Proxmox Containers - AD Authentication and Mount Points

virtualbitz

New Member
Nov 6, 2020
15
0
1
30
Hey guys, I'm looking for feedback on a setup I've been working on.

I have a Proxmox host running a domain joined samba server on bare metal. I have the acl_xattr:igonre system acls = yes flag set on each of my shares. This all works to my liking. I'm able to create users in AD and use Windows ACLs to control access.

What I'm trying to do now is setup a qbittorrent client in a container, with plex media server running in another container, and use a mount points to interact with ZFS backed storage from the bare metal host OS. I have the mount points configured and am now trying to configure authentication. I would like to use AD auth and have qbittorrent and plex both use their own AD service accounts to interact with the torrent storage, as well as regular AD users that would get to it through samba. I was thinking I could accomplish this by having each container be an AD domain joined computer.

Is this plan feasible? Any suggestions?
 

bobmc

Active Member
May 17, 2018
239
37
33
64
AFAIK, plex on linux creates a user 'plex' and a group 'plex', all access to libraries is under that user ID. If that user can't read the library content, then plex will not work.

The best you will probably be able to do is ensure that you have an equivalent mapping between the ID of the AD user on the samba server and the ID of the plex user on the plex system (which is normally 5001)
 

virtualbitz

New Member
Nov 6, 2020
15
0
1
30
AFAIK, plex on linux creates a user 'plex' and a group 'plex', all access to libraries is under that user ID. If that user can't read the library content, then plex will not work.

The best you will probably be able to do is ensure that you have an equivalent mapping between the ID of the AD user on the samba server and the ID of the plex user on the plex system (which is normally 5001)
Yea I was going to start looking into that next, I was assuming I'd be able to assign UNIX permissions to the files that Plex handles via inheritance from the parent directory. Would that work for Plex? Is there no way to have the Plex service run under a service account? I was able to use a service account for Plex on Windows by using NSSM to run it as a service using a service account.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE and Proxmox Mail Gateway. We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!