Hi guyes. I'm sorry to bring old post for new life. And Im sorry if I bother you. But there is lack of info in Truenas manpage about these.
Can you help with litle much info about this
"If you're configuring trusted domains, you _must_ generate an explicit idmap configuration for the trusted domain and add it as a series of auxiliary parameters under Services->SMB. Although it is possible to use "authenticated users" to grant these permissions"
I have 2 AD domain controler for both organisations . one is .local (is my primary) second is .com. These two domains is in trusted 2 way mode. My goal to use TrueNAS for both organisations. I want to create different datasets one for .com other for .local and third for .local and .com. They will be accessed through trought SMB shares.
So:
Do they both have to be with RID backend (one is 2012R2 and second is 2008R2 MS servers)
These are my settings, but I'm not sure if they are correct.
View attachment 47493
I understand that RID mapping should not overlap.
Do I have to change the range of the domain controllers themselves and make it the same in these settings?
How is this done?
What should I enter in the auxiliary parameters section
idmap config **** .COM: backend = rid
idmap config **** .COM: range = range from the second domain
Are they entered correctly?
Any info will be priceless. Thanks a lot for helping the newcommer.