SMB Stopped Working TrueNAS Scale

[mnm1501]

Hi, I have been using TrueNAS Scale for about 6 months (newbie), I hit a problem before Christmas where I did a reboot & the server wouldn't come backup.
I left it till I got back this week, I checked everything twice, reset the bios, still wouldn't boot past the post, rebuilt my 2 x 120GB SSD's with the latest ISO.
Finally got it to boot, recovered my 2 x ZFS Pools (2 x 4 x 10TB HDD) restored a backup & it all seemed to work, containers & VM's all working ok.
Only problem is I can no longer access any SMB shares, I can see the server on the Network & get to a list of all the folders, but get access denied errors or asking for user & password, really weird thing is I can get into the Software folder but nothing below it.
All the shares had been fine before the boot failure, I have also just upgraded to RC2. I ran testparm -s & pasted the results below (seems to look ok).
I am new to the linux arena but have some knowledge, I also tried clearing my saved passwords on my Win10 machine.
Any ideas or pointers would be appreciated :).
Thanks :)


Linux truenas.local 5.10.81+truenas #1 SMP Mon Dec 20 21:03:38 UTC 2021 x86_64

TrueNAS (c) 2009-2021, iXsystems, Inc.
All rights reserved.
TrueNAS code is released under the modified BSD license with some
files copyrighted by (c) iXsystems, Inc.

For more information, documentation, help or support, go here:
http://truenas.com
Welcome to TrueNAS
Last login: Tue Jan 4 11:07:49 AEDT 2022 on pts/0

Warning: settings changed through the CLI are not written to
the configuration database and will be reset on reboot.

root@truenas[~]# testparm -s
Load smb config files from /etc/smb4.conf
lpcfg_do_global_parameter: WARNING: The "syslog only" option is deprecated
Loaded services file OK.
Weak crypto is allowed

Server role: ROLE_STANDALONE

# Global parameters
[global]
bind interfaces only = Yes
disable spoolss = Yes
dns proxy = No
load printers = No
logging = file
map to guest = Bad User
max log size = 5120
passdb backend = tdbsam:/var/run/samba-cache/passdb.tdb
printcap name = /dev/null
registry shares = Yes
server min protocol = NT1
server multi channel support = No
server string = TrueNAS Server
username map = /etc/smbusername.map
idmap config * : range = 90000001 - 100000000
idmap config * : backend = tdb
create mask = 0775
directory mask = 0775


[ISO]
ea support = No
kernel share modes = No
path = /mnt/Pool2/ISO
posix locking = No
read only = No
smbd max xattr size = 2097152
vfs objects = streams_xattr shadow_copy_zfs acl_xattr zfs_core io_uring
tn:vuid =
fruit:time machine max size = 0
fruit:time machine = False
tn:home = False
tn:path_suffix =
tn:purpose = DEFAULT_SHARE


[NextCloud]
ea support = No
kernel share modes = No
path = /mnt/POOL1/NextCloud
posix locking = No
read only = No
smbd max xattr size = 2097152
vfs objects = streams_xattr shadow_copy_zfs acl_xattr zfs_core io_uring
tn:vuid =
fruit:time machine max size = 0
fruit:time machine = False
tn:home = False
tn:path_suffix =
tn:purpose = DEFAULT_SHARE


[ix-applications]
ea support = No
kernel share modes = No
path = /mnt/POOL1/ix-applications
posix locking = No
read only = No
smbd max xattr size = 2097152
vfs objects = streams_xattr shadow_copy_zfs acl_xattr zfs_core io_uring
tn:vuid =
fruit:time machine max size = 0
fruit:time machine = False
tn:home = False
tn:path_suffix =
tn:purpose = DEFAULT_SHARE


[Photos]
ea support = No
kernel share modes = No
path = /mnt/Pool2/Photos
posix locking = No
read only = No
smbd max xattr size = 2097152
vfs objects = streams_xattr shadow_copy_zfs nfs4acl_xattr zfs_core io_uring
tn:vuid =
fruit:time machine max size = 0
fruit:time machine = False
nfs4:chown = True
nfs4acl_xattr:encoding = xdr
nfs4acl_xattr:xattr_name = system.nfs4_acl_xdr
nfs4acl_xattr:validate_mode = False
nfs4acl_xattr:nfs4_id_numeric = True
tn:home = False
tn:path_suffix =
tn:purpose = DEFAULT_SHARE


[Backups]
ea support = No
guest ok = Yes
kernel share modes = No
path = /mnt/Pool2/Backups
posix locking = No
read only = No
smbd max xattr size = 2097152
vfs objects = streams_xattr shadow_copy_zfs nfs4acl_xattr zfs_core io_uring
tn:vuid =
fruit:time machine max size = 0
fruit:time machine = False
nfs4:chown = True
nfs4acl_xattr:encoding = xdr
nfs4acl_xattr:xattr_name = system.nfs4_acl_xdr
nfs4acl_xattr:validate_mode = False
nfs4acl_xattr:nfs4_id_numeric = True
tn:home = False
tn:path_suffix =
tn:purpose = DEFAULT_SHARE


[Multimedia]
ea support = No
kernel share modes = No
path = /mnt/POOL1/Multimedia
posix locking = No
read only = No
smbd max xattr size = 2097152
vfs objects = streams_xattr shadow_copy_zfs acl_xattr zfs_core io_uring
tn:vuid =
fruit:time machine max size = 0
fruit:time machine = False
tn:home = False
tn:path_suffix =
tn:purpose = DEFAULT_SHARE


[PLEX]
ea support = No
kernel share modes = No
path = /mnt/POOL1/PLEX
posix locking = No
read only = No
smbd max xattr size = 2097152
vfs objects = streams_xattr shadow_copy_zfs acl_xattr zfs_core io_uring
tn:vuid =
fruit:time machine max size = 0
fruit:time machine = False
tn:home = False
tn:path_suffix =
tn:purpose = DEFAULT_SHARE


[Downloads]
ea support = No
kernel share modes = No
path = /mnt/POOL1/Downloads
posix locking = No
read only = No
smbd max xattr size = 2097152
vfs objects = streams_xattr shadow_copy_zfs acl_xattr zfs_core io_uring
tn:vuid =
fruit:time machine max size = 0
fruit:time machine = False
tn:home = False
tn:path_suffix =
tn:purpose = DEFAULT_SHARE


[Zoneminder]
ea support = No
kernel share modes = No
path = /mnt/Pool2/Zoneminder
posix locking = No
read only = No
smbd max xattr size = 2097152
vfs objects = streams_xattr shadow_copy_zfs nfs4acl_xattr zfs_core io_uring
tn:vuid =
fruit:time machine max size = 0
fruit:time machine = False
nfs4:chown = True
nfs4acl_xattr:encoding = xdr
nfs4acl_xattr:xattr_name = system.nfs4_acl_xdr
nfs4acl_xattr:validate_mode = False
nfs4acl_xattr:nfs4_id_numeric = True
tn:home = False
tn:path_suffix =
tn:purpose = DEFAULT_SHARE


[Software]
ea support = No
guest ok = Yes
kernel share modes = No
path = /mnt/Pool2/Software
posix locking = No
read only = No
smbd max xattr size = 2097152
vfs objects = streams_xattr shadow_copy_zfs nfs4acl_xattr zfs_core io_uring
tn:vuid =
fruit:time machine max size = 0
fruit:time machine = False
nfs4:chown = True
nfs4acl_xattr:encoding = xdr
nfs4acl_xattr:xattr_name = system.nfs4_acl_xdr
nfs4acl_xattr:validate_mode = False
nfs4acl_xattr:nfs4_id_numeric = True
tn:home = False
tn:path_suffix =
tn:purpose = DEFAULT_SHARE


[Scanner]
ea support = No
guest ok = Yes
kernel share modes = No
path = /mnt/Pool2/Scanner
posix locking = No
read only = No
smbd max xattr size = 2097152
vfs objects = streams_xattr shadow_copy_zfs nfs4acl_xattr zfs_core io_uring
tn:vuid =
fruit:time machine max size = 0
fruit:time machine = False
nfs4:chown = True
nfs4acl_xattr:encoding = xdr
nfs4acl_xattr:xattr_name = system.nfs4_acl_xdr
nfs4acl_xattr:validate_mode = False
nfs4acl_xattr:nfs4_id_numeric = True
tn:home = False
tn:path_suffix =
tn:purpose = DEFAULT_SHARE


[Books]
ea support = No
kernel share modes = No
path = /mnt/POOL1/Books
posix locking = No
read only = No
smbd max xattr size = 2097152
vfs objects = streams_xattr shadow_copy_zfs acl_xattr zfs_core io_uring
tn:vuid =
fruit:time machine max size = 0
fruit:time machine = False
tn:home = False
tn:path_suffix =
tn:purpose = DEFAULT_SHARE


[Multimedia2]
ea support = No
kernel share modes = No
path = /mnt/Pool2/Multimedia
posix locking = No
read only = No
smbd max xattr size = 2097152
vfs objects = streams_xattr shadow_copy_zfs acl_xattr zfs_core io_uring
tn:vuid =
fruit:time machine max size = 0
fruit:time machine = False
tn:home = False
tn:path_suffix =
tn:purpose = DEFAULT_SHARE


[docker-files]
ea support = No
kernel share modes = No
path = /mnt/POOL1/docker-files
posix locking = No
read only = No
smbd max xattr size = 2097152
vfs objects = streams_xattr shadow_copy_zfs acl_xattr zfs_core io_uring
tn:vuid =
fruit:time machine max size = 0
fruit:time machine = False
tn:home = False
tn:path_suffix =
tn:purpose = DEFAULT_SHARE

 

[anodos]

I see you have guest access enabled for your shares. What is output of midclt call smb.config |jq

 

[mnm1501]

"id": 1,
"netbiosname": "truenas",
"netbiosname_b": "truenas-b",
"netbiosalias": [],
"workgroup": "WORKGROUP",
"description": "TrueNAS Server",
"unixcharset": "UTF-8",
"loglevel": "MINIMUM",
"syslog": false,
"aapl_extensions": false,
"localmaster": true,
"guest": "nobody",
"filemask": "",
"dirmask": "",
"smb_options": "",
"bindip": [],
"cifs_SID": "S-1-5-21-2177314378-4151958663-1701145889",
"ntlmv1_auth": false,
"enable_smb1": true,
"admin_group": null,
"next_rid": 10006,
"multichannel": false,
"netbiosname_local": "truenas"

 

[mnm1501]

t

I see you have guest access enabled for your shares. What is output of midclt call smb.config |jq

Thanks for responding, I don't have much experience with ACL, I have stripped the ACL from from of the folders, deleted the share & reshared it but still don't have access to the folder on windows. I am not sure why I have access to the root share / server & can only access the software folder but nothing below that. I have compared all the settings & they look the same?

 

[mnm1501]

I see you have guest access enabled for your shares. What is output of midclt call smb.config |jq

I originally posted last Thu, but didn't get any responses, link has some screen captures of trying to access the shares.

TrueNAS Scale Server crash Win10 no longer acess shared folders

Hi, I have been using TrueNAS Scale for about 6 months (newbie), I hit a problem before Christmas where I did a reboot & the server wouldn't come backup. I left it till I got back this week, I checked everything twice, reset the bios, still wouldn't boot past the post, rebuilt my 2 x 120GB SSD's...

www.truenas.com

 

[anodos]

Several of your shares have guest access enabled. This can lead to unpredictable behavior, especially with Windows clients which only allow one set of credentials per server. Try removing all guest access and use proper credentials / accounts for access. Rather than stripping ACLs, which is generally a way to get rather undefined behavior from your shares, it's better to explicitly grant access for your users / groups. An example of this is to grant the group builtin_users (of which all SMB users are a member), explicit read, write, execute access through a DEFAULT POSIX1E ACL entry (for POSIX ACL type), or an inheriting FULL_CONTROL or MODIFY entry for NFSv4 ACL type.

Despite the implication that guest access is easier, it actually adds more variables to how clients access your server and with modern SMB clients behavior can be quite unintuitive. That said, we keep the feature around for now because it does have a use case and there are some users who rely on it.

 

[mnm1501]

Not 100% sure what I am doing......
I have set the permissions for the folder as below.
It kept on asking for additional permissions & this was the list I had to use to get it to accept it.

Permissions set in the Shares

Windows doesn't work still. I put the password in & it gets an network error

[Books]
ea support = No
kernel share modes = No
path = /mnt/POOL1/Books
posix locking = No
read only = No
smbd max xattr size = 2097152
vfs objects = streams_xattr shadow_copy_zfs acl_xattr zfs_core io_uring
tn:vuid =
fruit:time machine max size = 0
fruit:time machine = False
tn:home = False
tn:path_suffix =
tn:purpose = DEFAULT_SHARE

 

[mnm1501]

It has decided to start working again, not sure what has changed all my shares are now viewable from windows machines.