FreeNAS 9.3.x setup
From FreeNAS using Active Directory Wiki
Revision as of 01:07, 2 February 2016 by Mauirixxx (talk | contribs) (→Creating a Storage Pool: spruced up creating the storage pool)
Contents
Before we start
- We used a virtualized setup in order to create this walkthrough, using generic domain & computer names where possible.
- We used the private IP address range of 10.1.1.x - obviously you'll want to replace our internal IP addresses with your own
- We used a single Active Directory domain controller, to keep things simple. We then configured the following network settings, which is reflected throughout this document:
- Gateway: 10.1.1.1
- DNS: 10.1.1.2
- NTP: 10.1.1.2
- DC (Domain Controller): 10.1.1.2
- FreeNAS: 10.1.1.3
- We used a single Active Directory domain controller, to keep things simple. We then configured the following network settings, which is reflected throughout this document:
- Where appropriate, we'll make a note of where additional server IP's can be entered, for redundancy
Getting started with FreeNAS
Initial connection
- When FreeNAS 9.3 is first installed, the network adapter is set to DHCP - we will change this a few steps down. We will be configuring FreeNAS purely from the webUI, so make a note of the IP on the FreeNAS server console:
File:FreeNAS 9.3 DHCP on first boot.png
- Use your favorite web browser to connect to that address - the first visit to the FreeNAS webUI will prompt you for a password, for the default user root
File:FreeNAS 9.3 first visit password prompt.png
Configuring networking
- Click on Network -> Global Configuration
- Hostname: freenas (this needs to match the DNS "A" record & computer account name you created during the Active Directory prep)
- Domain: mauiri.xxx
- IPv4 Default Gateway: 10.1.1.1
- Nameserver 1: 10.1.1.2
- Click "Save"
File:FreeNAS 9.3 network settings - global configuration.png
- Click on Network -> Interfaces -> Add Interface
- NIC: select the NIC being used by FreeNAS (single NIC systems only have 1 item in the dropdown list)
- Interface Name: em0 (We named it the same as what FreeNAS names it, for consistency - you can name it whatever you like)
- DHCP: unchecked
- IPv4 Address: 10.1.1.3 (this needs to match the DNS "A" record you created during the Active Directory prep)
- IPv4 Netmask: /24
- Click "Save"
- The new IP address takes effect immediately - repoint your browser to the new address to continue
File:FreeNAS 9.3 network settings - add interface.png
- Click on Network -> Network Summary to verify previous settings
File:FreeNAS 9.3 network settings - network summary.png
Configuring Time Server
- Click on System -> General -> NTP Servers
- Remove all 3 default NTP servers
- Click Add NTP Server
- Address: 10.1.1.2
- Prefer: checked (only if you have other time servers configured)
- Leave everything else at its default setting
File:FreeNAS 9.3 Add NTP server.png
- Now that the time server is set, you need to set your time zone
- Click on System -> General -> Timezone
- Timezone: (obviously select YOUR time zone)
- Click "Save"
File:FreeNAS 9.3 System Settings Timezone.png
Creating a Storage Pool
- Your storage pool has to be created before you configure FreeNAS to use Active Directory, however that is beyond the scope of this how-to.
- The official FreeNAS wiki is an excellent resource on creating your storage pool.
- We also suggest giving cyberjocks excellent PowerPoint presentation explaining what VDev zpool, ZIL and L2ARC is.
- After your pool is created, we suggest creating a dataset specifically for CIFS sharing.
- Again, the official FreeNAS wiki is a good source of info on how to do this
- When creating the dataset, you have to take into consideration how this particular dataset will be used.
- Dataset Name: jobdata
- Compression level: Inherit (lz4)
- Share type: Windows
- Case Sensitivity: Insensitive
- Enable atime: Inherit (on) (you can turn this off for a small performance boost, but doing so will potentially break some backup programs)
- ZFS Deduplication: Inherit (off)
- When creating the dataset, you have to take into consideration how this particular dataset will be used.
Setting up Active Directory & CIFS
- Click on Directory Services -> Active Directory
- Domain name: mauiri.xxx
- Domain Account Name: freenasadmin
- Domain Account Password: HorseBattery@2016 (don't actually use this, please)
- Confirm Domain Account Password: HorseBattery@2016
- Click Save, this may take awhile. After it's complete, move on to setting up CIFS
- Click on Services -> CIFS
- Leave everything at their default settings save for the following 2 items:
- Workgroup: MAUIRI
- Server Maximum Protocol: SMB3_00
- Click Services -> Control Services
- Turn on the CIFS service if it hasn't already started
- Click on Sharing -> Windows (CIFS) Shares -> Add Windows (CIFS) Share
- Name: Downloads (this is the name you'll see when you connect via Windows Explorer)
- Comment: (optional)
- Path: (browse to the path of the dataset created previously)
- Leave everything else at its default setting
- Click "OK"
Dataset File/Folder Permissions
- Now we need to change the default owner & group on the dataset created
- Click on Storage -> Volumes
- Expand your volumes until you find the dataset created for file sharing
- Click Change Permissions
- Apply Owner (user): Checked
- Owner (user): MAUIRI\administrator
- Apply Owner (group): Checked
- Owner (group): MAUIRI\domain users
- Apply Mode: Checked
- Mode: (unchangeable)
- Permission Type: Windows
- Set permission recursively: unchecked (unless you have files owned by a FreeNAS user stored in this dataset already)
- Click "Change"
Verification
- From a Windows client, open Windows Explorer, and type in \\freenas - if everything is set properly, you should see the CIFS share you created earlier.
- Enter into the shared directory, and as a simple test - create a folder. If you're allowed, then it worked!
- If you go into the FreeNAS shell, you can further verify permissions are using Active Directory style permissions