Hi, everyone. So, I'm not sure if this is a FreeNAS problem or a Windows problem, but I'm hoping someone here has come across this and has a solution. I tried searching but have not been able to find anything on this so far.
As I was setting up FreeNAS on a new server I decided before making any other users that I would make a user/group called Common. This group would be added to shared folders that I want everyone to be able to have read access to, but not write access. The owner would be set to root:wheel for full access and only a couple of users who have root access would be able to write to the folder. I know, I could create a whole different group, but myself and the other user legitimately need root access anyway.
So, to continue, I found that when I was trying to add this group from Windows to the ACL list that instead of adding the group, even though I chose the group in the list (Properties->Security->Advanced->Add->Select a principal->Advanced->Find Now->Chose the "Common" with the group icon instead of single user) instead it added just the user and nobody had access.
I decided to rename the group (Delete and re-create with same GID), however, it's still listing the user and group as both "Common" in Windows.
I've restarted SMB, I've rebooted the server...nothing. I can't properly add the group through Windows because it's not showing the correct name and instead adding just the user.
So, then I decided to play with setfacl on the folder to add the group manually in ssh. Success! The group has been added and users have read permissions!
.....
Not so successful. When I go back to Windows and get the properties (thinking since setfacl doesn't have recursive abilities yet I'd use the "Replace all child object permissions") it still isn't showing the group name right.
While the SharedFiles group has been added to the directory and works perfectly for people to read the files, it is still not showing up properly under the security properties in Windows. Is this a Windows problem or a FreeNAS problem as far as refreshing the names? Any ideas on how to fix this?
When I try to replace permissions on child objects it does not work, instead it only copies the owner and group permissions. Could this be because windows is trying to set permissions for "Common" which doesn't exist? Or is this a known issue otherwise?
For now I have decided to move (mv) the contents to another directory, then copy them back to the Documents directory (cp -R) which then inherits the parent directory's permissions and then remove (rm -rf) the original files and folders that were in Documents. But to do this to all my files would take me a long time.
As I was setting up FreeNAS on a new server I decided before making any other users that I would make a user/group called Common. This group would be added to shared folders that I want everyone to be able to have read access to, but not write access. The owner would be set to root:wheel for full access and only a couple of users who have root access would be able to write to the folder. I know, I could create a whole different group, but myself and the other user legitimately need root access anyway.
So, to continue, I found that when I was trying to add this group from Windows to the ACL list that instead of adding the group, even though I chose the group in the list (Properties->Security->Advanced->Add->Select a principal->Advanced->Find Now->Chose the "Common" with the group icon instead of single user) instead it added just the user and nobody had access.
I decided to rename the group (Delete and re-create with same GID), however, it's still listing the user and group as both "Common" in Windows.
I've restarted SMB, I've rebooted the server...nothing. I can't properly add the group through Windows because it's not showing the correct name and instead adding just the user.
So, then I decided to play with setfacl on the folder to add the group manually in ssh. Success! The group has been added and users have read permissions!
.....
Not so successful. When I go back to Windows and get the properties (thinking since setfacl doesn't have recursive abilities yet I'd use the "Replace all child object permissions") it still isn't showing the group name right.
While the SharedFiles group has been added to the directory and works perfectly for people to read the files, it is still not showing up properly under the security properties in Windows. Is this a Windows problem or a FreeNAS problem as far as refreshing the names? Any ideas on how to fix this?
When I try to replace permissions on child objects it does not work, instead it only copies the owner and group permissions. Could this be because windows is trying to set permissions for "Common" which doesn't exist? Or is this a known issue otherwise?
For now I have decided to move (mv) the contents to another directory, then copy them back to the Documents directory (cp -R) which then inherits the parent directory's permissions and then remove (rm -rf) the original files and folders that were in Documents. But to do this to all my files would take me a long time.
Last edited:
