I have what seems like a simple issue regarding groups, and I hope I’m not a bother by asking about it here.
We use TrueNAS Community Edition. I want to add a group that already exists in Active Directory, which our server is already attached to.
I go Credentials → Groups. For GID I enter the GID that I have given the group in our Active Directory domain. For Name I thought I had to enter it as DOMAIN\my-group-name but as soon as I start typing it tells me I cannot use a “.” If I enter the group without the DOMAIN as soon as I tab to the next field it tells me that the GID is already in use and then lists the DOMAIN\my-group-name that I was trying to add.
I’ve read the documentation and also read several “similar” posts on this site, but I can’t find anything with this sort of situation/problem.
We have three TrueNAS nodes that all back up to each other, and on one of the other nodes when I click “Groups” I see a group that I had successfully created on that node with group listed as MYDOMAIN\another-group and the correct GID, so I’m not sure what I did differently there than I am trying to do now.
Does that make any sense?
Thanks in advance for any suggestions, and I apologize if I’m just being obtuse.
Yes! That’s exactly what I’m trying to do! Sorry I wasn’t more clear.
I have an NFS share to a Linux server that is also connected to our AD. I want the permissions on the share to match the permissions for the group that controls the server in question. Right now the directory/share works correctly, but nobody has any permissions to write any files to it.
If I try to chgrp it on the command line (either to it’s AD GID or it’s AD group name) I am told “operation not permitted.”
I think what I need to do is set ACLs on the dataset inside TrueNAS, which is what I have done in the past, but I thought the first step of that was telling TrueNAS about the AD group.
Thanks for the responses, and again, my apologies if I’m not explaining myself correctly!
YES, changed the group in a terminal as root and it worked, and then went to the SAN node and lo-and-behold there it was as the correct owner of the dataset.
