Hi All,
Is there a good way to document this so that as changes are made we can just edit the procedure or make a new one for FreeNAS XX.X? I have a feeling every version of FreeNAS/Samba/FreeBSD will have something that is different, no longer necessary or conflicting if just one document is made.
Current as of today is 11.3-U3.2
I have found two detailed guides and was wondering if there was one here that should be sticky, for making a FreeNAS jail for an AD controller with bind, dhcp and ntp.
https://wiki.archlinux.org/index.ph...main_controller#DHCP_with_dynamic_DNS_updates
https://wiki.freebsd.org/Samba4ZFS
It sounds like there could be issues with using ufs/zfs and the samba-tool to provision the domain, then there is the issue of how to install 1 version of samba and the process to migrate to the next one(not accidentally with pkg upgrade/update), for complexity there is the DHCP server registering the client names so DNS updates do not have to be done like microsoft does, then there is the GPO you need to do to tell windows machines on the domain not to try to update the DNS server,then there is the samba issue where sysvol is not replicated to your second AD server and now I believe there are some ZFS settings/attributes that should be in place on the AD sysvol.
The next complex issue is how to make an AD integrated FreeNAS file server with permissions in the root or restrictive permissions in the root so "Domain Admins" or some other delegated group can make folders and allow users to make trash below the folder but not in the root.
Most AD installs make use of a home folder and that I am sure also has some caveats that need to be obeyed strictly.
If you have older windows clients and you need SMB1 you are going to have to have another file server for that, I usually have a public folder that gets a crontab job to nule all files/folders than x days.
Thanks,
Joe
Is there a good way to document this so that as changes are made we can just edit the procedure or make a new one for FreeNAS XX.X? I have a feeling every version of FreeNAS/Samba/FreeBSD will have something that is different, no longer necessary or conflicting if just one document is made.
Current as of today is 11.3-U3.2
I have found two detailed guides and was wondering if there was one here that should be sticky, for making a FreeNAS jail for an AD controller with bind, dhcp and ntp.
https://wiki.archlinux.org/index.ph...main_controller#DHCP_with_dynamic_DNS_updates
https://wiki.freebsd.org/Samba4ZFS
It sounds like there could be issues with using ufs/zfs and the samba-tool to provision the domain, then there is the issue of how to install 1 version of samba and the process to migrate to the next one(not accidentally with pkg upgrade/update), for complexity there is the DHCP server registering the client names so DNS updates do not have to be done like microsoft does, then there is the GPO you need to do to tell windows machines on the domain not to try to update the DNS server,then there is the samba issue where sysvol is not replicated to your second AD server and now I believe there are some ZFS settings/attributes that should be in place on the AD sysvol.
The next complex issue is how to make an AD integrated FreeNAS file server with permissions in the root or restrictive permissions in the root so "Domain Admins" or some other delegated group can make folders and allow users to make trash below the folder but not in the root.
Most AD installs make use of a home folder and that I am sure also has some caveats that need to be obeyed strictly.
If you have older windows clients and you need SMB1 you are going to have to have another file server for that, I usually have a public folder that gets a crontab job to nule all files/folders than x days.
Thanks,
Joe
