I have 2 freenas machines that are geographically dispersed. They use ZFS replicate overnight. There is 1 dataset that would be really useful to access as a "read only" CIFS share at the replicated facility.
While I know I could share this dataset out, I'm wondering if this will break anything. I have a feeling that it might cause replication to fail or something might get messed up with permissions (the two sites use different authentication methods, internal vs AD).
If the source computer is using AD for auth, and the destination is using local users / groups for auth:
You can share out the replicated dataset as CIFS. The dataset on the replication target should already have the zfs property "read only". The UID / GID range for owners on the replicated dataset will not correspond to local users and groups (the UID / GID range is higher than you would typically get on such a machine). Therefore, there should be nothing to stop you from creating a local group with the same GID as the one owning the dataset and using it to share out.
Or to simplify things, use "ls" to view the GID of the replicated dataset on the replication target. Create a group with this GID. Create a CIFS share pointing to the dataset, check the "export read only" box, and set the auxiliary parameter "force group = <your group>", and use the "valid users" share definition parameters to select who has access to the share.
If the source computer is using local users for auth, and the destination is using AD for auth:
Follow the same steps above with the "force group" parameter, but use NT-style share permissions to control share access (can be controlled via 'computer management').
