Napp-It OmniOS Active Directory ACL question

Discussion in 'Solaris, Nexenta, OpenIndiana, and napp-it' started by manxam, Dec 17, 2015.

  1. manxam

    manxam Active Member

    Joined:
    Jul 25, 2015
    Messages:
    226
    Likes Received:
    47
    Hi, I going to be migrating my Rockstor BTRFS data over to OmniOS/Napp-it and have a question regarding active directory integration and ACL.

    When OmniOS is joined to the domain, can I then use a Windows server with administrator credentials to configure share / file permissions?

    I'm a little confused as I see a paid plugin on Gea's page for ACL and was curious as to whether I needed this for my use case.

    Thanks for your help,
    M
     
    #1
  2. gea

    gea Well-Known Member

    Joined:
    Dec 31, 2010
    Messages:
    2,269
    Likes Received:
    751
    Napp-it free offers all what you need on a SoHo setup.
    You can join the domain and set all allow permissions from Windows
    either as root or an AD user that is id-mapped to root.

    What you cannot do from Windows
    - set deny rules as Windows processes all deny rules first while Solaris respects the order of rules
    - If you remove admin on Windows, admin has no access

    You can do this via CLI or you use the comfort of napp-it Pro as it allows to
    set correct deny rules and allows to set permissions even in cases where a user removed admin.

    Beside this, napp-it pro offers support and bugfix releases and a improved gui performance
    with background agents but this does not affect NAS perfomance.
     
    #2
    CreoleLakerFan likes this.
  3. manxam

    manxam Active Member

    Joined:
    Jul 25, 2015
    Messages:
    226
    Likes Received:
    47
    Thank you Gea! Unfortunately my experience didn't go as well as expected.
    I installed OmniOS (bloody for smb2.1) to an SSD, configured networking, rebooted, and then installed Napp-it.
    I joined the system to the domain and then rebooted as the screen recommends (typing "reboot" in cli)

    Upon rebooting the system stops at a flashing cursor and no longer shows the boot menu. I left it at that point for approximately 20 minutes to no avail and subsequent reboots also fail.

    Any ideas before I start over?

    Thanks again,
    M
     
    #3
  4. manxam

    manxam Active Member

    Joined:
    Jul 25, 2015
    Messages:
    226
    Likes Received:
    47
    Ok, so I was wrong about the cause but I'm no closer to a solution.
    I've reinstalled OmniOS from scratch and get the flashing cursor on the first reboot (before installing Napp-it).

    I realized that I missed listing a step above in that I created a pool and shares before rebooting.

    I pulled the drives and rebooted into OmniOS without issue. I installed Napp-it and rebooted without issue.
    Upon inserting my disks I get the flashing cursor.

    I can only assuming that the system is now attempting to boot off of these instead of the SSD but have no idea how to change the priority as these are all on the same M1015 controller.
     
    #4
  5. gea

    gea Well-Known Member

    Joined:
    Dec 31, 2010
    Messages:
    2,269
    Likes Received:
    751
    You can set the boot order in the mainboard bios.
    Other option, connect the boot disk to sata (ahci)

    Boot problems may also occur on a disk or cabling
    problem. As the 1015 is hotplug capable you can
    try to boot without the disks, hot add them and check
    if they work. Then its a pure boot (order) problem.
     
    #5
  6. manxam

    manxam Active Member

    Joined:
    Jul 25, 2015
    Messages:
    226
    Likes Received:
    47
    Thanks Gea, I figured it out. Seems that the boot drive being on the same controller as a ZFS pool breaks booting. It worked fine in CentOS with BTRFS. Simple fix by moving it to an onboard sata port as per your recommendations.

    File permissions, share permissions and ACL work perfectly and Napp-it made configuration simple!

    Could you please send me a PM with the pricing for the Pro extension pack? While this is just a home NAS it may come in handy and I'd like to support your work efforts (as long as I can afford to :p)

    Thanks again for your help and excellent work.
    M
     
    #6
  7. manxam

    manxam Active Member

    Joined:
    Jul 25, 2015
    Messages:
    226
    Likes Received:
    47
    Gea, as a note, gcc48 doesn't exist as a package for bloody; only 4.4 and 5.1.
    Due to this, smartmontools doesn't build / install during the installation process and the rest of the packages on that line don't get installed either.

    Replacing gcc48 with gcc51 in the package line, changing the softlinks to target /opt/gcc5.1.0, and then building smartmontools completes without issues.

    Cheers,
    M
     
    #7
    Last edited: Dec 18, 2015
  8. gea

    gea Well-Known Member

    Joined:
    Dec 31, 2010
    Messages:
    2,269
    Likes Received:
    751
    thanks for the info.

    I will wait to next OmniOS stable (march 2016) until I modify the installer.
    In the meantime, your info is very helpful.
     
    #8
Similar Threads: Napp-It OmniOS
Forum Title Date
Solaris, Nexenta, OpenIndiana, and napp-it Napp-It: Active Directory tab totally blank in 18.12 OmniOS 151030 Jun 2, 2019
Solaris, Nexenta, OpenIndiana, and napp-it Trouble Initializing Disks OmniOS / Napp-it Apr 12, 2019
Solaris, Nexenta, OpenIndiana, and napp-it napp-it omnios active directory connection refresh Feb 13, 2019
Solaris, Nexenta, OpenIndiana, and napp-it Looking to update OmniOS/NAPP-IT from r151014 Oct 23, 2018
Solaris, Nexenta, OpenIndiana, and napp-it OmniOS/napp-it self-sign certificate Oct 4, 2018

Share This Page