User level security woes


Recommended Posts

I've been playing around with user level security on my unRAID server, and I have consistently failed to get it working.  :'(

 

My set up is: I have a desktop PC running Vista x64 which doubles as my HTPC, I do not have a dedicated HTPC.  The desktop is hardwired to the router, as is my unRAID server.  My roommate and I also each have a laptop.  My wireless network is encrypted with a WPA password.  My wired network is not encrypted, and has no password protection.  I do most of my unRAID management from the desktop, as well as most of my file transfers, and therefore I would like to be able to easily switch between my various unRAID user accounts from there.

 

Ideally, this is what I would like:

Inky (admin account, password protected, full read/write privileges)

Contributor (dropbox-style account, no password, read/write privileges but unable to delete/overwrite anything)

Guest (guest account, no password, read-only privileges)

 

As far as I know, the 'Contributor' account as I have described it is simply not possible.  So, practically, I would be happy with just two user accounts:

Inky (admin account, password protected, full read/write privileges)

Guest (guest account, no password, read-only privileges)

 

My idea with the Contributor account is to help protect me from myself, to prohibit me from accidentally deleting or overwriting something during my nightly manual backups and media transfers.  Hence, I would be logged in as 'Contributor' for the vast majority of the time.  The Inky (admin) account I would only use if I needed to do something drastic, like delete an outdated backup.  The Guest account would be for my laptop, my roommate, and anyone else who brings their laptop over and wants to just watch/listen to something, or grab a few files from me.

 

If the Contributor account is not possible, then I will just have to use the Inky (admin) account for this purpose of file transfers and backups to the unRAID server, and be very careful while I do.  I just dread the day when I accidentally delete my entire movies folder, or something like that (since there's currently no 'undelete' or recycle bin-type feature, all it would take is one simple keystroke).  I run that risk every day as it is, so I guess I'm used to it.

 

The primary problem I keep running into is that after enabling user level security, creating the different users, and then specifying the user's permissions for each user share, they simply don't seem to work.  Logged in as the Guest (read-only) user (I think, at least) I am unable to access anything.  I can see all my shares, but when I try to open it, Windows gives me some error about not being authorized, and does not prompt me for a username and password.  At the recommendation of the unRAID manual I was using as a guide, I made all my shares 'export read-only' and added an exception for Inky, my admin account.  I also read something about linux not liking capital letters in usernames, so I tried making the usernames all lowercase - it didn't seem to change anything.

 

Another general question I have about user shares - how do you know which user you are signed in as?  Furthermore, if I am signed in as, say, Guest and I want to switch to Inky, how do I go about doing that?  Finally, unRAID user accounts are completely separate from Windows user accounts, correct?  So being signed into Windows as Inky will still allow me to sign into the unRAID server as Guest, right?

 

Also, can someone explain the function of the 'root' user?  If its easier to make 'root' my admin account with full read/write privileges, that's fine.

 

Thanks in advance for any and all guidance.

 

My latest syslog can be found in this thread, dunno if that helps with this question.

Link to comment
  • 3 weeks later...

Alright, well, I think I've solved it.  The problem seemed to be that I needed to reboot the server after making ANY changes with the security settings for the changes to be reflected.  This wasn't stated anywhere in the official manual, and I think it should be.  Also, I changed my admin account username from 'inky' to 'admin', and unRAID seemed to like that.  Perhaps there is an issue with the Windows username being the same as the unRAID username? 

 

This question still stands:

- How do you know which user you are signed in as?  If I am signed in as, say, guest and I want to switch to admin, how do I go about doing that?

Link to comment
  • 2 years later...

Have you found a way to switch between users? I don't want to leave my desktop signed into unraid with all read\write permissions enabled, but sometimes I need to move files around, of course.

 

Is there a way to get Windows to forget its username/password for a network share so that I can sign in as a different user?

 

I'll continue looking, but for some reason this isn't a more discussed topic. Let me know if you've discovered anything youself, aside from rebooting your machine.

 

Thanks.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.