Hello,
First of all I am on TrueNAS SCALE 25.04.01 and this is a home user setup. I have connected TrueNAS to my Samba domain that has 4 users (home family setup) and the Active Directory integration was quite painless: users show up in the Credentials → Users screen as “HOME\username”.
I followed the instructions in Creating the Share and Dataset starting from the “Shares” screen and now I have a “private” dataset and a share by the same name (I used “Private SMB Dataset and Share” purpose when creating the dataset during the share creation process).
Now, the ONLY deviations were that: (1) I enabled the “Use as Home Share” because I want to be able to SSH into the NAS so I need to the user to have a home directory, and (2) I enabled “Time Machine” because my wife has a Mac and I want her to simply backup to the share which will be simpler for her.
After restarting the service I am now stuck in the Setting Dataset ACL Permissions section. The instructions basically ask you to do 3 things:
- “Set the permission for the private dataset to allow additional users or a group if others are permitted to access the private directory share.”
I am not sure what this use case would be so I did nothing. For starters, I am happy for each family member to only access their own share.
- Click the Owner dropdown, select the administration user with full control, then repeat for Group. You can set the owning group to your Active Directory domain admins. Click Apply Owner and Apply Group to apply the changes.
The web admin user I created is called “nasadmin” so I set the following:
The problem is I am not sure about the preset: As you can see I have NFS4_HOME and NFS4_DOMAIN_HOME options. I am not sure if mine is a POSIX ACL so I set it to NFS4_HOME as per the instructions default.
- Next, click Add Entry to add entries for each user that needs access to the dataset. To assign required permissions, select User in Who and locate the user name on the User dropdown list. Select the required permissions. Repeat for each user that needs access. Alternatively, if you added users to a group, select, set Who to Group and locate the group on the dropdown list.
Here I actually clicked on “Add Item” and set the Group to “HOME\Domain Users” and gave them read-only access. I did not want to add each of the 4 users individually and I suppose the owner will have modify permission by default?
Anyway, after all this was said and done, here is the main problem:
I visited smb://truenas/myusername and created a folder called “test” and this is what I found in the actual filesystem running ls
as root:
root@NAS[~]# ls -al /mnt/family-tank/private/HOME/myuser
total 35
drwxrwx--- 4 root root 5 Jun 7 18:35 .
drwxrwx--- 6 root root 6 Jun 7 18:35 ..
-rwxrwx--- 1 root root 0 Jun 7 18:35 .profile
drwxrwx--- 3 HOME\myuser root 3 Jun 7 18:35 .recycle
drwxrwx--- 2 HOME\myuser root 2 Jun 7 18:35 test
As you can see:
- The folder is actually owned by
root
- There is a
.profile
file owned byroot
- The directories I created luckily have the proper user/owner but the group is still set to
root
- The recycle bin (created automatically) is the same as (3)
Have I done something wrong? Should I start over? What step should I change to make the group be “HOME\domain users”?