Thanks Tom your the best, one line in this Video helped me so much "If there were no snapshots when SMB share created windows won't see previous version until SMB restarted" again thanks :) Love your work.
Sir! You are soooo good at explaining and the fact you add your « best practices » in these videos has to be the biggest added value … (for me anyway) I know I recommend your videos as reference material for friends family and colleagues.
Love these tutorials. Someone gave me an R710 for free and I know absolutely nothing about servers but this dude helped me get an SMB up and running for my Steam Deck to install games on!
What a helpful, well put together video presented in an engaging way. Really appreciate you turning something dry & dull like permissions in a Samba server into something I can watch without wanting to blow my brains out :D
Thanks for this informative yet concise explanation. I tried a couple others first and they generally just rambled on and on about stuff that really didn't matter when I just wanted to get the shares working properly for my Windows machines; one guy used two parts at like 45 mins each covering this same topic and by the end of the first part, still hadn't got a share working properly.
Thank you for making this video!!! TrueNAS is certainly interesting, but there are some stuff that they present that are a little bit out of order depending on what it is that you are trying to do (or that you have to jump around in the menus to get said TrueNAS to do what you want it to do, which also means that you need to know to jump around the menus).
Note for 5:03: I found the hard way that if you using trueness with AD then it seems that the way to go is to not touch and live as is the default root user and wheel group in the ACL manager. And set permissions just by adding AD user and groups in the ACL.
Thank you kindly for sharing this video, I watched some other tutorials, and they all had some confusing details that didn't make sense to me, but this one was well explained with granular details. Thanks again! I dropped a sub as well...
I built my first real viable home-Server using FreeNas thanks to you and your videos and all with hardware that I had accumulated over the past two years. Thank you Tom! In regards to AD/Samba Shares and USERS retaining access via old tokens, would a server reboot serve this purpose as well?
I spent a good few hours mounting a SMB share in Linux over the last few days. The issue I encountered was that the default ownership is always root. Chown doesn't work in this case. Add the uid and gid to fstab in order to change ownership to another account than root. Unmount and remount (or reboot) in order for this to work. Hopefully this will save someone some time.
The best explainer on this process I've seen. Thank you. Quick question, when I select Add Dataset, there is no Share Type menu entry for me. This is at 04:49 in the video that option ; I'm running TrueNAS Core 13.0-U3.1. Any ideas?
Hi tom - this is great. But I am simply not able to connect to the share from windows 11. @10:57, when you connect to the share from windows, the login just works. In my case it just doesnt work and I cant figure out why.
Great tutorial! Can you do one for TrueNas Scale? A little explanation on how to plan/divide drives into vdevs (nothing as crazy as 60 drives) would be very helpful (im thinking SOHO).
I might eventually do one for Scale, but they work the same as Core, just a slightly different UI. I already have the planning/dividing video here th-cam.com/video/-AnkHc7N0zM/w-d-xo.html
Thanks for your detailed explanations and a happy new year. I have a Truenas instance running. The host allow/deny parameters in the smb share don’t seem to be working for me when denying a specific subnet/up address. Anyone got a clue?
Hi there, great content... I am struggling to get a folder inside of a jail(Syncthing or Nextcloud) shared through the network as a SMB share. I love truenas but the permitions side of it is driving me crazy 🤣
@@LAWRENCESYSTEMSOh sorry, English is not my native language. In SMB exists a feature that allows logging access to folders and files, it is called auditing. Did you use it sometimes? If yes, didn't you think about explaining it in the video? How to set it, how to and where find a log. I fight with it, and it doesn't work for me :( Thanks a lot
@@koudelapYou can turn up the logging level in the SMB service settings and will give you a lot more detail about what files were access. I don't really use that often as there is not really a need.
So I just reninstalled TrueNas and reimported my old Pool (that I havn't had access to for a while now). I followed pretty much everything here, only differnce being importing the pool instead of making a new one. No mater what I do I get that error saying I don't have permission, despite me using the user I created when installing. I've had this issue for like a year and cannot for the life of me figure out the issues, and get access to my files back. Any ideas?
Fantastic tutorial, however there are complications with credentials even in simple cases. E.g. having already a shared folder with a user (tom), makes it impossible to mount a second folder (second share, second user - marcus). Windows deny all access.
I created two folders for only the user himself so in your example a Tom and a Marcus folder there only the one user has permissions (tom for tom and Marcus for Marcus). In my case I have kind of „admin“ account with his own share. So three shares and users. When I move a file from the admin folder (a setup exe for example) into the „tom“ folder (logged in as admin) the file is not visible to tom. I‘m not quite understanding this. Seems that somehow the acl is copied over within the file and the permissions/acl of the folder do not overwrite the files ones. Where did I make a mistake? The „folders“ are nested datasets infact.
Hi, I'm Henry, I install TrueNAS core and I'm having problems adding files to a shared folder. When I check the log in, it doesn't appear but it does show the space used.
it's still intriguing to me, but less, thanks for well explained topic, I'm trying to figure out following setup: let's say I want some SMB share to be accessed by app on truenas - I understand I should probably make a new dedicated usergroup to be owner, and then assign system user "apps" as well as physical individual users to be part of the group?
Hi Tommy, I am in the process of migrating my home lab Open Media Vault to TrueNAS Scale (I chose Scale version as I am more familiar with Debian than FreeBSD). I Created a ZFS Pool with 3 6TB hard drives, created a Dataset and 3 different SMB Shares, each one has a different User and Group, my main user is member of all Groups, I can access each one from my Windows PC but not on my Mac (running MacOS Ventura); all 3 shares are connecting as the same user even though I connected to each share individually (Finder->Go->Connect-to-Server), so I can access only 1 of the Shares (the last one I connect to). What an I missing? Tried pretty much everything with the same result. This is preventing me from doing the migration.
Hey, I've raid_5 configured but the disks on the storage section does not show individual ones, instead all i see total volume of the disk . how to partition/divide them . Thanks .
Being new to Truenas I just built a new storage server to replace a pair of older Readynas 3220 units and after building out the 1st pool, rather than creating sub-datasets, I just went over to sharing and built shares within the pool. It looks like you sub-divide the pool then create shares to the sub-datasets. My question would be, is this going to be an issue for me going forward or does it even matter? The storage server is really for the home lab and backing up all the data from PC's and keeping a master library for Plex etc so no enterprise style use. Permissions are pretty much open to anyone in the house so again does it matter?
i will say, it was very frustrating to me when i was setting up my home nas and doing user permissions that appeared not to be working because i wasn't logging out and back in to "refresh" the tokens. took me a while to realize what the issue was.
Did you had the issue of the login screen not popping up at @10:59? My share is working, but i don't have to login. The box "Allow guests" isn't checkt. Can you help me with this?
@@rallybmw the only thing i can suggest is when you change permissions, you need to restart the pc. I would change permissions and would still have access even though i changed the password or something... I had to restart the pc to get it to ask. I am probably not the person to be asking for help either as i just knew enough to get it working.
I've been over this multiple times now. I can't log in. No matter what I type for acct name and pass, I am just denied access at the windows prompt. Edit: Try restarting the pc first. Got it!!
If you are an admin and a user is login with permission to modify and delete files in the folder. Once you remove the permission for the user to do anything in the folder how would you kick them out remotely if they have the folder and files open?
Nice video, but it would be nice to have an updated video which explains how to configure shares and permissions for the Truenas Scale version. Because a lot has changed.
Hi. I have tried ACLs many times over the years and somehow manage to get unexpected results and removed ACLs. After your video I tried again and it seems to work. However I would like it to deny user to delete folderrs/files but be able to read/create/execute. That I can´t achieve. Also I´d like to make sure that data/files is not deleted when I do replication to another truenas. E.G if I delete some folderr inn truenas A and replicate again over to truenas B the B wil have all folders/files. How do I do this?
The only problem that i have with linux and permissions is the Delete option is not present , you can read or write but you can't give or restrict the delete permission, because sometimes you have stupid people that delete things that you dont want.
I did notice a Time Machine check box when Tom was making the share. Not sure if that works with snapshots but it might be useful to you depending on your requirements...
Tom this may just be me asking for free support but it would be awesome if you did a video about smb shares with ldap authentication. I've tried doing it a bunch of times and always get to an "it almost works right" state.
With regard to lingering permissions after making changes, if there is active directory I would run "gpupdate /force" in the command line. I don't know if this works with a network share for TrueNAS though.
I love your videos but please for the love of God, start making TrueNAS Scale video tutorials, I need them desperately. I know TrueNAS Scale isn't a finished product but it works well enough and I feel like going Linux-based is better for me. But 90% of your videos are based on Core which isn't relevant to me, I do still watch them but some tutorial steps you do are nowhere to be found in Scale.
“Windows occasionally would hold to permissions”. ABSOLUTELY NOT! Computers are DETERMINISTIC! Learn that windows by design would ONLY allow ONE user/login per SMB share! You can get around that by using the DNS name and also the IP (or have several IP aliases/addresses) or simply doing: net use * /del Clear now that computers and software don’t have feelings, preferences or “occasional” desires!?
ZFS Is a Cow
th-cam.com/video/nlBXXdz0JKA/w-d-xo.html
Our TrueNAS Tutorials
lawrence.technology/truenas-tutorials/
⏱ Timestamps ⏱
00:00 TrueNAS Core Permissions
02:08 Create user/groups
03:18 Create Dataset
04:58 Set Permissions
06:32 Strip ACL
07:00 Create Snapshots
09:16 Create Shares
10:53 Testing Shares
13:09 TrueNAS Volume Shadow Copies
14:23 Troubleshooting Permissions
Fantastic video as always, Tom!
New studio is looking great, keep it up! We love to see the growth of your channel!
Glad you enjoy it!
Thanks Tom your the best, one line in this Video helped me so much "If there were no snapshots when SMB share created windows won't see previous version until SMB restarted" again thanks :) Love your work.
Sir! You are soooo good at explaining and the fact you add your « best practices » in these videos has to be the biggest added value … (for me anyway) I know I recommend your videos as reference material for friends family and colleagues.
sharing best practices is the true mark of a professional ;P
Love these tutorials. Someone gave me an R710 for free and I know absolutely nothing about servers but this dude helped me get an SMB up and running for my Steam Deck to install games on!
What a helpful, well put together video presented in an engaging way.
Really appreciate you turning something dry & dull like permissions in a Samba server into something I can watch without wanting to blow my brains out :D
Thanks for this informative yet concise explanation. I tried a couple others first and they generally just rambled on and on about stuff that really didn't matter when I just wanted to get the shares working properly for my Windows machines; one guy used two parts at like 45 mins each covering this same topic and by the end of the first part, still hadn't got a share working properly.
As usual you are a scholar and a gentleman. Many thanks Tom.
Thank you for making this video!!!
TrueNAS is certainly interesting, but there are some stuff that they present that are a little bit out of order depending on what it is that you are trying to do (or that you have to jump around in the menus to get said TrueNAS to do what you want it to do, which also means that you need to know to jump around the menus).
Thank you for the clear and detailed explanation. I was able to reset the ACL of a dataset that I messed up from a windows client.
Thanks from Germany. That video was very helpful to me.
Note for 5:03: I found the hard way that if you using trueness with AD then it seems that the way to go is to not touch and live as is the default root user and wheel group in the ACL manager. And set permissions just by adding AD user and groups in the ACL.
This video was easy to comprehend. Thank you for making it.
Thank you kindly for sharing this video, I watched some other tutorials, and they all had some confusing details that didn't make sense to me, but this one was well explained with granular details.
Thanks again! I dropped a sub as well...
Thank you so much for the explanation it's AWESOME! please keep making those videos maybe something about securing the data creating jails and so on.
once again, you saved the day. thank you 🙏
Excellent tutorial. Straight to the point, and concise!
Thanks
Love Free-Nas And now True nas ! Going on 7 years with this software !
Excellent Video!
Thanks for the help❤
I built my first real viable home-Server using FreeNas thanks to you and your videos and all with hardware that I had accumulated over the past two years. Thank you Tom! In regards to AD/Samba Shares and USERS retaining access via old tokens, would a server reboot serve this purpose as well?
Rebooting the server should work to clear any cached credentials.
You are my hero.
Awesome video....can you do a samba and nfs with a linux client? and also how you would edit fstab to make it mount automatically
I spent a good few hours mounting a SMB share in Linux over the last few days. The issue I encountered was that the default ownership is always root. Chown doesn't work in this case. Add the uid and gid to fstab in order to change ownership to another account than root. Unmount and remount (or reboot) in order for this to work. Hopefully this will save someone some time.
The best explainer on this process I've seen. Thank you. Quick question, when I select Add Dataset, there is no Share Type menu entry for me. This is at 04:49 in the video that option ; I'm running TrueNAS Core 13.0-U3.1. Any ideas?
Well, i restarted the SMB service, deleted and recreated a dataset and now it's working.
Very good video , thanks Tom
how to set up that short cut i used to rember how to do this stuff its been like 5 years since i have done it so i guess i forgot
Hi tom - this is great. But I am simply not able to connect to the share from windows 11. @10:57, when you connect to the share from windows, the login just works. In my case it just doesnt work and I cant figure out why.
Great info.
Great tutorial! Can you do one for TrueNas Scale? A little explanation on how to plan/divide drives into vdevs (nothing as crazy as 60 drives) would be very helpful (im thinking SOHO).
I might eventually do one for Scale, but they work the same as Core, just a slightly different UI. I already have the planning/dividing video here th-cam.com/video/-AnkHc7N0zM/w-d-xo.html
Hi, great tutorial! Would reloading SMB service on TrueNAS do the refreshing of changed permissions? What if we want "marcus" out forcefully?
Thanks for your detailed explanations and a happy new year. I have a Truenas instance running. The host allow/deny parameters in the smb share don’t seem to be working for me when denying a specific subnet/up address. Anyone got a clue?
Nope, post in their forums with your config details.
Hi there, great content...
I am struggling to get a folder inside of a jail(Syncthing or Nextcloud) shared through the network as a SMB share. I love truenas but the permitions side of it is driving me crazy 🤣
Please make one for SCALE also. Only reason I havent switched, is because permissions seems to work really different over there
Could you do it in scale?
Hello Tom, could you describe how to correct set SMB auditing and where look at the log, in some next video? Thank you very much
I don't understand the question.
@@LAWRENCESYSTEMSOh sorry, English is not my native language. In SMB exists a feature that allows logging access to folders and files, it is called auditing. Did you use it sometimes? If yes, didn't you think about explaining it in the video? How to set it, how to and where find a log. I fight with it, and it doesn't work for me :( Thanks a lot
@@koudelapYou can turn up the logging level in the SMB service settings and will give you a lot more detail about what files were access. I don't really use that often as there is not really a need.
So I just reninstalled TrueNas and reimported my old Pool (that I havn't had access to for a while now). I followed pretty much everything here, only differnce being importing the pool instead of making a new one. No mater what I do I get that error saying I don't have permission, despite me using the user I created when installing. I've had this issue for like a year and cannot for the life of me figure out the issues, and get access to my files back. Any ideas?
Fantastic tutorial, however there are complications with credentials even in simple cases. E.g. having already a shared folder with a user (tom), makes it impossible to mount a second folder (second share, second user - marcus). Windows deny all access.
I created two folders for only the user himself so in your example a Tom and a Marcus folder there only the one user has permissions (tom for tom and Marcus for Marcus). In my case I have kind of „admin“ account with his own share. So three shares and users. When I move a file from the admin folder (a setup exe for example) into the „tom“ folder (logged in as admin) the file is not visible to tom.
I‘m not quite understanding this. Seems that somehow the acl is copied over within the file and the permissions/acl of the folder do not overwrite the files ones. Where did I make a mistake? The „folders“ are nested datasets infact.
Bonjour, faut-il installer un antivirus, ou il y a aucun risque en sachant que les fichiers sont isoler de windows. Merci de votre avis
Hi, I'm Henry, I install TrueNAS core and I'm having problems adding files to a shared folder.
When I check the log in, it doesn't appear but it does show the space used.
it's still intriguing to me, but less, thanks for well explained topic,
I'm trying to figure out following setup:
let's say I want some SMB share to be accessed by app on truenas - I understand I should probably make a new dedicated usergroup to be owner, and then assign system user "apps" as well as physical individual users to be part of the group?
you can create them that way for more granular control.
Hi Tommy, I am in the process of migrating my home lab Open Media Vault to TrueNAS Scale (I chose Scale version as I am more familiar with Debian than FreeBSD). I Created a ZFS Pool with 3 6TB hard drives, created a Dataset and 3 different SMB Shares, each one has a different User and Group, my main user is member of all Groups, I can access each one from my Windows PC but not on my Mac (running MacOS Ventura); all 3 shares are connecting as the same user even though I connected to each share individually (Finder->Go->Connect-to-Server), so I can access only 1 of the Shares (the last one I connect to). What an I missing? Tried pretty much everything with the same result. This is preventing me from doing the migration.
Hey,
I've raid_5 configured but the disks on the storage section does not show individual ones, instead all i see total volume of the disk . how to partition/divide them .
Thanks .
TrueNAS needs direct access to the drives not access via a raid controller.
Being new to Truenas I just built a new storage server to replace a pair of older Readynas 3220 units and after building out the 1st pool, rather than creating sub-datasets, I just went over to sharing and built shares within the pool. It looks like you sub-divide the pool then create shares to the sub-datasets. My question would be, is this going to be an issue for me going forward or does it even matter? The storage server is really for the home lab and backing up all the data from PC's and keeping a master library for Plex etc so no enterprise style use. Permissions are pretty much open to anyone in the house so again does it matter?
Anyone know how to ignore empty snapshots on a Synology? Seems to be missing this option.
i will say, it was very frustrating to me when i was setting up my home nas and doing user permissions that appeared not to be working because i wasn't logging out and back in to "refresh" the tokens. took me a while to realize what the issue was.
Did you had the issue of the login screen not popping up at @10:59? My share is working, but i don't have to login. The box "Allow guests" isn't checkt. Can you help me with this?
@@rallybmw the only thing i can suggest is when you change permissions, you need to restart the pc. I would change permissions and would still have access even though i changed the password or something... I had to restart the pc to get it to ask.
I am probably not the person to be asking for help either as i just knew enough to get it working.
I've been over this multiple times now. I can't log in. No matter what I type for acct name and pass, I am just denied access at the windows prompt.
Edit: Try restarting the pc first. Got it!!
Another troubleshot about permissions is resolved by restarting SMB Services.
all is good except HOW DID YOU GET THE SHORT CUT ON YOUR DESK TOP??????????
Shortcut for what?
@@LAWRENCESYSTEMS @10:54 You click a shortcut on you desk top that allows you to connect to the server and test your shares.
What if we have Microsoft Active Directory connected to TrueNAS Core how to manage permissions between users?
You would manage them using Active Directory via Windows
Awesome video as usual, but I'm a little upset you deleted my access while making a video about it. lol
If you are an admin and a user is login with permission to modify and delete files in the folder. Once you remove the permission for the user to do anything in the folder how would you kick them out remotely if they have the folder and files open?
Restart the SMB service
Nice video, but it would be nice to have an updated video which explains how to configure shares and permissions for the Truenas Scale version. Because a lot has changed.
Hi. I have tried ACLs many times over the years and somehow manage to get unexpected results and removed ACLs. After your video I tried again and it seems to work. However I would like it to deny user to delete folderrs/files but be able to read/create/execute. That I can´t achieve. Also I´d like to make sure that data/files is not deleted when I do replication to another truenas. E.G if I delete some folderr inn truenas A and replicate again over to truenas B the B wil have all folders/files. How do I do this?
Not sure you can do that, replication does not work at the file level.
The only problem that i have with linux and permissions is the Delete option is not present , you can read or write but you can't give or restrict the delete permission, because sometimes you have stupid people that delete things that you dont want.
Is MacOS able to restore from a snapshot like Windows' shadow copy?
I did notice a Time Machine check box when Tom was making the share. Not sure if that works with snapshots but it might be useful to you depending on your requirements...
@@jadamsnz thanks I’m not interested in TM.
I don't know if MAC supports Windows Shadow copies.
Tom this may just be me asking for free support but it would be awesome if you did a video about smb shares with ldap authentication. I've tried doing it a bunch of times and always get to an "it almost works right" state.
Never tried that and I don't really plan to because when we need external user management for environments we connect it to Active Directory.
You can clear Windows permissions by using the Credential Manager - just delete it and Windows will ask for log in details all over again
I don't know what it is I do every thing you do and nothing works. i'm about to just say the hell with TrueNAS if I'm going to loose all my stuff..
Can you make another video for Linux users?
Soooooooonnnnnnnn :)
@@LAWRENCESYSTEMS looking forward to it. Always feel awkward to mount smb share on Linux.
With regard to lingering permissions after making changes, if there is active directory I would run "gpupdate /force" in the command line. I don't know if this works with a network share for TrueNAS though.
Hehe.. Troubles Hooting
I love your videos but please for the love of God, start making TrueNAS Scale video tutorials, I need them desperately. I know TrueNAS Scale isn't a finished product but it works well enough and I feel like going Linux-based is better for me. But 90% of your videos are based on Core which isn't relevant to me, I do still watch them but some tutorial steps you do are nowhere to be found in Scale.
Once they get better documentation and more debugging get's done I will do more videos.
I fucking hate windows
I can’t even open the UI Linux is such a PITA
First
“Windows occasionally would hold to permissions”.
ABSOLUTELY NOT!
Computers are DETERMINISTIC!
Learn that windows by design would ONLY allow ONE user/login per SMB share!
You can get around that by using the DNS name and also the IP (or have several IP aliases/addresses) or simply doing:
net use * /del
Clear now that computers and software don’t have feelings, preferences or “occasional” desires!?
any chances we could get get one of these shares and permissions videos using a connected AD server users and groups?
Maybe, but AD makes is much more simple because you can control the permissions in Windows after you join.
not if you didn't set it up right to begin with - lol! :)
@@LAWRENCESYSTEMS Btw, New to the channel and love the work!!