DATOptic uNAS – tNAS User Manual

uNAS/tNAS User Guide Version 1.0 

Page 15 

First create users and groups in Your Domain:
1.

Run Menu Start

Programs

Administrative Tools

Active Directory Users and Computers

2.

Right mouse click on your domain name and select New

User

3.

Enter all necessary fields to create user Chris.

4.

Create all users (back to point 2).

5.

Click with right mouse click on your domain name and select New

Group

6.

Create groups: Developers, Graphics, and Company.

7.

Add users to groups - right mouse click on group Developers. In Members tab click Add. Add
users to groups (groups Company, Developers, Graphics)

Connection to windows domain:

a. Go to uNAS/tNAS Web interface “CONFIGURATION”

“NAS settings”

b. Select ADS or PDC (depends on your system - if you have NT4 Domain or Windows 2003

(with no Kerberos**** fix) then select PDC, else select ADS).

c. Enter your domain name - in PDC this will be the number IP and administrator password in

ADS enter the full domain name (example. COMPANY.COM.DE).

d. Enter your domain/Kerberos server IP
e. Enter the name and password of an existing Administrator user account on your domain.

f. Click the “Apply” button to join the domain. Creation of shares and set permissions:

1. Create a Company share (Open-E NAS-3 Web interface

“CONFIGURATION”

“

NAS

Resources”

“Shares”).

2. Set permissions for all or select only Company groups.
3. Go to share \\YOUR_NAS_SERVER_NAME\\Company

4. Create folders "WORK", "HOME" and "FORALL".
5. Set permissions for the folder WORK - right mouse click

properties

security.

6. Deny access for everyone (point 1), change the owner to Chris user (point 4) with a full

access and add Robert with a full access.

7. In the folder WORK create folders DEVELOPER, GRAPHIC, DOCUMENTS and

CHANGES.

8. Change the owner of the DEVELOPER directory to Clint (with full rights). Add group

Developers with a “read only” access.

9. Add group Graphics with a full access to the directory GRAPHIC.
10. Change the owner of the CHANGES directory to Clint (with full rights). Add groups

Graphics and Developers with full rights.

11. Add a secretary to the DOCUMENTS directory with a “read only” access.

12. In the home directory create own private directory for each user, change user (make that

the owner and the directory name are the same). Remove an access for the Company

group (point 1).

13. Add the group Company with a full access to the directory "FOR ALL".

* If you use the SUPERUSER all files and directories will be created as a local ROOT user.

** New directories with no inherited permissions do not have ACL permissions at the beginning - they have only

standard UNIX permissions 0777 (Windows 2003 shows - in a normal view in the security window - every special
permission. Windows 2000 does not show any permission in normal view - only in the advanced view). To enable

ACL for this directory, first select “Full Access” for everyone and click the “Apply” button.