So I was watching the video @LTS_Tom made on setting up Freenas with Active Directory and I figured I ask before I fell into a world of hurt.
There’s an AD server that I know is a mess and I have asked the client to get someone to fix it or get a new Windows server with a properly setup AD environment. Now the client reached out to me to help them setup a file server. I figured a freenas mini would be great for them. But knowing full well that their AD server is a mess I’m afraid of connecting Freenas to it.
Can I just skip adding Freenas to AD? Honestly, I’d rather add the individual users to Freenas than have to jump through hoops to get Freenas working on this AD server.
You could join it and test to see how functional it is. If it does’t work, remove it from the domain, delete the data set, and start over with FreeNAS users and groups.
1 Like
What do you mean when you say Active Directory is a mess?
1 Like
That sounds reasonable, it’s not that I was against joining Freenas to the AD server it’s just that this one in particular has given them problems before.
User permissions are all over the place (the secretary/interns have Admin rights! Why??), permissions are nonsensical, and the AD server is also the DC. I am not a Windows admin nor do I play one on T.V but I enough to say that is not standard practice.
Secretaries should not be admins. Once in while I’ll take over a system where some one thought “Admin” = “Administrative Assistant” and they will do something like that.
I don’t know how you would have a AD server that isn’t a DC. Active Directory is a set of services that run on a Domain Controller.
If you’re putting in a file server of any type, you have to get your users and groups right and your permissions straight.
1 Like
If you watch his video and set the freenas DNS server to the IP of the Active directory(DC) server. open a shell in freenas and ping company.local or whatever the name of the domain is, if that works your okay. From there it shouldn’t really matter how a messy permissions are, create a group(s) to access the freenas data set and your off and running.
you can test this with a pc that is not connected to the domain, just do the same thing…set the dns server to the ip of the domain controller and ping it see if it responds.
Now if your having issues with the domain controller itself and having issues adding new users or joining PC’s to the domain then that’s another issue in itself.
admin rights to a secretary is an issue but easily solved.
2 Likes