SoftNAS Virtual Storage Solutions
×
Menu
Index

Active Directory Configuration

 

Overview

Integration of SoftNAS Cloud® into Active Directory enables domain users to more securely share files and data in a corporate environment. Authentication is managed by Active Directory (AD) via Kerberos. Kerberos tickets are issued to users authenticated to AD. When a user accesses a CIFS share managed by SoftNAS Cloud®, the ticket is then verified with AD to ensure it is authentic and valid before allowing access to the shares. Windows user IDs and groups (e.g.,Domain Users) are transparently and dynamically mapped from AD into SoftNAS Cloud® and Linux, making access seamless for Windows users.
 
When integrated into a domain environment, SoftNAS Cloud® becomes another member server of the domain - like any other Windows server joined to the domain.
 
Authorization and granular access controls are available to manage the level of access available to various users and user groups.
 
The following sections detail how to configure SoftNAS Cloud® for integration with AD and how to troubleshoot and resolve common issues that can arise during AD integration.
 
On Linux, Samba is used to provide access to CIFS for access from Windows-based systems. Samba uses a program called winbind, which binds Windows authentication and identities (e.g., AD users and groups) with Linux, and automatically maps Windows users and groups to Linux users and groups.
 
Please use the following process to integrate AD with SoftNAS Cloud® and Linux with Samba.
 

Active Directory Wizard

Configure AD using the Active Directory Wizard. This enables integration automation with AD.
 
After entering some basic networking details to enable SoftNAS Cloud® to communicate within the AD environment, SoftNAS Cloud® will automatically set up the integration with AD, and will even run a final verification stage to ensure that everything is working smoothly.
 
1. From Volumes and LUNS, click on Active Directory.
 
The AD Wizard instructions are displayed.
 
 
2. Click on Next.
 
3. Provide the domain name of the active directory domain controller, and then click on Next.
 
 
4. Enter the active directory NetBIOS Domain.
 
Note: The NetBIOS domain name is required for interoperability with older computers and services.
 
 
5. Enter the FQDN of the domain controller.
 
 
6. Provide the AD administrator credentials.
 
 
7. Enable the required groups.
 
 
8. Click on Finish.
 
 

Adding HA pairings to Active Directory

If connecting SoftNAS instances in a High Availability pairing to Active Directory, you must perform the process above twice, once on each node. Active Directory configurations do not carry over to the second node automatically because the target node's NAS services (amongst others) are not running while the node is dormant. Settings cannot be automatically triggered upon takeover. In order for the second instance to remain in Active Directory after a failover the second node must be added as well.
Copyright © 2017 SoftNAS, INC - All Rights Reserved