Shared folders without Active Directory

I use NethServer for a specific application and often I have to integrate it in existing Windows net. With GDPR I should protect any single share with user and password, but I would like to avoid to join (eventually) existing domains, which I do not mantain, or create a domain for sharing a single folder.
Is it possible to revert the permissions to the old version in 6.x and use the users/groups from NethServer installation to protect shares?

1 Like

AFAIK, in NethServer 7.x NSDC must be installed and used, for file permission access.
It requires an available ip4 address, few extra ram and CPU power to run, you can manage users from NethGUI/Server Manager, therefore you can manage in almost the same way than NethServer 6.
Which is still downloadable…

And supported until november 2020 for security updates.

2 Likes

If I don’t make a mistake with LDAP you can share only guest folder. You must use AD to set permissions on your folders.

3 Likes

I think you also can install a cloud solution. NextCloud is running on nethserver.

2 Likes
1 Like

I have the same “problem” :slight_smile:

@UncleDan @gecco can you explain why it’s a problem to create a Local AD whit Samba or use Nextcloud as suggested by @m.traeumner ?

Wait for your feedback.

Thank you.

Nextcloud is not what I am looking for. And for the AD just a bit scared of messing up with existing domains.

But users of this domain will be the same of existing domain? If yes why you don’t use a Remote AD on NethServer?

  1. Not necessarily same users. 2. Usually I don’t manage the whole net, so joining existing domains need permission from another administrator

I think you can create a new AD with a different name (and obviously IP address) and you shouldn’t have any kind of problem.

2 Likes

I think this is the only way, too.
Thank you very much.

You’re welcome. If u don’t need other information close this topic, otherwise I’m here :slight_smile:

I have a subnetwork for wireless client only, in this network i need a samba share with only some software e some driver. For now i use ad usb hard drive.
I want a small solution accessibile only via username and password.
I start to work a small solution with alpine linux instead another nethserver.

Again: add Active Directory local accounts provider (NSDC) into packages. You will obtain what you’re looking for.

but… i don’t want to use another active directory

If it’s only for these share you can use Nethserver 6.10: don’t choose this if you need then mail server, proxy, firewall, etc… because support will be closed.

@gecco NethServer gives you opportunity to try, creating one installation following the hints.
Which (in my opinion) leads to what you’re looking for.

Designing NS7 (IMO) Nethesis choose to close a massive gap that NS6 and SME had: they were not able to connect to other user authentication services. Building structure from scratch, the server is designed to connect to other authentication services, currently via LDAP.
With this design, there’s a leak: you need an authentication server for fill the user authentications, with a couple of options:

  • OpenLDAP in case of application server just like mailserver/groupware, webserver, PBX, printer server.
  • NSDC in case of file server, using SAMBA for both auth and share

NSDC will act as user auth service for allow you granular control to shares, files and folders, if you need that. Also without computers joined to NSDC AD structure.

You may create a shared folder in web UI and set SmbGuestAccessType to None and create a user to have access.

Change access type:

db accounts setprop yourshare SmbGuestAccessType None
signal-event nethserver-samba-update

Create user and set password:

useradd testuser
passwd testuser

Add samba user:

smbpasswd -a testuser

http://docs.nethserver.org/projects/nethserver-devel/en/latest/nethserver-samba.html#accounts-database

https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server#Creating_a_Basic_smb.conf_File

5 Likes

[SPAM] :slight_smile:

I created a solution for me. Maybe can help some people.

3 Likes