HOME DIRECTORY

[tessierp]

Hi everyone.

I managed to setup the homes directory although I did have to wrestle to get it to work. Basically, I created a sub-pool from my main pool called homes with the following permissions :

From there I proceeded to create Samba share called home with the following properties and ACL security :

From there, every user loging in from Windows with their respective and matching usernames (same in TrueNAS and in Windows) are all able to access their shares.

However, there is one small issue. I would like to give one user access to all other home shares. I do see the "HOMES" folder listed but if I click on that it shows me what is under my own user, "tessierp" which is also in the list.

How can I make it so that when I go in HOMES I see all other others as well?

Thanks in advance for your help.

 

[tessierp]

What I meant by sub-pool was in fact a DATASET.

 

[tessierp]

If what I have done was wrong please let me know. Hope there is a solution to see all users from the "homes" folder.

 

[tessierp]

Hi,

I thought I'd update this just in case someone is looking for a way to do this.. As far as my research goes, it doesn't seem like it is possible with the "Use as home share" functionality, to make the "root" dataset traversable; just to rewind a bit, if you create yourself a DATASET called "home_dataset" and leave it to the defaults settings and then proceed to create a SMB share called "users_share" with the following settings :

And then to set the the ACL permissions like so :

You will not allow you to traverse homes and see the folders of other users and no where is it possible to edit the permissions to give a user access to individual home folders (I've seen some people trying to do this and I needed to do this myself). I am not sure if this is a bug or as intended functionality but if you do try to make a backup to an external HDD of home folders, you would have to login to a Linux or Windows machine and access each of the users individual home directories and backup them up, not practical. Now I realize in the enterprise they wouldn't do such a thing and would snapshot the entire array and move the data to another machine but for more small size businesses or home users, this would have been a good feature to have.

Anyway, I did find a way to simulate the home directory functionality, traverse the user_shares and have a user gain access.. It involves a little more work but it works.

How to create user shares that are traversable and can give a user permission to have access to each share

1. The first thing you want to do is to create a dataset, call it whatever you like I called mine "UserShares". I left the default settings upon creation as is.
2. I then proceeded into create a SHARE under Sharing -> Windows Shares (SMB) and again I left all the settings to the defaults but just to be safe here is a snapshot

I selected the DATASET I created, "UserShares" and gave my share the name "user_shares" (again give it the name you like, doesn't matter). I saved and was asked to set the ACL permissions and selected RESTRICTED and then I adjusted the settings. Here are the settings for the share and filesystem :

3. Then you must create a dataset for each user you want to have a "home" folder for. Those dataset must be created UNDER the dataset "UserShares" (or whatever you named it). Lets say we create one. I'll give it the name "tessierp" for myself and upon creation I would leave everything to the defaults and then I would edit the filesystem ACL and set them like so :

With the group of builtin_users gaining "Traverse" permissions, they will be able to see my folder but not access it. Now, lets say we create another dataset under "UserShares" to allow "tessierp" to have access. Again you create the dataset with the defaults and you would edit the file permissions to look like this :

4. The very last step is to edit each of your users and set their home folders to the folders you just created under "UserShares" (or whatever name you gave it.

I hope this will help anyone struggling with this in the future.

Cheers.