TrueNAS CORE
TrueNAS Enterprise
TrueNAS SCALE
Compare Editions
TrueCommand
Software Status
FreeNAS
Compare Systems
F-Series
M-Series
X-Series
R-Series
Mini Series
Download TrueNAS CORE
Download TrueNAS SCALE
Get TrueNAS Enterprise
Where to BuyTrueNAS CORE Nightly Development Documentation
This content follows experimental early release software. Use the Product and Version selectors above to view content specific to a stable software release.
Kerberos Screens
2 minute read.
Last Modified 2023-11-17 10:51 ESTKerberos is an authentication protocol. It allows nodes on a network to perform identity checks in a secure manner. Kerberos uses realms and keytabs to authenticate clients and servers. Go to Directory Services > Kerberos to configure Kerberos. These screens configure Kerberos realms and keytabs on your TrueNAS.
Both Kerberos Realms and Kerberos Keytabs display a table of what is currently on the system.
Click the blue Columns button to display a list of options. These options customize the table display. This button is available for both the realms and keytabs screens.
Click ADD to display the settings screens for either realms or keytabs.
Select Kerberos Settings to open the settings screen but no table.
Your network must contain a Key Distribution Center (KDC) to add a realm. A Kerberos realm is an authorized domain that a Kerberos server can use to authenticate a client. By default, TrueNAS creates a Kerberos realm for the local system.
Click ADD to create a realm on the TrueNAS. Click SUBMIT to save changes.
Basic Options
| Name | Description |
|---|---|
| Realm | Enter a name for the realm. |
Advanced Options
| Name | Description |
|---|---|
| KDC | Enter the name of the Key Distribution Center. If there is more than one value separate the values by pressing Enter. |
| Admin Server | Define the server that performs all changes to the database. If there is more than one value separate the values by pressing Enter. |
| Password Server | Define the server that performs all password changes. If there is more than one value separate the values by pressing Enter. |
A keytab (key table) is a file that stores encryption keys for various authentication scenarios. Kerberos keytabs allow systems and clients to join an Active Directory or LDAP. Keytabs make it possible to join without entering a password.
After generating the keytab, use the Add Kerberos Keytab screen to add it to your TrueNAS.
Kerberos Keytab
| Name | Description |
|---|---|
| Name | Enter a name for the keytab. |
| Choose File | Opens a file explorer window where you can locate and select the keytab file. |
Click SUBMIT to save settings or CANCEL to exit without saving.
Use the Directory Services > Kerberos Settings screen to enter any extra settings.
| Name | Description |
|---|---|
| Appdefaults Auxiliary Parameters | Define any extra settings for use by some Kerberos applications. [appdefaults] section of krb.conf(5) lists the available settings and syntax. |
| Libdefaults Auxiliary Parameters | Define any settings used by the Kerberos library. [libdefaults] section of krb.conf(5) lists the available settings and their syntax. |