TrueNAS CORE
TrueNAS Enterprise
TrueNAS SCALE
Compare Editions
TrueCommand
Software Status
FreeNAS
Compare Systems
F-Series
M-Series
X-Series
R-Series
Mini Series
Download TrueNAS CORE
Download TrueNAS SCALE
Get TrueNAS Enterprise
Where to BuyTrueNAS SCALE Nightly Development Documentation
This content follows experimental early release software. Use the Product and Version selectors above to view content specific to a stable software release.
SMB Service Screen
4 minute read.
Last Modified 2024-03-15 13:07 EDTThe System Settings > Services screen includes three icons on the SMB service row:
- Audit Logs opens the Audit screen.
- SMB Sessions opens the SMB Status screen.
- Configure opens the SMB Service screen showing the Basic Settings by default.
The SMB service screen displays setting options to configure TrueNAS SMB service settings to fit your use case.
Click Save or Cancel to close the configuration screen and return to the Services screen.
| Setting | Description |
|---|---|
| NetBIOS Name | Automatically populates with the original system host name. Enter a name that is limited to 15 characters and cannot be the same as the Workgroup name. |
| NetBIOS Alias | Enter any alias name up to 15 characters in length. If entering multiple aliases, separate alias names with a space between them. |
| Workgroup | Enter a name that matches the Windows workgroup name. If you do not configure a workgroup, and Active Directory or LDAP is active, TrueNAS detects and sets the correct workgroup from these services. |
| Description | (Optional) Enter any notes or descriptive details about the service configuration. |
| Enable SMB1 support | Select to allow legacy SMB1 clients to connect to the server (see caution below). SMB audit logging does not work when using SMB1. |
| NTLMv1 Auth | Off by default. Select to allow smbd attempts to authenticate users with the insecure and vulnerable NTLMv1 encryption. This setting allows backward compatibility with older versions of Windows, but we do not recommend it. Do not use on untrusted networks. |
As of SCALE 22.12 (Bluefin) and later, TrueNAS does not support SMB client operating systems that are labeled by their vendor as End of Life or End of Support. This means MS-DOS (including Windows 98) clients, among others, cannot connect to TrueNAS SCALE SMB servers.
The upstream Samba project that TrueNAS uses for SMB features notes in the 4.11 release that the SMB1 protocol is deprecated and warns portions of the protocol might be further removed in future releases. Administrators should work to phase out any clients using the SMB1 protocol from their environments.
| Setting | Description |
|---|---|
| UNIX Charset | Select the character set to use internally from the dropdown list of options. UTF-8 is standard for most systems as it supports all characters in all languages. |
| Log Level | Record SMB service messages up to the specified log level from the dropdown list. Options are None, Minimum, Normal, full and Debug. By default, TrueNAS logs error and warning-level messages. We do not recommend using a log level above Minimum for production servers. |
| Use Syslog Only | Select to log authentication failures in |
| Local Master | Selected by default and determines if the system participates in a browser election. Leave cleared when the network contains an Active Directory or LDAP server or when Vista or Windows 7 machines are present. |
| Enable Apple SMB2/3 Protocol Extensions | Select to allow MacOS to use these protocol extensions to improve the performance and behavioral characteristics of SMB shares. TrueNAS requires Apple SMB2/3 protocol extensions for Time Machine support. |
| Multichannel | SMB multichannel allows servers to use multiple network connections simultaneously by combining the bandwidth of several network interface cards (NICs) for better performance. SMB multichannel does not function if you combine NICs into a LAGG. |
| Administrators Group | Enter or select members from the dropdown list. Members of this group are local administrators and automatically have privileges to take ownership of any file in an SMB share, reset permissions, and administer the SMB server through the Computer Management MMC snap-in. |
| Setting | Description |
|---|---|
| Guest Account | Select the account for guest access from the dropdown list. The default is nobody. The selected account must have permission for the shared pool or dataset. To adjust permissions, edit the dataset Access Control List (ACL), add a new entry for the chosen guest account, and configure the permissions in that entry. If you delete the selected Guest Account, the field resets to nobody. |
| File Mask | Overrides default 0666 file creation mask, which creates files with read and write access for everybody. |
| Directory Mask | Overrides default directory creation mask of 0777, which grants everyone directory read, write, and execute access. |
| Bind IP Addresses | Select static IP addresses that SMB listens on for connections from the dropdown list. Leaving all unselected defaults to listening on all active interfaces. |
| Auxiliary Parameters | Enter additional smb.conf options. Refer to the Samba Guide for more information on these settings. You can use Auxiliary Parameters to override the default SMB server configuration, but such changes could adversely affect SMB server stability or behavior. To log more details when a client attempts to authenticate to the share, add log level = 1, auth_audit:5. |