Home NAS - Best OS & File Permissions

[Spartan-117]

Hi Everyone!

 

Here is a "short" introduction of what i already have for mi Server.

 

************************* INTRODUCTION *************************

 

1- Sorry for my English, it's not my native language! 

 

2- I have already bought and asembled the Hardware of my Server, here it's the parts list:

 

• Motherboard + CPU: Biostar A68n-5545 + AMD A8-5545 Quad Core (Base 1.7Ghz - Turbo 2.7Ghz).
• RAM: 2x Hyper X Fury 8Gb 1866Mhz (I know it's overkill but i had them for free).
• CASE: Riotoro Cr280 Mini Itx.
• HDD: 3x WD Red 4Tb & 1x WD Blue 1Tb.
• PSU: Thermaltake Tr2 500 500w.

 

3- I already had this OS's available for use:

 

• Windows Server 2012 R2 Datacenter.
• Windows Server 2012 R2 Essentials.
• Windows Server 2016 Datacenter.
• Windows Server 2016 Essentials.
• Windows 10 (Multiple Editions).
• Windows Server 2016 Nano.
• Ubuntu (All Versions).
• UnRaid.

 

4- Devices to connect:

 

• 4 Smartphones (1 iPhone 6s Plus and 3 Android Devices)
• 2 Tablets (1 iPad Mini 2 + Xperia Tablet Z2)
• 3 Smart TV's (All Samsung)
• 5 PC (3 Notebooks + 2 Desktop)

 

************************* WHAT I NEED TO ACHIEVE *************************

 

I need a File Sharing Server over my LAN and a Multi Media Streaming Server. Easy Right? ... But No...At lease for my!

The thing is... I want to Stream movies to my Smart TV's & Tablets and share files with all my other devices, but i want the ability to choose who can see and/or edit those files (Not the movies, i don't care about movies).

I don't want to make a Domain Controller and create or migrate all user acounts to an Active Directory. This, unfortunately, is not an option.

 

TL;DR:

 

• No Domain Controller with Active Directory.
• Ability to choose the level of access of the files.
• Ability to Stream Movies to my Smart TV's.
• No login required in any device.

 

If Someone can help my with some ideas or solutions i would appreciate so much!

 

Question -> How give permissions to users BY FILE, without creating a Domain Controller/Active Directory?

 

Thanks!

[Mikensan]

English may not be your first language but you organized your thoughts and wrote clearer than a lot of others who natively speak english. Kudos!

 

You will need some form of account management, which isn't a big deal not to have active directory. Almost any OS you chose will have local account management. The only advantage of active directory is single sign on / kerberos, so that when you access a share you do not have to type a password. 

 

OS:

unRaid is probably the most simple, works great if you only need to support a gigabit connection. I'm not personally a fan but it's very much loved by those who use it. I feel like there should be a lot of people using it, but I never come across many. I think half the battle is you have to pay for it.

Windows Server is semi easy, however to cluster/raid the drives together you'll either need a raid controller | use Storage Spaces | buy FlexRAID(People seem to love FlexRAID) If you're interested in FlexRAID there's quite a few people on these forums that use it.

FreeNAS Very popular but maybe takes a little more forethough to get going, is a memory hog (uses RAM for cache to speed up write speeds due to CoW / sync. writes). It will work with lower RAM but in certain scenarios it may underperform (NFS). If you're interested in FreeNAS I'd be happy to help, but there's also a lot of people using this too.

 

Media Streaming:

Plex is the most popular and widely supported media streaming. Transcoding can be tasking on the processor, but not really all that bad.

 

Permissions:

CIFS/SMB shares no matter your O/S. Most widely supported protocol and fairly stable. 

Windows: Just create local accounts as needed, create your share and then limit the folders/files within the share under the Security tab

BSD/Unix/Linux: Same thing, FreeNAS/unRaid/Linux all have user management in which you can create users. Once you create a SMB share just assign the permissions to the folders.

In all cases you're going to be prompted as soon as you access the share to enter credentials. 

 

[Spartan-117]

3 hours ago, Mikensan said:

English may not be your first language but you organized your thoughts and wrote clearer than a lot of others who natively speak english. Kudos!

 

You will need some form of account management, which isn't a big deal not to have active directory. Almost any OS you chose will have local account management. The only advantage of active directory is single sign on / kerberos, so that when you access a share you do not have to type a password. 

Many thanks for the comment! I appreciate the time you took to respond my question!

 

3 hours ago, Mikensan said:

OS:

unRaid is probably the most simple, works great if you only need to support a gigabit connection. I'm not personally a fan but it's very much loved by those who use it. I feel like there should be a lot of people using it, but I never come across many. I think half the battle is you have to pay for it.

Windows Server is semi easy, however to cluster/raid the drives together you'll either need a raid controller | use Storage Spaces | buy FlexRAID(People seem to love FlexRAID) If you're interested in FlexRAID there's quite a few people on these forums that use it.

FreeNAS Very popular but maybe takes a little more forethough to get going, is a memory hog (uses RAM for cache to speed up write speeds due to CoW / sync. writes). It will work with lower RAM but in certain scenarios it may underperform (NFS). If you're interested in FreeNAS I'd be happy to help, but there's also a lot of people using this too.

 

unRAID: For some reason this OS doesn't make me feel comfortable, IDK why... But i keep it as a valid choice.

Windows: I think, for me, will be the best option... because i'm used to it and is very familiar.. and the Active Directory is very very usefull! But i will need to migrate all the accounts. Because if the server fails... Will i be able to access the PCs with the accounts??

FreeNAS: It strongly recommends INTEL CPU's... I think with my hardware it will be a problem... What do you think?

 

3 hours ago, Mikensan said:

Media Streaming:

Plex is the most popular and widely supported media streaming. Transcoding can be tasking on the processor, but not really all that bad.

 

Will i be able to access with my Smart TV's? In some of them i am not able to install other apps, besides of the stock apps... I think something like DLNA, maybe?

 

3 hours ago, Mikensan said:

Permissions:

CIFS/SMB shares no matter your O/S. Most widely supported protocol and fairly stable. 

Windows: Just create local accounts as needed, create your share and then limit the folders/files within the share under the Security tab

BSD/Unix/Linux: Same thing, FreeNAS/unRaid/Linux all have user management in which you can create users. Once you create a SMB share just assign the permissions to the folders.

In all cases you're going to be prompted as soon as you access the share to enter credentials. 

 

So, there is no option for, IDK, like an IP based permissions...? So the best option still Windows Server 2016... For compatibility with my other PC's.

 

Another question... How i can be able to access to the shares with my mobile (iOS/Android) devices?

 

Again, Many Thanks!

[Spartan-117]

7 hours ago, Julian2000nl said:

How about FreeNAS?

http://www.freenas.org/

 

It's open source and pretty flexible in how you use it. Samba for one device, FTP for the other, or just in-browser.

 

But im looking for something simple, because the users (My family xD) does't know nearly anything of Technology...

 

However, I appreciate your idea!

[Mikensan]

unRAID: For some reason this OS doesn't make me feel comfortable, IDK why... But i keep it as a valid choice.

• Me either, it might because it's different and I would have to spend time searching or adjusting - but I also do not like their solution for redundancy. Single disk parity bottle necks performance - but on a gigabit network it isn't something to be overly concerned about. For a simple file server, it's just fine. I will say their interface is very clean.

Windows: I think, for me, will be the best option... because i'm used to it and is very familiar.. and the Active Directory is very very usefull! But i will need to migrate all the accounts. Because if the server fails... Will i be able to access the PCs with the accounts??

• You do not need AD even if it's windows. Just use the local accounts (on the server) to manage permissions, and your family can log into their laptops/computers per normal. You can even map a network drive for them and enter and save the credentials there. So all they end up doing is turning on the computer and click the "X" drive or whatever letter you want. I can demonstrate this if you wanted to see what I mean. (Saved network connections can bug out sometimes, so at my old job I just wrote a batch file to unmap and remap network drives at login since they didn't want me touching group policy :-\..

FreeNAS: It strongly recommends INTEL CPU's... I think with my hardware it will be a problem... What do you think?

• Intel makes it very clear about ECC support and a lot of FreeNAS enthusiasts will insist on ECC RAM. This is however only a recommendation and the original developers of ZFS say it's not that critical. So in short, your AMD cpu will work just fine. What is genuinely a good recommendation.. Intel NICs.

 

Will i be able to access with my Smart TV's? 

• Varies from TV to TV, but a quick solution is getting either a Roku / Chromecast / FireStick for < $30 typically. Black Friday is coming and they're probably going to be $10-$20us. But yes, Plex does support DLNA - however with a large number of movies it's annoying. Personally I think a dongle device is vastly superior to Smart-TVs.

 

So, there is no option for, IDK, like an IP based permissions...? So the best option still Windows Server 2016... For compatibility with my other PC's.

• SMB/CIFS doesn't really have IP based ACLs unfortunately, since it is a windows protocol it expects you to use account management. NFS and iSCSI do however support IP based control, however NFS on windows can be a little tricky, and iSCSI is block level storage which with NTFS is not a good idea when shared between multiple computers.

How i can be able to access to the shares with my mobile (iOS/Android) devices?

• Regardless of your choice, I've seen owncloud support on almost any platform. If you use windows, I'd do Nextcloud instead (I don't know if FreeNAS or unRaid natively support it, however you can create a VM/Docker in either and spin up Nextcloud). This creates a "google drive" effect. What's nice with Nextcloud is it has its own internal account management, so when your family opens the app the can login to it using whatever credentials. Or you could set up their phones for them and enter the credentials on their behalf.

 

If you put the legwork in and map shares and log in on their behlaf and set it all up, they won't have to worry about usernames/passwords. On a rare occasion here and there you might get a phone call where it's asking to login again (M$ just breaks for whatever reason, job security for me though!)

[Spartan-117]

23 hours ago, Mikensan said:

Windows: I think, for me, will be the best option... because i'm used to it and is very familiar.. and the Active Directory is very very usefull! But i will need to migrate all the accounts. Because if the server fails... Will i be able to access the PCs with the accounts??

• You do not need AD even if it's windows. Just use the local accounts (on the server) to manage permissions, and your family can log into their laptops/computers per normal. You can even map a network drive for them and enter and save the credentials there. So all they end up doing is turning on the computer and click the "X" drive or whatever letter you want. I can demonstrate this if you wanted to see what I mean. (Saved network connections can bug out sometimes, so at my old job I just wrote a batch file to unmap and remap network drives at login since they didn't want me touching group policy :-\..

 

Can you give me a quick tutorial?

 

23 hours ago, Mikensan said:

If you put the legwork in and map shares and log in on their behlaf and set it all up, they won't have to worry about usernames/passwords. On a rare occasion here and there you might get a phone call where it's asking to login again (M$ just breaks for whatever reason, job security for me though!)

 

A phone call?  

 

23 hours ago, Mikensan said:

Will i be able to access with my Smart TV's? 

• Varies from TV to TV, but a quick solution is getting either a Roku / Chromecast / FireStick for < $30 typically. Black Friday is coming and they're probably going to be $10-$20us. But yes, Plex does support DLNA - however with a large number of movies it's annoying. Personally I think a dongle device is vastly superior to Smart-TVs.

 

I prefer the "Free" options... Here in my country, Chromecast it's nearly u$s90! (Yeah it's a robery) so i'm out of budget after spending all the money on the "Server"... 

 

In you opinion, in my case of use, would you recomend using an Active Directory?

 

 

[Mikensan]

19 hours ago, Spartan-117 said:

 

Can you give me a quick tutorial?

 

 

A phone call?  

 

 

I prefer the "Free" options... Here in my country, Chromecast it's nearly u$s90! (Yeah it's a robery) so i'm out of budget after spending all the money on the "Server"... 

 

In you opinion, in my case of use, would you recomend using an Active Directory?

 

 

There's no need for active directory because you'd be the only one using it. No need for the rest of the household to use it. I'll use PSR either tonight or tomorrow and record what I'm talking about.

 

That is robbery for chromecast, but I doubt you could buy it from a US vendor and import it any cheaper.

 

Well if you have any gaming console they have Plex (Ps3/xbox360 and better) support. Or convert any old laptop into a media player (plex media player runs as a desktop application which you can then cast to).

[Spartan-117]

1 hour ago, Mikensan said:

There's no need for active directory because you'd be the only one using it. No need for the rest of the household to use it. I'll use PSR either tonight or tomorrow and record what I'm talking about.

 

I will be very grateful for that!

 

1 hour ago, Mikensan said:

That is robbery for chromecast, but I doubt you could buy it from a US vendor and import it any cheaper.

 

Well if you have any gaming console they have Plex (Ps3/xbox360 and better) support. Or convert any old laptop into a media player (plex media player runs as a desktop application which you can then cast to).

 

Yes is a Robbery! Even if i buy it from US and import it... i will be at least 80% more of the buying price  !!

I will try first with a DLNA server service on the server, if that does´t work i will use Plex, with a Notebook connected to the TV.

[Spartan-117]

On 17/11/2017 at 11:14 AM, Mikensan said:

There's no need for active directory because you'd be the only one using it. No need for the rest of the household to use it. I'll use PSR either tonight or tomorrow and record what I'm talking about.

Any news on the tutorial? Thanks!