TrueNAS Core: Configuring Shares, Permissions, Snapshots & Shadow Copies

ZFS Is a Cow
th-cam.com/video/nlBXXdz0JKA/w-d-xo.html
Our TrueNAS Tutorials
lawrence.technology/truenas-tutorials/
⏱ Timestamps ⏱
00:00 TrueNAS Core Permissions
02:08 Create user/groups
03:18 Create Dataset
04:58 Set Permissions
06:32 Strip ACL
07:00 Create Snapshots
09:16 Create Shares
10:53 Testing Shares
13:09 TrueNAS Volume Shadow Copies
14:23 Troubleshooting Permissions

Fantastic video as always, Tom!
New studio is looking great, keep it up! We love to see the growth of your channel!

Thank you for making this video!!!
TrueNAS is certainly interesting, but there are some stuff that they present that are a little bit out of order depending on what it is that you are trying to do (or that you have to jump around in the menus to get said TrueNAS to do what you want it to do, which also means that you need to know to jump around the menus).

Love these tutorials. Someone gave me an R710 for free and I know absolutely nothing about servers but this dude helped me get an SMB up and running for my Steam Deck to install games on!

Thanks for this informative yet concise explanation. I tried a couple others first and they generally just rambled on and on about stuff that really didn't matter when I just wanted to get the shares working properly for my Windows machines; one guy used two parts at like 45 mins each covering this same topic and by the end of the first part, still hadn't got a share working properly.

What a helpful, well put together video presented in an engaging way.
Really appreciate you turning something dry & dull like permissions in a Samba server into something I can watch without wanting to blow my brains out :D

Thanks Tom your the best, one line in this Video helped me so much "If there were no snapshots when SMB share created windows won't see previous version until SMB restarted" again thanks :) Love your work.

This video was easy to comprehend. Thank you for making it.

As usual you are a scholar and a gentleman. Many thanks Tom.

Sir! You are soooo good at explaining and the fact you add your « best practices » in these videos has to be the biggest added value … (for me anyway) I know I recommend your videos as reference material for friends family and colleagues.

Thank you so much for the explanation it's AWESOME! please keep making those videos maybe something about securing the data creating jails and so on.

Thank you kindly for sharing this video, I watched some other tutorials, and they all had some confusing details that didn't make sense to me, but this one was well explained with granular details.
Thanks again! I dropped a sub as well...

Thanks from Germany. That video was very helpful to me.

Excellent tutorial. Straight to the point, and concise!

Note for 5:03: I found the hard way that if you using trueness with AD then it seems that the way to go is to not touch and live as is the default root user and wheel group in the ACL manager. And set permissions just by adding AD user and groups in the ACL.

Hi, great tutorial! Would reloading SMB service on TrueNAS do the refreshing of changed permissions? What if we want "marcus" out forcefully?

once again, you saved the day. thank you 🙏

Please make one for SCALE also. Only reason I havent switched, is because permissions seems to work really different over there

Being new to Truenas I just built a new storage server to replace a pair of older Readynas 3220 units and after building out the 1st pool, rather than creating sub-datasets, I just went over to sharing and built shares within the pool. It looks like you sub-divide the pool then create shares to the sub-datasets. My question would be, is this going to be an issue for me going forward or does it even matter? The storage server is really for the home lab and backing up all the data from PC's and keeping a master library for Plex etc so no enterprise style use. Permissions are pretty much open to anyone in the house so again does it matter?

Fantastic tutorial, however there are complications with credentials even in simple cases. E.g. having already a shared folder with a user (tom), makes it impossible to mount a second folder (second share, second user - marcus). Windows deny all access.

I created two folders for only the user himself so in your example a Tom and a Marcus folder there only the one user has permissions (tom for tom and Marcus for Marcus). In my case I have kind of „admin“ account with his own share. So three shares and users. When I move a file from the admin folder (a setup exe for example) into the „tom“ folder (logged in as admin) the file is not visible to tom.
I‘m not quite understanding this. Seems that somehow the acl is copied over within the file and the permissions/acl of the folder do not overwrite the files ones. Where did I make a mistake? The „folders“ are nested datasets infact.

Very good video , thanks Tom

So I just reninstalled TrueNas and reimported my old Pool (that I havn't had access to for a while now). I followed pretty much everything here, only differnce being importing the pool instead of making a new one. No mater what I do I get that error saying I don't have permission, despite me using the user I created when installing. I've had this issue for like a year and cannot for the life of me figure out the issues, and get access to my files back. Any ideas?

Excellent Video!

Anyone know how to ignore empty snapshots on a Synology? Seems to be missing this option.

Hi Tommy, I am in the process of migrating my home lab Open Media Vault to TrueNAS Scale (I chose Scale version as I am more familiar with Debian than FreeBSD). I Created a ZFS Pool with 3 6TB hard drives, created a Dataset and 3 different SMB Shares, each one has a different User and Group, my main user is member of all Groups, I can access each one from my Windows PC but not on my Mac (running MacOS Ventura); all 3 shares are connecting as the same user even though I connected to each share individually (Finder->Go->Connect-to-Server), so I can access only 1 of the Shares (the last one I connect to). What an I missing? Tried pretty much everything with the same result. This is preventing me from doing the migration.

Hi there, great content...
I am struggling to get a folder inside of a jail(Syncthing or Nextcloud) shared through the network as a SMB share. I love truenas but the permitions side of it is driving me crazy 🤣

Bonjour, faut-il installer un antivirus, ou il y a aucun risque en sachant que les fichiers sont isoler de windows. Merci de votre avis

Hi tom - this is great. But I am simply not able to connect to the share from windows 11. @10:57, when you connect to the share from windows, the login just works. In my case it just doesnt work and I cant figure out why.

Could you do it in scale?

Thanks for the help❤

Great tutorial! Can you do one for TrueNas Scale? A little explanation on how to plan/divide drives into vdevs (nothing as crazy as 60 drives) would be very helpful (im thinking SOHO).

Thanks for your detailed explanations and a happy new year. I have a Truenas instance running. The host allow/deny parameters in the smb share don’t seem to be working for me when denying a specific subnet/up address. Anyone got a clue?

The best explainer on this process I've seen. Thank you. Quick question, when I select Add Dataset, there is no Share Type menu entry for me. This is at 04:49 in the video that option ; I'm running TrueNAS Core 13.0-U3.1. Any ideas?

I built my first real viable home-Server using FreeNas thanks to you and your videos and all with hardware that I had accumulated over the past two years. Thank you Tom! In regards to AD/Samba Shares and USERS retaining access via old tokens, would a server reboot serve this purpose as well?

I've been over this multiple times now. I can't log in. No matter what I type for acct name and pass, I am just denied access at the windows prompt.
Edit: Try restarting the pc first. Got it!!

Awesome video....can you do a samba and nfs with a linux client? and also how you would edit fstab to make it mount automatically

Hey,
I've raid_5 configured but the disks on the storage section does not show individual ones, instead all i see total volume of the disk . how to partition/divide them .
Thanks .

Another troubleshot about permissions is resolved by restarting SMB Services.

Great info.

You are my hero.

it's still intriguing to me, but less, thanks for well explained topic,
I'm trying to figure out following setup:
let's say I want some SMB share to be accessed by app on truenas - I understand I should probably make a new dedicated usergroup to be owner, and then assign system user "apps" as well as physical individual users to be part of the group?

If you are an admin and a user is login with permission to modify and delete files in the folder. Once you remove the permission for the user to do anything in the folder how would you kick them out remotely if they have the folder and files open?

The only problem that i have with linux and permissions is the Delete option is not present , you can read or write but you can't give or restrict the delete permission, because sometimes you have stupid people that delete things that you dont want.

Hi. I have tried ACLs many times over the years and somehow manage to get unexpected results and removed ACLs. After your video I tried again and it seems to work. However I would like it to deny user to delete folderrs/files but be able to read/create/execute. That I can´t achieve. Also I´d like to make sure that data/files is not deleted when I do replication to another truenas. E.G if I delete some folderr inn truenas A and replicate again over to truenas B the B wil have all folders/files. How do I do this?

What if we have Microsoft Active Directory connected to TrueNAS Core how to manage permissions between users?

Nice video, but it would be nice to have an updated video which explains how to configure shares and permissions for the Truenas Scale version. Because a lot has changed.

i will say, it was very frustrating to me when i was setting up my home nas and doing user permissions that appeared not to be working because i wasn't logging out and back in to "refresh" the tokens. took me a while to realize what the issue was.

Hello Tom, could you describe how to correct set SMB auditing and where look at the log, in some next video? Thank you very much

Love Free-Nas And now True nas ! Going on 7 years with this software !

Is MacOS able to restore from a snapshot like Windows' shadow copy?

all is good except HOW DID YOU GET THE SHORT CUT ON YOUR DESK TOP??????????

You can clear Windows permissions by using the Credential Manager - just delete it and Windows will ask for log in details all over again

Tom this may just be me asking for free support but it would be awesome if you did a video about smb shares with ldap authentication. I've tried doing it a bunch of times and always get to an "it almost works right" state.

Awesome video as usual, but I'm a little upset you deleted my access while making a video about it. lol

With regard to lingering permissions after making changes, if there is active directory I would run "gpupdate /force" in the command line. I don't know if this works with a network share for TrueNAS though.

I don't know what it is I do every thing you do and nothing works. i'm about to just say the hell with TrueNAS if I'm going to loose all my stuff..

Can you make another video for Linux users?

Hehe.. Troubles Hooting

I love your videos but please for the love of God, start making TrueNAS Scale video tutorials, I need them desperately. I know TrueNAS Scale isn't a finished product but it works well enough and I feel like going Linux-based is better for me. But 90% of your videos are based on Core which isn't relevant to me, I do still watch them but some tutorial steps you do are nowhere to be found in Scale.

I can’t even open the UI Linux is such a PITA

First

“Windows occasionally would hold to permissions”.
ABSOLUTELY NOT!
Computers are DETERMINISTIC!
Learn that windows by design would ONLY allow ONE user/login per SMB share!
You can get around that by using the DNS name and also the IP (or have several IP aliases/addresses) or simply doing:
net use * /del
Clear now that computers and software don’t have feelings, preferences or “occasional” desires!?

any chances we could get get one of these shares and permissions videos using a connected AD server users and groups?