Google SSO/LDAP to connect to FreeNAS

M

Michaelxpo

Dabbler
Joined
Sep 1, 2019
Messages
17
Hello, I've searched the internet and the forum but could not find anything recent that might answer my question.
I've ran into a situation where users need to authenticate to access FreeNAS on a daily basis, and i was wondering if it was possible to integrate the g suite into FreeNAS, so I'll have a user list and the same usernames and passwords as Gmail.
thanks!
 
danb35

danb35

Hall of Famer
Joined
Aug 16, 2011
Messages
15,504
Since you put LDAP in the subject, is GSuite capable of acting as an LDAP server? One that you can bind to with other systems? If so, that would appear to be your answer. This article makes it look like it could be possible:

About the Secure LDAP service - Google Workspace Admin Help

Supported editions for this feature: Frontline Standard; Business Plus; Enterprise Standard and Enterprise Plus; Education Fundamentals, Education Standard and Education Plus; Enterprise Essentia
support.google.com
You'd then configure FreeNAS following these instructions:

12. Directory Services — FreeNAS®11.3-U3.1 User Guide Table of Contents

www.ixsystems.com www.ixsystems.com
Note particularly:
LDAP authentication for SMB shares is disabled unless the LDAP directory has been configured for and populated with Samba attributes. The most popular script for performing this task is smbldap-tools. The LDAP server must support SSL/TLS and the certificate for the LDAP server CA must be imported with System ➞ CAs ➞ Import CA. Non-CA certificates are not currently supported.
Click to expand...
 
M

Michaelxpo

Dabbler
Joined
Sep 1, 2019
Messages
17
danb35 said:
Since you put LDAP in the subject, is GSuite capable of acting as an LDAP server? One that you can bind to with other systems? If so, that would appear to be your answer. This article makes it look like it could be possible:

About the Secure LDAP service - Google Workspace Admin Help

Supported editions for this feature: Frontline Standard; Business Plus; Enterprise Standard and Enterprise Plus; Education Fundamentals, Education Standard and Education Plus; Enterprise Essentia
support.google.com
You'd then configure FreeNAS following these instructions:

12. Directory Services — FreeNAS®11.3-U3.1 User Guide Table of Contents

www.ixsystems.com www.ixsystems.com
Note particularly:
Click to expand...
hey, thanks for replying. apparently secure LDAP is only available in the Gsuite Enterprise tier. but I do have SAML-based Single Sign-On. is there a way to get these to work?
 
M

Michaelxpo

Dabbler
Joined
Sep 1, 2019
Messages
17
Thank you for your patience while we were transferring your case, my name is John and I’m a member of the SSO team here at Google Cloud Support. I understand you would like to use your glidingdeer.com G Suite user credentials to login to your third party service.



Like you said G Suite does offer a Secure LDAP service https://support.google.com/a/answer/9048516?hl=en, however it’s only available with G Suite for Enterprise edition. As a G Suite Basic user you don’t have access to the service. You can learn about the pricing and feature differences between editions here https://gsuite.google.ie/intl/en_ie/pricing.html and if you're interested in upgrading you can find the steps to do so here https://support.google.com/a/answer/9744377?hl=en.



G Suite also supports the SAML protocol https://support.google.com/a/answer/6087519?hl=en, if FreeNAS supports this natively or through a plugin it can be used without the need to upgrade your account to Enterprise. Finally all Google accounts support the OpenID Connect standard https://developers.google.com/identity/protocols/oauth2/openid-connect which is what Google Sign-In for Websites https://developers.google.com/identity/sign-in/web/sign-in is built on.
Click to expand...



this is the response I got from google support. question is, does this help?
 
danb35

danb35

Hall of Famer
Joined
Aug 16, 2011
Messages
15,504
danb35

danb35

Hall of Famer
Joined
Aug 16, 2011
Messages
15,504
You may be able to find some kind of bridge between LDAP/AD and SAML or OpenID--something that would act as an LDAP server, but pass the authentication requests through in a format Google would understand. A quick Google search indicates that such things do exist. You'd then run that either in a jail or a VM (which could be hosted on your FreeNAS box or elsewhere), and point FreeNAS to that as your LDAP server. I don't have any experience with anything like this, but it could be a solution for you.
 
M

Michaelxpo

Dabbler
Joined
Sep 1, 2019
Messages
17
hey sorry for the late reply. thank you, I'll look into that, and update if I find anything useful.
 
You must log in or register to reply here.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "Google SSO/LDAP to connect to FreeNAS"

Similar threads

khartahk
  • Locked
FreeNAS not finishing boot after it was connected to LDAP when LDAP is unavailable
Replies
4
Views
2K
khartahk
khartahk
C
  • Locked
FreeIPA and FreeNAS LDAP Setup
Replies
10
Views
12K
{mystery}{of}{time}
M
jcdfay
FreeNAS 11.3U4.1 & 11.3U5 nslcd errors when contacting to JumpCloud LDAP Server
Replies
7
Views
4K
kyaky
kyaky
F
  • Locked
OpenLDAP+FreeNAS how-to, anyone?
Replies
2
Views
4K
francisaugusto
F
D
  • Locked
FreeNAS dropping connection to Open Directory "LDAP did not bind to the domain"
Replies
1
Views
2K
dlavigne
D
Top