SOLVED Newbie FreeNAS 11 : Guest+user write setup

Status
Not open for further replies.
L

Lazarus

Dabbler
Joined
Nov 16, 2016
Messages
17
hello,
I am new to FreeNAS and trying to get full access to Guest+users on a share. I found this in the documentation -

Note
if you create a guest share as well a share that requires authentication, AFP will only map users who login as guest to the guest share. This means that if a user logs in to the share that requires authentication, the permissions on the guest share may prevent that user from writing to the guest share. The only way to allow both guest and authenticated users to write to a guest share is to set the permissions on the guest share to 777 or to add the authenticated users to a guest group and set the permissions to 77x.


I also found several forum posts that said to get guest access to work you needed to change the storage locations owner to nobody so I have set up the following:

Apply Owner (user): Checked
Owner (user): nobody
Apply Owner (group): checked
Owner (group): guest
Apply Mode: Checked
Mode: Greyed out: BUt owner& group have all 3 checked , other has read execute checked
Permission Type: windows
Set permission recursively: unchecked

Under "Sharing" I added a windows (SMB) share with both "apply default permissions" and "allow guest access" checked

For my user account I added the "guest" group as an auxiliary group.


But I can not write to the location using the user account.
Thank you for any help and guidance you can provide. I am pretty sure its some newbie mistake or I am misreading something but I have not been able to figure out what.
 
Last edited by a moderator:
zoomzoom

zoomzoom

Guru
Joined
Sep 6, 2015
Messages
677
Are you trying to configure an AFP [Apple] share or a SMB [Samba - Windows] share? I believe you're trying to configure an SMB share, but need to confirm.
 
SweetAndLow

SweetAndLow

Sweet'NASty
Joined
Nov 6, 2013
Messages
6,421
Lazarus said:
hello,
I am new to freenas and trying to get full access to Guest+users on a share. I found this in the documentation -

Note
if you create a guest share as well a share that requires authentication, AFP will only map users who login as guest to the guest share. This means that if a user logs in to the share that requires authentication, the permissions on the guest share may prevent that user from writing to the guest share. The only way to allow both guest and authenticated users to write to a guest share is to set the permissions on the guest share to 777 or to add the authenticated users to a guest group and set the permissions to 77x.


I also found several forum posts that said to get guest access to work you needed to change the storage locations owner to nobody so I have set up the following:

Apply Owner (user): Checked
Owner (user): nobody
Apply Owner (group): checked
Owner (group): guest
Apply Mode: Checked
Mode: Greyed out: BUt owner& group have all 3 checked , other has read execute checked
Permission Type: windows
Set permission recursively: unchecked

Under "Sharing" I added a windows (SMB) share with both "apply default permissions" and "allow guest access" checked

For my user account I added the "guest" group as an auxillery group.


But I can not write to the location using the user account.
Thank you for any help and guidance you can provide. I am pretty sure its some newbie mistake or I am misreading something but I have not been able to figure out what.
Click to expand...
You said both smb and afp in this description. Please make up your mind which you are asking for help with.

Hardware specs and freenas version required with every new post please.

Sent from my Nexus 5X using Tapatalk
 
L

Lazarus

Dabbler
Joined
Nov 16, 2016
Messages
17
My apologies for the oversight:

Freenas: 11
MotherBoad: X9DRi-LN4F+
Processors:: 2x Intel® Xeon® E5-2680
RAM: 192 GB ECC
Controller:: 3x LSI 9210-8i ARRAY CONTROLLER (IT Mode)
Case: SC846BA-R920B 24 X3.5" drive Bays
Boot drive: SUPERMICRO 32GB SATA SMC SATADOM Mfg. Part#: SSD-DM032-SMCMVN1
Secondary drive: Samsung 850 Pro 512GB (intended for Jails/vms)
Storage array: 11x WD Red 4TB NAS Hard Disk Drive - 5400


I am intending it as primarily a windows share. We do have some android devices and an occasional apple devise.

It is for a home NAS and our main systems are windows 10.

thank you again for the help.
 
SweetAndLow

SweetAndLow

Sweet'NASty
Joined
Nov 6, 2013
Messages
6,421
That snippit you posted is for afp not smb so you can ignore it.

Have you seen the permissions video by @M0nkey? Do a search for it.

Sent from my Nexus 5X using Tapatalk
 
L

Lazarus

Dabbler
Joined
Nov 16, 2016
Messages
17
I thought it must apply to all since that is the exact problem I am experiencing.

If I set the data-set to a specific share group and do not enable guest access all members of the group can access it. But if set for guest access guests and users can read but only guests can write.

I had found this one "FreeNAS 9.10 and Samba (SMB) permissions" by The Internet Monkey
 
zoomzoom

zoomzoom

Guru
Joined
Sep 6, 2015
Messages
677
Sounds like the directory ownership and/or permissions are wrong.
  1. When configuring the Samba share, Windows permissions should be selected, which will automatically disable & gray out Unix permissions (user, group, other)

  2. The dataset directory the share is attached to needs to be owned by the main user for the share who has r/w access, and a group that encompasses the users for the share
    • If entire dataset is shared:
      • chown -RP <user>:<group> /mnt/<zvol>/<dataset>
    • Else:
      • chown -RP <user>:<group> /mnt/<zvol>/<dataset>/<share directory>

    • For help, issue the manpage command: man chown
      • -R: Recursive
      • -P: Don't follow symbolic links

  3. The permissions should be r/w for the user owning the directory, r/w for the group (if you want the users in the group to have write access), and whatever you wish for others (i.e. those who are not the owner and not in the owning group, usually just read access if guest access is allowed)
    • If entire dataset is shared:
      1. find /mnt/<zvol>/<dataset> -type f -exec chmod -RP 664 {} \
      2. find /mnt/<zvol>/<dataset> -type d -exec chmod -RP 755 {} \
    • Else:
      1. find /mnt/<zvol>/<dataset>/<share directory> -type f -exec chmod -RP 664 {} \
      2. find /mnt/<zvol>/<dataset>/<share directory> -type d -exec chmod -RP 755 {} \

    • For help, issue the manpage command:
      • man chmod
        • -R: Recursive
        • -P: Don't follow symbolic links

      • man find
        • -type d: Type: Directory
          • Permissions:
            • User: 7 [read,write,execute]
            • Group: 5 [read,execute]
            • Others: 5 [read,execute]
        • -type f: Type: File
          • Permissions:
            • User: 6 [ead,write]
            • Group: 6 [read,write]
            • Others: 4 [read]
 
Last edited:
L

Lazarus

Dabbler
Joined
Nov 16, 2016
Messages
17
Thank you for the help...

I had been adding users to the "guest" group and then giving that group ownership.

Instead I have now created a new group "shared" to use instead of using the the built in "guest" group. Once I set users to be a member of that group and set the data set to be owned by that group things seem to have resolved.

Thank you again for the help.
 
Status
Not open for further replies.

Similar threads

T
  • Locked
Need help with shares
Replies
11
Views
3K
depasseg
depasseg
O
  • Locked
CIFS Share: Write Permissions?
Replies
2
Views
4K
m0nkey_
m0nkey_
I
  • Locked
Permission messed up (Unix/Windows) and CIFS share
Replies
3
Views
3K
Eniac74
E
M
  • Locked
CIFS SHARING, USER PERMISSIONS DON'T WORK CORRECTLY
Replies
6
Views
4K
Mike77
M
gjergj sheldija
  • Locked
sharing folder via smb/cifs via guest
Replies
2
Views
867
Ericloewe
Ericloewe
Top