Truenas Home Share with AD users

kaastrup

New Member
Nov 8, 2021
2
0
1
Hi there

I have been seaching for a guide on setting up the "Use as Home Share" function in Truenas (12U6) with active directory users.

I have an working AD with two domain controllers, dns, dhcp etc...

I can get it to work with truenas local users, but I was hoping it could work for existing AD users too, so that AD users would get thier own home folder through truenas when they log in on windows 10 pc´s...

The purpose is to get rid of my W2K19 file server.

I have created the dataset for the home share, and set the permission to User:root and Group:[AD]\Domain Admins, and ACL preset to HOME. I have set the share option to "Purpose: No presets" and "Use as Home share".

Anyone ?????
 

kaastrup

New Member
Nov 8, 2021
2
0
1
I have followed that exactly in the link - But I dont understand the last bit - "Add Users".....

As I read it, I have to create the same user accounts locally as I have AD users, and that sounds a bit weird.....Eg. If I have a AD user called "luka", then I have to create a local user called "luka" ?????

What am I missing ???
 

azev

Active Member
Jan 18, 2013
757
226
43
@kaastrup Here's how I setup my truenas for AD users share folders;
1. Add the truenas server as AD member servers.
2. On your SMB share ACL, assign full permission for everyone
3. On your SMB file system ACL add a new ACL to give your domain administrator full access.

once the above steps are done, you can use your domain admin account to create the folder structure and assign permission as you normally would on a windows file servers.
 
  • Like
Reactions: Marjan

Marjan

New Member
Nov 6, 2016
18
2
3
@kaastrup Here's how I setup my truenas for AD users share folders;
1. Add the truenas server as AD member servers.
2. On your SMB share ACL, assign full permission for everyone
3. On your SMB file system ACL add a new ACL to give your domain administrator full access.

once the above steps are done, you can use your domain admin account to create the folder structure and assign permission as you normally would on a windows file servers.
This correct answer. I use this in same way and it works just fine, no issues at all.
 

Zedicus

New Member
Jul 12, 2018
21
7
3
on a windows machine in the same domain, connect to the freenas box like so...
frns1.JPG

then browse to the shares and configure them as needed. NOTE: you can NOT put a group as the primary USER and you MUST have a primary user in the share.
frns2.JPG
 

azev

Active Member
Jan 18, 2013
757
226
43
that is neat, I didn't know you can actually connect to the truenas box via "computer management"
 

Zedicus

New Member
Jul 12, 2018
21
7
3
that is neat, I didn't know you can actually connect to the truenas box via "computer management"
is there some way to manage the shares with out connecting to the freenas box like that? i mean, you do have to create the share on freenas and assign it to be accessible via an admin, but unless your network handles security some other way, you have to do this at some point, no?
 

Marjan

New Member
Nov 6, 2016
18
2
3
is there some way to manage the shares with out connecting to the freenas box like that? i mean, you do have to create the share on freenas and assign it to be accessible via an admin, but unless your network handles security some other way, you have to do this at some point, no?
You can't do it from Windows. But it's not something you do all the time, you create shares you need and you don't touch them, it's not something you create, remove, recreate all the time.
If you really want shares on Windows, create iSCSI on Truenas, mount it in Windows, then create shares.
 

Zedicus

New Member
Jul 12, 2018
21
7
3
You can't do it from Windows. But it's not something you do all the time, you create shares you need and you don't touch them, it's not something you create, remove, recreate all the time.
If you really want shares on Windows, create iSCSI on Truenas, mount it in Windows, then create shares.
You CAN do it from windows and you should not be messing with shares very often no matter if you manage it from Windows, Linux, or a TI-80Plus. Samba4 has had full support for SMB/CIFS for YEARS now, i run a SAMBA4 Active Directory server that i manage from windows. Stop making this harder than it has to be.

frns3.JPG
 
  • Like
Reactions: libredata

azev

Active Member
Jan 18, 2013
757
226
43
The way I did it on my setup is to create the SMB share as shown in my previous post, then connect to it using the domain admin account which have full file system access via "run" and type " \\truenas\smbshare ". After connecting you can build the folder structure using windows file explorer and then just modify the ntfs permission as you would a windows file server.. I tested permission wise and it works like it should.
 
  • Like
Reactions: Zedicus