This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
I just switched from a RN Ultra 4 running OS4 to a RN314 OS6. On the old NAS I was able to setup a custom samba username map so our multiple computers usernames would correctly map to the appropriate username on the NAS. However when I try to do this in OS6, the username map file keeps getting overwritten everytime the UI is saved. The file is located at /etc/frontview/samba/usermap.conf
Is there some way to provide a custom username map?
@jjcf89_2 wrote: However, the boss of the company has several computers all with different usernames and he's the only one that uses the home folder feature.
Just enter a single credential in the Windows Credential Manager on his PCs. Then there's no need to map anything for him on the NAS.
Hmm, that's a new one to me. I'll have to look that up and see what I can do. Thanks.
Just to clarify - the credential would be the username/password of his (single) NAS user account, and would be for NAS access from his PCs. If he accesses the NAS by both IP address and hostname, then you'd enter one credential for each.
Okay. I've had decent success at doing it this way. Note the method is a bit of a pain in the ass, mostly because Windows won't let you log in using a different account.
So my process so far has been:
Log into PC
Disconnect all mounted shares
Open Credential Manage and on Windows Credential tab, remove any remembered credentials for NAS
Log out and back in
Access NAS to non-anonymous share and Enter correct credentials and check remember box. This usually errors out with "can't authenticate multiple accounts..."
Log out and back in
Access NAS to non-anonymous share and everything should be working. Windows did remember the password from last step even though it failed.
Check credential manager again just to make sure username looks correct now.
Setup mounted shares
Repeat above steps for \\ipaddress if users are prone to accessing NAS via IP
Note: I usually
tail -f /var/log/samba/log.smbd
and watch to make sure I do see it correctly authenticating.
Create user accounts for all the computer users, create a user group, and add all these users to this group. Grant the required access rights for the shared folders to the group.
Create user accounts for all the computer users, create a user group, and add all these users to this group. Grant the required access rights for the shared folders to the group.
Interesting workaround. Not ideal but may work for most users. However, the boss of the company has several computers all with different usernames and he's the only one that uses the home folder feature. If each computer had a different account then he wouldn't be able to access his home folder.
On a similar note, it came up this morning that symlinks weren't working over samba. I enabled them in the /etc/frontview/samba/smb.conf.defaults file but I'm unclear if this file will be overridden.
If symlinks can work then maybe I can use them to link each of the different home folders...
@jjcf89_2 wrote: However, the boss of the company has several computers all with different usernames and he's the only one that uses the home folder feature.
Just enter a single credential in the Windows Credential Manager on his PCs. Then there's no need to map anything for him on the NAS.
Interesting workaround. Not ideal but may work for most users. ... If each computer had a different account then he wouldn't be able to access his home folder.
The home folder is mapped based on the first username accessing the NAS. Of course, the idea does not work for the home share.
@jjcf89_2 wrote: However, the boss of the company has several computers all with different usernames and he's the only one that uses the home folder feature.
Just enter a single credential in the Windows Credential Manager on his PCs. Then there's no need to map anything for him on the NAS.
Hmm, that's a new one to me. I'll have to look that up and see what I can do. Thanks.
Interesting workaround. Not ideal but may work for most users. ... If each computer had a different account then he wouldn't be able to access his home folder.
The home folder is mapped based on the first username accessing the NAS. Of course, the idea does not work for the home share.
However, the boss of the company has several computers all with different usernames and he's the only one that uses the home folder feature.
Every user must have one identity - one passport, one ID, one business card, one person. Time to streamline the boss computer behaviours for 2019.
That is an overly simplistic view of things. The most pressing example of that would be the computers that have normal windows local accounts vs those that use the new Microsoft online accounts. The online accounts all use the email address as the username instead of just the user part of the address.
Though I agree there are certainly several local accounts that should have their usernames unified...
@jjcf89_2 wrote: However, the boss of the company has several computers all with different usernames and he's the only one that uses the home folder feature.
Just enter a single credential in the Windows Credential Manager on his PCs. Then there's no need to map anything for him on the NAS.
Hmm, that's a new one to me. I'll have to look that up and see what I can do. Thanks.
Just to clarify - the credential would be the username/password of his (single) NAS user account, and would be for NAS access from his PCs. If he accesses the NAS by both IP address and hostname, then you'd enter one credential for each.
Security for this depends on his Windows log on - if he leaves one (or more) of his PC desktops open, then someone could access the NAS (including his home folder) from that PC.
@jjcf89_2 wrote: However, the boss of the company has several computers all with different usernames and he's the only one that uses the home folder feature.
Just enter a single credential in the Windows Credential Manager on his PCs. Then there's no need to map anything for him on the NAS.
Hmm, that's a new one to me. I'll have to look that up and see what I can do. Thanks.
Just to clarify - the credential would be the username/password of his (single) NAS user account, and would be for NAS access from his PCs. If he accesses the NAS by both IP address and hostname, then you'd enter one credential for each.
Security for this depends on his Windows log on - if he leaves one (or more) of his PC desktops open, then someone could access the NAS (including his home folder) from that PC.
If you do a configuration backup on a "master" NAS of just users and groups, you can upload that to the other NASes, but don't manually assign any users or groups on the other NASes. Then, all the user ID's will be the same on all NASes. Note that you cannot do this between OS4.x and 6.x NASes, but you can on units with a common core (e.g all OS6 based).
Now, any time you add a user or group, do it on the master, backup again, and upload to the others. Never manually add a user or group to any of the NASes other than the master. If they are all in sync, you can re-designate which you consider "master".
The backups are csv files in a zip. Once you take a look at them, you can get clever, too. Just make sure you use the right EOL (LF, not CRLF). But you can't get clever enough to transfer between NAS families because the default UIDs and GIDs are different. (Something Netgear should have thought about when they developed OS6.)
If you do a configuration backup on a "master" NAS of just users and groups, you can upload that to the other NASes, but don't manually assign any users or groups on the other NASes. Then, all the user ID's will be the same on all NASes. Note that you cannot do this between OS4.x and 6.x NASes, but you can on units with a common core (e.g all OS6 based).
Now, any time you add a user or group, do it on the master, backup again, and upload to the others. Never manually add a user or group to any of the NASes other than the master. If they are all in sync, you can re-designate which you consider "master".
The backups are csv files in a zip. Once you take a look at them, you can get clever, too. Just make sure you use the right EOL (LF, not CRLF). But you can't get clever enough to transfer between NAS families because the default UIDs and GIDs are different. (Something Netgear should have thought about when they developed OS6.)
Note you apparently can import an OS4 backup into an OS6 NAS and it won't stop you. What did happen is it overwrote a bunch of system users in /etc/passwd that messed things up. I grabbed a backup of the /etc/passwd file and manually fixed the mess.
I don't see why users from OS4 would be an issue to transfer over to OS6. Even if the default UIDs are different they still seem to work. I wish I had thought to manually update the backup file. Instead, I manually merged users into the passwd, group, shadow, smbpasswd, and the samba database files to transfer them from OS4 to OS6.
I don't see why users from OS4 would be an issue to transfer over to OS6. Even if the default UIDs are different they still seem to work. I wish I had thought to manually update the backup file. Instead, I manually merged users into the passwd, group, shadow, smbpasswd, and the samba database files to transfer them from OS4 to OS6.
It has been a very long time since I looked at it, but I thought there was something that overlapped in such a way that it didn't work. Maybe it was default users on one having the same UID as added users on the other. I guess you could get around that if you were just doing a complete transfer and could re-assign UID's. I was looking for a way to create a program that would do it, and didn't see an easy way. Basically, I was going to try to do Netgear's job for them. At the time, I was going to have both OS4.2 and OS6 NASes concurrently.
@Sandshark wrote: At the time, I was going to have both OS4.2 and OS6 NASes concurrently.
My Pro-6 is still on 4.2.31 (it's only for backup, so there was no reason to change it).
It is possible to assign UIDs and GIDs that match to user accounts. The bigger problem is that the UID/GID for guest accounts (including nobody/nogroup) can't be matched.
We access the NAS using admin credentials anyway, so I set up my shares (OS 4 and OS 6) so that all files are owned by admin. That is mapped correctly in rsync backup jobs, so owner/group is preserved.
@jjcf89_2 wrote: However, the boss of the company has several computers all with different usernames and he's the only one that uses the home folder feature.
Just enter a single credential in the Windows Credential Manager on his PCs. Then there's no need to map anything for him on the NAS.
Hmm, that's a new one to me. I'll have to look that up and see what I can do. Thanks.
Just to clarify - the credential would be the username/password of his (single) NAS user account, and would be for NAS access from his PCs. If he accesses the NAS by both IP address and hostname, then you'd enter one credential for each.
Okay. I've had decent success at doing it this way. Note the method is a bit of a pain in the ass, mostly because Windows won't let you log in using a different account.
So my process so far has been:
Log into PC
Disconnect all mounted shares
Open Credential Manage and on Windows Credential tab, remove any remembered credentials for NAS
Log out and back in
Access NAS to non-anonymous share and Enter correct credentials and check remember box. This usually errors out with "can't authenticate multiple accounts..."
Log out and back in
Access NAS to non-anonymous share and everything should be working. Windows did remember the password from last step even though it failed.
Check credential manager again just to make sure username looks correct now.
Setup mounted shares
Repeat above steps for \\ipaddress if users are prone to accessing NAS via IP
Note: I usually
tail -f /var/log/samba/log.smbd
and watch to make sure I do see it correctly authenticating.
