Register for the iXsystems Community to get an ad-free experience and exclusive discounts in our eBay Store.

Creating a Share on a Mac Server

Status
Not open for further replies.

strikeing_789d

Junior Member
Joined
Apr 7, 2017
Messages
13
Hi, I am simply trying to have my existing users home folders moved and able to be accessed through the NAS. I am running open directory on my Mac xserve. I currently have the users home folders(user data) being stored on an external hdd which is connected via firewire 800 to the server. All I want to do is literally take their user home folders off of the external hdd and have them accessed through the NAS instead. I do not want to create users again and use the open directory services on the NAS. I would like to keep my existing setup. All I am trying to do is move the user data to the NAS I cannot stress that enough.

I have tried creating a share via AFP, NFS and even SMB because why not. I can connect and copy data over to an AFP & NFS share no problem. But when I point a user's home directory to the NAS and try to login as a network user on a client computer I cannot. I have been through the permissions allowing everybody to be able to see view cut copy and change anything in hopes that something will let it work but nothing is working. I am at a serious road bump here, if anyone can give me some insight I would really appreciate it.

Thank You
 

David Riley

Neophyte
Joined
Apr 21, 2017
Messages
5
I actually have a similar problem. Did you get LDAP working through FreeNAS? I'm running OS X Server 10.4 (need the Classic environment for reasons) on my XServe, and it was... unpleasant trying to get it to work, but I eventually convinced it to.

I'm using FreeNAS 9.10.2, which I'm using because I use a number of old-style plugins and my server doesn't have virtualization support. Some of this might be fixed in Corral, I don't know, but I don't have the option of using it.

The problem I have with home directories using LDAP is this:

- On my FreeNAS system, my main ZFS tank is at /mnt/tank-main, and the home directories live in a /mnt/tank-main/home dataset.
- The LDAP entries in Open Directory (for compatibility with other Unix systems on the network) have /home/<whatever> as the homeDirectory entry, so that's what FreeNAS thinks is the home directory.
- Netatalk 3.x has a strange system for specifying the home directory "basedir regex", presumably to reject users with bogus home directories. If the UNIX home directory doesn't match the basedir regex, it just decides there's no home directory for the user and doesn't present one (you can observe this in the afpd log file).
- FreeNAS doesn't seem to have a facility for shadow-mounting ZFS shares somewhere else, e.g. declaring that /mnt/tank-main/home should be mounted as nullfs over top of /home; you can modify the fstab manually, but as the data storage filesystems aren't guaranteed to be mounted by the time the automount happens, it may not work well. I haven't tested across reboots yet.
- The entry for the home directories' base regex in the AFP configuration only seems to accept paths from FreeNAS-managed storage directories, so I can't put in /home for the home directory base. I have to manually edit /usr/local/etc/afp.conf, which I don't think will be persisted across reboots.

One possible workaround might be to specify a share manually for user homes that is just based at /mnt/whatever/home/$u, but that's not a great solution because:

- It ignores the LDAP userDirectory field, so if you have a non-canonical location it'll break
- It probably won't work if there's no directory there for users without homes

Is it possible that I've missed some global setting for FreeNAS that lets me repoint where /home goes so it can wind up in the proper place? Maybe. I've combed just about everything I can find, though. I'm a little surprised that there's not an obvious way to mount a dataset over /home in the FreeNAS UI, since afpd isn't the only thing that's gonna want user home directories to be the same as what the system thinks they are.

This is obviously only a concern when you're running a central directory server, since if you're running standalone you can always just set the home directory to be wherever you want on the FreeNAS system.
 

David Riley

Neophyte
Joined
Apr 21, 2017
Messages
5
All that said, I'm definitely thinking of transitioning my entire directory/Kerberos setup to a tiny little ARM machine with no moving parts for reliability purposes so I don't have to deal with OS X Server 10.4's busted-ass server management UI ever again, and so I can use modern encryption methods and up-to-date daemons for LDAP, Kerberos, etc.
 
Status
Not open for further replies.
Top