How do I bind Windows Authentication to FreeNAS SMB Shares?

Our company has been growing in the last few years and requires us to upgrade our systems a bit. We are on a local domain, we will call it mydomain.local, and use Windows Server 2012 R2 currently as our domain controller. One of the projects I was put onto was to remove all file shares from our domain controller and put them on a file server so our domain controller can do only that. So my solution was to use a Linux based system to store our files. one of our hired IT guns suggested I go with FreeNAS as an OS for this file server. So I took his advice and here we are.

Just Installed the latest version of FreeNAS on the new server build.  The DNS Hostname for the new server is "filesvr" Everything installed great,  and I can see it on the network. I can login to the web GUI fine. Seems to be a very robust operating system.  When I first logged into the web GUI it had me go through a wizard for setup. One of the wizard steps was to create a list of shares for SMB. Which I did, the three shares are "public", "engineering" & "accounting". We also run a mixture of Windows 7 Pro and Windows 10 Pro Work Stations. All of these workstations have been slowly updated to Windows 10 Pro which is the majority of machines now. When I goto a Windows file explorer session, and put this in the address path, "\\filesvr", I get the three shares that I created. This is where I'm having an issue when I click on the share, it comes up with a Windows Security Dialog which asks's me to enter credentials to: filesvr. I use the Windows domain Administrator login with password, no good. I then try the root login and password from filesvr and no good.  I must have missed the part where we bind the Windows Active directory to the shares so We can use the Windows authenticated Users. Does anyone know where those settings are or how I'm to configure windows or FreeNAS to use Windows Authenticated users instead of creating all new users for the shares?
LVL 1
Steve WilliamsProduct Design EngineerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Cliff GaliherCommented:
FreeNAS covers this in their documentation. It is a change on the FreeNAS side, not the Windows side (assuming you've gotten DNS set up as you indicated.)

http://doc.freenas.org/9.3/freenas_directoryservice.html
0
Steve WilliamsProduct Design EngineerAuthor Commented:
Ok I did this and now the login dialog is gone but it still won't let me use the folder. I get this error:

failed-error-1.PNG
0
Cliff GaliherCommented:
Now you assign permissions on the SMB share in the FreeNAS interface.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Steve WilliamsProduct Design EngineerAuthor Commented:
@Cliff Galiher

I need to use the Windows Active Directory to handle permissions. I was told that it can do this. Was I told wrong?
0
GregoryFloroCommented:
You need to add the appropriate domains group to each share and set the permissions for that group.
0
Steve WilliamsProduct Design EngineerAuthor Commented:
@GregoryFloro

OK, So where do I configure this on the FreeNAS server or the domain server. The whole point was to not have to create redundant permissions on the FreeNAS server. I was told that I could use the Windows server to set the share permissions. What we do not want to happen is to have to recreate all authenticated users and groups on the FreeNAS computer. Our Domain server controls the active directory with all our users and groups already setup and completed. If this is not possible then I will have to purchase another seat of Windows Server and add it to the collective.
0
Cliff GaliherCommented:
You set the permissions on the freeNAS server. There isn't any redundancy. "you aren't recreating users or groups. You are setting permissions. Those are different entities. A windows file server is no different.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Steve WilliamsProduct Design EngineerAuthor Commented:
Ok I got it figured out now. I have to go to the volume and change the permissions there to an owner and a group which is populated by the active directory.  

Everything was there once I found the dialog. I first had to go to the Windows server and create the groups I needed then they will show up in the FreeNAS server. This is what I was missing. Once I have the group assigned The members of the group are maintained on the windows server side. That's what I was looking for.  See the screenshot below.

Screenshot of Change Permissions Dialog.
0
Steve WilliamsProduct Design EngineerAuthor Commented:
Thanks for your help fella's, appreciate your time.
1
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.