Accessing SMB Share from non-domain Client on AD-joined TrueNAS?

[guemi]

Heyo!


I am running TrueNAS-12.0-U1 and running into a little issue using SMB Share. My TrueNAS is domain joined to LAB01.LAN

I've set up an SMB Share. It's accessible from all domain clients in LAB01.LAN. From non domain clients, on the same subnet as TrueNAS, I get a permission prompt.
And typing LAB01.LAN\Whatever as my username in that prompt, does grant me access and everything works.


However, if I disable the AD integration here:

It works perfectly fine from all clients (Those left in domain, and those not).


I cannot seem to find LAB01.LAN\Everyone in the group permissions, which isn't suprising because in linux I suppose that's "nobody" instead.


Is there _any_ way to let non domain clients access an SMB Share on a domained TrueNAS without getting the prompt for username / password?


All clients are running Windows 10 2004 and has Guest SMB Enabled.

Thanks in advance

 

[anodos]

If you check box to enable support for "trusted domains", then it should work.

 

[guemi]

If you check box to enable support for "trusted domains", then it should work.

Well, that was... Easy :-D


However, on a share that's directly on the POOL and not on a child dataset, I get permissions denied when making a folder despite these ACLs:

I assume this is because the permissions on the POOL are not allowing changes.

I've tried setting permissions type advanced on the two last ones, and giving it everything but it seems to "revert" when I go back there.



I do know however that one should always make child datasets on the pool, so it's not the end of the world - I'd just like to understand why it doesn't work.