AD/LDAP options for TrueNAS

[Raffles]

In my homelab/household date centre I run 2 TrueNAS storage servers (for redundancy) and a ESXI host. I did run a virtual AD domain controller and had both NAS’s domain joined so I could manage access via AD. With the demise of the MS Action Pack that I used to subscribe to its got harder to obtain (and activate) a reasonably recent version of Windows Server at an acceptable cost.

I could run something in a VM on ESXi (eventually going to Proxmox because Broadcom). But something I could run in a TrueNAS Core jail would be of interest especially if I could run it in a similar way to AD (multiple domain controllers for resilience).

So what are you using? Pros and cons?

P.

 

[Greg_E]

There are shady places where you can buy Windows Server keys for under $50.

If it is really a lab (changing often) you can use the Microsoft Evaluation versions, they "expire" in 180 days, but can be rearmed at least 5 times. Evals are not for production systems. Client evaluation is only 90 days and not sure how many rearm are available.

You could build out a Linux server with Samba to get AD running, or and older version through Zentyal Developers Edition (or paid).

Zentyal is far easier to get up and running, but it uses an old version of Samba which puts your domain functional level lower than it really should be. Group policy for both *nix choices would need to be set using RSAT on a windows client, but they do support GPO.

Also I recommend getting a small single board computer for your AD, keep that one device as your constant AD, DHCP, DNS. I use an old Mele Quieter 2 in my lab with Server 2022 eval. A Quieter 4 might be just what you need going forward.

 

[Greg_E]

Also, https://forums.servethehome.com/index.php?threads/my-lab-an-ongoing-project.54462/

That little Quieter 2 has been around for a while, Intel J4125 powered but seems to be fairly "snappy" for everything except windows updates.