File ownership mismatch.

D

dot.dot

Cadet
Joined
Sep 7, 2022
Messages
5
Hello.
I'm sure I'm doing something wrong but this is the case, the same file shows 3 distinct ownerships.

I enrolled TrueNas on my AD DC, and can see the users/groups using:
Code:
wbinfo -u
wbinfo -g

I log into a linux machine using an account: local (this account is the local admin)
I then mount the samba share located on my TrueNas using one of the AD DC users DOMAIN/user1 and can create a file.
But the ownership for the files is not what I expect them to be, nor reported in a consistent manner:

Via the client GUI root owns the file (I logged in as local, not root):
1662623193544.png


Via CLI, navigating to the mount point using gvfs the file is owned by local:
1662623286335.png


Then Shell on the TrueNas machine itself, itis owned by DOMAIN/user1:
1662623649544.png


I know I must be doing something wrong/missed a step somewhere, can someone point me at the right direction?
Thanks!
 
Johnny Fartpants

Johnny Fartpants

Guru
Joined
Jul 3, 2015
Messages
926
Try adding the AD username in your mount command like this:

sudo mount.cifs -v //yourserver/stuff/ -o username=ADusername,domain=yourdomain /yourmountpoint.
 
D

dot.dot

Cadet
Joined
Sep 7, 2022
Messages
5
Thanks for the reply.

I went ahead and added automount via pam whenever a domain user logs in. but i still have some issues.The GUI still reports the ownership as being the user that is logged in at the moment, not the one who created the file, on windows it works straight away.
Perhaps linux is reporting the owner of the mount,rather than the owner of the file as per truenas?

1662644201579.png


The CLI on Kubuntu at least matches the GUI now:
1662644409251.png


And on Truenas it matches what i was seeing on Windows:
1662645336885.png


I learned a bit, but not how to get around this :/
 

Attachments

  • 1662644349039.png
    1662644349039.png
    4 KB · Views: 76
  • 1662644370611.png
    1662644370611.png
    122.6 KB · Views: 83
Johnny Fartpants

Johnny Fartpants

Guru
Joined
Jul 3, 2015
Messages
926
How are your permissions setup on the share?
 
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
gvfs may have improper handling for cases where share doesn't have SMB1 unix extensions enabled. For that matter, if your Linux client is not joined to AD, it can't convert the SIDs it receives over the wire to uids / gids and so just shows current user as owner.
 
D

dot.dot

Cadet
Joined
Sep 7, 2022
Messages
5
Many thanks for your help, it nudged mein the right direction

I am authenticating my users against an AD DC.

My solution ended up being this:
Mount the share as nfs instead of cifs (i am mounting on pam_mount_conf.xml)(cifs on linux still does not work well, but i am not using it).
I had to also fix the idmap settings so that both TrueNas and the clients match the AD DC. (anodos you ended up helping me on that too!)

So my first suspicion that I was doing something wrong holds true.
(But perhaps the idmap settings should be enabled by default, as it seems to me that is the way you'd want it to be all the time? )

1662807672324.png
 
You must log in or register to reply here.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "File ownership mismatch."

Similar threads

X
ad users how to creating truenas account?
Replies
0
Views
435
xcyhxx
X
V
truenas loses connectivity to AD server after full shutdown.
Replies
19
Views
995
unseen
unseen
D
Possible/Practical to Mirror NTFS Folders Including NTFS Permissions From Standalone Windows Machine?
Replies
0
Views
270
digilur
D
eexodus
  • Locked
Issues with SMB and inheritance
Replies
3
Views
3K
eexodus
eexodus
I
  • Locked
Upgrading 9.2.1.9 to 9.3 unable to strat AD service
Replies
4
Views
2K
Ico747
I
Top