Go Back   NETGEAR Forums > Home Products > Storage, Entertainment, Print Servers & VOIP Devices > Storage Central Forum

Reply
 
Thread Tools Display Modes
  #1  
Old April 7th, 2008, 07:38 AM
nealoff nealoff is offline
Junior Member
NETGEAR Newbie
 
Join Date: Apr 2008
Posts: 3
nealoff is on a distinguished road
Default ReadyNAS as Domain Controller?

In a Home environment it would be really helpful if the ReadyNAS could not just be able to join a domain, but would be able to function as a minimal domain controller. This would allow groups on the readyNAS to contain accounts on the individual computers and thus eliminate the whole mess of having to login to the readyNAS and deal with windows caching passwords.

The share permission isn't really useful for most people because if you have a wireless network this basically leaves open everything to anyone who penetrates your network. But the user level permission is a real pain because you have to establish parallel accounts and passwords on the readyNAS. This limitation is really the primary advantage I see for Windows Home Server.

The current implementation is really too complex for the home market and share permissions are too insecure.

Does Netgear/Infrant monitor these forums for suggestions or is there another place I should post this?
Reply With Quote
  #2  
Old April 7th, 2008, 01:14 PM
Orbital's Avatar
Orbital Orbital is offline
Senior Member
Advanced NETGEAR Expert
 
Join Date: Nov 2006
Location: CA
Posts: 575
Orbital is on a distinguished road
Default Re: ReadyNAS as Domain Controller?

You're in the wrong forum, go to http://readynas.com/forum
__________________
http://zerologix.com
Reply With Quote
  #3  
Old April 7th, 2008, 05:16 PM
fordem fordem is offline
Senior Member
NETGEAR Fanatic
 
Join Date: Nov 2006
Posts: 7,196
fordem is on a distinguished road
Default Re: ReadyNAS as Domain Controller?

Just a passing comment ...

In the eyes of Microsoft, who could be considered the authoritative source on domains when used in the context of active directory domain controllers, home networks use workgroups, not domains. This, by the way, is the sole reason you can't make Windows HomeServer do domain controller duties, or even join it to a domain - it's deliberately crippled to keep it out of the corporate market.

I don't know if you've ever noticed that Windows XP Home cannot be attached to a domain - it's Microsoft's way of differentiating it's consumer product from it's professional product, now that they have dropped the 9x versions.
Reply With Quote
  #4  
Old April 7th, 2008, 07:49 PM
nealoff nealoff is offline
Junior Member
NETGEAR Newbie
 
Join Date: Apr 2008
Posts: 3
nealoff is on a distinguished road
Default Re: ReadyNAS as Domain Controller?

Quote:
Originally Posted by fordem View Post
Just a passing comment ...

In the eyes of Microsoft, who could be considered the authoritative source on domains when used in the context of active directory domain controllers, home networks use workgroups, not domains.
I hadn't really thought about it since most of my computers have either XP Pro or Vista Ultimate on them because I've needed to connect to domains at various points. I didn't think that it was necessary to actually join a domain though in order to add a domain administered name into a local group but I may be misremembering and I don't have a way of checking currently. If so though, implementing a light-weight domain server on the ReadyNAS would be a coup.

But... I've been scolded so I must move to the correct forum.
Reply With Quote
  #5  
Old April 8th, 2008, 04:46 AM
fordem fordem is offline
Senior Member
NETGEAR Fanatic
 
Join Date: Nov 2006
Posts: 7,196
fordem is on a distinguished road
Default Re: ReadyNAS as Domain Controller?

Without a domain controller there would be no concept of domain or domain administered names - they become just users - and no concept of groups.

Think about it - your average home network would have what - three maybe four users - OK - WHS allows up to ten.

So .... for ten users, how much of a challenge is that administratively?

Why would you need groups - do you see family members switching roles in the family and needing access rights changed in the same way that you might have in a business environment after an employee gets promoted?

Yes - I find it a pain having to deal with laptops that wander back & forth between a workgroup at home and a domain at work, but XP Pro can be forced to remember passwords for workgroup style share level security.

I don't know if you know this - Microsoft offers their version of a NAS operating system - it's called Windows Storage Server, and is only available as part of an OEM solution, it's essentially a reduced feature version of whichever OS (you can get it as Server 2000 - where it used to be called "Powered by Windows" or Server 2003) and among the features that were removed is - yes - you guessed it, the domain controller functionality.

Now - a NAS has a specific function - storage - and they are generally expected to either function in a workgroup environment or integrate into a domain environment - if you turned it into a domain controller, then it would no longer be a NAS - would it?

It would be a general purpose file server - not a NAS - I think you're trying to put the device to a use it was not designed for.
Reply With Quote
  #6  
Old April 8th, 2008, 05:39 AM
nealoff nealoff is offline
Junior Member
NETGEAR Newbie
 
Join Date: Apr 2008
Posts: 3
nealoff is on a distinguished road
Default Re: ReadyNAS as Domain Controller?

Quote:
Originally Posted by fordem View Post
Without a domain controller there would be no concept of domain or domain administered names - they become just users - and no concept of groups.
I'll take your word for it as I can't test it right now. I know there are tweaks to activate the ability to join a domain in Windows XP Home but I've not tried them. But my issue was really the other way. Can a domain controller add local accounts from a Windows XP Home machine? That way your identity on the PC you login to would be known to the NAS without having to relogin to a separate identity on the NAS.

Quote:
Originally Posted by fordem View Post
Think about it - your average home network would have what - three maybe four users - OK - WHS allows up to ten.

So .... for ten users, how much of a challenge is that administratively?
True enough. And that's pretty much my situation. But as homes become a network of appliances each one having it's own identity management start to become an issue. I already have 2 computers I use at home, plus N800 tablet, a Wii, plus the rest of my family add another 3 computers. This situation is going to become more and more common and identity management will become an issue. I already wish that OS2008 (on the N800... a Maemo Linux variant) would allow multiple users with identity.

Quote:
Originally Posted by fordem View Post
Why would you need groups - do you see family members switching roles in the family and needing access rights changed in the same way that you might have in a business environment after an employee gets promoted?
I probably wasn't clear. I was really just wishing that I could add each computer's set of unique user identities to the existing NAS groups. Instead of having separate identities on the NAS.

Quote:
Originally Posted by fordem View Post
Yes - I find it a pain having to deal with laptops that wander back & forth between a workgroup at home and a domain at work, but XP Pro can be forced to remember passwords for workgroup style share level security.
Yes I'm aware of this. But this schema is a nuisance at home because on the laptops most of my family doesn't put passwords to login. I think this is probably pretty typical. But I can't leave the NAS w/o password access because it then would be open unprotected on the network. That means that I have to force them to come up with passwords that they don't normally use to connect. While I can save the passwords, this has to be done on each computer and for reasons I'm not clear of, apparently this information is removed in some circumstance... I've had to deal with prompts for login on machine where this info was previously saved. All this would be simplified if the identity the user was already operating under on the computer was recognized by all network appliances.

Quote:
Originally Posted by fordem View Post
I don't know if you know this - Microsoft offers their version of a NAS operating system - it's called Windows Storage Server, and is only available as part of an OEM solution, it's essentially a reduced feature version of whichever OS (you can get it as Server 2000 - where it used to be called "Powered by Windows" or Server 2003) and among the features that were removed is - yes - you guessed it, the domain controller functionality.
I can understand Microsoft's desire to segregate the higher profits they make in the commercial market by reducing functionality for the consumer market. Given the monopolistic position they occupy there is really no competitive pressure to force them to move away from this. Of course, that's part of my whole issue. I believe that the NAS market is the beginning of competitive pressure in this area because more and more homes are getting these and in a couple of years I think the numbers will really swell. There is a business opportunity now for others to set a standard for this instead of waiting for Microsoft to decide that this one feature has now become necessary to move into their consumer products. I think that ultimately they will do this though it may be several years until it happens.

Quote:
Originally Posted by fordem View Post
Now - a NAS has a specific function - storage - and they are generally expected to either function in a workgroup environment or integrate into a domain environment - if you turned it into a domain controller, then it would no longer be a NAS - would it?

It would be a general purpose file server - not a NAS - I think you're trying to put the device to a use it was not designed for.
Isn't that multi-purpose file server exactly what my ReadyNAS is? It serves files, runs Firefly and TwonkyMedia to serve media, has add-ons for ReadyNAS Photo (a photo sharing app), and a BitTorrent application. It runs Linux after all so the range of applications it could accomodate are pretty much unlimited. So if isn't it basically a server already for all practical purposes?

As we put more and more networked appliances in the home the need to have some kind of basic federated identity management is going to become an issue for homes. The NAS seems like an ideal place to solve this because it really is evolving to be the home server location.

Even for the SMB market this is becoming more and more true. I know for my small business, we're about to turn off our MS Outlook server and migrate to Google Applications for Email and Calendaring. We've moved to Salesforce.com online too. Basically we're trying to eliminate managing complex server applications. I'm not yet sold on having all storage online as Microsoft LiveDrive and the much hinted at but never delivered Google GDrive so a ReadyNAS like device would be real attractive. But if I still need to run a Microsoft Server just to provide identity management that greatly reduces the attractiveness. In fact, then I might as well just use that server instead of the NAS and reduce the complexity of the system by one box.

That's why I was hoping to have someone in the ReadyNAS/Infrant group see this because I wanted them to understand the issues that less-techy end-users saw. I know from my own experience that it is sometimes difficult to understand the problems that your customers see as important because of the host of technical enhancements that are always waiting to be implemented. Overall the ReadyNAS is an excellent product. Probably the best in the marketplace right now. But it's usefulness at home and in a small business environment is limited because of the identity management issues. I would hesitate to recommend it to either friends or other small businesses right now solely because of this. Most home users will find it too much of a hassle and workgroup-based small businesses still are probably better off just getting a Windows server because of the identity management issue.
Reply With Quote
  #7  
Old September 15th, 2008, 06:07 PM
cclambie cclambie is offline
Junior Member
NETGEAR Newbie
 
Join Date: Sep 2008
Posts: 2
cclambie is on a distinguished road
Default Re: ReadyNAS as Domain Controller?

Hi there,

I have been looking at using my ReadyNAS as a domain controller too, I think it would be great.

I have just found a Linux program called Samba that could probably do the job, for Windows or Linux domains.

I am not sure how one would go about installing that on the ReadyNAS, or even it might be there now as it is the program Linux uses for allowing Access to Linux Filesystems.

Any Ideas?
Reply With Quote
  #8  
Old September 17th, 2008, 11:00 AM
chirpa chirpa is offline
Banned
NETGEAR Newbie
 
Join Date: Feb 2008
Posts: 37
chirpa is on a distinguished road
Default Re: ReadyNAS as Domain Controller?

Quote:
Originally Posted by cclambie View Post
I am not sure how one would go about installing that on the ReadyNAS, or even it might be there now as it is the program Linux uses for allowing Access to Linux Filesystems.
The ReadyNAS uses Samba already, that is how it communicates with Windows clients. It could be possible to reconfigure Samba to act as a domain controller, but this will not be supported by NETGEAR, so you would be on your own.

And as Orbital said above, for ReadyNAS specific queries, it is best to goto the dedicated ReadyNAS forums.

Last edited by chirpa; September 17th, 2008 at 11:03 AM.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT -8. The time now is 11:06 PM.