Can't delete folder on a CIFS shared in windows

[Jean-Francois]

Hello im using FreeNAS-9.3-STABLE-201509282017

It's setup on our active directoyr 2012 R2 and everything is working fine for the domain part

I set up a Volume, and set the owner (user) to "acronis" and owner (group) do domain admins. I can browse it and map drives to it. I then create a CIFS share on that volume

If i checked on windows on the share security tab i see

Everyone = Read Access
Domaine Admin = Full control
Acronis = Full Control

I then removed everyone group on the shared on windows

My user is part of Domain Admin

I can create folders, but can't delete the folders I created. I keep getting this message (check file join)

If i let the everyone group i can delete folder but i don't want everyone to have access to the share

Can anyone help me please it's driving me crazy

Thanks !

 

[dlavigne]

Were you able to figure this out?

 

[Jean-Francois]

No do you have the same problem ?

 

[TheDubiousDubber]

Never mind. Misread the OP.

 

[ZodiacUHD]

I have the exact same issue... Did you solve it?

 

[Jean-Francois]

No and it drive me crazy :)

f you find someting post it here and ill do too

 

[ZodiacUHD]

I ended up backing up all the staff and destroy everything on the volume. Made it up from scratch, not a very good solution but i got it done...

 

[Jean-Francois]

ok thanks for the info

 

[anodos]

If you're still having this problem, post the following information:

• contents of /etc/local/smb4.conf
• relevant entries from /var/log/samba4/log.smbd and /var/log/samba4/log.wb-<hostname>
• getfacl output for following (1) directory being shared and (2) subfolder that cannot be deleted [i.e. "getfacl /mnt/Tank/Shared/foo"]
• output of zfs get aclmode <pool>/<dataset> (for dataset being shared) [i.e. "zfs get aclmode Tank/Shared]

 

[Jean-Francois]

Ive joined you the files from the 2 first point

[root@freenaspol] /var/log/samba4# zfs get aclmode
NAME PROPERTY VALUE SOURCE
VOLUME1 aclmode restricted local
VOLUME1/.system aclmode passthrough local
VOLUME1/.system/configs-6a4ae3718d4e4a68a79c0c3666a9c245 aclmode passthrough inherited from VOLUME1/.system
VOLUME1/.system/cores aclmode passthrough inherited from VOLUME1/.system
VOLUME1/.system/rrd-6a4ae3718d4e4a68a79c0c3666a9c245 aclmode passthrough inherited from VOLUME1/.system
VOLUME1/.system/samba4 aclmode passthrough inherited from VOLUME1/.system
VOLUME1/.system/syslog-6a4ae3718d4e4a68a79c0c3666a9c245 aclmode passthrough inherited from VOLUME1/.system
VOLUME1/jails aclmode restricted inherited from VOLUME1
VOLUME2 aclmode restricted local
VOLUME3 aclmode restricted local
freenas-boot aclmode discard default
freenas-boot/ROOT aclmode discard default
freenas-boot/ROOT/FreeNAS-9.3-STABLE-201509282017 aclmode discard default
freenas-boot/ROOT/FreeNAS-9.3-STABLE-201509282017@2015-10-07-16:16:05 aclmode - -
freenas-boot/ROOT/FreeNAS-9.3-STABLE-201509282017@2015-10-07-16:21:05 aclmode - -
freenas-boot/ROOT/Initial-Install aclmode discard default
freenas-boot/ROOT/default aclmode discard default
freenas-boot/grub aclmode discard default
freenas-boot/grub@Pre-Upgrade-FreeNAS-9.3-STABLE-201509282017 aclmode - -


I can delete folders because i had the group Everyone

But i can't if the groupe Everyone don't have access to the folder and subfolder in read access

Thanks for your help

 

[anodos]

A few things stand out immediately:
1) you should create datasets under your zpools and share them. (for instance, /mnt/VOLUME1/ACRONIS_DATABASE vs /mnt/VOLUME1)
2) Reduce "server max protocol" to SMB2

Post getfacl output "getfacl /mnt/VOLUME1" "getfacl /mnt/VOLUME2" "getfacl /mnt/VOLUME3"

 

[Jean-Francois]

I also want to tell you that the group everyone need modify access so i can delete files..i was wrong with only read access

[root@freenaspol] ~# getfacl /mnt/VOLUME1
# file: /mnt/VOLUME1
# owner: acronis
# group: domain admins
owner@:rwxpDdaARWcCos:fd----:allow
group@:rwxpDdaARWcCos:fd----:allow
everyone@:r-x---a-R-c---:fd----:allow
[root@freenaspol] ~# getfacl /mnt/VOLUME2
# file: /mnt/VOLUME2
# owner: acronis
# group: domain admins
owner@:rwxpDdaARWcCos:fd----:allow
group@:rwxpDdaARWcCos:fd----:allow
everyone@:r-x---a-R-c---:fd----:allow
[root@freenaspol] ~# getfacl /mnt/VOLUME3
# file: /mnt/VOLUME3
# owner: acronis
# group: domain admins
everyone@:rwxp-daARWc---:fd----:allow
group@:rwxpDdaARWcCo-:fd----:allow
group:acronis:rwxpDdaARWcCo-:fd----:allow

 

[Plamen Kolev]

Hello I have the same problem. My build version is FreeNAS-9.3-STABLE-201505130355.
I tried the suggestion of ZodiacUHD solution but it's not working for me.

The outputs of command getfacl for my shared folder before and after removing Everyone:

before removing
[root@nas ~]# getfacl /mnt/fs/sales-new/
# file: /mnt/fs/sales-new/
# owner: MYDOMAIN\administrator
# group: MYDOMAIN\domain admins
owner@:rwxpDdaARWcCos:fd----:allow
group@:rwxpDdaARWcCos:fd----:allow
everyone@:r-x---a-R-c---:fd----:allow

after removing
[root@nas ~]# getfacl /mnt/fs/sales-new/
# file: /mnt/fs/sales-new/
# owner: MYDOMAIN\administrator
# group: MYDOMAIN\domain admins
group:MYDOMAIN\administrator:rwxpDdaARWcCo-:fd----:allow
group@:rwxpDdaARWcCo-:fd----:allow