TrueNAS Scale with FreeIPA / LDAP / etc

(wrongly opened in General Discussions before…)


i try to centralize for authentication/authorization in my home network consisting of TrueNAS Scale as NAS, various Linux machines, and some Windows (Home!) clients (for Family members).

But the whole LDAP/Kerberos/NTLM/SAMBA is quite new to me and the documentation seems to be quite cluttered (with changes not to e.g. SAMBA/NTLM not consideres…). In short: I do not get it…

My thinking is as this:

  • Use Redhats FreeIPA as central LDAP/Kerberos Server
  • Use SSSD on the various Linux machines, so that they are Benefitting from central authentication/authorization
  • Leave the Windows Clients as they are, they are Home-only (Not AD/Kerberos capable…). Mount shares from TrueNAS with (FreeIPA) user/password
  • Use <what?> on TrueNAS Scale, so that users/groups are taken from FreeIPA, users/Groups can be used for ACLS, and the NAS-SMB-Shares can be mounted from Windows via (FreeIPA) user/Password

The last bullet is the one I am struggling with. Can this be done ? If yes how ?

The documentation at Configuring LDAP | TrueNAS Documentation Hub is looking good.

But there is a section regarding SMB in saying, that I need to populate my LDAP with Samba attributes while quite a lot of web pages are explaining to me, that Samba discontinued this NTLM mode with Samba ~4.14. It seems to be ugly too…

Isnt’t there an easier path (e.g. SSSD on TrueNAS Scale, and enabling to use this as a Password backend) ?

Regards, Ity

1 Like