JoeHöpfner
Dabbler
- Joined
- Mar 23, 2023
- Messages
- 22
A colleague is testing tomorrow with another Mac with Ventura on another machine, if everything works there too, then it is probably due to the OS with SMB version? I will report back...
-
Important Announcement for the TrueNAS Community.
The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums
SMB Permission Issues on macOS Ventura
- Thread starter JoeHöpfner
- Start date
JoeHöpfner
Dabbler
- Joined
- Mar 23, 2023
- Messages
- 22
ok, unfortunately my colleague who also works with Ventura tried it out and he has problems with the rights. When he duplicates a file with Cmd + D, this file receives the wrong rights:
Here are the config on the mounted volume, SMB 3.1.1
Here are the config on the mounted volume, SMB 3.1.1
- Joined
- Jul 3, 2015
- Messages
- 926
Ok let’s check a few things.
1. Dataset is set to SMB?
2. Template is restricted?
3. Owner = root Group = wheel?
4. Everyone group removed from ACL as is owner@ and group@?
5. ACE entry applied allowing AD group modify or full control with inheritance?
6. SMB shared with defaults?
7. Apple support checked in SMB global config.
I have this same setup and all works well so trying to understand what’s different between us.
Perhaps create a new dataset as above and feedback?
1. Dataset is set to SMB?
2. Template is restricted?
3. Owner = root Group = wheel?
4. Everyone group removed from ACL as is owner@ and group@?
5. ACE entry applied allowing AD group modify or full control with inheritance?
6. SMB shared with defaults?
7. Apple support checked in SMB global config.
I have this same setup and all works well so trying to understand what’s different between us.
Perhaps create a new dataset as above and feedback?
hashmashsmash
Cadet
- Joined
- Mar 30, 2016
- Messages
- 1
At work we have been chasing the same issue for the past four weeks or so. Our storage there isn't even all Truenas. Some of it is on NetApp. The behavior is the same on either storage backend. After multiple rounds back and forth with vendor support the conclusion is that Apple messed up something related to SMB and shipped it in Ventura. Previous tested versions of Mac OS didn't have this permissions problem. Windows and Linux clients don't have the problem. Truenas is setting the permissions that Mac clients are requesting, it's just that what the Macs are requesting is wrong.
JoeHöpfner
Dabbler
- Joined
- Mar 23, 2023
- Messages
- 22
Hello @johnny, thank you for your input. We created a completely new share and left all permissions by default. Then we tested everything and it seemed to work fine. Then we compared all the individual settings with our old one and found that under Storage > Pools > Edit Options the ACL Mode was different. In the newly created test share, the ACL Mode was Passthrough, while in our old share it was Restricted. We have now set the ACL Mode to Passthrough everywhere and duplication now seems to work. We will now test this on several Mac OS including Ventura to see if everything is really OK.
- Joined
- Jul 3, 2015
- Messages
- 926
Great so looks like dataset wasn’t set to SMB then?
JoeHöpfner
Dabbler
- Joined
- Mar 23, 2023
- Messages
- 22
Yes, we use SMB with the following setup. Unfortunately, there are still some problems with Adobe Illustrator, both with Ventura and e.g. with Monterey. For example, if you want to export a PDF from an AI document, AI creates a .tmp document without permissions. After that, you can no longer delete these .tmp files until you have reset the ACL permissions.
- Joined
- Jul 3, 2015
- Messages
- 926
What does your ACL look like now on that share?
JoeHöpfner
Dabbler
- Joined
- Mar 23, 2023
- Messages
- 22
Hello Johnny, for this share the current settings regarding the ACL's look like this:
The only thing that doesn't work yet is creating .tmp files with Adobe Illustrator. With Indesign and Photoshop it works. But Illustrator creates broken files:
The only thing that doesn't work yet is creating .tmp files with Adobe Illustrator. With Indesign and Photoshop it works. But Illustrator creates broken files:
JoeHöpfner
Dabbler
- Joined
- Mar 23, 2023
- Messages
- 22
Hi @johnny, also the last problem (Illustrator and .tmp files) seems to be solved now. We have various older Macs in the company that are not pure Local Mac users (Admin) but still have a Mobile account (Admin, Mobile). These Macs on the network behave differently than pure Local Mac users. Apple or Adobe don't seem to be working properly here. To work around the issues without having to do a clean OS reinstall, we solved the permissions issue on the server with TrueNas. We added a fourth position under Edit Filesystem ACL, user@, group@ and everyone@ with group, this seems to fix the Apple/Adobe errors afterwards and so far it seems to work fine :)
- Joined
- Jul 3, 2015
- Messages
- 926
You shouldn’t need any of the other ACEs like owner@ group@ or everyone@ so long as all your users are in the ‘group’ you added as the final entry.
- Joined
- Jul 3, 2015
- Messages
- 926
PS: I’m assuming you’re talking to me although you’re tagging the wrong person LOL
JoeHöpfner
Dabbler
- Joined
- Mar 23, 2023
- Messages
- 22
@johnny
about removing owner@, group@ and everyone@, I'll give it a try ...
eh eh, yes sorry @Johnny Fartpants , I had not waited long enough for the autocomplete after the @ sign
about removing owner@, group@ and everyone@, I'll give it a try ...
