MIxed domain and non domain ACLs?

NethServer Version: 7
Module: Fileserver

Hi All,

I’m in the process of testing my second nethserver install as a possible file server going forward I’d like users to be able to access shares both via the domain using domain level authentication and externally without being a member of the domain or using domain user credentials but still requirring authentication.

Much as as some NAS manafacturers treat file sharing in fact, is this possible with Nethserver?

Yes it is.
Autheticate like DOMAIN\user or user@domain from the device you want to access.
Also without being a part of AD/Domain.

Yes I know you can do that but as I understand it with the new Microsoft licensing model for CALs each individual user or PC (depending on licensing model chosen) should theoretically have a CAL to access the domain.
For most of our users it makes sense to follow the user cal model because we have more PCs than users but there are a couple of generic station where this is not the case but these actually only really need access to a specific set of folders on the domain, (or nethserver fileserver in this case). So i was effectively wondering if it was possible to connect to these shares as a guest but still require a password?
(Hope that makes sense)

In the server you are testing which is the authentication provider?
Integrated LDAP? External LDAP? Integrated samba container (NSDC)?
AFAIK only the latter one allows to use File sharing ACL…

Apologies I’m using NSDC, my file server is connected to AD but not as a DC. It may that what I’m asking isn’t possible it’s just something I can accomplish with my NAS that I wondered if I could accomplish with Nethserver as well.

On the NAS I can connect to share folders as an active directory user with the ad password but I can also connect from a linux or windows home pc using the nas users and passwords which are not part of the ad structure (or at least don’t appear to be).

My theory was that if this was possible on nethserver it could save me some windows server cals in places where actually all I need to be able to do is open files.

Incidentally I realise I could use nethserver as the ad domain controller and eliminate this as an issue but that decision was taken out of my hands due to the lack of backup dc support in Nethserver at the moment.

I think I might have a semi answer for my own question because i just had to do it on windows in order for this to work the share has to available both through the domain and workgroup.

so user@domain
and user@workgroup

I might need to read up a bit on samba to see if this is possible.