[Total TrueNAS newb here trying to learn which features can be combined to achieve a sharing configuration; welcoming suggestions to different approaches enabling the same goals and factoids about the feasibility of individual steps].
Is it possible to configure TrueNAS/Windows so that from Windows PCs, users can create links to give other users read-only access to some of their folders?
My goal is that all users - including non-TrueNAS admins - can, via an action on a Windows PC, create a read-only view for any of their folders without “fragmenting” how they see their own data (i.e. without requiring them to move swaths of their data to different shares).
Example:
Users Ben and Annie working on Win11 PCs connected to a TrueNAS file server with the following pool/dataset config (all datasets have corresponding SMB shares with the same name):
- pool
-- ben-private /* ACLed so that only Ben has R/W access */
-- ben-shared-ro /* ACLed so that Ben has R/W access, all other users have read-only access */
-- annie-private /* ACLed so that only Annie has R/W access */
-- annie-shared-ro /* ACLed so that Annie has R/W access, all other users have read-only access */
Annie asks Ben to share the photos from last year’s Hawaii vacation with her. Pedantic Ben is willing to share, but does not want a) anybody messing with his painstakingly post-processed photos and b) does not want to waste space on the TrueNAS server by making a copy of the photos.
Is it possible for Ben, from his Windows PC, to do the equivalent to mklink /D \\truenas\ben-shared-ro\Pictures\Hawaii \\truenas\ben-private\Pictures\Hawaii
to the effect that Annie can read, but not modify Ben’s Hawaii pictures? FWIW, in my current config, Ben sees permission errors when invoking the mklink
command above.
Thanks,
Andreas.
My Config:
- TrueNAS CORE 13.0 server
- multiple Windows 11 client PCs