FreeNAS

Features:
OpenVNP plugin (http://joepaetzel.com/2013/09/22/openvpn-on-freenas-9-1)
FTP server
Web server
SAMBA
etc.
 
How to install:
– Choose 64bit as many plugins will not have 32bit versions
– There are two versions 
– Unzip and use  Win32 Disk Imager to install onto a USB
– Plug USB into target system (it takes a 10 to 30 minutes to perform initial installation). Once done, access FreeNAS from another machine to perform these steps:
  1. Storage/Volumes/ZFS_Volume_Manager
  2. Format Drives
  3. Software RAID and add disks to RAID 1
  4. Format new RAID
  5. Mount RAID
  6. Set up SAMBA and choose mount points from those drives
  7. Create Users
How to Integrate into Windows Active Directory
1. Create DNS “A” record in Active Directory
     DATA = IP Address of freeNAS server with NetBIOS named DATA
2. Add new user named FreeNAS with non-expiring password
     example: freenasadmin@domain.local
3. Create computer account named DATA and give freenasadmin user account Admin privileges
4. Make sure that the domain controller server’s clock is accurate
     cmd: w32tm /query /configuration (to check which server Windows is using)
               w32tm /config /syncfromflags:manual /manualpeerlist:”0.us.pool.ntp.org,0x1 1.us.pool.ntp.org,0x1 2.us.pool.ntp.org,0x1″ /update /reliable:yes
               net stop w32time && net start w32time
 
5. Set DATA (FreeNAS server) IP address as static corresponding to the DNS entry created previously
      Network -> Interfaces -> Add Interface      
    • NIC: select the NIC being used by FreeNAS (single NIC systems only have 1 item in the dropdown list)
    • Interface Name: em0 (We named it the same as what FreeNAS names it, for consistency – you can name it whatever you like)
    • DHCP: unchecked
    • IPv4 Address: 10.10.10.4 (this needs to match the DNS “A” record you created during the Active Directory prep)
    • IPv4 Netmask: /24
    • Click “Save”
6. Configure Network Card
     Network -> Global Configuration        
    • Hostname: freenas (this needs to match the DNS “A” record & computer account name you created during the Active Directory prep)
    • Domain: example-domain.net
    • IPv4 Default Gateway: 10.10.10.1 (router)
    • Nameserver 1: 10.10.10.3 (Windows Domain DNS server)
    • Click “Save”
7. Set time server
      System -> NTP Servers -> View NTP Servers          
    • Remove all 3 default NTP servers
    • Click Add NTP Server
  • Address: 10.10.10.3 (Windows AD Server)
  • Prefer: checked (only if you have other time servers configured)
  • Leave everything else at its default setting
    • Set Time Zone: Settings -> General
  • Timezone: PST
  • Directory Service: Active Directory
8. Create Storage Pool
     Create Dataset:          
    • Dataset Name: users
    • Compression level: Off (everything’s already compressed already)
    • Share type: Windows
    • Enable atime: Off (unless your backup solution scans this share, then turn it on)
    • ZFS Deduplication: Off
9. Set up Active Directory & CIFS
      Services -> Directory Services -> Active Directory     
    • Domain name: example-domain.net
    • NetBIOS Name: FREENAS
    • Workgroup Name: EXAMPLE-DOMAIN
    • Domain Account Name: freenasadmin
    • Domain Account Password: [password]
    • Confirm Domain Account Password: [password]
      Services -> CIFS
    • NetBIOS name: freenas
    • Workgroup: EXAMPLE-DOMAIN
    • Description: (optional to fill in)
    • Unix Extensions: checked
    • Zeroconf share discovery: checked
    • Hostnames lookups: checked
    • Server maximum Protocol: SMB3
    • Allow execute always: checked
    • Click “OK”
      Services -> Control Services
  • Turn on Directory Services
    • This will also automatically turn on the CIFS services.
 
10. Create Windows Shares
      Sharing -> Windows (CIFS) Shares -> Add Windows (CIFS) Share
    • Name: users (this is the name you’ll see when you connect via Windows Explorer)
    • Comment: (optional)
    • Path: (browse to the path of the dataset created previously)
    • Leave everything else at its default setting
    • Click “OK”
11. Set correct owners and permissions
      Storage -> Volumes -> locate the dataset created earlier, namely “users” -> change permissions        
    • Owner (user): EXAMPLE-DOMAIN\administrator
    • Owner (group): EXAMPLE-DOMAIN\domain users
    • Mode: (unchangeable)
    • Type of ACL: Windows / Mac
    • Set permission recursively: unchecked (unless you have files owned by a FreeNAS user stored in this dataset already)
    • Click “Change”
  12. Manage file/folder permissions in Active Directory
     MMC -> Administrative Tools -> Right-click Computer Management, select Connect to another computer -> Another computer = freenas, click OK
     Computer Management (FREENAS) -> Right-click “Shares,” select “Properties” ->  Click on the ”’Share Permissions”’ tab, and add/remove/modify your permissions as needed
 
 

 
How to Create Windows Network Shares (incomplete guide)
     Enable SSH with root access
     mkdir /mnt/[share_name]/users 
     ### give owner full access to users folder, while everyone read&execute ###
     chmod 755 /mnt/[share_name]/public
     cd /mnt/[mount_name]
     mkdir public
     ### give everyone read/write/full access to public folder ###
     chmod 777 /mnt/[share_name]/public
     mkdir users
     cd users
 
     mkdir [user1]
     ### give owner full access to users folder, while everyone read only ###
     chmod 744 /mnt/[share_name]/[user1]
 
     mkdir [user2]
     mkdir [user3]
     mkdir [user4]
 
     ### For home network: give everyone read/write/full access to bit torrent folder as torrent ###
     chmod 777 /mnt/[mount_name]/jails/transmission_1/media
 
     Services | Enable CIFS
          NetBIOS name: data
          Workgroup: WORKGROUP
          Description: Company Data Server
          ? Enable home directories
          ? Enable home directories browsing
          ? Home directories: /mnt/[share_name]/users
     Account | Users | Add User
          Username = guest
Create a new primary group for the user = unchecked
Primary Group = guest
Full Name = Samba guest
Disable password login = checked (eliminate password requirements) 
      Storage | Volumes | /mnt/[share_name] | Change Permissions
          Owner (user) = guest
Owner (group) = guest
Mode = rwxrwxrwx
Set permission recursively = checked 
     Services | CIFS | NetBIOS name = data | | Guest account = nobody or guest (need to create) | 
     
– SSH into server
    

Leave a Reply

Your email address will not be published. Required fields are marked *