Issues
- TrueNAS Core 13.0-U6.2 Bug report: UI not passing UID/GID in when editing ACLsNAS-130614Resolved issue: NAS-130614TrueNAS Backend Triage
- Dataset ACL abnormally shows errors when switching list objectsNAS-121505Resolved issue: NAS-121505Alex Karpov
- Scale 22.12.1 - Locking and Unlocking a dataset resets its Share ACLNAS-120571Resolved issue: NAS-120571Andrew Walker
- User creation wizard does infact not create a subdir if the given path does not end with usernameNAS-120157Resolved issue: NAS-120157Rehan Yousaf
- The web UI prompts for setting ACL on SMB shares even when ACL is disabledNAS-119377Resolved issue: NAS-119377Rehan Yousaf
- Samba Share ACL resets to Everyone when disabled and re-enabledNAS-117911Resolved issue: NAS-117911Triage Team
- User dropdown does not show all users in ACL EditorNAS-113498Resolved issue: NAS-113498Ievgen Stepanovych
- ACL Permissions set incorrect by Windows ADNAS-112415Resolved issue: NAS-112415Triage Team
- Cannot edit Share ACL for SMB sharesNAS-108484Resolved issue: NAS-108484Triage Team
- I can apparently cd into restricted directoriesNAS-107575Resolved issue: NAS-107575Triage Team
1-10 of 10
1 of 10
Please see this thread in your support forums for original report (in which Andrew Walker asks me to file this bug report):
https://forums.truenas.com/t/acl-editor-wont-access-ad-users-groups/11026
I have just installed TrueNAS Core 13.0-U6.2, and I am trying to get Active Directory and SMB working for the first time. I am using Microsoft Edge as my primary web browser.
I have connected to AD fine, and when I run ‘wbinfo -g’ and ‘wbinfo -u’ from a shell I correctly get a list of all my AD groups and users. I have created a pool, and have created a dataset under that pool (setting the Share Type to ‘SMB’). I then created an SMB share, choosing ‘No presets’ for the Purpose, ticking ‘Enable ACL’, ‘Browsable to Network Clients’, and ‘Enable Alternate Data Streams’ as my options.
I tested the share by browsing to \\nas\asdfg on a Windows 10 machine (where ‘nas’ is the hostname of the TrueNAS box, and ‘asdfg’ is the SMB share) and this resolved fine (i.e. when I typed '\\nas' Windows automatically presented ‘\\nas\asdfg’ so it was clearly advertising the share correctly), but when I tried to browse it I got the usual ‘Windows cannot access…’ error. This was to be expected as I hadn’t set any ACLs yet.
From the TrueNAS ‘Windows Shares (SMB)’ screen I then selected ‘Edit Filesystem ACL’ on the share I created, and saw that it had created 4 default ACLs, for ‘everyone@’, ‘owner@’, ‘group@’, and ‘Group’ builtin_users. For the purposes of testing, I wanted to set this share to be accessible for all users on my domain. I went to the ‘Group’ ACL and deleted ‘builtin_users’, and clicked the little down-arrow expecting to see a list of my AD groups. Unfortunately this was not the case; it showed a list of what I assume are built-in groups (wheel, daemon, kmem, sys, tty, etc. down to nslcd, ntpd, and 3 builtin_ groups). So I entered ‘wbinfo -g’ to a shell, and from the results I copied ‘BOBBY\domain users’ (where BOBBY is my domain name), then pasted this into the the Group field in the ACL GUI. I then clicked ‘Save’, but got the following error:
Error: [dacl] Item#3 is not valid per list types: [id] Not an integer.
I have tried clearing my browser cache, and have tried in a private window, but the error persists. I also tried installing a different browser (Chrome) but got exactly the same results.
I have attached screenshots showing the error, and the output of the command ‘midclt call core.get_jobs | jq’ in case this is helpful.
Thank you.