The SCALE CLI guide is a work in progress! New namespace and command documentation is continually added and maintained, so check back here often to see what is new! Related CLI Directory_Service Articles Activedirectory Kerberos LDAP Related Idmap Articles Directory Services Screens Idmap Screens Configuring IDMap
The SCALE Directory Services section contains options to edit directory domain and account settings, set up Idmapping, and configure authentication and authorization services in TrueNAS SCALE.
Directory Services Screen The Directory Services screen opens with two options, Active Directory and LDAP. You can configure one or the other but not both.
Configure Active Directory opens the Active Directory configuration screen.
Configure LDAP opens the LDAP configuration screen.
After configuring Active Directory or LDAP, the Directory Services screen includes the widgets for each option.
Idmap Widget Idmap Screen Add and Edit IDMAP Screens Add Idmap Screen (Default and Custom Value) Add Idmap Screen for SMB - Primary Domain Add Idmap Screen with Idmap Backend as AD Add Idmap Screen with Idmap Backend as AUTORID Add Idmap Screen with Idmap Backend as LDAP Add Idmap Screen with Idmap Backend as NSS Add Idmap Screen with Idmap Backend as RFC2307 Add Idmap Screen with Idmap Backend as RID Add Idmap Screen with Idmap Backend as TDB Idmap in Linux is essentially a translation of a range of IDs into another or the same range of IDs.
Adding an ID Map Idmap settings exist for the purpose of integration with an existing directory domain to ensure that UIDs and GIDs assigned to Active Directory users and groups have consistent values domain-wide. The correct configuration therefore relies on details that are entirely external to the TrueNAS server, e.g., how the AD administrator has configured other Unix-like computers in the environment.
The default is to use an algorithmic method of generating IDs based on the RID component of the user or group SID in Active Directory.
