July 19, 201510 yr Is there a way I can login to my unRAID box not using root (preferably using my AD credentials?)
July 21, 201510 yr Author Even a "this is not supported" or a point down a path where I can change something would be great...
July 21, 201510 yr Is there a way I can login to my unRAID box not using root Might sound strange: there are no "user accounts" in unRaid. That is, not in the traditional meaning where you define users that have separate login credentials and home directories on the server. The only reason there is a Users page is to support non-Active Directory security modes. For example, if you have a typical workgroup home networking setup you might have a user name of "larry" to login into your local PC. If you setup a user called "larry" on unRaid and give it the same password as you use to login to windows, then you can create a private share and will have access to it via Network without having to present login credentials to unRaid at time of share connection. It is not intended that you would ever log into unRaid as user "larry". In an Active Directory environment, there is no need at all to create Users unless you intend to access shares out-of-band from AD, e.g., via AFP or NFS. (preferably using my AD credentials?) Yes this something we should add to unRaid AD: let "Administrator" log into webGui... I have to look into that.
July 21, 201510 yr Author Is there a way I can login to my unRAID box not using root Might sound strange: there are no "user accounts" in unRaid. That is, not in the traditional meaning where you define users that have separate login credentials and home directories on the server. The only reason there is a Users page is to support non-Active Directory security modes. For example, if you have a typical workgroup home networking setup you might have a user name of "larry" to login into your local PC. If you setup a user called "larry" on unRaid and give it the same password as you use to login to windows, then you can create a private share and will have access to it via Network without having to present login credentials to unRaid at time of share connection. It is not intended that you would ever log into unRaid as user "larry". In an Active Directory environment, there is no need at all to create Users unless you intend to access shares out-of-band from AD, e.g., via AFP or NFS. (preferably using my AD credentials?) Yes this something we should add to unRaid AD: let "Administrator" log into webGui... I have to look into that. Thanks Tom. Would WebGUI access for AD Admins also give SSH access? Maybe we could add WebGUI/SSH access by the AD group specified on the unRAID WebGUI. I have no other "users" in the WebGUI.. all access is done by AD. THis is how I set it up: https://www.linuxserver.io/index.php/2015/07/20/how-to-active-directory-on-unraid-6/
July 25, 201510 yr Dead keen for this too. The more integrated / federated security is, the better these days! I've tried a few things to SSH to UNRAID as a domain user, but haven't quite got it working getent passwd Administrator works a treat. When I try to ssh administrator@localhost, I get permission denied (on correct or incorrect password) a few times, and finally Permission denied (publickey,password,keyboard-interactive). This works too: root@TOWER:/boot# wbinfo -a administrator Enter administrator's password: plaintext password authentication succeeded Enter administrator's password: challenge/response password authentication succeeded Although I'd love to remove the plaintext option. Never liked that. Not sure how to get kerberos auth, the k* commands don't seem to be available. I've found a bunch of information about how to make this work, but most of it relates to change sudoers or modifying sshd_config or configuring /etc/pam.d -- all of which I'd have no idea about how to do in the UNRAID environment in a persistent manner.
July 25, 201510 yr Is there a way I can login to my unRAID box not using root Might sound strange: there are no "user accounts" in unRaid. That is, not in the traditional meaning where you define users that have separate login credentials and home directories on the server. The only reason there is a Users page is to support non-Active Directory security modes. For example, if you have a typical workgroup home networking setup you might have a user name of "larry" to login into your local PC. If you setup a user called "larry" on unRaid and give it the same password as you use to login to windows, then you can create a private share and will have access to it via Network without having to present login credentials to unRaid at time of share connection. It is not intended that you would ever log into unRaid as user "larry". In an Active Directory environment, there is no need at all to create Users unless you intend to access shares out-of-band from AD, e.g., via AFP or NFS. (preferably using my AD credentials?) Yes this something we should add to unRaid AD: let "Administrator" log into webGui... I have to look into that. Thanks Tom. Would WebGUI access for AD Admins also give SSH access? Maybe we could add WebGUI/SSH access by the AD group specified on the unRAID WebGUI. I have no other "users" in the WebGUI.. all access is done by AD. THis is how I set it up: https://www.linuxserver.io/index.php/2015/07/20/how-to-active-directory-on-unraid-6/ Hey man, is that your site? It's pretty cool!
July 25, 201510 yr Author Is there a way I can login to my unRAID box not using root Might sound strange: there are no "user accounts" in unRaid. That is, not in the traditional meaning where you define users that have separate login credentials and home directories on the server. The only reason there is a Users page is to support non-Active Directory security modes. For example, if you have a typical workgroup home networking setup you might have a user name of "larry" to login into your local PC. If you setup a user called "larry" on unRaid and give it the same password as you use to login to windows, then you can create a private share and will have access to it via Network without having to present login credentials to unRaid at time of share connection. It is not intended that you would ever log into unRaid as user "larry". In an Active Directory environment, there is no need at all to create Users unless you intend to access shares out-of-band from AD, e.g., via AFP or NFS. (preferably using my AD credentials?) Yes this something we should add to unRaid AD: let "Administrator" log into webGui... I have to look into that. Thanks Tom. Would WebGUI access for AD Admins also give SSH access? Maybe we could add WebGUI/SSH access by the AD group specified on the unRAID WebGUI. I have no other "users" in the WebGUI.. all access is done by AD. THis is how I set it up: https://www.linuxserver.io/index.php/2015/07/20/how-to-active-directory-on-unraid-6/ Hey man, is that your site? It's pretty cool! Not mine, but I do contribute there. Thanks! Run by a few other unRAID users.
July 26, 201510 yr THis is how I set it up: https://www.linuxserver.io/index.php/2015/07/20/how-to-active-directory-on-unraid-6/ Great to see that I wasn't smoking something - that is exactly the method I used. Gave up trying to get inheritance working from the UNRAID shell. I like your share based AD groups and that is something I will be doing going forwards, then put them inside other groups for user allocation. Would be good to script this up using setfacl or an equivalent. I think I see what I need to do but never got it working that way!
Archived
This topic is now archived and is closed to further replies.