After a certain amount of brain damage 
, I joined my 25.10.2.1 - Goldeye to a Samba 4 Active directory. Users therein are able to mount SMB shares now by using their LDAP credentials. So, all is working in that regard. During the join process though, I had to uncheck and disable DNS updates in order to join the Active Directory domain. The BIND 9 server I’m using has a hmac-sha256 TSIG key that may be used for dynamic DNS updates however, I could not find where to configure that key so that TrueNAS 25.10.2.1 would use it. So, I had to disable DNS updates when joining. I don’t see anything related to DDNS in the TrueNAS system/services settings. Does anyone know where to configure this in TrueNAS?
DNS updates in AD are performed via GSS TSIG using the AD computer account credentials. It is not configurable (other than turning it off). This is the normal AD mechanism for dynamic DNS updates and so there’s not reason to support alternative mechanisms.
1 Like
This in the smb4.conf take care of it:
nsupdate command = /usr/local/bin/nsupdate -k /usr/local/etc/namedb/ddns.key