2 minute read.Last Modified 2021-03-31 14:36 EDT
Using groups in TrueNAS can be an efficient way of managing permissions for many similar user accounts. See Users for managing users. The interface provides management of UNIX-style groups. If the network uses a directory service, import the existing account information using the instructions in Active Directory.
To see saved groups, go to Accounts > Groups
By default, groups built in to the system are hidden. To see built-in groups, click settings and SHOW.
To create a new group, go to Accounts > Groups and click ADD.
Each group is assigned a Group ID (GID). Enter a number above 1000 for a group with user accounts. The GID cannot be changed later. Groups used by a system service must have an ID that matches the default port number used by the service.
Next, enter a descriptive group Name.
Group names cannot begin with a hyphen (
-) or contain a space, tab, or these characters:
, : + & # % ^ ( ) ! @ ~ * ? < > =.
By default, the Permit Sudo option is unset. Setting allows group members to act as the root account by using sudo. A common security practice is to leave this disabled.
The option Samba Authentication is set by default. This allows group members to be used for SMB permissions and authentication.
Finally, Allow Duplicate GIDs allows setting a duplicate group ID, but can greatly complicate system configurations. Leaving this option unset is recommended.
Register user accounts to a group to simplify permissions and access to large numbers of user accounts. To manage group membership, go to Accounts > Groups, click the navigate_next for a group, and click group MEMBERS:
To add user accounts to the group, select them in All users and click . Select multiple users by holding CTRL while clicking each entry.