Mix AD and local users

[Rand]

I have a mixed environment of AD and non AD Workstations/Users which should be able to access the same bunch of shares on my FreeNas Box.

I was thinking about simplifying my setup (ie not using two shares per directory, one per authentication source).
I had the great idea to have a local FreeNas group which would then contain local groups as well as AD groups. This would cover my case, and also provide resilience in case AD is down (again, don't ask).

Unfortunately I cannot add AD groups to local groups as easily as I had expected (GUI) .. so it seems this is not a supported setup ?
Are there other options to manage AD and non AD users in shares in a simple way?

Currently I am on 9.10 but happy to get a Corral solution as well:)

 

[anodos]

I have a mixed environment of AD and non AD Workstations/Users which should be able to access the same bunch of shares on my FreeNas Box.

I was thinking about simplifying my setup (ie not using two shares per directory, one per authentication source).
I had the great idea to have a local FreeNas group which would then contain local groups as well as AD groups. This would cover my case, and also provide resilience in case AD is down (again, don't ask).

Unfortunately I cannot add AD groups to local groups as easily as I had expected (GUI) .. so it seems this is not a supported setup ?
Are there other options to manage AD and non AD users in shares in a simple way?

Currently I am on 9.10 but happy to get a Corral solution as well:)

You can't add AD groups to local groups. The ACL for a share (or anywhere on the filesystem) can contain a mixture of local groups and AD groups. Just make sure the box "Use Default Domain" is NOT checked. This makes it easier to differentiate between local users/groups and AD users/groups. Play around with the "security" tab in Windows explorer. It should behave exactly like a Windows server.

 

[Rand]

Okies, will give it a try - thanks:)