SPECS:
TrueNAS Core v 12.0-U5.1
Running as a VM on ESXi 7.0u2 with:
SETUP:
SMB access configured using groups. I created two groups FULLCONTROL, and READONLY, leaving their settings at default. I then created two users "Admin" and "Test", checked the box for "Microsoft Account", and added the "Admin" user to FULLCONTROL as a primary group, "TEST" to READONLY group, leaving all other settings at default. Recap:
Permissions set as following:
ISSUE:
The admin user can access the share through windows with the configured username and password just fine, can view and modify any files as they please, the test user is also similarly prompted to input credentials, and afterwards can see that the network share is there, but cannot access it. They are given the Windows error:
Goal:
Would like to be able to have users that can ONLY read and view files, but not edit or delete anything, alongside users that have permissions to do as they please with the same files. Am using only local authentication, and am not interested in setting up a domain or LDAP for credential management.
Thank you for any assistance you can give to this!
TrueNAS Core v 12.0-U5.1
Running as a VM on ESXi 7.0u2 with:
- 2vCPU 1.7GHz
- 20gb RAM
- 40gb vDisk for operating system
- 8 physical disks in passthrough for storage disk arrays
- 2 4tb ZFS iSCSI
- 2 500gb ZFS SMB
- 4 8tb ZFS
- 1 pool configured for iSCSI
- Remaining space given to SMB
SETUP:
SMB access configured using groups. I created two groups FULLCONTROL, and READONLY, leaving their settings at default. I then created two users "Admin" and "Test", checked the box for "Microsoft Account", and added the "Admin" user to FULLCONTROL as a primary group, "TEST" to READONLY group, leaving all other settings at default. Recap:
- user: Admin - primary group: FULLCONTROL, aux group none, Windows account checked
- user: Test - primary group: READONLY, aux group none, Windows account checked
Permissions set as following:
-
-
-
-
- Full list of permissions in this one is:
- Read Data
- Read Named Attributes
- Execute
- Read Attributes
- Read ACL
- Full list of permissions in this one is:
ISSUE:
The admin user can access the share through windows with the configured username and password just fine, can view and modify any files as they please, the test user is also similarly prompted to input credentials, and afterwards can see that the network share is there, but cannot access it. They are given the Windows error:
Goal:
Would like to be able to have users that can ONLY read and view files, but not edit or delete anything, alongside users that have permissions to do as they please with the same files. Am using only local authentication, and am not interested in setting up a domain or LDAP for credential management.
Thank you for any assistance you can give to this!