JayG30
Contributor
- Joined
- Jun 26, 2013
- Messages
- 158
Hello everyone,
I have a question regarding authentication methods. I currently have a freenas box in a production environment where all users and groups are "local" and use unix permissions. We have been just setting the passwords to be the same as the windows logins so that it automatically logs users into the CIFS shares.
We have now setup a more permanent location and a actual network. With this I've begun the implementation of samba4 as our AD environment. Which led to to wanting to change freenas to sync with our AD for username/passwords. And also to move to ACL based permissions.
So the first question I have is, can I have both AD and local accounts work at the same time to access the CIFS shares? The usernames are going to be the same (first initial, last name) and the password will actually be the same for both types of accounts in most situations. I was thinking if I could run both together perhaps it would allow me time to get the AD authentication working while users still could access the accounts with there local logins.
Second question is would permissions to all the CIFS shares need to be reconfigured because the accounts are now AD instead of local? Like I said, the account names and group names would be the same as the local accounts were. And also, would it be possible to change to ACL permissions at this point?
Thanks for any help
I have a question regarding authentication methods. I currently have a freenas box in a production environment where all users and groups are "local" and use unix permissions. We have been just setting the passwords to be the same as the windows logins so that it automatically logs users into the CIFS shares.
We have now setup a more permanent location and a actual network. With this I've begun the implementation of samba4 as our AD environment. Which led to to wanting to change freenas to sync with our AD for username/passwords. And also to move to ACL based permissions.
So the first question I have is, can I have both AD and local accounts work at the same time to access the CIFS shares? The usernames are going to be the same (first initial, last name) and the password will actually be the same for both types of accounts in most situations. I was thinking if I could run both together perhaps it would allow me time to get the AD authentication working while users still could access the accounts with there local logins.
Second question is would permissions to all the CIFS shares need to be reconfigured because the accounts are now AD instead of local? Like I said, the account names and group names would be the same as the local accounts were. And also, would it be possible to change to ACL permissions at this point?
Thanks for any help