File sharing and authentication service

Zentyal uses Samba [4] to implement SMB/CIFS and manage the domain, Kerberos [5] for the authentication services.

[4]http://en.wikipedia.org/wiki/Samba_(software)
[5]http://en.wikipedia.org/wiki/Kerberos

Configuring a file server with Zentyal

The file-sharing services are active when the file sharing module is active, even if the Domain Controller function is not.

File sharing is integrated with users and groups. Each user has a personal directory and each group can be assigned a shared directory.

The user’s personal directory is automatically shared and can only be accessed by the user.

To configure the general settings of the file sharing service, go to File Sharing ‣ General configuration.

_images/06-sharing.png

General configuration of file sharing

The domain is set to work within the Windows local network, and the NetBIOS name is used to identify the Zentyal server. You can use a long description to describe the domain.

To create a shared directory, use File Sharing ‣ Shares and click Add new.

_images/07-share-add.png

Adding a new share

Enabled:
Leave it checked if this directory needs to be shared. Disable to stop sharing.
Share name:
The name of the shared directory.
Share path:
Directory path to be shared. You can create a sub-directory within the Zentyal specific directory /home/samba/shares, or use an existing file system pathway by selecting Filesystem path.
Comment:
A more detailed description of the shared directory simplifies management of shared assets.
Guest access:
Enabling this option allows a shared directory to be accessible without authentication. Any other access settings will be ignored.
_images/08-shares.png

List of shares

Shared directories can be edited using Access control. By clicking on Add new, you can assign read, read/write or administration permissions to a user or group. If a user is a shared directory administrator, he/she can read, write and delete any user files within that directory.

_images/09-share-acl.png

Adding a new ACL (Access Control List)

You can also create a share for a group using Users and Groups ‣ Groups. All group members will have access: they can write their own files and read all the files in the directory.

_images/share_group.png

Creating a shared directory for the group

If you want to store deleted files in a special directory called RecycleBin, you can check the Enable recycle bin box using File Sharing ‣ Recycle bin. If you do not want to use this for all shared resources, add exceptions using Resources excluded from Recycle Bin. Other default settings for this feature, such as the directory name, can be modified using the file /etc/zentyal/samba.conf.

_images/recycle-bin.png

Recycle bin

Using File Sharing ‣ Antivirus virus scanning of shared resources can be enabled and disabled. Exceptions can also be defined where virus scanning is not required. To use this feature the Zentyal antivirus module must be installed and enabled.

_images/samba_av.png

Antivirus scanning shared folders

Configuring a Domain Controller with Zentyal

Zentyal can act as a Domain Controller, either as the original Controller for this domain or as an Additional Controller of an existing Active Directory domain.

_images/06-pdc-enabled.png

Authentication server

If the Roaming Profiles option is enabled, the server will not only authenticate users, but will also store their profiles. These profiles contain all the user information, including Windows preferences, Outlook email accounts and the Documents folder.

When a user logs in, the user profile will be retrieved from the domain controller. Therefore, the user will have access to their work environment on multiple computers. Before enabling this option, you must consider that the user information can be several gigabytes in size.

You can also configure the drive letter to which the personal user directory will be linked after authenticating against the domain.

If you want to configure your Zentyal server as an Additional Domain Controller of an existing Active Directory , you will have to go to General Settings tab of the File Sharing menu. Here you will choose the Additional Domain Controller option, the FQDN name of the controller you want to join, the IP address of the DNS server that manages the domain, and finally, username and password needed to join.

_images/additional_controller.png

Zentyal as an Additional Domain Controller