My Freenas is successfully joined to my Windows AD. Users can access all their assigned shares with appropriate permissions. Users can add Samba shares with their Windows log ins. Everything is working great. Permissions are a breeze to setup/change with any Domain Admin users, I love it!
However, my domain controller is complaining (40+ events per day) of unsecured ADS binds. I would like to enable SSL or TLS encrypted ADS binds. Everything seems straight-forward, except for adding the CAs and certificates to FreeNAS or vice versa.
So I have an Internal CA set up on my freenas so that I can use HTTPS for the FreeNAS GUI. How would I go about making the connection between FreeNAS and Windows ADS. Do I export the CA from FreeNAS and then import it to the computer ADS object in Windows? Or do I add the Windows Server as a CA to FreeNAS and create a certificate? Excuse my stupid questions as this is the first time setting this up.
Say I export a certificate from the FreeNAS internal CA, do I import it under the "Trusted Root Certification Authorities" on the FreeNAS object in ADS?
I've gone through the user guide which shows how to create an Internal CA and certificate (which I've done to get HTTPS working on the GUI) but the instructions don't seem clear as to how to incorporate it with ADS. Thanks in advance for any help you can provide.
However, my domain controller is complaining (40+ events per day) of unsecured ADS binds. I would like to enable SSL or TLS encrypted ADS binds. Everything seems straight-forward, except for adding the CAs and certificates to FreeNAS or vice versa.
So I have an Internal CA set up on my freenas so that I can use HTTPS for the FreeNAS GUI. How would I go about making the connection between FreeNAS and Windows ADS. Do I export the CA from FreeNAS and then import it to the computer ADS object in Windows? Or do I add the Windows Server as a CA to FreeNAS and create a certificate? Excuse my stupid questions as this is the first time setting this up.
Say I export a certificate from the FreeNAS internal CA, do I import it under the "Trusted Root Certification Authorities" on the FreeNAS object in ADS?
I've gone through the user guide which shows how to create an Internal CA and certificate (which I've done to get HTTPS working on the GUI) but the instructions don't seem clear as to how to incorporate it with ADS. Thanks in advance for any help you can provide.