I encountered this problem. I have a NAS with a TrueNAS CE 25.10.0.1. It’s joined to AD. I created an SMB Share and assigned an ACL. Domain users can access the Share without any issues. However, I also want a user on a non-domain PC to be able to access this Share without requiring authorization. To achieve this, I created users with identical usernames and passwords on both the non-domain PC and the TrueNAS. I assigned the appropriate ACLs for the Share. When attempting to access this Share from the non-domain PC, TrueNAS requests authorization. I looked at the logs and saw that when authorizing from an active user session on a non-domain PC, the PC name is passed as the domain. This isn’t recognized by TrueNAS as a known domain, and no further association of the PC user with the local TrueNAS user by name occurs. Authorization is unsuccessful. When I enter the username in the NAS-NetBIOS-Name\user format during the authorization request, authorization is successful. Unfortunately, I want to use this Share with a Windows application that doesn’t support explicit username specification, but passes the user under which it runs in the PC-NetBIOS-Name\user format.
Is there a way to bypass this limitation on TrueNAS?
Interestingly, I use the exact same Share configured on a Synologu R812+ (without any special settings), and this problem doesn’t exist there.
Thank you in advance for your help.
A few details.
I did a clean install of TrueNAS 25.10.0.1. I didn’t connect it to AD. I created a Share. I added a user that matched the one in Windows. And voila! A local Windows user easily connected to the Share without authorization. The logs read: Client Domain: PC1; Client Account: user1; Workstation: PC1; Became Account: user1; Became Domain: TRUENAS!
Why doesn’t this work on TrueNAS, which is connected to AD?
One more addition.
On a clean TrueNAS installation, I created a user with the same name and password as the one on the Windows PC, which has SMB Access privileges. Even without any shares, I can access the TrueNAS using \TrueNAS-NetBIOS-Name, and authorization occurs, and in the logs I see that the Windows user is mapped to the TrueNAS user.
However, on the TrueNAS connected to AD, for some reason, this doesn’t happen. When accessing the TrueNAS from a Windows user session (which matches the local TrueNAS user) using \TrueNAS-NetBIOS-Name, I receive an authorization request, and the logs show: Client Domain: PC1; Client Account: user1; Workstation: PC1; Became Account: Null; Became Domain: Null; Became Sid: Null.
What am I missing?
More details.
On a clean TrueNAS installation, I was able to reproduce the behavior where, when accessing the TrueNAS via NetBIOS as a Windows user (who is also created as a local TrueNAS user), I receive an authorization prompt only when that user doesn’t have SMB Access privileges. And… I get the exact same behavior on another TrueNAS connected to AD, even though the local user has SMB Access privileges. The logs for these two situations are identical.
How can this be explained? What should I check?
