Get a Quote     (408) 943-4100               TrueNAS Discord      VendOp_Icon_15x15px   Commercial Support Toggle between Light and Dark mode
TrueNAS.com Software Systems Company Community Security iX Portal Download

  1. Documentation Hub
  2. /
  3. TrueNAS SCALE
  4. /
  5. UI Reference Guide
  6. /
  7. Credentials
  8. /
  9. Directory Services
Edit this page

Directory Services

  2 minute read.

Last Modified 2022-12-06 16:52 EST

The SCALE Directory Services section contains options to edit directory domain and account settings, set up Idmapping, and configure authentication and authorization services in TrueNAS SCALE.

DirectoryServicesScreenDisabled

The Directory Services screen is mostly empty until you connect TrueNAS to either an Active Directory or an LDAP server.

DirectoryServicesScreenEnabled

To display Kerberos settings, click Show next to Advanced Settings.

Changing Advanced settings can be dangerous when done incorrectly. Please use caution before saving.

Article Summaries

  • Active Directory Screen

    • Basic Options Advanced Options Click Configure Active Directory in Credentials > Directory Services to open the Active Directory form. Basic Options Setting Description Domain Name Enter the Active Directory domain (example.com) or child domain (sales.example.com). Domain Account Name Enter the Active Directory administrator account name. Domain Account Password Password for the Active Directory administrator account.

    • LDAP

      • Basic Options Advanced Options Click Configure LDAP in Credentials > Directory Services to open the LDAP form. Basic Options Setting Description Hostname LDAP server hostnames/IP addresses. Separate entries with Space. You can enter multiple hostnames/IP addresses to create an LDAP failover priority list. If a host does not respond, TrueNAS will try the next host until it establishes a connection.

      • Idmap

        • Options Click an Idmap name to edit an Idmap, or click Add in the Credentials > Directory Services Idmap widget to open the Idmap form. Setting Description Name Enter the pre-Windows 2000 domain name. Idmap Backend Provides a plugin interface for Winbind to use varying backends to store SID/uid/gid mapping tables.

        • Kerberos Settings

          • Click an Settings in the Credentials > Directory Services Kerberos Settings widget to open the Kerberos Settings form. Setting Description Appdefaults Auxiliary Parameters Additional Kerberos application settings. See the “appdefaults” section of [krb.conf(5)]. for available settings and usage syntax. Libdefaults Auxiliary Parameters Additional Kerberos library settings. See the “libdefaults” section of [krb.conf(5)]. for available settings and usage syntax.

          • Kerberos Realms

            • Click a Kerberos Realm name to edit a Kerberos Realm, or click Add in the Credentials > Directory Services Kerberos Realms widget to open the Kerberos Realms form. Setting Description Realm Enter the name of the realm. KDC Enter the name of the Key Distribution Center. Separate multiple values by pressing Enter. Admin Server Define the server that performs all database changes.

            • Kerberos Keytab

              • Click a Kerberos Keytab name to edit a Kerberos Realm, or click Add in the Credentials > Directory Services Kerberos Keytab widget to open the Kerberos Keytab form. Setting Description Name Enter a name for this Keytab. Kerberos Keytab Browse to the keytab file to upload.