I’m using Mac OS X Server and want to allow the users that connect to their network accounts to store their data on a NAS drive. I want the users to connect to the Lion server as this allows for better policies and management for me and for their afp share to be located on a NAS drive.
I’ve looked into home directories and network logins however I don’t want the users to connect into a different login environment, just an authentication against their provided account on the Lion server and for their finder to take them to their own storage area – located on the NAS drive.
Currently I am using FreeNAS for both authentication and storage however there are getting to be far too many people to manage each afp share and account, plus just using FreeNAS is extremely limiting for expansion and if something goes wrong with 1 entity the entire system goes down. Using the Lion server for user accounts and policies will be much better for this expanding business. I have looked into LDAP, using the Lion server as an LDAP server to authenticate against for FreeNAS however I have had issues with this and thought a different approach could be better from the other side of the situation… Providing the account with somewhere to store data rather than the afp share authenticating against an LDAP server.
I am wrong to try it this way?
Is it possible to logically add storage to a Mac OS X Server which can be recognised as a local drive, so can be used for network accounts?
Answer
Is it possible to logically add storage to a Mac OS X Server which can
be recognised as a local drive, so can be used for network accounts?
Yes, FreeNAS can use iSCSI: http://doc.freenas.org/index.php/ISCSI. Keep in mind that iSCSI volumes can only be used as iSCSI volumes. You won’t be able to share it out via SMB/AFP/NFS/etc from FreeNAS directly. You also want to make sure the ethernet channel between FreeNAS & Lion is very reliable & preferably private (a dedicated switch). On the Lion side, you’d need to install an iSCSI initiator such as GlobalSAN.
Regarding LDAP, Lion’s built in Open Directory is pretty easy to set up. The main thing you have to do is make sure your server’s forward & reverse DNS name is set up right in your DNS server, otherwise the Lion server’s services will probably not work right. But the general idea once you get your Open Directory set up is you can add all of your users to the Lion server, then configure the FreeNAS server to join the Lion server to do lookups against users for authentication. This would be useful for SMB/AFP/NFS/FTP/etc shares on FreeNAS. This wouldn’t really help with iSCSI.
Attribution
Source : Link , Question Author : Sam Ryder , Answer Author : churnd
