Yet another newbie asking what is probably already answered about controlling access to a folder ..

[wheezer]

Yes, yet another FreeNAS 'newbie' asking for help...
Out of 'virtual desperation', we installed FreeNAS 9.10 (just 'cuz one of the guys already had it on a flash drive..) on one of our 'spare' PCs so we could have a manner to continue 'sharing' a large folder of client data while our Windows Server (2102 Essentials) undergoes some 'emergency repairs' ... (and in truth, FreeNAS is working so very well I'm thinking we will no doubt want to keep this around even longer than these repairs will require..). And what I find really amazing is that FreeNAS is faster in accommodating us on this very new (< 2 months old) AMD hex-core @3.4 GHz with just 16 GB of DDR4 RAM and a simple RAID-1 SATA-3 disk setup, as it would compare to this 'damaged' Dell server with 48 GB of RAM, 16b TB of SATA-3 disks, and two hex-core 2.4 GHz XEON processors.... (hmmm.... one has to wonder...). But unlike the three shares that everyone has full access to, today I was asked to create a 'shared folder' that only three people can access from the FreeNAS 'box'... And frankly, I'm running out of time and patience trying to determine how to do this 'easily' so I can just get on to the next 'emergency'.
There are currently 14 PCs and users accessing the FreeNAS, just as were accessing the Dell server, and as I said, all users have 'full access' (read,write, edit, delete, yada-yada-yada..) to the three existing 'shares' we had no problems implementing. But 'management' wants a shared folder that only these three individuals and their PCs can access or even 'read'. Well, I've tried what makes sense to me (as a Microshaft Trained Mushroom), but the folder is either inaccessible to everyone, or 'visible' and 'open' to everyone, which is not what they want, of course. So I am throwing myself at the mercies of the FreeNAS forum 'gurus' to puh-leese give me some hints on how to quickly accomplish this task for allowing three existing users, that already use the other folders in FreeNAS, but to curtail all others from (potentially) even 'seeing' this folder via the gigabit network we all use...
So far all I've been able to successfully accomplish is a massive throbbing headache in making the attempt...

 

[Nick2253]

To answer your permission question, @anodos's guide should be your first stop: https://forums.freenas.org/index.ph...-of-how-to-configure-share-permissions.35276/

If you're running AD, it becomes a lot easier. If you're not running AD, it's still not difficult, but you'll need to share passwords, which is generally a no-no in an enterprise environment.

Speaking of enterprise environment, let's make sure you're doing some basic things correctly so you can avoid terrible horrible data (and job) loss:

• Can you be more detailed about the hardware you're using? Hopefully you're using ECC memory. New AMD processors all support ECC, but not all motherboards support it, and even then, some just "support" it: the machine can run and boot, but it doesn't actually use the ECC capability.
• When you say "RAID1", I immediately assume you are using hardware raid, and that would be bad. In ZFS speak, the equivalent to RAID1 is a mirror. So, hopefully you're running your two drives in a ZFS mirror, and that's what you meant to say ;)
• What kind of network device is on your FreeNAS machine? Non-Intel NICs are usually frowned upon, because they can lead to weird issues. If you have a non-Intel NIC, especially if it's a Realtek NIC, it's probably worth the $20-50 to get a PCIe Intel NIC and avoid those problems while your company is depending on FreeNAS.
• How big are your hard drives?

Also, what are you doing with the old Dell server? Intel has been making hex-core Xeons for a while now, so it might be time to retire or repurpose it. I know it's not exactly on topic, but would you mind sharing the hardware specs of that Dell server? After all is said and done, it might make sense for your company to repurpose the Dell Server as the primary FreeNAS server, and get a new server for your Windows Service(s).

 

[wheezer]

Thanks for the rapid response... In regard to the hardware in the FreeNAS 'box', as I'd mentioned, it was a 'spare' PC so it currently does not have ECC RAM, but since the M/B and proc. supports it, I have no problem replacing and even improving the RAM amount with ECC, especially if we intend for this to 'stick around' after the repair of the Dell. But, as for the drives, and seemingly, most all of the hardware... well, that's "my bad"... I was reminded by my associate that there are actually 4 'brand-new' W/D 3 TB SATA-3 drives and two new 500 GB SATA-3 disks connected to the on-board Intel 6GB/s SATA controllers, and are configured for what I'd call RAID-10 via ZFS using FreeNAS to create the 'pool'. Unfortunately, the Ethernet is a Realtek 8111F Gigabit, also onboard this ASUS motherboard, but it's a simple task to disable this and stick an Intel PCIe adapter in it, if this is 'required' or 'recommended'. Seems to be absolutely 'slammin' ' as far as performance goes, so far, but I'll always opt for dependability, especially because it is 'client data' we're talking about, here..
Now - as for the Dell.. Noah (my associate) reminded me that the processor had been replaced (a single 'stock' E5-2404 XEON processor) with an E5-2450 v2 8-core with HT, and it has 48 GB of ECC RDIMM. The disks in the Dell are 2ea. 2 TB 'original equipment' disks tht came from Dell in this PER320 server (I believe these are W/D), and we've since added a W/D 4TB NAS drive and a W/D 5 TB NAS disk - so I guess I over estimated the disk space by quite a bit too... (Like I said, I had a headache from frustration, and not ONLY regarding the FreeNAS folder stuff...). It IS our intent to re-purpose the Dell server, but Noah wants to take it and turn it into a 'hypervisor' so we can 'virtualize' Windows Server on this, solely for the two remaining 'windows-based' applications that require that environment for operation. As it is, we picked up an 'old' IBM X3500-M2 server that had two XEON 5500 series processors (not certain of the exact #'s, but it is operating at 2 GHz, so it'd be easy to determine what these actually are) which came with 4 - 160 GB SAS drives, to which we added three more W/D 3 TB SATA (3½") disks to it on a new 'hot-swap' backplane that I picked up at a local 'server shop'. This is now acting as our 'hypervisor' that is 'virtualizing' Windows Server 2012 Essentials R2, so that we can maintain those two 'windows-based' apps while all this other hardware repair and re-purpose proceeds. Eventually, we intend to 'turn the key' and put the bulk of all of this 'in the cloud' - but that's for later.... Help a little..?

 

[SweetAndLow]

Setting permissions for smb shares is pretty easy. You just use the windows GUI and security tab to add the group's you want.

As for your hardware it sounds a little scary. You need to read the hardware sticky and make sure you are doing things correctly. Using the wrong kind of sata controller will result in data loss.

Sent from my Nexus 5X using Tapatalk

 

[Mirfster]

..

Holy wall of text Batman!! C'mon do us a favor and toss in a few carriage returns.. :P

In all honesty, I took one look at the post(s) and just gave up on reading them. Props to the others for reading and providing feedback...

Some links to add to SweetAndLow's comment:
cyberjock's: Hardware recommendations (read this first)
cyberjock's: Slideshow explaining VDev, zpool, ZIL and L2ARC for noobs!

 

[Ericloewe]

Holy wall of text Batman!! C'mon do us a favor and toss in a few carriage returns.. :p

In all honesty, I took one look at the post(s) and just gave up on reading them. Props to the others for reading and providing feedback...

Some links to add to SweetAndLow's comment:
cyberjock's: Hardware recommendations (read this first)
cyberjock's: Slideshow explaining VDev, zpool, ZIL and L2ARC for noobs!

Some environments expect <CR><LF> and not just <CR>, you insensitive clod!

 

[wheezer]

Setting permissions for smb shares is pretty easy. You just use the windows GUI and security tab to add the group's you want.

As for your hardware it sounds a little scary. You need to read the hardware sticky and make sure you are doing things correctly. Using the wrong kind of sata controller will result in data loss.

Sent from my Nexus 5X using Tapatalk

Noah (the associate who built the FreeNAS system) read my post and corrected my 'component list' in the NAS box. I don't build 'em, myself, I trust my techs and their knowledge. But I think I'd probably place my trust in the Intel Corporation's capacity for disk controls ...

Some environments expect <CR><LF> and not just <CR>, you insensitive clod!

Holy wall of text Batman!! C'mon do us a favor and toss in a few carriage returns.. :p

In all honesty, I took one look at the post(s) and just gave up on reading them. Props to the others for reading and providing feedback...

Some links to add to SweetAndLow's comment:
cyberjock's: Hardware recommendations (read this first)
cyberjock's: Slideshow explaining VDev, zpool, ZIL and L2ARC for noobs!

Perhaps any future posts on my part should be submitted for 'review' and editing I suppose... I apologize for my lack of your approved formatting, sir.

 

[wheezer]

Because of my 'unfamiliarity' with FreeNAS, I was unaware that simply accessing the folder and setting access rights via the GUI was a possibility, but I suppose too many decades working with proprietary Microsoft Server OS's can do that to a person, possibly... No doubt when Noah returns from vacation I'll catch all sorts of hell in regard to that, as he is my Linux-master ... as for myself, 34 years of "Redmond indoctrination" tends to limit one's scope.

 

[Ericloewe]

Noah (the associate who built the FreeNAS system) read my post and corrected my 'component list' in the NAS box. I don't build 'em, myself, I trust my techs and their knowledge. But I think I'd probably place my trust in the Intel Corporation's capacity for disk controls ...



Perhaps any future posts on my part should be submitted for 'review' and editing I suppose... I apologize for my lack of your approved formatting, sir.

When in doubt, press Enter. It's much easier to read with a lot of whitespace than with not enough whitespace.

 

[SweetAndLow]

Noah (the associate who built the FreeNAS system) read my post and corrected my 'component list' in the NAS box. I don't build 'em, myself, I trust my techs and their knowledge. But I think I'd probably place my trust in the Intel Corporation's capacity for disk controls ...



Perhaps any future posts on my part should be submitted for 'review' and editing I suppose... I apologize for my lack of your approved formatting, sir.

I see your using the normal sata ports on the motherboard which is a good idea. Make sure to be careful how you use the word raid. Around here that means hardware raid. It sounds like your system is set up in striped mirrors. And as for the Dell system if you do end up using freenas on it that per320 might not work unless it can be flashed into IT mode.

Sent from my Nexus 5X using Tapatalk

 

[wheezer]

I see your using the normal sata ports on the motherboard which is a good idea. Make sure to be careful how you use the word raid. Around here that means hardware raid. It sounds like your system is set up in striped mirrors. And as for the Dell system if you do end up using freenas on it that per320 might not work unless it can be flashed into IT mode.

Sent from my Nexus 5X using Tapatalk

At this point, FreeNAS will only be used on the current hardware that Noah re-built. The Dell will then be re-purposed as a 'hypervisor' since it certainly has the capacity to accommodate that configuration, most probably even better than the IBM X3500. But most assuredly Dell's proprietary 'factory imaged' setup simply "has to go"... Presently, it operates like it has Atom processors installed rather than an octal-core XEON.