deepblue1968
Cadet
- Joined
- May 16, 2017
- Messages
- 5
Dear experts! I'm running two FreeNAS filers for many years now, largely without any issues (mainly because reading in this forum provides answers to most questions). But everytime I create a new Dataset with matching Samba Share, I stumble over some "feature". Maybe there is a simple fix that I'm just not aware...
Software version is FreeNAS-11.3-U1 (Not upgraded yet to TrueNAS since I use encryption on the main pool and since this is handled different from FreeNAS, I did not see a benefit in taking chances...)
Here are the steps I follow:
1.) Create new Dataset, i.e. "EXPERIMENTAL"
2.) Create a matching unix group on the filer, i.e. "EXPERIMENTAL"
3.) Assign my own user i.e. "guido" (Which is matching my Windows user account "guido") to that group.
4.) Change Permissions to the Dataset via "Edit ACL". Owner is left as "root", Group is set to "EXPERIMENTAL"
5.) Create a matching Samba Share, i.e. "EXPERIMENTAL" and point it to the Dataset and make it "Browsable to Network Clients"
The idea here is, that I can manage permissions to the Samba Share by assigning individual users that I have created on the filer, to the groups that own the individual Datasets. (This is a small private installation, I do not run any Active Directory, where I would be managing Users and Groups outside the filer)
The issue is the following:
- From a workstation I can map/connect/access the newly created Share when I'm logged in a user "root" (credentials for root on Filer)
- I can view and confirm the correct ACLs on the Share via "Properties / Security" from Windows File Explorer.
- When I try to login from the workstation as regular user, i.e. "guido", who I made member of group EXPERIMENTAL on the filer, which owns the share, I receive an error message
To gain access I need to *reboot* the filer. Then everything works as expected - without any further change to the configuration. Just confirmed this again as I write this up.
It appears to be the case that the FreeNAS Samba Installation is not "aware" that I have created a new UNIX group.
I tried "service samba_server restart" from the command line on the filer, but this does not have any effect.
Maybe to a FreeNAS/ / BSD UNIX guru this is sounds like the most obvious "user-error" :-(
However, with my still limited knowledge of how FreeNAS really works, I can't seem to be able to fix this without rebooting the server.
What exactly am I missing - which service needs to be restarted as well for FreeNAS to realize it has a new group, owning a new Dataset and allowing users who are member of that group to access it?
Software version is FreeNAS-11.3-U1 (Not upgraded yet to TrueNAS since I use encryption on the main pool and since this is handled different from FreeNAS, I did not see a benefit in taking chances...)
Here are the steps I follow:
1.) Create new Dataset, i.e. "EXPERIMENTAL"
2.) Create a matching unix group on the filer, i.e. "EXPERIMENTAL"
3.) Assign my own user i.e. "guido" (Which is matching my Windows user account "guido") to that group.
4.) Change Permissions to the Dataset via "Edit ACL". Owner is left as "root", Group is set to "EXPERIMENTAL"
5.) Create a matching Samba Share, i.e. "EXPERIMENTAL" and point it to the Dataset and make it "Browsable to Network Clients"
The idea here is, that I can manage permissions to the Samba Share by assigning individual users that I have created on the filer, to the groups that own the individual Datasets. (This is a small private installation, I do not run any Active Directory, where I would be managing Users and Groups outside the filer)
The issue is the following:
- From a workstation I can map/connect/access the newly created Share when I'm logged in a user "root" (credentials for root on Filer)
- I can view and confirm the correct ACLs on the Share via "Properties / Security" from Windows File Explorer.
- When I try to login from the workstation as regular user, i.e. "guido", who I made member of group EXPERIMENTAL on the filer, which owns the share, I receive an error message
To gain access I need to *reboot* the filer. Then everything works as expected - without any further change to the configuration. Just confirmed this again as I write this up.
It appears to be the case that the FreeNAS Samba Installation is not "aware" that I have created a new UNIX group.
I tried "service samba_server restart" from the command line on the filer, but this does not have any effect.
Maybe to a FreeNAS/ / BSD UNIX guru this is sounds like the most obvious "user-error" :-(
However, with my still limited knowledge of how FreeNAS really works, I can't seem to be able to fix this without rebooting the server.
What exactly am I missing - which service needs to be restarted as well for FreeNAS to realize it has a new group, owning a new Dataset and allowing users who are member of that group to access it?
