Using Samba4-AD as directory service

[Neek]

Hi, I'm running FreeNAS 9.3 on a home-built machine, for use within a small network (my home). I've setup Samba's AD as a domain controller. I'm now trying to get the file server itself to use the accounts in that AD server, and I seem to be missing something.

My filer runs at 192.168.0.8. I currently have the filer set to use that address as primary DNS, and 192.168.0.1 (my router/firewall) as the backup DNS, since the router is my real DNS server.

When I attempt to configure Directory Service -> Active Directory, I put in a domain, domain admin user, and its password, and all are saved correctly, but I am unable to click the enable checkbox.

Conceptually, it would seem that FreeNAS should be able to depend upon the samba service as its user/uid repository. Is that not correct? What else could I look at to diagnose this issue?

 

[chrisjbarry]

Did you get this working?


Sent from pay phone in the airport.

 

[Ericloewe]

The Samba project strongly discourages having a single machine do both AD DC and AD member.

 

[Neek]

Is looking up users in AD the same as becoming an AD member computer in FreeNAS? The two operations are not required on windows machines. I would think/hope that joining a domain is a separate step, and that using AD for authentication simply uses Kerberos, or LDAP with an AD schema, to query and verify user identities and userids.

And no, unfortunately, I did not make this work. It'd be quite silly for FreeNAS to not be capable of this, at least for smaller domains.