Hello,
I have a base metal TrueNAS Host running the latest release and I'm looking to set up a NFS 4 share that requires authentication in order to connect.
This would ideally be by granting access to a service account that I provide vSphere for mounting the share.
I'm looking for some guidance or direction to some articles I can read up on.
I'm looking for some help and guidance on a coupe of specific questions.
- Once kereberos is enabled, where and how to I specify the accounts that can access it?
- right now, my AD Domain controllers are hosted within ESXI, so I will likely need to do something regarding that to avoid circular dependencies.
-- Can I use TrueNAS's internal user database for the source of the user credentials that I provide vSphere for mounting the NFS 4 share? (So that it's not dependent on an AD DC being reachable)
-- If that does not work, can TrueNAS have more then one domain authentication source (Can I set up a standalone directory service as a domain/jail which I use specifically for the NFS4 auth, while having other authentication continue to be via my primary domain).
-- If neither of the above would work, how reliable and secure is the FreeBSD HyperVisor? (Would relocating my secondary Domain Controller from ESXI to TrueNAS be a valid option?)
I've done a bunch of google searching on this but I'm still somewhat unclear on how I should proceed.
Thank you very much!
I have a base metal TrueNAS Host running the latest release and I'm looking to set up a NFS 4 share that requires authentication in order to connect.
This would ideally be by granting access to a service account that I provide vSphere for mounting the share.
I'm looking for some guidance or direction to some articles I can read up on.
I'm looking for some help and guidance on a coupe of specific questions.
- Once kereberos is enabled, where and how to I specify the accounts that can access it?
- right now, my AD Domain controllers are hosted within ESXI, so I will likely need to do something regarding that to avoid circular dependencies.
-- Can I use TrueNAS's internal user database for the source of the user credentials that I provide vSphere for mounting the NFS 4 share? (So that it's not dependent on an AD DC being reachable)
-- If that does not work, can TrueNAS have more then one domain authentication source (Can I set up a standalone directory service as a domain/jail which I use specifically for the NFS4 auth, while having other authentication continue to be via my primary domain).
-- If neither of the above would work, how reliable and secure is the FreeBSD HyperVisor? (Would relocating my secondary Domain Controller from ESXI to TrueNAS be a valid option?)
I've done a bunch of google searching on this but I'm still somewhat unclear on how I should proceed.
Thank you very much!
