#(Solved) Permission denied on mounted Samba share.

Problem/Question:

• How to properly mount my Samba shares so the ACLs of the said shares are respected and not bypassed?

Goal:

• Mounting my Samba shares automatically regardless of the user logging in and having proper permissions as defined in the ACLs in TrueNAS (I'm open to any way of mounting them as long as it's automatic once setup)

Setup:

• Rocky Linux 9 host
• TrueNAS Server with Samba shares
• Windows Server 2016 used as Domain Controller and Active Directory as directory service

Actions taken:

• Credentials are from a domain administrator, which has full control over the samba shares (as defined in the ACLs)
• Configured /etc/fstab to mount the Samba shares (tried both as CIFS and as SMB3):
• With the noperm option, I get access to everything, but it doesn't respect the ACLs and is not the goal
• Without the noperm option, I can only read files (which is the only permission given to everyone in the TrueNAS ACL for that share), but get "permission denied" even for admin users.

PS:
fstab settings:
//server/share /net/mount_point smb3 uid=0,credentials=/etc/samba/.samba-credentials,iocharset=utf8,vers=3.0,nofail 0 0

try switching the uid to your user's uid

Ah! I remember reading something about a while ago. Will do more research about it thanks for the pointer.

To clarify, you mean in the fstab configuration right?

yeah

I think I found out the root of the problem: it's about SSSD and ID mapping.
Since AD by default only has a SID for Windows and not UID and GID compliant with POSIX, that seems to create problems with permissions.
I updated my AD entries to store a uidNumber and gidNumber on them.
I'm still figuring out how to make it work though (even with disabling ID Mapping in SSSD that doesn't seem to work).
Anyway I'll call this resolved even though it's not really yet, I have enough work/learning to do because asking for more support.
Thanks