Active Directory Domains and Workgroups

The configurable property for joining a workgroup is Windows Workgroup.

Instead of enabling and disabling the service directly, the service is modified by joining a domain or a workgroup. Joining a domain involves creating an account for Oracle ZFS Storage Appliance in the given Active Directory (AD) domain. The account name can be a maximum of 15 characters, and must be unique to other names registered within the Active Directory domain. Otherwise, conflicts may occur with similarly named appliances and cause issues with functionality. After the computer account has been established, the appliance can securely query the database for information about users, groups, and shares.

Joining a workgroup implicitly leaves an Active Directory domain, and SMB clients that are stored in the Active Directory database will be unable to connect to shares.

If Active Directory is configured for the LDAP service and you are switching from domain to workgroup mode, you can optionally unconfigure or retain the LDAP configuration.

Active Directory LDAP Signing

There is no configuration option for LDAP signing, as that option is negotiated automatically when communicating with a domain controller. LDAP signing operates on communication between Oracle ZFS Storage Appliance and the domain controller, whereas SMB signing operates on communication between the SMB clients and Oracle ZFS Storage Appliance.