SOLVED - CIFS: Can map one user/share but not a second to same FN

[LearnLearnLearn]

SOLVED; You cannot map multiple shares using different users to the same device/IP. You need to add another IP to the FN box, then map your second user to that share.
There might be a Microsoft method but this is all I know at this point and it works.

-----------------------------

I've set up two CIFS shares.
I've created two users with their own passwords.
I want user1 only, to be allowed access to share1.
I want user2 only, to be allowed access to share2.

I can mount share1 to my desktop using user1 credentials.
I can mount share2 to my desktop using user1 credentials. (I only want user2 to be allowed access to share2)

I've looked at the settings for Storage and Sharing along with the two accounts I am using and they are pretty much identical other than name/password.

Just wanting to confirm...

I think that anyone with credentials on freenas can access a share.
I think datasets allow user controls?

Should I be using datasets instead in order to gain access controls? It still doesn't answer why user2 cannot mount share2 however.

What am I missing?

 

[SweetAndLow]

Who is the owner and group of the two things you are sharing? Seems like user1 is probably the owner?

 

[LearnLearnLearn]

I think that's my problem... I'm not sure where to check/set that.
Both users are in the wheel group but I don't see any owner settings.

 

[Ericloewe]

Coarse permissions (ownership) are set at the dataset level.

 

[LearnLearnLearn]

I don't have a dataset so are you saying that is why I am experiencing this? I need to set up a dataset in order to do user access controls?

 

[DifferentStrokes]

You would have to have a dataset to have a share, I'd think.

 

[LearnLearnLearn]

I don't know FN well enough yet but I don't see datasets in the Shares section, only in the Storage section.
I tried that also and the user is still not able to mount the space.

 

[Ericloewe]

You need to take a step back, read the manual and then ask about lingering questions.
Link is conveniently located in the top navigation bar.

 

[LearnLearnLearn]

What makes you think I've not been reading everything I can find before I posted? :)

 

[Robert Trevellyan]

I don't know FN well enough yet but I don't see datasets in the Shares section, only in the Storage section.

Create one dataset for each user, owned by that user. Then create one share per dataset.

Recognize that if each user is a member of wheel, and the permissions you set up allow group access, then both users will still have access to both shares.

 

[LearnLearnLearn]

One was created using the wizard and I created the other one manually after trying both using the wizard.
Both appear as a dataset in the Storage list.

One is 'backups' and the other is 'misc'.

In permissions for backups, I have the user name as owner and wheel as group since more than one is allowed to access this share.
In permissions for misc, I have the second user name and the group I created for this user.

I am able to mount the first share, backups using the proper credentials.
I am no longer able to mount the second share using the first user credentials, so I fixed that.

I am unable to mount the second share, misc, using the proper credentials.
Each time I enter the credentials, the Windows Security box which wants me to enter the credentials, just keeps popping up.
I'm assuming there is a log somewhere I could check to see what the problem is but I've yet to find it.

Interestingly, I just tried mapping from an XP machine and even without using credentials, it simply let me mount the share but I wasn't able to write to it.

On misc, I have Microsoft share browsing disabled.

 

[Robert Trevellyan]

I assume you're logging out of Windows each time you make changes. Windows likes to cache sharing credentials.

If you go to the System | Advanced tab, you'll find a button labelled Save Debug. This will dump a whole bunch of logs for your viewing pleasure (it takes a while).

 

[LearnLearnLearn]

I tried that a couple of times but logging out/in didn't seem to change anything. Plus, I've got other machines I can test from too. Most are win7.

Mine says Enable Debug Kernel so... guess I'm enabling it.

 

[LearnLearnLearn]

I was thinking more like checking /var/log or something using ssh :)

 

[LearnLearnLearn]

Not much in there for details. I already know it failed :)

[2015/05/19 15:36:00.356787, 1] ../source3/smbd/service.c:1130(close_cnum)
leena-pc (ipv4:192.168.1.205:57091) closed connection to service misc

 

[LearnLearnLearn]

I wanted to install mc because I'm so used to flying around an os using it.

# pkg_add -rf mc
Error: Unable to get ftp://ftp.freebsd.org/pub/FreeBSD/ports/amd64/packages-9-stable/Latest/mc.tbz: File unavailable (e.g., file not found, no access)
pkg_add: unable to fetch 'ftp://ftp.freebsd.org/pub/FreeBSD/ports/amd64/packages-9-stable/Latest/mc.tbz' by URL

 

[SweetAndLow]

You can't install packages on FreeNAS. You can only do that kind of thing in a Jail. Also please post your debug file you can download it under the advanced settings in the GUI.

http://doc.freenas.org/9.3/freenas_system.html

 

[Robert Trevellyan]

Mine says Enable Debug Kernel so... guess I'm enabling it.

No, don't do that.

If you go to the System | Advanced tab, you'll find a button labelled Save Debug.

 

[LearnLearnLearn]

Got it. I turned it off soon after enabling it and finding out I could just download the log. But on the other hand, I like ssh'ing into the box and looking at the logs directly.

Can't seem to upload a file so, which specific file do you want me to upload, I'll extract that one.

 

[SweetAndLow]

You can just click the 'upload a file' button right below the text entry box? I just tested it and it seems to have worked.