Synology shared folder permission without ACL
I need your help about permissions on a shared folder in our NAS.
I've created User1, User2, User3 and they all belong to the group "Users".
I've created folders:
\\synology1\users (can't really make any user to be the owner of a share, but i've set the right to "Users" to Read/Write in it)
\\synology1\users\User1 (Owner: User1/Users, rights: RWX------)
\\synology1\users\User2 (Owner: User2/Users, rights: RWX------)
I want User1 to be able to read & write to User1 folder, but no access at all to User2. I also don't want him to be able to create folders/files in \\synology1\users. But with this setup, User1 is allowed to write in it. And if i set the shared folder permissions of User1 to "Read Only", then he can't even write in his own folder.
Can you explain me what is the part i misunderstand? And what should i change to make it working like i want?
Thanks
Note: All the computer accessing the drive are on Windows.
I've created User1, User2, User3 and they all belong to the group "Users".
I've created folders:
\\synology1\users (can't really make any user to be the owner of a share, but i've set the right to "Users" to Read/Write in it)
\\synology1\users\User1 (Owner: User1/Users, rights: RWX------)
\\synology1\users\User2 (Owner: User2/Users, rights: RWX------)
I want User1 to be able to read & write to User1 folder, but no access at all to User2. I also don't want him to be able to create folders/files in \\synology1\users. But with this setup, User1 is allowed to write in it. And if i set the shared folder permissions of User1 to "Read Only", then he can't even write in his own folder.
Can you explain me what is the part i misunderstand? And what should i change to make it working like i want?
Thanks
Note: All the computer accessing the drive are on Windows.
The admin will create folders in \\synology1\users. I don't want to get that folder filled with crap just because a user don't know how to use it.
So what you suggest is to let them be able to write in \\synology1\users? That's exactly what i want to avoid.
I'm not familiar with Linux permissions...
I thought that there was some inheritance. Am i wrong?
So if for example, i set Read Only to \\synology1\users for everyone, and set RWX to User1 for \\synology1\users\user1, then i would end up with RWX for user1 folder, and have only R for \\synology1\users. But it seems i'm wrong...
So what you suggest is to let them be able to write in \\synology1\users? That's exactly what i want to avoid.
I'm not familiar with Linux permissions...
I thought that there was some inheritance. Am i wrong?
So if for example, i set Read Only to \\synology1\users for everyone, and set RWX to User1 for \\synology1\users\user1, then i would end up with RWX for user1 folder, and have only R for \\synology1\users. But it seems i'm wrong...
Which Synology NAS are you using and what is version of firmware it is running?
Further where are the users and the group created? On NAS as local users or on AD?
Sudeep
Further where are the users and the group created? On NAS as local users or on AD?
Sudeep
It's a DS-213, it's running on the latest firmware (DSM 4.3-3776).
The users & groups are created on the NAS, it's not on an AD.
There's other users, but they are not involved in this situation. I've not set "NO ACCESS" to this folder to anyone...
As i said, the problem might come from my asumptions about "How Linux Permissions Works". I've another folder that i've setuped using ACL, and it's working just fine.
I really want to understand how it work without ACL to understand Linux better.
The users & groups are created on the NAS, it's not on an AD.
There's other users, but they are not involved in this situation. I've not set "NO ACCESS" to this folder to anyone...
As i said, the problem might come from my asumptions about "How Linux Permissions Works". I've another folder that i've setuped using ACL, and it's working just fine.
I really want to understand how it work without ACL to understand Linux better.
I think it has nothing to do with the Linux permission but how Windows handles the network permissions.
For example you could not map the same network drive with two different username and passwords. Let say you NAS IP 10.1.1.200 you could only share it with one User's credentials whether there are two folder in it or three all should have same password else it would not let you access it with another users password unless you disconnect the mapped drive and clear the cache passwords from the system.
Sudeep
For example you could not map the same network drive with two different username and passwords. Let say you NAS IP 10.1.1.200 you could only share it with one User's credentials whether there are two folder in it or three all should have same password else it would not let you access it with another users password unless you disconnect the mapped drive and clear the cache passwords from the system.
Sudeep
Ok. I've done a NET USE /DELETE * prior to map any network drive.
With ACL, i can change permissions to files/folders and these changes seems to apply immediately on User1 computer. I guess it's the same without ACL too, but i'm not sure. I would guess on a pure linux machine (Ubuntu for ex) that i would have to restart the Samba Service, but the NAS must be wise enough to restard & reload its new config. But does Windows get advised of that change? I don't know...
With ACL, i can change permissions to files/folders and these changes seems to apply immediately on User1 computer. I guess it's the same without ACL too, but i'm not sure. I would guess on a pure linux machine (Ubuntu for ex) that i would have to restart the Samba Service, but the NAS must be wise enough to restard & reload its new config. But does Windows get advised of that change? I don't know...
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Reason both user1 and user2 are able to write to folder \\synology1\users is that they belong to the users group, which has rw rights in that folder.
You could set things up like this:
\\synology1\users (all users rwx rights)
\\synology1\user1 (user1 rwx rights)
\\synology1\user2 (user2 rwx rights)
That way each user has it's own 'home' folder and a shared folder (users) that all users can use to 'share' files.