Join FreeNAS to Nethserver AD


(Mats) #1

NethServer Version: latest (don’t have access to it for the moment)
Module: Samba4

Joining Linux servers, CentOS7 using realmd, and Windows 10 has been easy but I’m a bit stuck when trying to join a FreeNAS server. It’s probably more of a compatibility issue with most of the problems on FreeNAS but I’ll test my luck here. :slight_smile:

So I’ve read but am still not sure what would be the best approach to do it. As I understand it do I’ve two options.

  1. Allow unencrypted communication to the NS server
  2. Copy the certificates from NS server to FreeNAS server

The problem with #1 shouldn’t need an explanation and #2 seems like a bit overhead to maintain since I’m using letsencrypt for certificates.
Any advice? A good guide to follow?

(Michael Träumner) #2

@fausp Can you help here?

(fpausp) #3

I am not sure, I do not use FreeNAS anymore? I use Proxmox instead of FreeNAS (NFS-Server)…

(Rob Bosch) #4

@mahaq. Did you try this option that is documented in our forums: Connect FreeNAS to Nethserver Active Directory

And after some attempts @mrmarkuz was able to join FreeNAS to NS AD: Connect FreeNAS to Nethserver Active Directory

(Mats) #5

@Robb. I read both, and tried following them, before posting. The first post gives me a “BindSimple: Transport encryption required., Strong(er) authentication required” when trying to save. The second post is that I need to allow unencrypted communication.

(Rob Bosch) #6

I am sorry, i can’t help you with this one. I don’t have freenas running.

(Mats) #7

I’ve been doing some more investigations and my conclusion so far is to either allow unencrypted traffic to Nethserver or to update the certificate every third month.For the moment have I decided to go for allowing unencrypted traffic. However did I run into a different problem that all AD groups are not listed on the FreeNAS, and most of the listed groups on the FreeNAS server are not shown on Nethserver even I suspect they do exist there. Example of group names that I see on FreeNAS but not on Nethserver are Domain "cert publishers, “domain computers” and “domain users”. Groups I don’t see are the groups I’ve created. The only group that exist in both places is “domain admins”. The users list shows all users as expected.

(Mats) #8

Not sure how to close an issue without any solution. When I tested wbinfo -g on the FreeNAS server are all groups listed so nothing to blame Nethserver for there :slight_smile:.
The initial problem is in my opinion a stupid implementation but possible to get around with a bit of scripting.