Thanks Toomas, that's exactly what I want to avoid, as we'll have multiple zones with different passwd users each that cannot be matched in one unique NFS sharing system. I've solved using mount -F smbfs, so everyone is using the same cifs users ;) Gabriele     Sonicle S.r.l. : http://www.sonicle.com Music: http://www.gabrielebulfon.com eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets     Da: Toomas Soome via illumos-developer A: illumos-developer Data: 7 febbraio 2024 10.12.37 CET Oggetto: Re: [developer] dual share via cifs and nfs On 7. Feb 2024, at 10:58, Gabriele Bulfon via illumos-developer wrote: Ok, I found that part is already correct, pam.conf is ok, the web gui we built that also manage users already run smbadm enable/disable as needed, and smbpasswd contains the right stuff.   I still don't understand what I should do with NFS. I have the dataset also shared as NFS with "sec=sys,root=@client-ip", and it creates files as root/644. How do I force the NFS client to use a specific destination user (same as the smb one) so to operate correctly?   Gabriele       with NFS you have the good old story: server and client need to have same users and if you are using auth_sys (auth_unix) authentication, the username,uid and gid values must match. That implies either “manual” passwd/group files replication or name service (ldap) setup. With NFSv4 + kerberos you do not need uid/gid values to be in sync, but you still need the same users and the proper setup of nfsv4_domain property so the server would accept the user name translations.   rgds, toomas   Sonicle S.r.l. : http://www.sonicle.com Music: http://www.gabrielebulfon.com eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets   ---------------------------------------------------------------------------------- Da: Gordon Ross A: illumos-developer Data: 6 febbraio 2024 15.16.04 CET Oggetto: Re: [developer] dual share via cifs and nfs Yea, and (oh, yeah, I forgot to add a detail)when setting up SMB user accounts, you must:Add this to pam.confother password required pam_smb_passwd.so.1 nowarnthen do "smbadm enable-user", passwd userso the SMB p/w hashes end up int /var/smb/smbpasswdOn Tue, Feb 6, 2024 at 3:28 AM Gabriele Bulfon via illumos-developer wrote:>> Thanks! Is it necessary to use "smbadm enable user" instead of just using unix passwd users and ACLs with those users?> I mean, they would be same usernames, and I have no domain in this case.>> Gabriele>>> Sonicle S.r.l. : http://www.sonicle.com> Music: http://www.gabrielebulfon.com> eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets>>>>>> ---------------------------------------------------------------------------------->> Da: Gordon Ross > A: illumos-developer > Data: 6 febbraio 2024 1.12.14 CET> Oggetto: Re: [developer] dual share via cifs and nfs>> There are a few things you need for cross-protocol sharing:> 1: create the ZFS dataset with options: nbmand=on, casesensitivity=mixed> 2: make sure you have some SMB accounts (smbadm enable user, and/or> smbadm join ...)> 3: Set ownership and ACLs to something Windows-friendly> (eg: chmod A=everyone@:full_set:fd:allow /the/share/root> and then set ACLs how you want via windows right click)> 4: setup idmap so that NFS will "see" something usable for UIDs and GIDs>> There are some more details about those steps in the SMB Admin guide:> https://dlc.openindiana.org/docs/20090715/SSMBAG/html/smboverview.html> Sorry that's a bit stale. I have a somewhat updated version, but it's> not "up" yet.>> On Mon, Feb 5, 2024 at 2:51 AM Gabriele Bulfon via illumos-developer> wrote:> >> > Hi, what are the correct settings for a zfs share to be visible both via cifs and nfs (cifs for smb users, nfs for a server)?> > I need to be sure both will be using the same user to access files, as the nfs client will be creating files for smb users and vice versa.> >> > Gabriele> >> >> > Sonicle S.r.l. : http://www.sonicle.com> > Music: http://www.gabrielebulfon.com> > eXoplanets : https://gabrielebulfon.bandcamp.com/album/exoplanets> >> > illumos / illumos-developer / see discussions + participants + delivery options Permalink> > illumos / illumos-developer / see discussions + participants + delivery options Permalink------------------------------------------illumos: illumos-developerPermalink: https://illumos.topicbox.com/groups/developer/T853ccac866b92198-M244d4452165c1306e90450f2Delivery options: https://illumos.topicbox.com/groups/developer/subscription illumos / illumos-developer / see discussions + participants + delivery options Permalink