ndboost
Explorer
- Joined
- Mar 17, 2013
- Messages
- 78
my current Configuration is this structure below, and it seems to work great, my nas can see all the users and groups and all the users can access samba/afp shares on the nas quite fine.
nas binds on ou=ACC,dc=devita,dc=co but has access to entire sub ACC structure. This is obviously less than ideal as if the NAS is compromised they'll be able to run queries on everything in my structure that i'll eventually have.
Current Configuration
is it possible to have something like this, and have my freenas box bind to ou=NAS,dc=devita,dc=co. yet have the freenas box be able to see users in ou=Users,ou=ACC,dc=devita,dc=co
nas binds on ou=ACC,dc=devita,dc=co but has access to entire sub ACC structure. This is obviously less than ideal as if the NAS is compromised they'll be able to run queries on everything in my structure that i'll eventually have.
Current Configuration
Code:
dc=devita,dc=co
ou=ACC
ou=Groups
cn=staff
cn=System Administrators
cn=VPN Users
ou=Users
cn=user1
cn=user2
cn=user3
ou=NAS
ou=Groups
cn=media
cn=NAS Users
ou=Users
#freenas created these uid's
uid=plex
uid=crashplan
is it possible to have something like this, and have my freenas box bind to ou=NAS,dc=devita,dc=co. yet have the freenas box be able to see users in ou=Users,ou=ACC,dc=devita,dc=co
Code:
dc=devita,dc=co
ou=ACC
ou=Groups
cn=staff
cn=System Administrators
cn=VPN Users
ou=Users
cn=user1
cn=user2
cn=user3
ou=NAS
ou=Groups
cn=media
cn=NAS Users
ou=Users
#somesort of alias or reference to cn=user1
#freenas created these uid's
uid=plex
uid=crashplan
