Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Unraid with Active Directory - Managing Permissions correctly

Featured Replies

Hello,

 

I have recently activated the Active Directory Integration via SMB with Unraid. With this I am able to set permissions for the different shares with active directory accounts. Since I added this I am having lots of difficulties getting it to work as I want it to...

 

Example:

I set Unraid to default use Administrator as Owner and "Enterprise Admins" as Creator Group.

grafik.thumb.png.c34b2185b9ae1e39b8516379cd526ef3.png

I set it to be exported but as private with nobody having access

grafik.png.2950bdf8d26e0444bfc39645d3a6c59d.png

At this Point I can access the Share from any of my windows maschines no matter what Active Directory account.

I now go into "Permissions" of the Share from a Windows Maschine and delete the "Everyone" entry to reduce access to only my admin Accounts.

grafik.png.8964f670248d991d1e8d6d3c074205ea.png

After I press delete and Apply it reappears immediately.

But now I can access it with my admin accounts but not with my other ad-users (in this example my "plex" user)

 

I now add "plex" as a new user and give them read and write permissions. This causes "Creator Owner" "Cretor Group" to also appear.

grafik.png.c91c1076a09ea418a2269ad5b12b1a80.png

At this point I can still not access the folder with that plex user.

I tried playing around with it more with deleting everyone creator etc. and then lost full access so I repared the permissions with the included tool in the unraid webui and now "nobody" is owner of the share again.

At some point with my tests I also got it to sorta work but when removing permissions for my plex user I was still able to delete the files he created as he was still set as the owner.

 

All this is really frustrating and I feel I am doing something fundamentally wrong.

Can somebody tell me how to correctly manage unraid share permissions with active directory accounts?

 

Goals:

- Local Unraid Users can still access it if their permissions are set

- The set Admin Groups can always read / write

- Specific Users can be set to read and or write and might also be switched around occaisonally. (e.g temporarily giving a user write access but afterwards disabling it again to protect against encyption viruses)

 

 

Edited by Anon

  • Anon changed the title to Unraid with Active Directory - Managing Permissions correctly
  • 1 month later...

Hello Anon, 

 

Are you able to replicate the issue and capture diagnostics? The issue you are experiencing seems to be very similar to the issue I also encounter when upgrading an existing configuration from 6.9.2 to 6.10.3+. 

 

I have a thread on it here: https://forums.unraid.net/topic/136002-upgrading-ad-integrated-692-build-private-share-access-issues/

 

You might also find a plugin made by Dan that can help you modify some Samba settings: https://forums.unraid.net/topic/137467-active-directory-extras-plugin-allows-tweaking-some-ad-settings-in-samba/#comment-1249136

 

Your goals seem to be similar to what I have working with 6.9.2 but stops working after upgrading the version of Unraid.

Anyone have a solution for this? Or a doc or guide to point to?

I've been struggling with this same issue since moving off 6.9 last year.

  • 2 years later...

We are now at Unraid version 7.2.1 and Samba is installed in version 4.23.2.

What is the currently recommended way to manage permissions?

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.