Community

Subscribe
Highlighted

Active Directory Authentication

Hi,

I'm working in this costumer scenario:

One central Site with an Activer Directory Structure and 9 remote sites. For this remote Sites costumer need's File & Print Share services.

I'm thinking to propose a NAS system (FAS2000), but only if i not need a additional server.

My question is, if I lose connection to my central site (Active Directory Structure) can I still access to my local NAS System (FAS2000).

Thanks

NL

Re: Active Directory Authentication

My understanding is that the filer requires connection to AD so that it can authenticate user requests.  So when you lose the WAN and therefor AD you lose CIFS on the filer but cached {already logged on} will be OK for a short time.

You could work around the issue with an DC on the remote site depenant on how many users this may be the way forward anyway.  You could also look at standby dial on demand links but these could become swamped if you do not have the routing/QoS correct.

You also have the option of workgroup security on the filer but this will water down security and add to management.

Bren

Re: Active Directory Authentication

When AD is down then your CIFS session for shares will fail. However you can still access the Filer management/console using the local user account (root).

Thanks;

Daniel

Re: Active Directory Authentication

First of all, thanks for your quick support.

My costumer don't need much disk space. But he need's a way to transfer data from remote sites to the central site. So, i was thinking that instead of traditional servers, why not use NAS system's and than de-duplicate to the central site.

Is there any way to import (or map) local users with active directory users? It's importante, that If connection to central site fail's, users still have access to they files.

Thanks

NL

Re: Active Directory Authentication

Re: Active Directory Authentication

Simply put, yes you can. But possibly not easy to manage.

You can use pass-through authentication. Basically if a username and password are the same, then Windows will allow the authentication, even if the domains are different. So if you have a local user that is identical to a domain user, the user will be able to authenticate to either. As you can imagine, this may become a nightmare to manage.

Have you thought about WAN accelerators or WAFS devices on the remote sites to bring the central system closer?

Re: Active Directory Authentication

in 8.2 we have local users and groups. Probably you can use that remote office scenario.