TrueNAS SCALETrueNAS SCALE Version Documentation
This content follows the TrueNAS SCALE 23.10 (Cobia) releases. Use the Product and Version selectors above to view content specific to different TrueNAS software or major version.

Kerberos Settings Screen

  2 minute read.

Last Modified 2024-03-19 08:38 EDT

Kerberos is extremely complex. Only system administrators experienced with configuring Kerberos should attempt it. Misconfiguring Kerberos settings, realms, and keytabs can have a system-wide impact beyond Active Directory or LDAP, and can result in system outages. Do not attempt configure or make changes if you do not know what you are doing!
Kerberos is a computer network security protocol. It authenticates service requests between trusted hosts across an untrusted network (i.e., the Internet).

If you configure Active Directory in SCALE, SCALE populates the realm fields and the keytab with with what it discovers in AD. You can configure LDAP to communicate with other LDAP severs using Kerberos, or NFS if it is properly configured, but SCALE does not automatically add the realm or key tab for these services.

After AD populates the Kerberos realm and keytabs, do not make changes. Consult with your IT or network services department, or those responsible for the Kerberos deployment in your network environment for help. For more information on Kerberos settings refer to the MIT Kerberos Documentation.

Kerberos Settings Widget

The Kerberos Settings widget in the Advanced Settings on the Directory Services screen displays current settings.

KerberosSettingsWidget

Settings opens the Kerberos Settings configuration screen.

Kerberos Settings Screen

Kerberos is extremely complex. Only system administrators experienced with configuring Kerberos should attempt it. Misconfiguring Kerberos settings, realms, and keytabs can have a system-wide impact beyond Active Directory or LDAP, and can result in system outages. Do not attempt configure or make changes if you do not know what you are doing!

The Kerberos Settings screen includes two fields used to configure auxiliary parameters.

KerberosSettingsScreen

If you do not understand Kerberos auxiliary parameters, do not attempt to configure new settings!
SettingDescription
Appdefaults Auxiliary ParametersAdditional Kerberos application settings. See the appdefaults section of krb.conf(5) for available settings and usage syntax.
Libdefaults Auxiliary ParametersAdditional Kerberos library settings. See the libdefaults section of krb.conf(5) for available settings and usage syntax.

Related Content