SOLVED Unable to add new user to smb share

[costumesguy]

After updating FreeNAS to 11.2U7 to 11.3U1 I had some problems creating a new user,

Code:

[EFAULT] Failed to generate groupmap for [shead]: ()

. Since updating to 11.3-U3.2, I can add a new user without any error occurring.

The problem I am now facing is that this new user isn't able to access an SMB share. I left user/group root/wheel alone, and added the user with full control to ACL. I am able to login to the root directory to view the share list with the new user, but I cannot access the share directory.

As a test, I added an existing user (one that was created before the update to 11.3) to the same share, and was able to access it. I created another new user, which did not work. I did reboot after creating the users, and tried using pdbedit -a mynewuser, rebooted, and still was not able to access the share.

Any help with this would be appreciated.

 

[anodos]

After updating FreeNAS to 11.2U7 to 11.3U1 I had some problems creating a new user,

Code:

[EFAULT] Failed to generate groupmap for [shead]: ()

. Since updating to 11.3-U3.2, I can add a new user without any error occurring.

The problem I am now facing is that this new user isn't able to access an SMB share. I left user/group root/wheel alone, and added the user with full control to ACL. I am able to login to the root directory to view the share list with the new user, but I cannot access the share directory.

As a test, I added an existing user (one that was created before the update to 11.3) to the same share, and was able to access it. I created another new user, which did not work. I did reboot after creating the users, and tried using pdbedit -a mynewuser, rebooted, and still was not able to access the share.

Any help with this would be appreciated.

Remove /var/db/system/samba4/group_mapping.tdb and then run midclt call etc.generate smb_configure.

 

[anodos]

Scratch that. What are the permissions on the two directories? getfacl /mnt/path/to/dir

 

[costumesguy]

This is the parent/top-level pool:

Code:

# file: mystorage/
# owner: share
# group: share
            owner@:rwxp--aARWcCos:-------:allow
            group@:rwxp--a-R-c--s:-------:allow
         everyone@:------a-R-c--s:-------:allow

This is the directory for the share:

Code:

# file: cstor
# owner: root
# group: wheel
user:cstoruser:rwxpDdaARWcCos:fd-----:allow
            owner@:rwxpDdaARWcCos:fd-----:allow
            group@:rwxpDdaARWcCos:fd-----:allow
         everyone@:--------------:fd-----:allow

 

[costumesguy]

Some notes... I did not set this up myself, so I am not sure how the 'share' user (who is not privileged) got to be the owner/group for the top level pool. When I look at the SMB shares listed in the GUI, the top level 'mystorage' is in the list, but the 'Edit ACL' is grayed out.

 

[costumesguy]

hey @anodos, do the permissions look OK? I deleted the root level SMB share since I could not edit the ACL, but nothing changed.

 

[costumesguy]

I figured it out with your pushing me in the permissions direction. If I added the new user to the 'share' group, I was then able to access the share. I changed the ownership back to root:wheel for the root pool, then followed your chmod advice on the thread below, and all was well.

Changed ACL on root pool dataset, now problems

I changed chown of my root pool to be root and wheel group. I also removed advanced ACLs from the root pool, because I thought this was a mistake. I used setfacl -bn /mnt/poolname/ I'm on the latest 11.3 STABLE and everything was working fine prior to my nonsense with setfacl Since then, none...

www.ixsystems.com

Thanks for taking the time to help.