smdion Posted June 16, 2015 Share Posted June 16, 2015 Hey All, The AD sub-forum is pretty much crickets. I have my server joined into AD, but curious.... has one setup the permissions in their AD server and have some pointers for me? I've dug around like crazy and can't find much. Thanks! Link to comment
smdion Posted June 17, 2015 Author Share Posted June 17, 2015 Question Part 2: Is unRAID designed to stay joined to the domain after a restart? Link to comment
korpo53 Posted June 17, 2015 Share Posted June 17, 2015 [*]I joined mine to my AD, and it was fairly straightforward. My only minor headache is that I had to remove the computer account from the domain from back in the day when I tried adding it to AD and remove it again for some reason, but that's all my fault. [*]It should stay joined to AD after a reboot, mine does. [*]The web UI on my server is probably 5x slower after joining to AD, but I don't see any reason it should be. I corrected a few minor setup problems when I did the upgrade to the final version of 6: added it to AD, added the UPS functionality, removed disk shares... and now the web UI just sits and sits for like 5s before changing tabs. The CPU is under 10% all the time, the memory usage is at 15%, and the actual sharing performance seems normal. Just the web UI, which is weird. A reboot didn't clear it. My only pointers are general ones: For the "default user/group" thing, pick something like Administrator and Domain Admins, or create users and groups for it and disable them/leave them empty. It doesn't appear you can remove those groups from the permissions, or if you do, they just come back. It also looks like you can't remove Everyone, nobody, users, CREATOR OWNER, and CREATOR GROUP from the ACLs. Lame, but maybe that's a Linux thing. My old Solaris server loved Windows ACLs. Create groups for each share and permissions on the share, assign things that way. Say your server is called UNRAID and you have a share called MOVIES, make groups called UNRAID-MOVIES-RWM and UNRAID-MOVIES-RO. Add RWM (actually FC, since unRAID doesn't seem to support the full set of ACLs) to the MOVIES share for that group, the RO permission to the other, etc. Then you don't have to update permissions on the files if you want a new user to have that permission, you can just do it through ADUC. Obviously, make sure your DNS, time, and all your other networking stuff is working. AD doesn't like those things to be broken Link to comment
Recommended Posts
Archived
This topic is now archived and is closed to further replies.