Hello - let me describe how I configured my FS and what I’ve observed.
I have two shares on the FS. One is the default public share, the other is one I created called “Media”. The only user authorized on the Media share is the Admin user. I configured the FS and the shares from Drobo Dashboard 1.71 on my Windows 7 PC. I transferred files from my Drobo S to the FS. On the FS, the only share that is “checked” in Drobo Dashboard is the Media share, not the public share.
I went to an iMac running Snow Leopard which is on the same subnet. I opened Finder and the Drobo FS was recognized and it listed both the Public AND the Media share. I’m not sure whether it asked this when I first clicked on the FS or when I clicked on the Media share, but Snow Leopard asked me if I wanted to log on as an authorized user or as a guest. I thought I’d check security and I selected Guest, and I had full access to the Media Share! It appears there is NO actual security on the FS. Is that the case? Have I misconfigured the FS? I did not install Drobo Dashboard on the Mac, by the way.
guest is enabled by default per share that you create. When you create a share you need to make sure you delete the everyone/guest user account per share or make it read only
The share in question, Media, has no Everyone user on the share. The only share that had Everyone was Public.However, Guest on the Mac was able to get to the Media share, even though there was no Everyone listed, just Admin.
Can someone speak to this? I have the same problems on our FS. There is no one assigned to the share except the Admin and a single user, yet someone can access the share as guest only. Anyone?
Thanks mkertzman for bringing this to our attention. We have reproduced this problem and are hard at work on a fix. We will have a firmware update with a fix for this in it in the near future. We currently don’t have a way to work around this issue. We do know that the files are only available read only (so they can’t be deleted or changed by a random person). We appreciate your help in ensuring that everyone’s data is protected.
I’m running Dashboard 3.0.0 and anyone can just access my non-public share with full rights to do whatever they want as long as they are on our wifi.
I love how there was an elusion to this being a mac issue, when in reality, it’s not mac at all that should be responsible for the security of another piece of hardware.
Everything I see in here about this issue leads me to believe that we bought a server for kids that doesn’t allow them to hide from their parents, rather than a server a business can use.