I've done quite a lot of searching, but am not finding a straight-forward solution.
Setup is as follows:
Samba 4.7.6 in Active directory mode on two DC's. [Ubuntu 18.04] [Active directory services only]
FreeNAS-11.1-U6.3 - ZFS 64G of ECC. 8TB ZFS mirror. [CIFS/NFS Storage services only.]
Users, groups, auth, domain all working properly on the ADDC's, under Ubuntu.
FreeNAS hardware may not be exactly what everyone would like, but certainly appears solid. Running NFS on the same ZFS pool fine.
FN "joined" the the AD domain - no errors. "wbinfo -u/-g" show the AD users/groups properly.
"Regular" SMB/CIFS shares appear to work fine on FreeNAS. Setting ACL's appears to work as intended, and appear to control access properly. [I haven't gotten that far on this yet, as I'm working to resolve roaming profiles first - but the initial testing seems fine.
However, I run into immediate problems when pointing the roaming profiles storage at FN's SMB shares. [And redirected folders also appears to have issues.]
It certainly appears to be some kind of permission issue - but not something straightforward. Even granting the "regular" user full control over the root roaming profile directory doesn't appear to resolve things. [Windows still thinks it can't write the the SMB share. Yet browsing to the same path the roaming profiles are getting written to, in explorer, shows that the user CAN create directories, delete stuff etc. So, it's not that Windows can't read/write/delete files there...]
The Windows login will create the %UERNAME% directory - but the permissions on the resulting directory from the CLI only have rwx on the user, with "group" having no privs. [Which isn't right.]
gpresult shows the GPO being applied properly, and the details appear correct.
I've been playing with things for days - and at one point it appeared to work, but then seemed to break again without any changes. [I won't bet my life that no changes occurred - but I don't think so.]
Has anyone gotten this to work?
Are there any guidelines for getting it to work, like required VFS modules etc.
Pointers would be super helpful.
Setup is as follows:
Samba 4.7.6 in Active directory mode on two DC's. [Ubuntu 18.04] [Active directory services only]
FreeNAS-11.1-U6.3 - ZFS 64G of ECC. 8TB ZFS mirror. [CIFS/NFS Storage services only.]
Users, groups, auth, domain all working properly on the ADDC's, under Ubuntu.
FreeNAS hardware may not be exactly what everyone would like, but certainly appears solid. Running NFS on the same ZFS pool fine.
FN "joined" the the AD domain - no errors. "wbinfo -u/-g" show the AD users/groups properly.
"Regular" SMB/CIFS shares appear to work fine on FreeNAS. Setting ACL's appears to work as intended, and appear to control access properly. [I haven't gotten that far on this yet, as I'm working to resolve roaming profiles first - but the initial testing seems fine.
However, I run into immediate problems when pointing the roaming profiles storage at FN's SMB shares. [And redirected folders also appears to have issues.]
It certainly appears to be some kind of permission issue - but not something straightforward. Even granting the "regular" user full control over the root roaming profile directory doesn't appear to resolve things. [Windows still thinks it can't write the the SMB share. Yet browsing to the same path the roaming profiles are getting written to, in explorer, shows that the user CAN create directories, delete stuff etc. So, it's not that Windows can't read/write/delete files there...]
The Windows login will create the %UERNAME% directory - but the permissions on the resulting directory from the CLI only have rwx on the user, with "group" having no privs. [Which isn't right.]
gpresult shows the GPO being applied properly, and the details appear correct.
I've been playing with things for days - and at one point it appeared to work, but then seemed to break again without any changes. [I won't bet my life that no changes occurred - but I don't think so.]
Has anyone gotten this to work?
Are there any guidelines for getting it to work, like required VFS modules etc.
Pointers would be super helpful.