TrueNAS Open Storage Logo
TrueNAS.com Products Enterprise Support Community Support Truenas Security Get TrueNAS Enterprise Download TrueNAS Community Edition About TrueNAS Careers
TrueNAS Open Storage Logo
F-Series
F-Series

All-Flash NVMe Performance.

H-Series
H-Series

Big business performance. Entry level pricing.

Mini Series
Mini Series

Home Labs, Small Office & SMB Applications.

M-Series
M-Series

All-Flash or Hybrid Enterprise Performance.

R-Series
R-Series

Single Controller Storage Appliances.

TrueNAS Enterprise Icon
TrueNAS Enterprise

Mission Critical Storage. 24×7 Enterprise Support.

TrueCommand Icon
TrueCommand

Manage Your TrueNAS Fleet All From One Place.

Use Cases

Analytics Backup & Archival Cloud Data Mobility File Sharing
iX-Storj Media & Entertainment Surveillance Veeam Backup Virtualization

Industry

Audio Broadcasting Gaming Healthcare Manufacturing Media & Entertainment
Automotive Education Government MSP Research & AI

Support

Enterprise Support

For customers with active support contracts.

Community Support

For peer-to-peer, open-source support.

Resources

Case Studies Documentation TrueNAS API Apps Market TrueNAS Security FAQ ZFS Overview
TrueNAS Blog Solution Guides Datasheets Software Status Videos TrueCommand Cloud
TrueNAS Community Edition Community Forum Discord TrueNAS GitHub TrueNAS Merch Store
About TrueNAS Awards Careers Contact Us Our Clients Reviews
Contact Icon
Contact an Enterprise Specialist

Speak with an enterprise storage specialist to find the right solutions for your business needs.

TrueNAS Enterprise Icon
TrueNAS Enterprise

Enterprise-grade storage appliances designed for business and mission-critical environments.

TrueNAS Community Edition Icon
Download TrueNAS Community Edition

Test Drive TrueNAS in Your Environment.

  1. Documentation Hub
  2. /
  3. TrueNAS 25.10 (Early)
  4. /
  5. UI Reference Guide
  6. /
  7. Credentials
  8. /
  9. Directory Services Screens
  10. /
  11. IPA Screens
Edit page

IPA Screens

  3 minute read.

You can have either Active Directory, LDAP, or IPA configured on TrueNAS but not multiple directory services simultaneously.

Configuring IPA

The IPA directory service configuration screen shows after selecting IPA in the Configuration Type dropdown list in the Directory Services Configuration screen.

For detailed configuration instructions, see Configuring IPA.

IPA Widget

The IPA widget displays after configuring settings for an IPA directory server. The widget shows the Status of the directory server, and the Target Server, Domain, and Base DN.

Settings opens the IPA configuration screen.

Directory Services IPA Configuration Screen

The Directory Services Configuration screen organizes settings into multiple sections: Basic Configuration, Credential Configuration, IPA Configuration, and SMB Domain Configuration.

The Directory Services Configuration screen is used to configure one of three directory services: IPA, LDAP, or an Active Directory. The configuration sections and settings change based on the Configuration Type selected.

IPA Basic Configuration Section

The Basic Configuration section settings control core IPA service settings.

IPA Basic Configuration
Figure 1: IPA Basic Configuration
Basic Configuration Settings
SettingDescription
Configuration TypeSets the type of directory service. IPA shows Identity, Policy, and Audit directory service integration settings.
Enable ServiceActivates the IPA configuration. Enabled by default. Clear to disable the configuration without deleting it. Re-enable it later without reconfiguring it. The Directory Services screen returns to the default and provides the options to configure AD, LDAP, or IPA.
Enable Account CacheCaches user and group information for improved performance. Enabled by default.
Enable DNS UpdatesAllows the directory service to update DNS records. Enabled by default.
Timeout (seconds)The number of seconds before the directory service connection times out. Valid range is 1-40 seconds.
Kerberos RealmDefines the Kerberos realm for authentication (usually the uppercase version of the domain name, e.g., EXAMPLE.COM). This field auto-populates when selecting Active Directory domain.

IPA Credential Configuration Section

The Credential Configuration section settings define authentication methods for IPA access.

Credential Type (Required) Sets the appropriate credential type for IPA authentication to the option selected on the dropdown list. Options include Kerberos User and Kerberos Principal.

IPA Configuration Section

The settings on the IPA Configuration section settings define the connection parameters and validation options.

IPA Configuration
Figure 2: IPA Configuration
IPA Configuration Settings
SettingDescription
Target Server(Required) Enter the IPA server host name or IP address.
TrueNAS Hostname(Required) Enter the host name for this TrueNAS system.
Domain(Required) Enter the domain name.
Base DN(Required) Sets the base distinguished name for the IPA directory. For example: dc=example,dc=com.
Validate CertificatesVerifies certificate authenticity when connecting to the IPA server. TrueNAS validates the full certificate chain when this option is enabled. TrueNAS does not support non-CA certificates when certificate validation is required.

SMB Domain Configuration Section

The SMB Domain Configuration section controls SMB integration settings.

IPA Basic Configuration
Figure 3: IPA Basic Configuration
SMB Domain Configuration Settings
SettingDescription
Use Default SMB Domain ConfigurationUses default SMB domain settings when enabled, shows the additional Name, Domain Name, Range Low, Range High, and Domain SID settings when disabled. IPA includes integrated Samba support and can provide user and group information for SMB authentication.

Related Content

UI Reference
Tutorials
Solutions

Have more questions?

For further discussion or assistance, see these resources:

Found content that needs an update?  You can suggest content changes directly! To request changes to this content, click the Feedback button located on the middle-right side of the page (might require disabling ad blocking plugins).