Anon Posted July 8, 2023 Share Posted July 8, 2023 (edited) Hello, I have recently activated the Active Directory Integration via SMB with Unraid. With this I am able to set permissions for the different shares with active directory accounts. Since I added this I am having lots of difficulties getting it to work as I want it to... Example: I set Unraid to default use Administrator as Owner and "Enterprise Admins" as Creator Group. I set it to be exported but as private with nobody having access At this Point I can access the Share from any of my windows maschines no matter what Active Directory account. I now go into "Permissions" of the Share from a Windows Maschine and delete the "Everyone" entry to reduce access to only my admin Accounts. After I press delete and Apply it reappears immediately. But now I can access it with my admin accounts but not with my other ad-users (in this example my "plex" user) I now add "plex" as a new user and give them read and write permissions. This causes "Creator Owner" "Cretor Group" to also appear. At this point I can still not access the folder with that plex user. I tried playing around with it more with deleting everyone creator etc. and then lost full access so I repared the permissions with the included tool in the unraid webui and now "nobody" is owner of the share again. At some point with my tests I also got it to sorta work but when removing permissions for my plex user I was still able to delete the files he created as he was still set as the owner. All this is really frustrating and I feel I am doing something fundamentally wrong. Can somebody tell me how to correctly manage unraid share permissions with active directory accounts? Goals: - Local Unraid Users can still access it if their permissions are set - The set Admin Groups can always read / write - Specific Users can be set to read and or write and might also be switched around occaisonally. (e.g temporarily giving a user write access but afterwards disabling it again to protect against encyption viruses) Edited July 8, 2023 by Anon 1 Quote Link to comment
unraidster Posted September 1, 2023 Share Posted September 1, 2023 Hello Anon, Are you able to replicate the issue and capture diagnostics? The issue you are experiencing seems to be very similar to the issue I also encounter when upgrading an existing configuration from 6.9.2 to 6.10.3+. I have a thread on it here: https://forums.unraid.net/topic/136002-upgrading-ad-integrated-692-build-private-share-access-issues/ You might also find a plugin made by Dan that can help you modify some Samba settings: https://forums.unraid.net/topic/137467-active-directory-extras-plugin-allows-tweaking-some-ad-settings-in-samba/#comment-1249136 Your goals seem to be similar to what I have working with 6.9.2 but stops working after upgrading the version of Unraid. Quote Link to comment
mwf369 Posted September 6, 2023 Share Posted September 6, 2023 Anyone have a solution for this? Or a doc or guide to point to? I've been struggling with this same issue since moving off 6.9 last year. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.