tauronux
Dabbler
- Joined
- Oct 15, 2022
- Messages
- 19
Hello there,
i have a simple TrueNAS Core installation with one Dataset and SMB share for 16 Users - all members of a group with R/W permissions. All clients are using Windows computers and have the shared folder mapped as a network drive.
Now i need to create a new folder inside the SMB share, with access permissions for only 5 out of the 16 users and move some folders and files, which are already on the SMB share, into this newly created folder. On a Windows Server share i would normaly do it by creating a new security group of users, creating the folder inside an access based enumeration - enabled share (to show it just to the group of users with permissions to access it) and setting up the permissions for that folder accordingly. IMO it's the most convenient way of doing it, as i don't have to create separate shares, mapping drives etc. And the data are all in one place.
But with TrueNAS i feel like setting permissions from a Windows client machine is not the way it was meant to be done so i'm torn between these 2 options:
1. Creating a new Dataset inside of the existing one and giving R/W permissions only to a newly created group of users from TrueNAS web-interface
2. Creating a new folder and setting permissions from a Windows client machine (with a new Group of users created on TrueNAS of course)
How would you do this considering also Access Based Enumeration (ABE) and possible future disaster data recovery?
Bonus question about ABE:
I don't have it currently enabled for the shared folder. If i enable it, could it possibly cause any conficts after moving some of the currently existing files and folders inside of the new one (basically moving folders with R/W permissions set to all users, into a folder with restricted access for just a couple of users)? If so, would you recommend creating a separate dataset and SMB share instead?
Thanks in advance for any suggestions.
i have a simple TrueNAS Core installation with one Dataset and SMB share for 16 Users - all members of a group with R/W permissions. All clients are using Windows computers and have the shared folder mapped as a network drive.
Now i need to create a new folder inside the SMB share, with access permissions for only 5 out of the 16 users and move some folders and files, which are already on the SMB share, into this newly created folder. On a Windows Server share i would normaly do it by creating a new security group of users, creating the folder inside an access based enumeration - enabled share (to show it just to the group of users with permissions to access it) and setting up the permissions for that folder accordingly. IMO it's the most convenient way of doing it, as i don't have to create separate shares, mapping drives etc. And the data are all in one place.
But with TrueNAS i feel like setting permissions from a Windows client machine is not the way it was meant to be done so i'm torn between these 2 options:
1. Creating a new Dataset inside of the existing one and giving R/W permissions only to a newly created group of users from TrueNAS web-interface
2. Creating a new folder and setting permissions from a Windows client machine (with a new Group of users created on TrueNAS of course)
How would you do this considering also Access Based Enumeration (ABE) and possible future disaster data recovery?
Bonus question about ABE:
I don't have it currently enabled for the shared folder. If i enable it, could it possibly cause any conficts after moving some of the currently existing files and folders inside of the new one (basically moving folders with R/W permissions set to all users, into a folder with restricted access for just a couple of users)? If so, would you recommend creating a separate dataset and SMB share instead?
Thanks in advance for any suggestions.