Uploaded image for project: 'FreeNAS / TrueNAS'
  1. FreeNAS / TrueNAS
  2. NAS-105703

SMB (folder) permissions are half broken

    XMLWordPrintable

    Details

      Description

      Last couple of days I found out, while installing SQL server 2017 Database engine on a FreeNAS SMB share, that permissions, and the way FreeNAS handles permissions, is half broken.
      SQL server will (automatically with a Managed Service Account) disables inheritance on a folder. When this happens the folder hides and cannot be showed until you force inheritance to be turned on via ACL page on FreeNAS, which breaks the folder for SQL.

      Manually disable inheritance is possible, but this is also a problem. Even though my account is added to the domain admins group, which is set to be owner on that share/folder, it says that I don't have permission. I first have to make my account owner of that folder, click apply, disable inheritance and click apply again. When not following this order the folder breaks and is not accessible anymore. Have to reset inheritance via FreeNAS and can start all over again. (Please review the added images with the description)

      • Domain admins has been set to be user/group of the folder, just a group cannot be set... please add this. AGDLP (should be) pretty common to be used.

      Further on I am not sure if FreeNAS NTFS support is behaving ""exactly"" like it would be on a Windows File server. Because when updating the SQL server to the latest CU (20) it shows:
      Error: 17053, Severity: 16, State: 1.
      DoDevIoCtlOut() GetOverlappedResult() : Operating system error 1(Incorrect function.) encountered.

      https://docs.microsoft.com/en-us/archive/blogs/psssql/error-17053-when-using-third-party-network-storage-device-smb-file-share
      "If the device doesn’t support io code FSCTL_FILESYSTEM_GET_STATISTICS, there are different rampifications depending on which file System you use"

      Not sure if this is the case.

      Looking forward to you reply and the permission fixes for SMB shares.
      If you need any more information, please let me know.

        Attachments

          Attachments

            Activity

              People

              Assignee:
              awalker Andrew Walker
              Reporter:
              Quinten Quinten
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Due:
                Created:
                Updated:
                Resolved:

                  Summary Panel