So I am currently testing to get GPO to deploy Apps from a TrueNAS share. I’ve created a share that has traverse rights for @everyone and every normal user can read it just fine.
However when trying to deploy a MSI from it the system errors out saying it can’t open the file stating that it doesn’t have the needed rights.
I’ve followed some online troubleshooting and found out that NT-Authority\SYSTEM (the account Windows uses for GPO deployment in system mode) does not have access to the share.
Using PsExec I have not been able to get access to the share, it either says wrong username or password, or invalid authority. Trying to add the share via net use still produced the same error however what it also produced was a result in TrueNAS’ audit logs which said invalid login and correctly stated NT-Authority as the domain and SYSTEM as the account.
Someone in the old forums (posting about a similar but not the same situation) suggested adding the NT-Authority to the share ACL by manually adding a domain and group/user.
However in the version I’m running (Scale/Community 25.04) those fields don’t exist and I can only add users and groups that are listed on TrueNAS. Trying to manually add NT-Authority\SYSTEM to the ACL despite the user not existing destroyed my whole install and I had to recover (but that’s what test environments are for, right?)
I’d be really thankful if someone has got an idea about what to do here as I’m kinda at a loss.