Pinned Samba Share Types in OMV

    • OMV 1.0
    • Resolved

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • Samba Share Types in OMV

      Samba shares types

      OMV has the capability of configuring shares accordingly with their defined user access privileges. This means they won't act in the file system layer they will run in the samba authentication layer. From there the access can be controlled to be read only, write access and guest account log in. This is done with the PRIVILEGES button in the shared folder section not the ACL



      Remember that this is a two leg thing, if write access is enabled and by any chance your share has a modified system permission of 755 (the default is 2775) the authorized user will not be able to write to the share.

      Shares in Samba can be catalogued in OMV into three categories with their most important directives indicated below:

      Non-public (Private): login always required, Guest Allowed denied
      guest ok = no
      valid users = User1, User2, @Group1, @Group2 ## this will deny all none authorized users
      read list = User1, @Group1
      write list = User2, @Group2
      • This means that every user will have to provide valid OMV credentials to access that share.
      • Also this type of shares requires at least one definition of a valid user, otherwise the directive would be empty. THIS WILL ALLOW EVERY USER TO LOG INTO THE SHARE


      Semi-public: when login is not provided, guest user is used. This is the option Guest Allowed from the samba share option

      guest ok = yes
      read list = User1, @Group1
      write list = User2, @Group2

      Notice here if you have a user that you have not set up privileges for (thank means blank tick boxes) he will be able to login anyway and have write access.

      Public only: guest user always used. This is the Guest Only option in the samba share configuration
      guest ok = yes
      guest only = yes

      Notes:
      • The guest account is mapped to system account nobody, he doesn’t belong to group users, thus he HAS BY DEFAULT NO WRITE ACCESS just READ. This is can be reverted modifying the POSIX permissions of the share to 777.
      • These directives are NOT ACL
      • The semi public is valid for OMV version 1.10



      Questions:
      I have setup a semi-public shares how to I enter credentials if the guest will always log in first?

      You have to use windows map network drive feature to provide login credentials




      In Mac OS X you can use CMD+K (if you are in Finder)

      I have guest allowed or guest only enabled, but windows keeps asking for password?

      You probably have an identical windows-omv username. Windows is sending windows account credentials before. If you want to login as Guest type nobody in login and no password. Yes, nobody like this :



      The login keeps saying login denied?

      This is more likely caused by two things:
      • Permission issue (ACL or non default POSIX permission mode/ownership). You can use the reset permission utility provided with omv-extras, next to Shared Folder sections to bring back to default permission and flush problematic ACL's. edit: In OMV3 the reset permission utility is a independent plugin
      • Out of sync password in between linux and samba. This is very rare but it has happened. Test in ssh the following smbpasswd username enter password and try and login again.
      I can't delete files or edit files that other users have created?


      • The default umask in samba is 644 for files. So to enable flexible sharing tick Enable permission inheritance in the samba share settings this will force 664 creation mode. Files created previously need to change their permission mode. Use reset permission utility.
      • Check that you don't have read only enabled. This option overrides privileges and POSIX



      chat support at #openmediavault@freenode IRC | Spanish & English | GMT+10
      telegram.me/openmediavault broadcast channel
      openmediavault discord server

      The post was edited 19 times, last by subzero79 ().

    • For those who have trouble with accessing shares from a Win10 machine with a different login and can't logout, try this:

      howtogeek.com/howto/16196/how-…c-path-drives-in-windows/ and reboot (A shutdown won't work because of the "fast boot" option with Win 10).

      Also, maybe you accidentally made available offline a folder from your share (with the wrong login) [yeah, I messed around big time my initial setup. It's great for learning tought], you can flush the sync data from the Configuration panel -->the Sync Center, under "Manage offline files" [Screen capture in French: "Gérer les fichiers hors connexion". Deactivate and clear your offlines files and reboot (A reboot and not a shut down).
      The Sync Center was always connecting to my shares with my initial login and the command "net use" was reporting nothing with my machine...

      Below a screen capture from the sync center after I reset everything.