Uploaded image for project: 'FreeNAS / TrueNAS'
  1. FreeNAS / TrueNAS
  2. NAS-105703

SMB (folder) permissions are half broken

    XMLWordPrintable

    Details

      JEditor

        Description

        Last couple of days I found out, while installing SQL server 2017 Database engine on a FreeNAS SMB share, that permissions, and the way FreeNAS handles permissions, is half broken.
        SQL server will (automatically with a Managed Service Account) disables inheritance on a folder. When this happens the folder hides and cannot be showed until you force inheritance to be turned on via ACL page on FreeNAS, which breaks the folder for SQL.

        Manually disable inheritance is possible, but this is also a problem. Even though my account is added to the domain admins group, which is set to be owner on that share/folder, it says that I don't have permission. I first have to make my account owner of that folder, click apply, disable inheritance and click apply again. When not following this order the folder breaks and is not accessible anymore. Have to reset inheritance via FreeNAS and can start all over again. (Please review the added images with the description)

        • Domain admins has been set to be user/group of the folder, just a group cannot be set... please add this. AGDLP (should be) pretty common to be used.

        Further on I am not sure if FreeNAS NTFS support is behaving ""exactly"" like it would be on a Windows File server. Because when updating the SQL server to the latest CU (20) it shows:
        Error: 17053, Severity: 16, State: 1.
        DoDevIoCtlOut() GetOverlappedResult() : Operating system error 1(Incorrect function.) encountered.

        https://docs.microsoft.com/en-us/archive/blogs/psssql/error-17053-when-using-third-party-network-storage-device-smb-file-share
        "If the device doesn’t support io code FSCTL_FILESYSTEM_GET_STATISTICS, there are different rampifications depending on which file System you use"

        Not sure if this is the case.

        Looking forward to you reply and the permission fixes for SMB shares.
        If you need any more information, please let me know.

          Attachments

            Attachments

              Activity

                People

                Assignee:
                awalker Andrew Walker
                Reporter:
                Quinten Quinten
                Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                  Dates

                  Due:
                  Created:
                  Updated:
                  Resolved: