Register for the iXsystems Community to get an ad-free experience and exclusive discounts in our eBay Store.

Unable to access shares after upgrading to 11.3 from 11.2-U7

John W

Newbie
Joined
Jan 23, 2015
Messages
12
Datasets show correct ownership in ACL (root/wheel), but since the 11.3 upgrade my Windows share access has been killed. After I clear out all W10 credentials related to FREENAS and try to login to my shares, I'm greeted with "The specified network password is not correct." Any ideas on what's going on?
 

castle

Newbie
Joined
Mar 1, 2019
Messages
12
I saw a similar thing (on a 11.2-U7 upgraded to 11.3) yesterday and perhaps relevant issue with my SMB shares, first I got an error while trying to create a user regarding mapping between the user and the usergroup, both the user and group was created. But I was, like you, unable to connect to the smb share with that user, returning the same error as you are reporting.

Will check and report back later today if there is indeed an issue that applies to all my users (except root).
 

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
5,904
11.2 was loose with synchronization of Samba's passdb.tdb file with the freenas config file. In 11.3 the synchronization is strict. If root access was granted in 11.2 or earlier by merely running "pdbedit -a root", this access will be broken on upgrade to 11.3. To restore this, you will need to modify the root password in the GUI to force the routine to properly generate an NT hash used for SMB authentication for the root user (though this does potentially have negative security implications).
 

John W

Newbie
Joined
Jan 23, 2015
Messages
12
Thanks anodos. Frankly, what you mentioned is over my head. I know that when I initially set up my pools something like 5 years ago, I set a customer username as their owner and at some point later switched ownership to root. I am contemplating a cold backup of all files, then clean installing FREENAS and starting over from scratch with correct ownership from day one. The only pain of this is opening the 10TB Easystore that I picked up tonight in order to do the cold storage backup and then not being able to return it.
 

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
5,904
Thanks anodos. Frankly, what you mentioned is over my head. I know that when I initially set up my pools something like 5 years ago, I set a customer username as their owner and at some point later switched ownership to root. I am contemplating a cold backup of all files, then clean installing FREENAS and starting over from scratch with correct ownership from day one. The only pain of this is opening the 10TB Easystore that I picked up tonight in order to do the cold storage backup and then not being able to return it.
There's no need to reinstall. Try setting the following auxiliary parameter under Services->SMB username map = and restarting the SMB service. Also post "getfacl" output for every path component leading to the share i.e.
getfacl /mnt/tank
getfacl /mnt/tank/share

post the output of "pdbedit -L" and "testparm -s"
 

KenwoodFox

Newbie
Joined
Nov 6, 2018
Messages
40
I've been able to login as other users to samba, but after upgrading i can no longer login to a samba share as Root, is this supposed to be like this?
 

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
5,904
I've been able to login as other users to samba, but after upgrading i can no longer login to a samba share as Root, is this supposed to be like this?
Perhaps. Did you add a SMB password for "root" through the "pdbedit" command originally? If so, it will not be added because we are more strict about making sure that Samba's passdb stays in sync with our config file.
 

KenwoodFox

Newbie
Joined
Nov 6, 2018
Messages
40
Perhaps. Did you add a SMB password for "root" through the "pdbedit" command originally? If so, it will not be added because we are more strict about making sure that Samba's passdb stays in sync with our config file.
I've never changed my root password since i installed the system actually, is it acceptable to allow root login through SMB? And if so, how would i do that?
 
Top