LDAP and Open Directory on OSX Snow Leopard server

Discussion in 'User Authentication' started by lschafroth, Apr 27, 2012.

  1. Offline

    lschafroth

    Member Since:
    Apr 27, 2012
    Messages:
    20
    Message Count:
    20
    Likes Received:
    0
    Trophy Points:
    0
    lschafroth, Apr 27, 2012

    I would like to get LDAP to connect to my OD master which is a Snow Leopard Open Directory Master. I use moodle and other LDAP services with OD but I cannot get the same type of settings to work with FreeNAS. Some of the guides I have found require you to login via SSH. I have ssh enabled and configured for root access but when I try to connect to the FreeNAS box I get a connection refused.

    My goal is to setup FreeNAS as a backup share for Time Machine. I would like to create mobile users but disable home synching. This allows me to have a local user tied to the OD. I can then use TIme Machine on the client to backup the software to the freenas home folder.

    I have successfully connected to the AFP share on FreeNAS with a local user account on the nas box since ldap does not work. I was able to run a Time Machine backup. I was not able to use WorkGroup Manager and create a home folder pointing to the NAS box. Not sure if that is possible or not. If I went to a true local account on the macbook clients then I lose the ability to keep their logins tied to OD.

    Anyway, back to the original question: lol

    I need to get SSH to work on the freenas and then get ldap to work.
  2. Offline

    lschafroth

    Member Since:
    Apr 27, 2012
    Messages:
    20
    Message Count:
    20
    Likes Received:
    0
    Trophy Points:
    0
    lschafroth, Apr 27, 2012

    I found that you have to start the service from the Services tab at the top. I was using the services tab on the left. Anyway, I can now ssh into the box. when I try to start the LDAP service it tries for a long time then goes back to OFF. There does not appear to be any logs on the webgui?? how can you not have a debugging or log menu?

    I found the var/log folder but it doesnt appear to have anything relating to the services and how to see why the ldap service does not start.

    Lannie
  3. Offline

    lschafroth

    Member Since:
    Apr 27, 2012
    Messages:
    20
    Message Count:
    20
    Likes Received:
    0
    Trophy Points:
    0
    lschafroth, Apr 27, 2012

    OK, progress. The guide I found was missing the cn=users after the uid-diradmin. so once I changed the bind it worked! bow if there was only a good log system in the gui.
  4. Offline

    lschafroth

    Member Since:
    Apr 27, 2012
    Messages:
    20
    Message Count:
    20
    Likes Received:
    0
    Trophy Points:
    0
    lschafroth, Apr 27, 2012

    I have LDAp running and I can type id username and it works. How do I get the ldap accounts and groups to show up in the accounts section of FreeNas? None of them are listed.
  5. Offline

    lschafroth

    Member Since:
    Apr 27, 2012
    Messages:
    20
    Message Count:
    20
    Likes Received:
    0
    Trophy Points:
    0
    lschafroth, Apr 27, 2012

    I've come to the conclusion that 8.03 is no where near ready for production. Very few items work as expected and the gui has issues as well. I am downloading the version 7 stable and will try that.
  6. Offline

    lschafroth

    Member Since:
    Apr 27, 2012
    Messages:
    20
    Message Count:
    20
    Likes Received:
    0
    Trophy Points:
    0
    lschafroth, Apr 27, 2012

    Wow, 7 was much worse. :) I tried the latest 8.2 beta 3 and it is much better. I can connect based off of LDAP groups now. This is when accessing a afp share. Is there a way to create a share with read access to the root folder than create a subfolder for each student's graduation year then each students home folder under that?

    I could map that students folder they have write access to and schedule TIme Machine. Or do I have to create a share for every single user?

    For example:

    Drive name is STORAGE. AFP share is called DATA. I would create a folder under that called 2013. Under that folder all students graduating in 2013 would have a sub folder. They would only have access to their folder and only see their folder. How do I assign permissions in this manner?

    thanks!!

    Lannie
  7. Offline

    lschafroth

    Member Since:
    Apr 27, 2012
    Messages:
    20
    Message Count:
    20
    Likes Received:
    0
    Trophy Points:
    0
    lschafroth, Apr 29, 2012

    I did notice the ldap user dropdown only shows the first 20-30 accounts and nothing more. Is there something I need to change to see all users via LDAP?
  8. Offline

    lschafroth

    Member Since:
    Apr 27, 2012
    Messages:
    20
    Message Count:
    20
    Likes Received:
    0
    Trophy Points:
    0
    lschafroth, Apr 30, 2012

    Does anyone monitor these forums????
  9. Offline

    John Homer H Alvero

    Member Since:
    Dec 14, 2011
    Messages:
    6
    Message Count:
    6
    Likes Received:
    0
    Trophy Points:
    0
    John Homer H Alvero, May 3, 2012

    I have this problem since one year ago and up until now, it's still not resolved! Lol, FreeNAS + OS X OD just doesn't work. I got into a part where I was able to get id,groups from OD but CIFS/samba won't authenticate from OD.
  10. Offline

    lschafroth

    Member Since:
    Apr 27, 2012
    Messages:
    20
    Message Count:
    20
    Likes Received:
    0
    Trophy Points:
    0
    lschafroth, May 3, 2012

    I gave up on Open Directory. I will be using AD for all of our macbooks and Casper to manage preferences. No apples servers needed anymore. Migrating moodle and school website to linux. MacBooks to xserve = SLOW!! MacBooks to Windows = FAST, macbooks to NAS = VERY FAST. :) looks like I might have to go with qnap. there doesnt seem to be any activity here and the gui is nowhere near ready for a production environment. wish it was because I can build such a fast system with FreeNAS for little money.
  11. Offline

    lschafroth

    Member Since:
    Apr 27, 2012
    Messages:
    20
    Message Count:
    20
    Likes Received:
    0
    Trophy Points:
    0
    lschafroth, May 7, 2012

    Ordered a Synology box. FreeNAS is in NO WAY ready for any kind of production. Isnt even functional enough for testing. :(
  12. Offline

    lschafroth

    Member Since:
    Apr 27, 2012
    Messages:
    20
    Message Count:
    20
    Likes Received:
    0
    Trophy Points:
    0
    lschafroth, May 14, 2012

    Gave up on Freenas all together. It is nowhere near ready for production. Ended up purchasing a commercial product. worked quite nicely. I think once the Freenas has a good gui that makes sense and is easy to use with permissions and etc, it will be ready.
  13. Offline

    William Grzybowski FreeNAS Guru

    Member Since:
    May 27, 2011
    Messages:
    1,659
    Message Count:
    1,659
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    Curitiba, Brazil
    William Grzybowski, May 14, 2012

    Really?

    And do you think it wil lever happen if you don't report to the about what is wrong and what should change?

    No crystal ball
  14. Offline

    lschafroth

    Member Since:
    Apr 27, 2012
    Messages:
    20
    Message Count:
    20
    Likes Received:
    0
    Trophy Points:
    0
    lschafroth, May 14, 2012

    I've submitted feature requests and I see a long history of the same questions asked by others with no response from anyone on whether it will ever happen. Some of them were asked several years ago and the same lack of features still exist. The responses and too few and far between to try and use this in a production environment. I didnt see a clear path to any of these issues ever being fixed so I had to move on to something that is ready NOW.

    thanks,

    Lannie
  15. Offline

    William Grzybowski FreeNAS Guru

    Member Since:
    May 27, 2011
    Messages:
    1,659
    Message Count:
    1,659
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    Curitiba, Brazil
    William Grzybowski, May 14, 2012

    Several years ago? FreeNAS have about 1 year of life :)

    Do you have the tickets #?
  16. Offline

    lschafroth

    Member Since:
    Apr 27, 2012
    Messages:
    20
    Message Count:
    20
    Likes Received:
    0
    Trophy Points:
    0
    lschafroth, May 14, 2012

    Freenas has been around for years.
  17. Offline

    William Grzybowski FreeNAS Guru

    Member Since:
    May 27, 2011
    Messages:
    1,659
    Message Count:
    1,659
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    Curitiba, Brazil
    William Grzybowski, May 14, 2012

    FreeNAS 8 is a complete new software (100% rewrite)
  18. Offline

    lschafroth

    Member Since:
    Apr 27, 2012
    Messages:
    20
    Message Count:
    20
    Likes Received:
    0
    Trophy Points:
    0
    lschafroth, May 14, 2012

    I know that. I'm talking FreeNas in general. Issues are still there in all revisions.
  19. Offline

    William Grzybowski FreeNAS Guru

    Member Since:
    May 27, 2011
    Messages:
    1,659
    Message Count:
    1,659
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    Curitiba, Brazil
    William Grzybowski, May 14, 2012

    We don't care for those issues in older revisions.

    Do you wanna be helpful and provide tickets #? Or can I close the thread?
  20. Offline

    lschafroth

    Member Since:
    Apr 27, 2012
    Messages:
    20
    Message Count:
    20
    Likes Received:
    0
    Trophy Points:
    0
    lschafroth, May 14, 2012

    Close the thread please. thanks

Share This Page