TrueNAS Open Storage Logo
TrueNAS.com Products Enterprise Support Community Support Truenas Security Get TrueNAS Enterprise Download TrueNAS Community Edition About TrueNAS Careers
TrueNAS Open Storage Logo
F-Series
F-Series

All-Flash NVMe Performance.

H-Series
H-Series

Big business performance. Entry level pricing.

Mini Series
Mini Series

Home Labs, Small Office & SMB Applications.

M-Series
M-Series

All-Flash or Hybrid Enterprise Performance.

R-Series
R-Series

Single Controller Storage Appliances.

TrueNAS Enterprise Icon
TrueNAS Enterprise

Mission Critical Storage. 24×7 Enterprise Support.

TrueCommand Icon
TrueCommand

Manage Your TrueNAS Fleet All From One Place.

Use Cases

Analytics Backup & Archival Cloud Data Mobility File Sharing
iX-Storj Media & Entertainment Surveillance Veeam Backup Virtualization

Industry

Audio Broadcasting Gaming Healthcare Manufacturing Media & Entertainment
Automotive Education Government MSP Research & AI

Support

Enterprise Support

For customers with active support contracts.

Community Support

For peer-to-peer, open-source support.

Resources

Case Studies Documentation TrueNAS API Apps Market TrueNAS Security FAQ ZFS Overview
TrueNAS Blog Solution Guides Datasheets Software Status Videos TrueCommand Cloud
TrueNAS Community Edition Community Forum Discord TrueNAS GitHub TrueNAS Merch Store
About TrueNAS Awards Careers Contact Us Our Clients Reviews
Contact Icon
Contact an Enterprise Specialist

Speak with an enterprise storage specialist to find the right solutions for your business needs.

TrueNAS Enterprise Icon
TrueNAS Enterprise

Enterprise-grade storage appliances designed for business and mission-critical environments.

TrueNAS Community Edition Icon
Download TrueNAS Community Edition

Test Drive TrueNAS in Your Environment.

  1. Documentation Hub
  2. /
  3. TrueNAS 25.10 (Early)
  4. /
  5. TrueNAS Tutorials
  6. /
  7. Credentials
  8. /
  9. Setting Up Directory Services
  10. /
  11. Configuring IPA
Edit page

Configuring IPA

  3 minute read.

TrueNAS supports IPA (Identity, Policy, and Audit) as a comprehensive identity management solution. IPA integrates LDAP, Kerberos, NTP, and DNS services in a single package, providing centralized authentication and authorization for network resources.

You can have either Active Directory, LDAP, or IPA configured on TrueNAS but not multiple directory services simultaneously.

Does IPA work with SMB? IPA can work with SMB shares when properly configured. IPA includes integrated Samba support and can provide user and group information for SMB authentication. TrueNAS validates the full certificate chain when certificate validation is enabled. TrueNAS does not support non-CA certificates when certificate validation is required.

Configuring IPA

Configure TrueNAS to use an IPA directory server:

  1. Go to Credentials > Directory Services and click Configure Directory Services to open the Directory Services Configuration form.

  2. Select IPA as the Configuration Type.

IPA Configuration
Figure 1: IPA Configuration

  1. Enter or select the Basic Configuration settings:

    • Enable Service, selected by default, activates the IPA configuration. Clear the checkbox to disable the service.
    • Enable Account Cache, selected by default, caches user and group information for improved performance. Clear the checkbox to disable.
    • Enable DNS Updates, selected by default, allows the directory service to update DNS records. Clear the checkbox to disable.
    • Enter the number of seconds (1-40 seconds) before the connection for directory services times out in Timeout (seconds).
    • Enter the domain name in Kerberos Realm. This is usually the uppercase version of the domain name, e.g., EXAMPLE.COM.

  2. Select the appropriate Credential Type for IPA authentication from the dropdown list. Options are Kerberos User or Kerberos Principal.

  3. Enter or select the IPA Configuration settings:

    • Enter the host name or IP address in Target Server.
    • Enter the host name for your TrueNAS system in TrueNAS Hostname.
    • Enter the Domain name.
    • Enter the Base DN for the IPA directory.
    • Select Validate Certificates to verify certificate authenticity when connecting to the IPA server.

  4. Select Use Default SMB Domain Configuration to use default settings, or clear the checkbox to enter a name, the domain and range settings.

  5. Click Save.

Disabling IPA

Clear the Enable Service checkbox to disable the IPA directory server. This does not remove the configuration. The main Directory Services screen returns to the default view showing the option to configure directory services.

Click Configure Directory Services to open the Directory Services Configuration form with the saved IPA configuration to enable IPA again. Select Enable Service again to reactivate your IPA directory server configuration.

Removing IPA from TrueNAS

Click Settings to open the IPA screen to remove the IPA configuration. Clear all settings and click Save.

Related Content

Tutorials
UI Reference
Solutions

Have more questions?

For further discussion or assistance, see these resources:

Found content that needs an update?  You can suggest content changes directly! To request changes to this content, click the Feedback button located on the middle-right side of the page (might require disabling ad blocking plugins).