smb share privilages

mzpw · Sep 6, 2023

Hello.
I have a little problem on truenas Core 13.0-U5.1. I moved files from windows server to truenas and configured all privilages.

I have smb share (for example) "share1" (for everyone) In this shared folders created directorys like: share1-subfolder1-subfolder2-subfolder3. Subfolder1 is for everyone. Subfolder2 is only for me. I woudl like set subfolder3 for userA. (I know that subfolder3 is in subfolder2) but this don't work.
On windows serwer this configuration worked.
Users can't getin int subfolder2 (i know that) but on windows was posible get in by path \\truenas\share1\subfolder1\subfolder2\subfolder3 - this worked (on windows but don't working on truenas)
or from subfolder1 "set command cd subfolder2\subfolder3"

Sorry for my english :)

anodos · Sep 6, 2023

mzpw said:
Hello.
I have a little problem on truenas Core 13.0-U5.1. I moved files from windows server to truenas and configured all privilages.

I have smb share (for example) "share1" (for everyone) In this shared folders created directorys like: share1-subfolder1-subfolder2-subfolder3. Subfolder1 is for everyone. Subfolder2 is only for me. I woudl like set subfolder3 for userA. (I know that subfolder3 is in subfolder2) but this don't work.
On windows serwer this configuration worked.
Users can't getin int subfolder2 (i know that) but on windows was posible get in by path \\truenas\share1\subfolder1\subfolder2\subfolder3 - this worked (on windows but don't working on truenas)
or from subfolder1 "set command cd subfolder2\subfolder3"

Sorry for my english :)

Unix has strict traverse checking. Permissions on subfolder2 will prevent user from accessing subfolder3.

mzpw · Sep 6, 2023

anodos said:
Unix has strict traverse checking. Permissions on subfolder2 will prevent user from accessing subfolder3.

I forgot wrote truenas is connected to AD domain and i use ACL permission.

Employees used subfolders (created with this method on windows) and now i don't know how resolve this situation :(

anodos · Sep 6, 2023

mzpw said:
I forgot wrote truenas is connected to AD domain and i use ACL permission.

Employees used subfolders (created with this method on windows) and now i don't know how resolve this situation :(

You grant them execute on the intermediate folders (or TRAVERSE if using our webui), but it might be a good idea to solidify basic server / filesystem knowledge before deploying in production at a place of work.

mzpw · Sep 15, 2023

Thank you. Now i must set new privileges and test it.

Now founded new problem. ;(
When i try change privileges on folder (with inherit). On some files and folders i cant chaneg it becouse is set difrent owner (Im try set all as administrator). I must first change ownet to myself and next chane privileges.
How i can cange privelages if im not owner?

anodos · Sep 15, 2023

This is how windows permissions / privileges work. As administrator user you have SeTakeOwnershipPrivilege among others. There are various MS documentation you can read regarding permissions and privileges.

Important Announcement for the TrueNAS Community.

smb share privilages

mzpw

Cadet

anodos

Sambassador

mzpw

Cadet

anodos

Sambassador

mzpw

Cadet

anodos

Sambassador

Similar threads