SMB: can still access share after checking "Disable password login" and server reboot...

Status
Not open for further replies.

guermantes

Patron
Joined
Sep 27, 2017
Messages
213
So I am trying to get to know my way around the sharing+permissions ecosystem, but one thing confuses me.

I tried to revoke access rights to my SMB-shares for USER1, by checking the "Disable password login" in Modify user. But after desktop and server reboot, USER1 can still enter credentials and access the shares. It says explicitly in the manual that "when checked, disables password logins and authentication to SMB shares".

What am I not understanding?
 
D

dlavigne

Guest
Which FreeNAS build version (System -> Information) and which client OS version?
 

guermantes

Patron
Joined
Sep 27, 2017
Messages
213
FreeNAS-11.0-U4 (54848d13b)
Linux Mint 18.1 (Nemo file manager) / Windows 7 64.bit (Windows explorer) / Windows 8.1 (Windows explorer)
 

Ericloewe

Server Wrangler
Moderator
Joined
Feb 15, 2014
Messages
20,063
So I am trying to get to know my way around the sharing+permissions ecosystem, but one thing confuses me.

I tried to revoke access rights to my SMB-shares for USER1, by checking the "Disable password login" in Modify user. But after desktop and server reboot, USER1 can still enter credentials and access the shares. It says explicitly in the manual that "when checked, disables password logins and authentication to SMB shares".

What am I not understanding?
That is not the expected behavior, but it is also the wrong way of doing things, since you're not actually setting the correct permissions and relying on the user not being able to authenticate in the first place.

https://forums.freenas.org/index.php?resources/freenas-and-samba-smb-permissions-video.8/
 

guermantes

Patron
Joined
Sep 27, 2017
Messages
213
@Ericloewe , I actually did watch those videos. The first was very instructive, the second was too fast and a little bit all over the place for my knowledge level. Anyway, @m0nkey_ 's videos did not really address my situation (at least not explicitly).

If the right way is to only use permissions to regulate people's access to shares (and allowing everyone with user and pass to log in but at the lowest level not present them with any files/folders when they do so), then what does that snippet from the manual even mean, "when checked, disables password logins and authentication to SMB shares"?
 

Ericloewe

Server Wrangler
Moderator
Joined
Feb 15, 2014
Messages
20,063
Users can still access the server via SSH using their private keys.
 

guermantes

Patron
Joined
Sep 27, 2017
Messages
213
So then I should have been able prevent the login by ticking that checkbox? (I admit, I did not really have a purpose/use case, was just trying to understand how things relate to each other.)

It seems to me that the only way I can prevent a user from using their credentials to log in is to never assign them a password in the first place, because ticking the checkbox in retrospect seems to have no effect. Either that or I have managed to sabotage my install... (which I have been careful not to do) :)
 
Status
Not open for further replies.
Top