user can access share he should not be able to access (SMB/AFP)
Hi
I have a really simple setup with a open-E DSS box (Version: 5.0.DB49000000.3278):
2 SMB/AFP shares
2 Users
1 Group (users)
I set share 1 to be only accessable by user 1 and share 2 only to be accessable by user 2.
I did this by setting the share security to "user with password" and added only the respective user at CONFIGURATION -> NAS resources -> shares-> [share_name] -> Function: Users share access (SMB/FTP/AFP).
Also I have enabled "force user and group" at each share.
Now I was pretty amazed when I saw that user 2 can access share 1 and vice versa.
I just verifeid this and it works creating the same share names with the users even in the defualt group called "Users" the users where in there. When you tested did you use different systems and does the Share have the "Users with password" enabled?
Also you dont need to use the "Force" options for this.
thank you for testing this!
Yes I do have "Users with password" enabled and yes I did use different systems for testing.
Also I did disable the "Force" option for testing - no luck..
The only thing I can think of is that this open-E System was previously used in a datacenter, with iSCSI failover, some SMB share and so on.
But I did a complete factory reset before I deployed it in the office..
I am quite confused..
Maybe you guys could have a look at it?
If so please PM me with what you need (username / password)
Hi To-M
I havent received your email so far.
But I made a some further tests:
I added the user "test" and gave this user access to share 1
instantly the user also had access to share 2 (although I did not grant him permission to that share)
Then I added the user "test2" and gave this user no access rights at all
-> user "test2" is not able to access any share
Issue solved.
I removed all users and re-created them.. voilá
I guess some UID/GID mapping was incorrect.. but who knows..
Also big kudos to open-E Support in germany providing DSS v6 as we ran into a "1229" error while updating V5 making the DOM unusable. Updating to v6 worked and it was also possible to recover all configuration.