Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

WebGUI: no control for share settings

Featured Replies

unRAID OS Version: 6.0-beta12

 

Description: there is no location in the web gui to manage share settings (public / private / hidden) for either the flash driver or the disks.

 

How to reproduce: This is the only way I've seen it! Install b12 (and AD integrate)

 

Expected results: Control in the webgui to manage shares, like in previous betas

 

Actual results: Per description, no gui location to manage the security that I can see

 

Other information:

Active directory integrated mode is enabled, and working (very well)

Can manage via /boot/config/disk.cfg but need to either reboot or stop and restart the array using the GUI

 

(disclaimer: I could be being blind)

 

I can set those settings by going clicking on the drive in the Main tab (or Main/CacheDrive for the cache drive() and then from there selecting the SMB Security tab.

 

I am not running Active Directory, but I would not think that was relevant?

Active Directory actually IS relevant.  I've been frustrated enough by AD integration that I've reverted back to Workgroup.

  • Author

Yeah sorry for the second post, figured it was better in Defect Reports with a bit more info.

Posted screenshots this time.

 

 

Re: AD - interestingly my server unjoined itself, when I rejoined I couldn't authenticate against the server. Until I connected to the IPC$ share on the UNRAID server and it all sprung back to life (via Computer Management to see the shares. Was weird. I even tried fiddling with client network security policy in Win8.1 for a bit but that didn't seem to help. Happy to share if people want some information - trial and error has it so that my kids can no longer delete files :) Easiest way to manage security and groups once you are in is to use explorer advanced security settings to set up proper inherited permissions against groups (found that easier than facl). And the best place to do this was against the (hidden!) disk1 & disk2 shares.

2015-02_-_S03_Array_Devices.png.ff3bf53436d565022eaca746c31b0db6.png

2015-02_-_S03_Disk_1.png.1eaad282cb6ccf78597bddd26594b372.png

2015-02_-_S03_Flash.png.6cc7ffad91b316f3a168485221758011.png

I can set those settings by going clicking on the drive in the Main tab (or Main/CacheDrive for the cache drive() and then from there selecting the SMB Security tab.

 

I am not running Active Directory, but I would not think that was relevant?

 

Yes this is my experience as well. Perhaps this issue only affects Active Directory?

  • 2 months later...
  • Author

This is still present in b15.

The display of the share settings is conditional, it checks for $var['shareSMBEnabled']=='yes', when AD is activated the value however is ads causing the non-display.

 

Don't know if this intentional, LT has to answer and may need to correct the conditional statement.

 

I've asked tom if he can look into this.

  • 1 month later...
  • Author

Just reporting that this issue is still there in rc5. Although it appears to have re-surfaced for the Flash drive (so partially fixed).

 

For clarity, the attached screenshot (flash settings) is what I'm expecting - the ability to control the disk shares via the GUI. Understood that this may not link into AD permissions but that should be acceptable to most!

 

Thanks!

2015-06_-_v6.0rc15_-_Flash_Export_Settings.png.fe8f06ec631814981b1d5e3cd409899f.png

Ok we need to set up another AD DC config and run through all our testing, but enabling AD changes things for SMB:

- users configured on the Users page are not relevant at all.

- the 'unraid security model' (public/secure/private shaes) is not relevant either.

 

In AD mode all permissions having to do with shares via SMB is handled via usual AD mechanisms, e.g., defining access on a per share/directory basis.

 

The intent with AD was that SMB would be the only enabled network protocol.  The only reason you would use the Users page would be to set a 'root' password which is only used with webGui/console login.

 

The original idea was there would be two "modes":

1. Normal mode: SMB workgroup, AFP, NFS common set of user permissions, and

2. AD mode: only SMB enabled, no users defined on the unraid server.

 

As things progressed we ended up having separate sets of users permissions for each protocol.  For example you can have a user named "larry" that has r/w access via SMB to a share, but RO access to same share via AFP.  Also you could have SMB setup in AD mode, yet still have users access those same shares via AFP or NFS.  I think this is undesirable and is something we plan to simplify post 6.0 'stable'.

 

Hope this make sense  :o

  • Author

Perfectly thanks.

 

I had thought about asking for AD style permissions on the diskX shares (as well as a name) - that would truly rock. I could expose them as \\tower\disk01$ and lock it down to Domain (or Storage) Administrators. As part of this I'd expect that this was the only access mode via share.

 

If that is possible then superb!

 

Not sure how that would apply to flash or cache?

 

As background: I've never created users in UNRAID. And only ever used SMB. My v5 server I use in public workgroup mode; my v6 server I run in AD integrated mode (mostly as I could never get v5 security to work for whatever reason; I never went back after getting my v6 server going as I will upgrade the v5 machine once v6 goes gold). My desired future state is AD integrated.

 

Thanks for the update!

 

  • Author

2008R2 Functional level, mix of 2008R2 and 2012R2 DCs. Just standard, no need for Enterprise here.

 

Will be upgrading to 2012R2 functional level once I rebuild my hyper-V server in the next month or so (which will be DataCentre edition I think).

 

Clients are all Win7 or Win8.1 (for another month, then 10).

 

Everything is fully patched.

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.