Userhomes in AD Enviroment

General
1

Hello

Im thinking about to build a new file server.
How do you handle userhomes in a AD enviroment (AD Controlled by Univention UCS)?
On my QNAP NAS there is a share home which is automaticly mapped to the home folder of the user.

Is there any way to do this with rockstor? Or do i need to create a share for every user?
How do you handle this?

Thanks in advance for your comments.

2

Hi @yves-ledermann, welcome to Rockstor Community!

Talking about AD enviroment, actually Rockstor can join an AD, but doesn’t act as AD DC.

Workaround: have read of UCS and it seems to be obviously Samba 4, so you can both define homes and use GPO for win clients (via RSAT tools from any win7/8/X machine) to apply folder redirection (desktop, documents, etc etc)

Suggestion: create one share, enjoy btrfs snapshots benefits and manage your homes / linked folder with rules on AD DC: AD DC acts only as DC, storage server serves homes, etc etc once joined to AD (as i do in my office and you can do the same with Rockstor - once joined AD you can change share owner and group to AD Admin & Domain Users, et voilĂ  :slight_smile: )

Flyer

2 Likes
3

Hello @Flyer
Many thanks for the verry fast reply and the welcome.

I will continue to run UCS Server as AD Controller.
(Works verry stable since more than two years)
If anybody is looking for a replacement of a Windows AD Controller i can just recomend to try the USC Server.

But back to topic:
I will try this with my rockstor vm and report how it is working.
Now with my QNAP NAS i have mapped all Userhomes to \NAS\home
but i will change to \ROCKSTOR\homes%USERNAME%
Lets see if i can set the right credentials allmost automaticly…
At the moment those credentials are handled by the QNAP NAS…

Thanks again for your suggestion.

4

[quote=“yves-ledermann, post:3, topic:1324”]
but i will change to \ROCKSTOR\homes%USERNAME%Lets see if i can set the right credentials allmost automaticly…
[/quote] :point_up: Remember to make homes share on rockstor with owner\group to your domain admin (or root, as you wish) and group to Domain Users (77x), or they won’t be able to mount (and write) to their homes

Flyer

1 Like