Hi everyone.
I've run a storage box from home for many years, but always used CIFS shares because I was primarily Windows. For the past 3 years I've run Active Directory at home, and everything was integrated. Over the past year, I've moved more toward Linux (CentOS/RHEL) for servers, and OS X for clients. Because of this, I'm looking to move away from AD, to either OpenLDAP or something similar, with a primary goal of authentication for my NFS file shares.
Let me also say that I am not the smartest with NFS, but can definitely set up a client and server. Right now I have a FreeNAS box built for testing purposes, 32GB RAM, dual Xeon L5630 CPU's, and 8 x 5TB drives (mirrored). I've copied over about 100G of data so far to my new pool, purely for testing (in a 'media' dataset that I created). I have this dataset mounted to a CentOS 7 box, and that CentOS 7 box also has my current CIFS shared NAS attached, so doing a copy through him. Performance is great, etc.
So with this in mind, I'm hoping for some opinions/experiences on different file storage/sharing + authentication strategies. I probably grow a zpool to 12 5TB drives, with 2 drives mirrored in vdevs. I see a handful of datasets being created ('media' for tv/movies/music, 'users' for user drives -- auto mapped to their respective clients, 'backup' for backups of any sort, 'software' for software installers, etc), all being shared with NFS (may consider sharing out the 'users' dataset via WebDav for a seemless experience when laptops are over WAN -- need to do a lot of testing here).
From here, I don't know the best way to set up permissions though. It would be easy enough to run everything as root, and set all my shares (and their data) to root:root, but I don't think this is the correct way. Because of my unfamiliarity on this topic, I don't know where to start with research.
Would I be over-complicating things by using OpenLDAP (or similar)? Should I just stick with AD (since I know it quite well), and use that for everything? How should I manage permissions on my shares? Any recommended reading?
Thanks!
I've run a storage box from home for many years, but always used CIFS shares because I was primarily Windows. For the past 3 years I've run Active Directory at home, and everything was integrated. Over the past year, I've moved more toward Linux (CentOS/RHEL) for servers, and OS X for clients. Because of this, I'm looking to move away from AD, to either OpenLDAP or something similar, with a primary goal of authentication for my NFS file shares.
Let me also say that I am not the smartest with NFS, but can definitely set up a client and server. Right now I have a FreeNAS box built for testing purposes, 32GB RAM, dual Xeon L5630 CPU's, and 8 x 5TB drives (mirrored). I've copied over about 100G of data so far to my new pool, purely for testing (in a 'media' dataset that I created). I have this dataset mounted to a CentOS 7 box, and that CentOS 7 box also has my current CIFS shared NAS attached, so doing a copy through him. Performance is great, etc.
So with this in mind, I'm hoping for some opinions/experiences on different file storage/sharing + authentication strategies. I probably grow a zpool to 12 5TB drives, with 2 drives mirrored in vdevs. I see a handful of datasets being created ('media' for tv/movies/music, 'users' for user drives -- auto mapped to their respective clients, 'backup' for backups of any sort, 'software' for software installers, etc), all being shared with NFS (may consider sharing out the 'users' dataset via WebDav for a seemless experience when laptops are over WAN -- need to do a lot of testing here).
From here, I don't know the best way to set up permissions though. It would be easy enough to run everything as root, and set all my shares (and their data) to root:root, but I don't think this is the correct way. Because of my unfamiliarity on this topic, I don't know where to start with research.
Would I be over-complicating things by using OpenLDAP (or similar)? Should I just stick with AD (since I know it quite well), and use that for everything? How should I manage permissions on my shares? Any recommended reading?
Thanks!
