How to set up Active Directory Home or "personal" Directories.

[bergkazs]

I'm posting this in the N00bs discussion, cause, I'm not sure where to start.
I have a Freenas server that I would like to set up some home directories or personal directories on using active directory as an authentication mechanism.

I have a "Public" share up and running using a guest account, but when I set up the home directories, I'm having a problem getting the permissions right.

Is there a guide or documenation I could refer to to get some more information on how to set this up ?

Is CIFS, Active Directory, and LDAP required to use Active Directory Authentication ?

Thanks
SGB.

 

[joegsn]

I've recently been working on this same issue, and have had some success. Perhaps my own attempts might help you out.

I have a AD environment, and Freenas 8.0.3 installed for testing.

• I created a ZFS volume, named data. Found at /mnt/data. I created two volumes within it, test1 & home. The intent is that /mnt/data/home will contain my user's private folders.
• I configured Freenas' Active Directory service for my machine, named FREENAS1 in this case.
• (unrelated) I configured a CIFS share for my test1 volume, to check support for a public share.
• I configured the CIFS service with 'Enable home directories' checked, and with the 'Home directories' field set to /mnt/data/home.

It took me a while before I finally looked at the smb log files to realize it was trying to access /mnt/data/home/MYDOMAIN/myuser for the home folder. I was getting errors about permission denied prior to this, but in reality, it couldn't find the home folder to even check permissions. Lovely generic error.

Anyway, I created the folder, and then got real permission denied errors. I've been playing with permissions since, and have managed to get it working, by doing this on the command line:

Code:

cd /mnt/data/home/MYDOMAIN
chown MYDOMAIN\\myuser myuser
chmod 700 myuser

(we have some various groups setup, so consistency will vary for us).

After this, the user folder was working just fine.

Unfortunately, from some google searching, it seems that automatic creation of home folders doesn't exist for Freenas8. Which is really a shame, since it means I'm now after a better way to create home folders, assign the correct owner & permissions which I don't need to train my boss on. I'm thinking a nice python script, which can scan for users who don't have home folders and create the folder for them. Then just a way to easily run said script.

It's a shame the plugin feature isn't done yet, I bet I'd be able to utilize something there to make this easy for my boss.

Anyway, I hope this helps you out a bit. I'm going to take a shot at creating the script I mentioned above (which should be easy, just a matter of parsing wbinfo -u, and creating folders which don't exist).

 

[joegsn]

It looks like they're doing some additional work on this front as well. Commits 9513 & 9514 make mention of AD & home directories. My quick testing suggests that it still won't auto-create them, but it's nice to know they're working on this stuff too.