2013-07-10

FreeNAS 基本設定及加入網域後帳號/群組權限的設定方式

FreeNAS-8.3.1-RELEASE-p2

Basic Setting

1. Account -> Admin Account -> Change Password
2. Account -> Users -> View Users -> Find "root" and [Change E-mail]
3. System -> Settings -> General -> Timezone [Asia/Taipei]
4. System -> Settings -> General -> Directory Service [Active Directory] (此處設定後才有 Directory Service 才能用)
5. System -> Settings -> Email -> From email [FreeNAS-01@contoso.com] / Outgoing mail server [mail.contoso.com]
6. Network -> Global Configuration -> Hostname [FreeNAS-01] / Domain [contoso.com]
7. Network -> Interfaces -> Add Interface -> Fill [Interface Name] (LAN) and check [DHCP]
8. Network -> Network Summary -> Check Status
9. Services -> CIFS -> NetBIOS name [FreeNAS-01] / Workgroup [CONTOSO] / Description [FreeNAS-01]

Join Domain

10. Services -> Active Directory -> [Advanced Mode]
Domain Name (DNS/Realm-Name) [contoso.com]
NetBIOS Name [FreeNAS-01]
Workgroup Name [CONTOSO]
Administrator Name [NASAdmin]
Administrator Password [********]
Confirm Administrator Password [********]
Allow Trusted Domains [Checked]
Use default domain [Checked]
Domain Controller [DC's Hostname]
Global Catalog Server [DC's Hostname]
Kerberos Server [DC's Hostname]
Kerberos Password Server [DC's Hostname]

Add Storage

11. Storage -> Active Volumes -> Volume Manager
Volume name [Data]
Member disks [Choose]
Filesystem type [ZFS] Mirror
[Add Volume]

Change ZFS Volume Permissions to Windows ACL

12. Storage -> Active Volumes -> Find "Data" Volume and press [Change Permissions]
Owner (user) [administrator]
Owner (group) [domain admins]
Mode Owner: Read / Write / Execute
Group: Read / Write / Execute
Other: None
Type of ACL [Windows]
[Change]

(Update: 2013.11.05)
The Permissions setting above would fail on FreeNAS Version 9.1.1
Try this command in Shell:
/usr/local/www/freenasUI/tools/winacl.sh -o administrator -g "domain admins" -p /mnt/Data

Add Share Folder

13. Sharing -> Windows (CIFS) Shares -> Add Windows (CIFS) Share
Name [Files]
Path [/mnt/Data]
Browsable to Network Clients [Checked]
Inherit Owner [Checked]
Inherit Permissions [Checked]

14. Browse \\FreeNAS-01\Files and set relative permission (Windows ACL)

沒有留言:

張貼留言