Difference between revisions of "FreeNAS 9.3.x setup"
From FreeNAS using Active Directory Wiki
m (→Dataset File/Folder Permissions: fixed dataset permissions for windows) |
m (made new category) |
||
(3 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
[[Category:FreeNAS-AD]] | [[Category:FreeNAS-AD]] | ||
+ | [[Category:FreeNAS-Setup]] | ||
== Before we start == | == Before we start == | ||
* We used a virtualized setup in order to create this walkthrough, using generic domain & computer names where possible. | * We used a virtualized setup in order to create this walkthrough, using generic domain & computer names where possible. | ||
Line 60: | Line 61: | ||
** Again, the [http://doc.freenas.org/index.php/Volumes#Creating_ZFS_Datasets official FreeNAS wiki] is a good source of info on how to do this | ** Again, the [http://doc.freenas.org/index.php/Volumes#Creating_ZFS_Datasets official FreeNAS wiki] is a good source of info on how to do this | ||
*** When creating the dataset, you have to take into consideration '''how''' this particular dataset will be used. | *** When creating the dataset, you have to take into consideration '''how''' this particular dataset will be used. | ||
− | + | **** Dataset Name: jobdata | |
− | **** Dataset Name: | + | **** Compression level: Inherit (lz4) |
− | **** Compression level: | ||
**** Share type: Windows | **** Share type: Windows | ||
− | **** Enable atime: | + | **** Case Sensitivity: Insensitive |
− | **** ZFS Deduplication: | + | **** Enable atime: Inherit (on) (you can turn this off for a small performance boost, but doing so will potentially break some backup programs) |
− | [[File:Create a dataset for CIFS sharing.png]] | + | **** ZFS Deduplication: Inherit (off) |
+ | [[File:FreeNAS 9.3 Create a dataset for CIFS sharing.png]] | ||
=== Setting up Active Directory & CIFS === | === Setting up Active Directory & CIFS === | ||
Line 86: | Line 87: | ||
=== Creating your share using Windows permissions === | === Creating your share using Windows permissions === | ||
* Click on Sharing -> Windows (CIFS) Shares -> Add Windows (CIFS) Share | * Click on Sharing -> Windows (CIFS) Shares -> Add Windows (CIFS) Share | ||
− | |||
− | |||
** Path: (browse to the path of the dataset created previously) | ** Path: (browse to the path of the dataset created previously) | ||
− | ** | + | ** Use as home share: Unchecked |
+ | ** Name: JobData (this is the name you'll see when you connect via Windows Explorer) | ||
+ | ** Apply Default Permissions: Checked | ||
+ | ** Allow Gues Access: Unchecked | ||
** Click "OK" | ** Click "OK" | ||
− | [[File:Add Windows share.png]] | + | [[File:FreeNAS 9.3 Add Windows share.png]] |
=== Dataset File/Folder Permissions === | === Dataset File/Folder Permissions === | ||
Line 110: | Line 112: | ||
== Verification == | == Verification == | ||
+ | This was just copied and pasted from the FreeNAS 9.2.x walkthrough - while the paths may be different, the concept never changed. | ||
* From a Windows client, open Windows Explorer, and type in '''\\freenas''' - if everything is set properly, you should see the CIFS share you created earlier. | * From a Windows client, open Windows Explorer, and type in '''\\freenas''' - if everything is set properly, you should see the CIFS share you created earlier. | ||
[[File:Windows Explorer - freenas share Downloads.png]] | [[File:Windows Explorer - freenas share Downloads.png]] |
Latest revision as of 21:24, 17 April 2017
Contents
Before we start
- We used a virtualized setup in order to create this walkthrough, using generic domain & computer names where possible.
- We used the private IP address range of 10.1.1.x - obviously you'll want to replace our internal IP addresses with your own
- We used a single Active Directory domain controller, to keep things simple. We then configured the following network settings, which is reflected throughout this document:
- Gateway: 10.1.1.1
- DNS: 10.1.1.2
- NTP: 10.1.1.2
- DC (Domain Controller): 10.1.1.2
- FreeNAS: 10.1.1.3
- We used a single Active Directory domain controller, to keep things simple. We then configured the following network settings, which is reflected throughout this document:
- Where appropriate, we'll make a note of where additional server IP's can be entered, for redundancy
Getting started with FreeNAS
Initial connection
- When FreeNAS 9.3 is first installed, the network adapter is set to DHCP - we will change this a few steps down. We will be configuring FreeNAS purely from the webUI, so make a note of the IP on the FreeNAS server console:
File:FreeNAS 9.3 DHCP on first boot.png
- Use your favorite web browser to connect to that address - the first visit to the FreeNAS webUI will prompt you for a password, for the default user root
File:FreeNAS 9.3 first visit password prompt.png
Configuring networking
- Click on Network -> Global Configuration
- Hostname: freenas (this needs to match the DNS "A" record & computer account name you created during the Active Directory prep)
- Domain: mauiri.xxx
- IPv4 Default Gateway: 10.1.1.1
- Nameserver 1: 10.1.1.2
- Click "Save"
File:FreeNAS 9.3 network settings - global configuration.png
- Click on Network -> Interfaces -> Add Interface
- NIC: select the NIC being used by FreeNAS (single NIC systems only have 1 item in the dropdown list)
- Interface Name: em0 (We named it the same as what FreeNAS names it, for consistency - you can name it whatever you like)
- DHCP: unchecked
- IPv4 Address: 10.1.1.3 (this needs to match the DNS "A" record you created during the Active Directory prep)
- IPv4 Netmask: /24
- Click "Save"
- The new IP address takes effect immediately - repoint your browser to the new address to continue
File:FreeNAS 9.3 network settings - add interface.png
- Click on Network -> Network Summary to verify previous settings
File:FreeNAS 9.3 network settings - network summary.png
Configuring Time Server
- Click on System -> General -> NTP Servers
- Remove all 3 default NTP servers
- Click Add NTP Server
- Address: 10.1.1.2
- Prefer: checked (only if you have other time servers configured)
- Leave everything else at its default setting
File:FreeNAS 9.3 Add NTP server.png
- Now that the time server is set, you need to set your time zone
- Click on System -> General -> Timezone
- Timezone: (obviously select YOUR time zone)
- Click "Save"
File:FreeNAS 9.3 System Settings Timezone.png
Creating a Storage Pool
- Your storage pool has to be created before you configure FreeNAS to use Active Directory, however that is beyond the scope of this how-to.
- The official FreeNAS wiki is an excellent resource on creating your storage pool.
- We also suggest giving cyberjocks excellent PowerPoint presentation explaining what VDev zpool, ZIL and L2ARC is.
- After your pool is created, we suggest creating a dataset specifically for CIFS sharing.
- Again, the official FreeNAS wiki is a good source of info on how to do this
- When creating the dataset, you have to take into consideration how this particular dataset will be used.
- Dataset Name: jobdata
- Compression level: Inherit (lz4)
- Share type: Windows
- Case Sensitivity: Insensitive
- Enable atime: Inherit (on) (you can turn this off for a small performance boost, but doing so will potentially break some backup programs)
- ZFS Deduplication: Inherit (off)
- When creating the dataset, you have to take into consideration how this particular dataset will be used.
Setting up Active Directory & CIFS
- Click on Directory Services -> Active Directory
- Domain name: mauiri.xxx
- Domain Account Name: freenasadmin
- Domain Account Password: HorseBattery@2016 (don't actually use this, please)
- Confirm Domain Account Password: HorseBattery@2016
- Click Save, this may take awhile. After it's complete, move on to setting up CIFS
- Click on Services -> CIFS
- Leave everything at their default settings save for the following 2 items:
- Workgroup: MAUIRI
- Server Maximum Protocol: SMB3_00
- Click Services -> Control Services
- Turn on the CIFS service if it hasn't already started
- Click on Sharing -> Windows (CIFS) Shares -> Add Windows (CIFS) Share
- Path: (browse to the path of the dataset created previously)
- Use as home share: Unchecked
- Name: JobData (this is the name you'll see when you connect via Windows Explorer)
- Apply Default Permissions: Checked
- Allow Gues Access: Unchecked
- Click "OK"
Dataset File/Folder Permissions
- Now we need to change the default owner & group on the dataset created
- Click on Storage -> Volumes
- Expand your volumes until you find the dataset created for file sharing
- Click Change Permissions
- Apply Owner (user): Checked
- Owner (user): MAUIRI\administrator
- Apply Owner (group): Checked
- Owner (group): MAUIRI\domain users
- Apply Mode: Checked
- Mode: (unchangeable)
- Permission Type: Windows
- Set permission recursively: unchecked (unless you have files owned by a FreeNAS user stored in this dataset already)
- Click "Change"
Verification
This was just copied and pasted from the FreeNAS 9.2.x walkthrough - while the paths may be different, the concept never changed.
- From a Windows client, open Windows Explorer, and type in \\freenas - if everything is set properly, you should see the CIFS share you created earlier.
- Enter into the shared directory, and as a simple test - create a folder. If you're allowed, then it worked!
- If you go into the FreeNAS shell, you can further verify permissions are using Active Directory style permissions