Features:
OpenVNP plugin https://joepaetzel.com/2013/09/22/openvpn-on-freenas-9-1/
FTP server
Web server
SAMBA
etc.
How to install:
– Choose 64bit as many plugins will not have 32bit versions
– There are two versions
– Unzip and use Win32 Disk Imager to install onto a USB
– Plug USB into target system (it takes a 10 to 30 minutes to perform initial installation). Once done, access FreeNAS from another machine to perform these steps:
-
Storage/Volumes/ZFS_Volume_Manager
-
Format Drives
-
Software RAID and add disks to RAID 1
-
Format new RAID
-
Mount RAID
-
Set up SAMBA and choose mount points from those drives
-
Create Users
How to Integrate into Windows Active Directory
1. Create DNS “A” record in Active Directory
DATA = IP Address of freeNAS server with NetBIOS named DATA
2. Add new user named FreeNAS with non-expiring password
example: [email protected]
3. Create computer account named DATA and give freenasadmin user account Admin privileges
4. Make sure that the domain controller server’s clock is accurate
cmd: w32tm /query /configuration (to check which server Windows is using)
w32tm /config /syncfromflags:manual /manualpeerlist:”0.us.pool.ntp.org,0x1 1.us.pool.ntp.org,0x1 2.us.pool.ntp.org,0x1″ /update /reliable:yes
net stop w32time && net start w32time
5. Set DATA (FreeNAS server) IP address as static corresponding to the DNS entry created previously
Network -> Interfaces -> Add Interface
-
-
NIC: select the NIC being used by FreeNAS (single NIC systems only have 1 item in the dropdown list)
-
Interface Name: em0 (We named it the same as what FreeNAS names it, for consistency – you can name it whatever you like)
-
DHCP: unchecked
-
IPv4 Address: 10.10.10.4 (this needs to match the DNS “A” record you created during the Active Directory prep)
-
IPv4 Netmask: /24
-
Click “Save”
-
6. Configure Network Card
Network -> Global Configuration
-
-
Hostname: freenas (this needs to match the DNS “A” record & computer account name you created during the Active Directory prep)
-
Domain: example-domain.net
-
IPv4 Default Gateway: 10.10.10.1 (router)
-
Nameserver 1: 10.10.10.3 (Windows Domain DNS server)
-
Click “Save”
-
7. Set time server
System -> NTP Servers -> View NTP Servers
-
-
Remove all 3 default NTP servers
-
Click Add NTP Server
-
-
Address: 10.10.10.3 (Windows AD Server)
-
Prefer: checked (only if you have other time servers configured)
-
Leave everything else at its default setting
-
-
Set Time Zone: Settings -> General
-
-
Timezone: PST
-
Directory Service: Active Directory
8. Create Storage Pool
Create Dataset:
-
-
Dataset Name: users
-
Compression level: Off (everything’s already compressed already)
-
Share type: Windows
-
Enable atime: Off (unless your backup solution scans this share, then turn it on)
-
ZFS Deduplication: Off
-
9. Set up Active Directory & CIFS
Services -> Directory Services -> Active Directory
-
-
Domain name: example-domain.net
-
NetBIOS Name: FREENAS
-
Workgroup Name: EXAMPLE-DOMAIN
-
Domain Account Name: freenasadmin
-
Domain Account Password: [password]
-
Confirm Domain Account Password: [password]
-
Services -> CIFS
-
-
NetBIOS name: freenas
-
Workgroup: EXAMPLE-DOMAIN
-
Description: (optional to fill in)
-
Unix Extensions: checked
-
Zeroconf share discovery: checked
-
Hostnames lookups: checked
-
Server maximum Protocol: SMB3
-
Allow execute always: checked
-
Click “OK”
-
Services -> Control Services
-
Turn on Directory Services
-
This will also automatically turn on the CIFS services.
-
10. Create Windows Shares
Sharing -> Windows (CIFS) Shares -> Add Windows (CIFS) Share
-
-
Name: users (this is the name you’ll see when you connect via Windows Explorer)
-
Comment: (optional)
-
Path: (browse to the path of the dataset created previously)
-
Leave everything else at its default setting
-
Click “OK”
-
11. Set correct owners and permissions
Storage -> Volumes -> locate the dataset created earlier, namely “users” -> change permissions
-
-
Owner (user): EXAMPLE-DOMAIN\administrator
-
Owner (group): EXAMPLE-DOMAIN\domain users
-
Mode: (unchangeable)
-
Type of ACL: Windows / Mac
-
Set permission recursively: unchecked (unless you have files owned by a FreeNAS user stored in this dataset already)
-
Click “Change”
-
12. Manage file/folder permissions in Active Directory
MMC -> Administrative Tools -> Right-click Computer Management, select Connect to another computer -> Another computer = freenas, click OK
Computer Management (FREENAS) -> Right-click “Shares,” select “Properties” -> Click on the ”’Share Permissions”’ tab, and add/remove/modify your permissions as needed
How to Create Windows Network Shares (incomplete guide)
Enable SSH with root access
mkdir /mnt/[share_name]/users
### give owner full access to users folder, while everyone read&execute ###
chmod 755 /mnt/[share_name]/public
cd /mnt/[mount_name]
mkdir public
### give everyone read/write/full access to public folder ###
chmod 777 /mnt/[share_name]/public
mkdir users
cd users
mkdir [user1]
### give owner full access to users folder, while everyone read only ###
chmod 744 /mnt/[share_name]/[user1]
mkdir [user2]
mkdir [user3]
mkdir [user4]
### For home network: give everyone read/write/full access to bit torrent folder as torrent ###
chmod 777 /mnt/[mount_name]/jails/transmission_1/media
Services | Enable CIFS
NetBIOS name: data
Workgroup: WORKGROUP
Description: Company Data Server
? Enable home directories
? Enable home directories browsing
? Home directories: /mnt/[share_name]/users
Account | Users | Add User
Username = guest
Create a new primary group for the user = unchecked
Primary Group = guest
Full Name = Samba guest
Disable password login = checked (eliminate password requirements)
Storage | Volumes | /mnt/[share_name] | Change Permissions
Owner (user) = guest
Owner (group) = guest
Mode = rwxrwxrwx
Set permission recursively = checked
Services | CIFS | NetBIOS name = data | | Guest account = nobody or guest (need to create) |
– SSH into server
Categories: