permissions, this leads to a lot of Administrative Overhead and confusion on where permissions are actually set
4. Consider a "Transfer" folder, that User's can Read/Write to but on a temporary basis. Usually the contents of this folder is deleted at standard intervals (like every week)
   • Would simplify having to track down and "Data Leaks" where questionable information may have been made Public (think of having to check each User's Public folder opposed to a single Transfer folder..)

Thanks. By the time I had no clear understanding on dataset, folder, share. :)

 

[Mirfster]

Thanks. By the time I had no clear understanding on dataset, folder, share. :)

Guess that this means you are happy? :)

 

[Adnan]

Yes! I am :)

 

[Adnan]

Another query!

Is this even possible, so that in a "Common" space I can make a file which any one can open and read, but no one can be able to delete or modify the data?
If so, what would be the Permission scenario?

 

[Mirfster]

Yeah, that would be "Read" or "Read and Execute"