I’m using TrueNAS Core for years to provide kerberized NFSv4 shares to various clients.
Now moving to Scale broke that and digging down the rabbit hole I discovered, that in contrast to Core on Scale I rely on having “default_realm = MYREALM” in “[libdefaults]” of the servers krb5.conf. I was able adding this through the Kerberos Setings Screen in 25.04. But “Advanced Kerberos auxiliary parameter configuration options are removed in TrueNAS 25.10.” (see Kerberos Settings Screen in the TrueNAS Documentation Hub) and thus I cannot do this there.
I don’t unterstand the next sentence in the note on the page mentioned above: ”Kerberos settings are now managed through the unified directory services configuration.” Where should that be? I don’t use LDAP, IPA or AD.
So could please someone point me to the right place?
Alternatively I’m open to an explanation why apparently idmapping doesn’t work for me without “default_realm” set.