(wrongly opened in General Discussions before…)
Hello,
i try to centralize for authentication/authorization in my home network consisting of TrueNAS Scale as NAS, various Linux machines, and some Windows (Home!) clients (for Family members).
But the whole LDAP/Kerberos/NTLM/SAMBA is quite new to me and the documentation seems to be quite cluttered (with changes not to e.g. SAMBA/NTLM not consideres…). In short: I do not get it…
My thinking is as this:
- Use Redhats FreeIPA as central LDAP/Kerberos Server
- Use SSSD on the various Linux machines, so that they are Benefitting from central authentication/authorization
- Leave the Windows Clients as they are, they are Home-only (Not AD/Kerberos capable…). Mount shares from TrueNAS with (FreeIPA) user/password
- Use <what?> on TrueNAS Scale 24.04.1.1, so that users/groups are taken from FreeIPA, users/Groups can be used for ACLS, and the NAS-SMB-Shares can be mounted from Windows via (FreeIPA) user/Password
The last bullet is the one I am struggling with. Can this be done ? If yes how ?
The documentation at Configuring LDAP | TrueNAS Documentation Hub is looking good.
But there is a section regarding SMB in saying, that I need to populate my LDAP with Samba attributes while quite a lot of web pages are explaining to me, that Samba discontinued this NTLM mode with Samba ~4.14. It seems to be ugly too…
Isnt’t there an easier path (e.g. SSSD on TrueNAS Scale, and enabling to use this as a Password backend) ?
Regards, Ity