[zfs-discuss] Nested data sets as Active Directory (Samba 4) homes - how to?

Gregor Kopka zfs-discuss at kopka.net
Mon Sep 14 17:57:38 EDT 2015

Am 14.09.2015 um 12:55 schrieb Ole Traupe via zfs-discuss:
> Hi everybody,
> I am rather new to ZFS and a bit puzzled about how to set up the home
> directories of my new Windows domain. I would be very happy about some
> advice regarding the best practice in my case, if possible.
> I have read that it is best practice to provide individual ZFS data
> sets as user homes, as those can be backed up (via snapshots),
> restored, and migrated way more flexible. 
That is a good plan. Also nice: access to .zfs/snapshots for and by the
user, quota per user enforced through filesystem.

> But as I would still like to address the home shares as
> "\\server\homes\user", I figured it best to have them nested in a
> "homes" data set. I am _not_ using the built-in CIFS server, but Samba 4.
ZFS is a normal filesystem, you can share it through samba without problems.

> (Some of) My questions are:
> a) What's the best practice for ACL inheritance? Should I have Samba
> do it or rather ZFS?
> b) I also read that it is not advised to actually access parent data
> sets such as my intended "homes" data set. So is it even possible or
> good practice to reference my user home data sets as
> "\\server\homes\user" if I actually mean to access the child data sets
> directly?
Take a look how samba is setup to serve AD. Ich you back it with ZFS or
not makes no difference (except putting the /transient/ .tbd of samba
into tmpfs is a good idea for speedup) to backing with other
filesystems. In case you want to create filesystems for individual users
under /home then samba provides hooks to call into ZFS on connect so you
can create them on demand.


