Integration of SoftNAS® into Active Directory enables domain users to more securely share files and data in a corporate environment. Authentication is managed by Active Directory (AD) via Kerberos.
Kerberos tickets are issued to users authenticated to AD. When a user accesses a CIFS share managed by SoftNAS®, the ticket is then verified with AD to ensure it is authentic and valid before allowing access to the shares. Windows user IDs and groups (e.g.,Domain Users) are transparently and dynamically mapped from AD into SoftNAS® and Linux, making access seamless for Windows users.
When integrated into a domain environment, SoftNAS® becomes another member server of the domain - like any other Windows server joined to the domain.
Authorization and granular access controls are available to manage the level of access available to various users and user groups.
The following sections detail how to configure SoftNAS® for integration with AD and how to troubleshoot and resolve common issues that can arise during AD integration.
On Linux, Samba is used to provide access to CIFS for access from Windows-based systems. Samba uses a program called winbind, which binds Windows authentication and identities (e.g., AD users and groups) with Linux, and automatically maps Windows users and groups to Linux users and groups.
Please use the following process to integrate AD with SoftNAS® and Linux with Samba.
SoftNAS does not support single label domains (domains without a suffix such as .com, for example: softnas.domain rather than softnas.domain.com. This warning will typically only apply to clients running servers older than Server 2008 R2. Windows Server 2008 R2 and up no longer supports the creation of these single label domains.