SOLVED - CIFS: Can map one user/share but not a second to same FN

[LearnLearnLearn]

You can't install packages on FreeNAS. You can only do that kind of thing in a Jail. Also please post your debug file you can download it under the advanced settings in the GUI.

http://doc.freenas.org/9.3/freenas_system.html

What's interesting is that I see two jails in Storage but none in the Jails tab.

You can just click the 'upload a file' button right below the text entry box? I just tested it and it seems to have worked.

Yes, I did that but it just sits there doing nothing for a while and when it completes, the file is never attached. The file is only 11MB so it's not reaching the limit of the site uploads. I can upload which ever specific file you want or can paste the last bits of log.

 

[LearnLearnLearn]

So after all this time and reading many more articles, posts etc, this is still not working for me.

I created a separate user and group and changed the dataset to that user/group.
From one win7 pc I can mount the share as the private user but from any other machine, I cannot mount using those credentials
but if I don't use credentials, I can mount the share for read only access. \

Makes no sense.

 

[INCSlayer]

question did you disconnect the first share before mounting the second share?
windows gets... peculiar when trying to mount 2 shares from the same source with 2 different credentials

 

[SweetAndLow]

So this is just a normal "I don't understand permissions" problem. Lets try to learn about them? I think you should spend some time playing with shares and datasets and not worry about what you need them to do. Lets just learn what they can do.

Goal 1: Setup a dataset with owner and group configured to be root:wheel and have root access.
1. create dataset with unix permissions and root:wheel 755 permissions.
2. create a cifs share for this dataset make sure guest access options are unchecked
3. using windows log into the share using the root user and it's password.
4. create files and folder and check to see if they are owned by root.

Goal 2: Setup a dataset with owern and group configured to be root:wheel but get guest access working.
1. create dataset with unix permission and root:wheel 755 permissions
2. create cifs share for this dataset amek sure guest access is checked and guest only is checked.
3. you will not be prompted for password this time
4. when you try to create files though you will see permission denied. <= this is because you are logging in as a user other than the owner and this user is also not in the group of the dataset. So you fall under the other mode bits. And we didn't give 'other' write permissions.
5. lets give other write permissions now. using the freenas gui under storage modify the permissions for the dataset you are sharing, make it 757. now when you go back to the share in windows you should be able to write to it.


I can create more of these if they help but i'll stop at 2 until we know it is working.

 

[LearnLearnLearn]

SweetAndLo, I did all those things :)
I spent quite a lot of time not caring so much about the permissions and just using the shares, trying now and then to learn more about it.

IncSlayer, you were dead on.

I disconnected all of my other shares and you're right, then I was able to mount the private share using the credentials.
I then remounted all of my other shares and checked to make sure they aren't mounted using the private share credentials and they aren't.

Obviously, having to unmount all of my shares would be a major pain just to get one mount working. Since you knew about this, any chance you might have some idea how to deal with it?

 

[Hugo Ochoa]

So this is just a normal "I don't understand permissions" problem. Lets try to learn about them? I think you should spend some time playing with shares and datasets and not worry about what you need them to do. Lets just learn what they can do.

Goal 1: Setup a dataset with owner and group configured to be root:wheel and have root access.
1. create dataset with unix permissions and root:wheel 755 permissions.
2. create a cifs share for this dataset make sure guest access options are unchecked
3. using windows log into the share using the root user and it's password.
4. create files and folder and check to see if they are owned by root.

Goal 2: Setup a dataset with owern and group configured to be root:wheel but get guest access working.
1. create dataset with unix permission and root:wheel 755 permissions
2. create cifs share for this dataset amek sure guest access is checked and guest only is checked.
3. you will not be prompted for password this time
4. when you try to create files though you will see permission denied. <= this is because you are logging in as a user other than the owner and this user is also not in the group of the dataset. So you fall under the other mode bits. And we didn't give 'other' write permissions.
5. lets give other write permissions now. using the freenas gui under storage modify the permissions for the dataset you are sharing, make it 757. now when you go back to the share in windows you should be able to write to it.


I can create more of these if they help but i'll stop at 2 until we know it is working.

I tried that and when I change the check box to allow "Other" to Write on the data set, I see the message saying "Mount Point permissions successfully updated" but if I go back to Change Permissions it's unchecked. I'm running 9.3 stable and I cannot access the share from windows 8.1 because I get a permission denied error. I read the documentation and followed the directions but it seems like I'm missing something. Do I need to set the volume/data set/share owner to nobody?

 

[SweetAndLow]

You have the dataset configured to use Windows permissions. When you have things in that mode you can't modify those check boxes. To make the modifications you have to use the windows GUI and click on the security tax under properties for the share.

 

[Hugo Ochoa]

You have the dataset configured to use Windows permissions. When you have things in that mode you can't modify those check boxes. To make the modifications you have to use the windows GUI and click on the security tax under properties for the share.

If I select Windows permissions, all the check boxes get grayed out so I couldn't possibly select the Other Write check box. I have the data set on Unix permissions and the issue persists. I was able to select the Write check box for Other in the Volume that contains the data set but I doesn't stick on the data set itself. Should I delete the whole thing and start over?

 

[SweetAndLow]

What does ls -l on that dataset give you? You could always start over. That is my suggestion so you can learn how things work and see what happens when you make small changes.

 

[Hugo Ochoa]

What does ls -l on that dataset give you? You could always start over. That is my suggestion so you can learn how things work and see what happens when you make small changes.

[root@freenas ~]# cd /mnt/NAS/Storage
[root@freenas /mnt/NAS/Storage]# ls -l
total 0
[root@freenas /mnt/NAS/Storage]#

 

[Hugo Ochoa]

[root@freenas ~]# cd /mnt/NAS/Storage
[root@freenas /mnt/NAS/Storage]# ls -l
total 0
[root@freenas /mnt/NAS/Storage]#

Ok, I'll delete and start over. Could you possibly list the steps to follow to create a completely open CIFS share so that anyone connected to my wifi router could have access to? I followed the instructions on the documentation but they didn't work. The wizard is not very wise. :)

 

[Hugo Ochoa]

What does ls -l on that dataset give you? You could always start over. That is my suggestion so you can learn how things work and see what happens when you make small changes.

Deleted the Share, and data set. Re-created it using your recommended settings and voila! I can access it without any credentials needed. I transferred a 1.4 GB video at 104 MB/s. Sweet! Thanks for your time!

 

[diedrichg]

@cyberjock Permissions Guide is desperately needed. I recall a long thread about crowd funding documents like this but this one is a genuine need. I know for a fact I don't have mine set up correctly - but they work.

 

[LearnLearnLearn]

LOL, I'm missing something too.
I built a whole new box, since I was going to anyhow, and set up the same user and cifs dataset with proper permissions, etc.
I can mount it as a guess but I can never mount it as the user it is assigned to.

As mentioned above, since it's a win share, it has default permissions and even trying to change those in windows doesn't work.

Dunno...

 

[LearnLearnLearn]

For WEEKS I've been missing something and there is never any help to be found. No matter how many posts I read, no matter how many searches I do then go through the examples, nothing works.

I've created two users on freenas.
I've created two shares.
I've created two datasets, one browsable and the other not by windows network. Options are identical.
I've set permissions for one user name on the first dataset which I've created on freenas. mikel and wheel group.
I've set permissions for one user name on the other dataset on freenas, privy and a new group called privy.
I've of course created both users and set their permissions.
I can mount the first share using mikel and have full read/write.
I can NEVER mount both at the same time.
Which ever I mount first is the only share I can use, and it doesn't matter whom I log in as, I have full read/write permissions.

Is there not some way of mounting different shares using different users for proper read/write access???

 

[Darren Myers]

when you browses to \\<freenas name/IP>\ are you met with 2 different shares/folders? I have 4 shares, 4 datasets, but all with the same permissions and show under the main \\freenas\ .

 

[LearnLearnLearn]

Do you mean am I seeing the same share when mapping as different users? No, I'm seeing the correct shares.
I also ssh'ed into freenas to look at the shares and they are owned by the correct users/groups.
Finally, I also look at permissions on windows and they are as they should be.

 

[Darren Myers]

so one of your previous posts said you can mount 1 share, then have to disconnect, and then you can remount the share you couldnt connect too, if thats correct try this...not sure if it will help make a batch file with

Code:

@echo on
net use S: \\<FreeNAS IP address>\<share name> /USER:<FreeNAS IP Address>\<Username> <Password>
net use T: \\<FreeNAS IP address>\<share name> /USER:<FreeNAS IP Address>\<Username> <Password>
pause

example:

net use S:\\192.168.1.50\Public /USER:192.168.1.50\Mickel Password1
net use T:\\192.168.1.50\Private /USER:192.168.1.50\privy Password1

I use that command at the start up of my one server to mount my FreeNAS shares so crashplan can connect to the network drive and do the backup.

P.S i cant promise you this will work....but it sounds like something that *should*

 

[LearnLearnLearn]

Ok, I'll give this a try tomorrow as I am moving several GB's of files while I have access to the share :).
I'll disconnect everything again then try what you mention and see what I get and report back.

Thanks.

 

[LearnLearnLearn]

Well, this finally gave me a lead. I had even enabled all kinds of logging on the FN server and never found anything useful.
By the way, in your example, there is a space missing :).

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.


D:\>net use K: \\192.168.1.20\backups /USER:192.168.1.20\mikel pass1
The command completed successfully.


D:\>net use S: \\192.168.1.20\miscad /USER:192.168.1.20\privy pass2
System error 1219 has occurred.

Multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed. Disconnect all previous connections to the server or shared resource and try again.

So, something seems to think I'm trying to use the same name?
This seems to be a common problem. Seems like the fix might be to add another interface/IP on FN then I should be able to map. Guess I'll need to deal with the network mask issue now.

• The network 192.168.0.0/16 is already in use by another NIC.

Weird that no one was able to catch this until you mentioned trying this test which finally got a good lead.

UPDATE: For a quick fix, I simply set up another interface using dhcp then used the new IP and now both shares are mapped.

Weird weird weird to me that not one person in this thread knew about this but I sure hope it will help others.

Thanks for Darren Myers for the great lead!