ACL on Win 11 using local permissions not TrueNas

Byron · February 5, 2025, 10:54am

Good day,

We have just moved from a Synology Rack mount solution to a Dell server we have installed TrueNas Core 13.0-U6.4.

I use a Site to Site connection from our Datacenter to our actual site.

This is the User ACL permissions inside our Pool lets call it Resources. We are using SMB shares.

I am trying to make it that the user Alison is able to open a folder called #recycle (no this is not a recycle bin i am using snapshots.) But when this user attempts to do this on their Win11 laptop it comes up saying they dont have permissions.

Things i have tried.
Remove Credentials
Rebuild a new user.
Restart SMB service
Change credentials to be invalid restart then input the users correct credentials

I am a bit stuck as its ONLY happening on this one dataset, i have pulled these files/folders down from a SharePoint site as well im not sure if this helps add to detail.

Please advise wat logs, steps, or other detail i left out thats important to help you help me.

Byron · February 5, 2025, 10:56am

I am not sure why my screen grabs did not upload to the ticket. the site keeps saying i cannot upload embedded content to my post.

Micromecca · February 5, 2025, 11:40am

Are the client computers or TrueNAS host members of a Windows domain?

itsharryshelton · February 5, 2025, 12:23pm

Is this a local user on the TrueNAS or ADDS user?

Sounds like a business use case here, get a DC going and use domain auth’ing.

Byron · February 5, 2025, 12:54pm

Currently we are using users on TrueNas and we use the local .\username to sign in.

We are using DNS to get tot he server, but i am not using our AD to control users authentication currently.

Byron · February 5, 2025, 12:55pm

Hi there, i wanted to do that, however we have multiple companies with multiple AD’s at play here and they dont all talk together. So it was more simple to get the local .\username logins to work.

Micromecca · February 5, 2025, 1:29pm

This really sounds like an auth issue. Are there any saved credentials for the network location on the user account?

You could also try mapping the share as a drive in windows and select the ‘Connect using different credentials’ option, using TrueNASHostName\username for the user account.

Byron · February 5, 2025, 1:44pm

Thank you for this, i have tried this, when i do create a map based on “connect using different credentials” i then have access to the folder /mnt/poolname/dataset, but then its empty and i dont have access to the folders/files inside the pool.

Keeping in mind this is only for my Win 11 users, on Win 10 it works like a charm.

What i have done in the meantime is create a new whole vdev and put my files into this new vdev and i have access, but this is what i originally did previously.

I am not using any encriptions on this as well.

itsharryshelton · February 5, 2025, 1:45pm

Why are multiple companies using a single NAS for data? Seems like a audit/security nightmare

Byron · February 5, 2025, 1:49pm

haha yes, it really is…

Unfortunately I cannot use Cloud facilities/tools as I need to be almost in direct control of the data being stored here.

Byron · February 11, 2025, 5:50am

hi there, thought to mention how I have currently overcame this issue. I first un-map and remove all credentials in regedit for mapped drives, once complete I edit credential manager details and provide fake/false details. Restart the machine and then try browse to the server using the DNS name and then I am able to insert correct details and login.

Micromecca · February 11, 2025, 10:05am

Glad you got there Byron. Cached credentials can be a nuisance.