Text only | Text with Images

Buffalo Forums

Products => Storage => Topic started by: asq on February 11, 2013, 10:04:10 AM

Title: Terastation 5200 applying access restrictions when there should be none
Post by: asq on February 11, 2013, 10:04:10 AM

Further to my previous post, still unsolved, regarding the Terastation TS5200D0402 frequently making files read-only for users other than the person who just saved the file, I created a new shared folder, *without folder restrictions*, and copied all the files over.  Astonishingly, the same problem occurs on files in this folder: even though there are meant to be no restrictions, the Terastation is making some files and folders read-only for other users after a user has saved them.

 

I am using firmware v2.30.

 

I am so disappointed with Buffalo and this product.

 

 

Title: Re: Terastation 5200 applying access restrictions when there should be none
Post by: BigTex on February 12, 2013, 01:14:14 PM

ASQ.

 

I'd be happy to assist you in some things that have corrected similar issues for customers.

 

The first thing is to update firmware which I see you've done. I also ask that you re-initialize your Terastation after the firmware. This has corrected issues for people in the past after moving to 2.3 which has an embedded SMB update within.

 

To reinitialize the device please navigate to

Web Interface in browser > Management > Restore/Erase, select Black Button > Select the middle button to "Initialize TeraStation". This will reset the configuration file but will not lose stored data.

 

If after re-initialization you still see issues I'd ask that you copy the files to a new share created after 2.3 firmware/initialization. This will be sure it's created with new permissions and when files are copied to the device to another share on the same device, it'll use Windows as a relay (making it slower, sorry) and wipe permissions to then take that of the new share.

 

Depending if your workstations are on a Domain or not will determine the method for adjusting LAN manager NTLM authentication settings.

 

Should you still have issue after the firmware adjustments I ask that you check your Local Security Policy. Here is where the setting is located.

 

Workstation not on domain.

Open Local Security Policy and navigate to

Security Settings > Local Policies > Security Options > Network security: LAN Manager authentication level

Please set this to LM & NTLM - use NTLMv2 session security if negotiated

 

Image of Local Security Policy Setting

 

If your workstations are on a domain then you'd likely want to make the adjustment through Group Policy and push out the update to the group.

 

First have them change this specific setting in their Domain Controller Policy

 

  1. Open Group Policy Editor on DC
  2. Right click and Edit the Domain Controller Policy
  3. Click on Local Security Policy
  4. Open the Computers
  5. Click on Security Options
  6. In the right pane scroll to and double click on "Network security: LAN manager authentication level"
  7. Click the drop down box and select "Send LM & NTLM – use NTLMv2 session security of negotiated"
  8. Click Ok
  9. Click on Start and in the search bar type what's in the following quotes "gpupdate /force"
  10. A restart can also be recommended
  11. Attempt to use \\UNC\share 

Image showing Group Policy (and local security) settings.

 

 

 

Text only | Text with Images
Browser ID: smf (is_webkit)
Templates: 1: Printpage (default).
Sub templates: 4: init, print_above, main, print_below.
Language files: 1: index+Modifications.english (default).
Style sheets: 0: .
Hooks called: 54 (show)
Files included: 27 - 1055KB. (show)
Memory used: 719KB.
Tokens: post-login.
Queries used: 14.

[Show Queries]