Answer the question
In order to leave comments, you need to log in
How to restrict access in FreeNas 9.3 and save data securely?
Hello. Installed FreeNas 9.3 on USB Flash. Connected 2 hard drives to ZFS mirror, created a ZFS Dataset for each network folder for access by Windows users and the shared folders themselves. Now I can’t figure out the access rights to network folders, please tell me how to do the following:
1) group1 (administrators) with user1-1, user1-2, etc. with full access rights to share1, share2, share3, share4, share5 ;
2) group2 (those who can) with user2-1, user2-2, etc. with full access rights to share2, share3;
3) group3(network users) with user3-1,user3-2, etc. with full access rights to share3.
Purpose of folders:
share1 - folder with backups and various information and software for administration;
share2 - folder with confidential data with limited access;
share3 - folder with access not for everyone;
share4 - read-only data folder, accessible to unauthorized users, only group1 can change;
share5 - a folder with open access, everyone, including unauthorized users, has the right to create and modify content.
I would also like to know:
1. Will the data be reliably stored in the ZFS mirror (software mirroring, if I understand correctly) on a computer with non-ECC memory (as they say on the Internet, ZFS is error-sensitive, and from UFS in FreeNas 9.3 it seems like refused);
2. How to make a duplicate flash drive with FreeNas 9.3 correctly, so that if the main one fails, you can not waste time reinstalling, but simply plug in a spare one and continue working (the USB Flash resource is not endless, I would not want to hope for a chance);
3. If anyone uses FreeNas, maybe he will tell you what problems may arise in the future and whether it is possible to prevent them.
PS I'm not familiar with FreeBSD (and hopefully I won't have to). I didn't find any information about what was written above for FreeNas version 9.3, and working with a collection of articles from the Internet did not bring the expected result. So please answer as comprehensively as possible.
Answer the question
In order to leave comments, you need to log in
If there is a domain, make a free CIFS share and draw the rights in "Auxiliary Parameters". Example: valid users = "@domain.local\Group1"
admin users = "@domain.local\Domain Admins".
1. There are two servers on frinas for about a year and (tfu-tfu) the data is intact.
2. Prog for cloning or install frinas on the second flash drive and restore the config merged with frinas.
3. There was a situation when a flash drive died while scrubbing was taking place. After that, the dataset was not imported until it was connected to a "normal" fribsd and the scrub was completed.
You can secure data using snapshots and replicating them to another server.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question