This is beta. Use at your risk. I did it in a proxmox 8 vm. I take snapshots after a few steps so if it doesn't work I can rollback.
This is basicly the same as the this post.
Thread
OMV 6.X (RC1) Active Directory
This is for OMV6. Here is a newer version for OMV7.
forum.openmediavault.org/index…&postID=375318#post375318Both seem to be working but read the whole thread because others have contributed to them.
Thanks
Update:
This seems to be working fine and surviving updates. There is some info about ftp and ssh in the 8th post. Thanks to
WiiFriik for that. Please read the whole thread before trying this. There are a few recommendations for other servers.
For freeipa AD see
RE: OMV 6.X (RC1) Active Directory…
More detail there for other AD etc.
Install debian 12 as minimal as possible. Be sure to put in your domain.
If network is not working use "omv-firstaid" to fix.
Allow ssh
update to current
Install OMV.
Post
Install OMV7 on Debian 12 (Bookworm)
To install OMV7 on an already installed Debian 12 (Bookworm), simply execute the following steps as root user:
(Code, 11 lines)
(Code, 14 lines)
apt install dnsutils mmdb-bin mlocate
Make sure dns resolves your AD server forward and reverse. Same for AD to OMV.
Don't use /etc/hosts because it will cause problems down the road. OMV controles it!
Optional: Install certificate for web server.
This is mostly from: OMV 6.X (RC1) Active Directory
With help from the community
In web ui apply the changes after most modifications.
Be sure these are correct
If you use dhcp it may be ok but check these!
Set ntp to domain time server and time zone
realm join example.com -U donadmin
If more than one use coma separator and no spaces
Set network to static and domain dns servers
Some apt installs will install some dependencies too.
apt install realmd policykit-1
realm discover example.com
Should give details including "client-software: sssd"
apt install sssd sssd-tools libnss-sss libpam-sss adcli samba-common-bin packagekit-tools cracklib-runtime appstream ldap-utils sssd-dbus apt-config-icons gstreamer1.0-tools libsss-sudo gstreamer1.0-plugins-base libsss-simpleifp0
realm join example.com -U donadmin
sssctl domain-list
Now go to the web interface, Services -> SMB/CIFS -> Settings
security = ads
kerberos method = secrets and keytab
realm = EXAMPLE.COM
winbind enum users = yes
winbind enum groups = yes
# Default ID mapping configuration using the rid
# idmap backend. This will work out of the box for simple setups
# as well as complex setups with trusted domains.
idmap config * : backend = tdb
idmap config * : range = 3000-7999
idmap config EXAMPLE : backend = rid
idmap config EXAMPLE : range = 10000-9999999
winbind use default domain = yes
server services = +winbind
winbind refresh tickets = Yes
### Questionable
#disable netbios = yes
domain master = no
local master = no
# client min protocol = SMB2
Display More
apt install winbind libsss-sudo libnss-winbind libpam-winbind libwbclient0
cp /etc/nsswitch.conf /etc/nsswitch.conf.bak
nano /etc/nsswitch.conf and set these lines like this.
passwd: files winbind systemd sss
group: files winbind systemd sss
shadow: files systemd sss
gshadow: files systemd
reboot
Setup share and test.
Feedback welcome.
Thanks