Stuck...missing something simple, or lost access to NAS?

Hello, I originally set up TrueNas in 2019 for basic home networking purposes: a bit of data storage and a media server for backed up physical media. Admittedly I did not do a ton of research ahead of time, but for the basic usage, was able to get it working without issue, albeit with some ugly directory names.

About a year ago, my Google WiFi system started acting up too frequently, so I swapped it with an ASUS ROG Rapture GT6. As I had put so much work into organizing my media library, I wanted to change the IP address on the new router instead of changing the network location on the media server (Kodi). I have been using computers for a long time, and have always been bad at not taking snapshots for recovery purposes. Lesson finally learned on this one, and I’m hoping I can get some help to gain access to my NAS again. I am prepared to start anew, however it would still be a devastating loss.

At the same time, a hard drive or two were starting to go bad, and I was getting corrupt data notifications in TrueNAS. I also had originally installed TrueNAS on a USB drive (I know, no good). I replaced the failing hard drives and copied the data without issue, exported my pools, reinstalled TrueNAS on an NVMe drive, and reimported the pools. When I eventually ran a command prompt command, the only corrupt file that came back was an episode of Miami Vice…a loss, but not a huge one.

Before I did all that, like I said, I got the IP changed on the new router, and everything went belly up aftewards. I read countless forum posts, checked the manual multiple times, watched YouTube videos, and just could not get access to the NAS again. I have tried countless iterations of shares, user accounts/groups, default gateways, etc, and have basically landed myself in a stuck position after a year of messing with it on and off. Procrastination set in for the obvious reason of not wanting to face the loss of decades of data and memories, and for the notion of admitting defeat to an issue I more or less created myself and can’t find a solution for on my own. Other life priorities were there but I am ready to tackle this issue once and for all.

I feel like I am missing something very simple and will explain in the following.

System:

• TrueNAS Core 13.0-U6
• Intel Core i3-8100 @ 3.6 GHz
• 32GB DDR4 3200MHz
• 250GB NVMe for installation
• (2) 16TB, (2) 14TB, (2) 8TB HDD in RAID1

The setup never had performance issues and I was always happy with it. As is known, several settings and setup parameters changed during the merge of FreeNAS and TrueNAS (if I remember correctly) so trying to recover the system was not the same as when I originally set it up, a major one being the ACL for shares.

Now, the NAS does show up in Windows Explorer, under the network section it shows up as ‘HOUSENET.LOCAL’, just as it is listed in the TrueNAS GUI dashboard under ‘HostName’. However, when I click on it, all I get is “Windows cannot access \HOUSENET.LOCAL. Check the spelling, otherwise there might be a problem with your network…”

With the multiple attempts of creating user accounts/groups, Kodi would give the same thing: accessing it the way I did previously simply wouldn’t allow me to connect.

A couple things I noticed, one being that setting a password in the Accounts → Users tab, the password does not stick. When I go back into the user page, the ‘Password’ field is blank. Is this normal? Regardless, it must be something before that because trying to access through Windows doesn’t even present an option to enter credentials.

The other is that under Storage → Pools, I can no longer drill down the file directory for where my files were stored. The main name is HouseNET, and under that are iocage, jails, and Movies. Movies being the actual file storage directory, there is no arrow next to it. This was very concerning after getting the system back to a stable state because of the corruption notifications, however I am able to drill down into the subfolders when navigating in shares, so presumably they are still intact. I was always using SMB for the shares.

That is about all I can think to mention for now. I could never really find a definitive answer to what all the network setup variables should be, but have tried numerous configurations to no avail. If there is any other required information, questions, or lashes/criticisms, please don’t hesitate! Hoping to get this corrected or move on in the near future.

Thanks

-Scott

A screenshot of the network pages from your TrueNAS install would be a good start. As would a screenshot from your router’s DHCP/LAN-settings, to understand what your network looks like right now.

Since you say you set it up in 2019, would it be right to say that you were and still are running TrueNAS Core? Which version specifically?

Also, a screenshot of the error message when trying to access the share from a client could be useful, even if you described the error, a screenshot is better.

Connecting using .local-hostnames can be iffy, simply trying to connect using the TrueNAS’ IP-address would be a good first test.

Thank you for your response. Here are the screenshots you requested. Yes, I am currently using TrueNAS Core 13.0-U6 and have not changed it since 2019, aside from normal updates.

Even here, I am able to see the two SMB shares I set up. Typically, it just shows the error, but has asked for the credentials and is now expanded. I tried adding a network location with ‘\\192.168.86.86\Movies’ and same result, the user login/pass I added to TrueNAS doesn’t work.

Edit: Shoot…do I need to set the 1.1.1.1 in the router config as well?

Since you hardcoded a DNS on your TrueNAS it doesn’t care what DNS the router is set to.
The password field appearing empty is normal in SCALE, presumably it’s normal in CORE as well.

Things to test:

• 1. Is the SMB-service running on your TrueNAS?
• 2. Can you ping your TrueNAS server on the IP 192.168.86.86?
• 3. Can you try connecting to your smb-share using the IP instead of the .local-hostname?

The more I look at it the less it looks like a networking issue and more like a mistake in the SMB share setup, but good to rule out the three things above just in case, especially if you have been trying different things there to get it working again.

I would agree with the share and/or permissions being the issue at this point, but wanted to eliminate the network config as I had read certain settings will allow the NAS to be visible, but won’t allow a connection to be established.

1. SMB and S.M.A.R.T. are the only 2 services I have running on the NAS.
2. Pinging 192.168.86.86 was successful with 4 packets sent and 4 received in 0ms.
3. I tried adding with the This PC → Add a network location as well as command prompt with ‘net use Y: \\192.168.86.86\Music /user:[login] [pass]’ and while it does show up in the list, it is still not accessible. I always connected with the mapped drive function, and wrote a basic startup script to disconnect and reconnect all the drives since they often wouldn’t stay connected on restarts.

I’m going to delete all the shares, accounts/groups/permissions and start again so there aren’t any settings I may have changed along the way to interfere. It should be a straightforward setup with 1 user and no special permissions or anything, I’ll post some pictures of the final setup.

Can you show a picture of the dataset ACL?

Sure thing. I created a new user, SPCOMP with a password, which automatically creates the SPCOMP group:

SMB share:

Sharing → Windows Shares (SMB) → Edit Filesystem ACL:

Storage → Pools → Edit Permissions:

• ‘Full Control’ for SPCOMP, applied to user, with recursive permissions from the root folder down, which should apply it to all media and documents on the NAS

Whether through Explorer or command, mapping the drive prompts for a password for SPCOMP, entering the assigned password adds the mapped drive but when Explorer attempts to pull up the folder, I get the same error that Windows cannot access because I do not have permission. Deja vu is setting in

To test whether this is ACL issue or a SMB issue the easiest way is to login as user SPCOMP and check if if you can access the files using the shell.

I don’t have a TrueNAS Core installation anymore, so I can’t tell you with confidence the exact commands to run. Try the following in the web shell:

• su -m SPCOMP -c ls /mnt/HouseNET/Movies/SGCOMP/Movies

Ok, I typed that in the shell and all it showed was “samba syslog”.

Looking around at other posts for some shell info, I am able to see all the subfolders with:

• ls /mnt/HouseNET/Movies/SPCOMP/Movies

This is reassuring. It looks like someone else had a similar “if it’s working, leave it alone” issue at Problems with user access and permissions - #3 by the_drugs

When I typed the same getfacl /mnt/HouseNET/Movies/SPCOMP/Movies command, I got the following:

I am going to try running chmod 755 /mnt/HouseNET/Movies/SPCOMP/Movies to see if that fixes it, or should I be running it on /mnt/HouseNET as the root folder?

Typically, creating a SMB dataset will have set the ACL type to RESTRICTED, which would disable any attempt to run chmod because doing that would be destructive to the ACLs. I would be surprised if CORE handles that differently.

You need to check every parent folder for at least traversal permission

Can you check these:

• ls -ld /mnt/HouseNET
• getfacl /mnt/MouseNET/Movies

When you ran that command, did you correct the misspelled folder name? SGCOMP vs. SPCOMP?

Hoping that ‘ftp’ in there is a helpful clue…

Yes, I did correct that.

Am I correct to believe that the permissions are set up properly and there is something else going on?

Yeah those permissions on the root dataset don’t look good.

Try:

• chown root:root /mnt/HouseNET
• chmod 755 /mnt/HouseNET

For the ‘chown’ command, it returned ‘illegal group name’. I created a group called root, and re-entering the command results in a loop with no feedback:

I also made sure to set the password for user ‘root’ to root as well, and got the same results with and without a ‘root’ group created.

The ‘chmod’ command gives the same loop with no feedback:

I went to Storage → Pools → Edit Permissions and stripped the ACLs, checked the ls -ld /mnt/HouseNET command again and we have a change:

Now going back to the SMB share, which is stripped of permissions, I noticed something (which would have been there the whole time anyway). In the help bubble for ‘Name’, it says “Who this ACL entry applies to, shown as a user name. Requires adding the user Domain.” Since I will only ever have one user, I am going to set it to SPCOMP instead of Everyone.

In the ‘Domain’ help bubble, it says "Domain for the user Name. Required when a SID is not entered. Local users have the SMB server NetBIOS name: freenas\\smbusers"

I have to go out for a bit, but when I get back, I am going to try entering SPCOMP as the name, and freenas\\smbusers as the domain, unless I am interpreting this incorrectly (i.e. smbusers is generic and should actually be SPCOMP, or name should remain Everyone and domain should be freenas\\smbusers). I’ll try setting permissions, mapping the network drives again and run the permission checks that you mentioned earlier to see if anything else changes.

On a properly working system root should already be a group. I don’t see anything good coming from you creating your own root group with non-standard GID.

Also, there’s no feedback from using chown if it works without running into an error. You check what happened by doing another ls -al.

What do you mean when you say “loop”?

By loop, I just meant that entering the command didn’t seem to show any new information or confirm any changes, and went back to a blank cursor for another command entry.

TrueNAS logged out on timeout, and when I logged back in, it had erased my old password. I now had to login with root/root (after my heart rate returned to normal).

I tried changing the permissions for the existing ‘Movies’ share, through ‘Edit Share ACL’ with the “freenas\\smbusers” and “freenas\\SPCOMP” from earlier, which did nothing.

I edited through ‘Edit Filesystem ACL’, which had entries for owner@, group@, and everyone@. This showed an error that one entry had to have flags set to ‘Inherit’. Changing the ‘everyone@’ entry to Inherit did not fix the issue. I used the ‘Add ACL Item’ button, made an entry for SPCOMP with ‘Full Control’ for Permissions and ‘Inherit’ for Flags, checked the ‘Apply User’ and ‘Apply Group’ boxes, checked the ‘Apply permissions recursively’ box, and…

EUREKA! I have access to the NAS again through mapped drives! The same worked for adding a new share for Music. I will test it on Kodi through an Nvidia Shield later, but presumably will be the same outcome. What a relief! I realize the steps I mentioned are basic, but I entered them in detail in case someone else has a similar issue and is looking through the forums for a solution. Edit for additional info: I did not set any permissions through the Pools menu, except for checking the boxes for Read, Write, and Execute for User and Group.

Gentlemen, I would like to thank you profusely for your time and guidance on this. I am sure this is not the first time you’ve volunteered your time to help a stranger. If you are working on projects, or have a favorite developer or charity in mind, please let me know as I would like to make a $50 donation in each of your names.

Take care and enjoy the holiday season.

-Scott