Active Directory Problems

[Topanairs]

Good Day Everyone,

I am running FreeNAS-9.3-STABLE-201503270027.

I have followed the active directory tutorial to the "T" however I am unable to connect from another company to the FreeNAS box to remove "Everyone" from having access to the box. Also I am unable to change folders from inheriting permissions.

Whenever a new folder is created it will give "Everyone" read, write execute access and give the creator full access. I do not want this behavior any information/help you can provide will be much appreciated.

Thanks

 

[cyberjock]

You should look at the recursive permissions that are set. The everyone is not created by default. The defaults are created based on the user doing the creation and the permissions that are set to be recursive. ;)

 

[Topanairs]

You should look at the recursive permissions that are set. The everyone is not created by default. The defaults are created based on the user doing the creation and the permissions that are set to be recursive. ;)

Thanks for the fast response where would I go to check that? I have checked under permissions of the share, what option should I enable/disable if this is anything recursive permissions has not been selected

 

[anodos]

You can adjust permissions inheritance by right-clicking on the folder / share, clicking on "properties" --> "security" --> "advanced".
Every time I configure a share in active directory I perform the following steps:

1) Recursively set dataset permissions to root:"domain admins" (Make sure dataset has "windows" ACLS type)
2) In share config check the box "apply default permissions". (This is useful if you're having to fix permissions you messed up in the past).
3) Navigate to \\<server>, right-click on the share, then click on "properties" --> "security" and set permissions. I usually make one modification at a time. This takes longer, but it allows you to verify things are getting set correctly.