kerberos.realm.create

Create a new kerberos realm. This will be automatically populated during the domain join process in an Active Directory environment. Kerberos realm names are case-sensitive, but convention is to only use upper-case.

Entries for kdc, admin_server, and kpasswd_server are not required. If they are unpopulated, then kerberos will use DNS srv records to discover the correct servers. The option to hard-code them is provided due to AD site discovery. Kerberos has no concept of Active Directory sites. This means that middleware performs the site discovery and sets the kerberos configuration based on the AD site.

Type: object

Call parameters

Type: array
No Additional Items

Tuple Validation

Parameter 1: data

data

Type: object
No Additional Properties

realm Required

Realm

Type: string

Kerberos realm name. This is external to TrueNAS and is case-sensitive.
The general convention for kerberos realms is that they are upper-case.

Must be at least 1 characters long

kdc

Kdc

Type: array of string Default: []

List of kerberos domain controllers. If the list is empty then the kerberos
libraries will use DNS to look up KDCs. In some situations this is undesirable
as kerberos libraries are, for intance, not active directory site aware and so
may be suboptimal.

No Additional Items

Each item of this array must be:

Type: string

Must be at least 1 characters long

admin_server

Admin Server

Type: array of string Default: []

List of kerberos admin servers. If the list is empty then the kerberos
libraries will use DNS to look them up.

No Additional Items

Each item of this array must be:

Type: string

Must be at least 1 characters long

kpasswd_server

Kpasswd Server

Type: array of string Default: []

list of kerberos kpasswd servers. If the list is empty then DNS will be used
to look them up if needed.

No Additional Items

Each item of this array must be:

Type: string

Must be at least 1 characters long

Return value

KerberosRealmEntry

Type: object
No Additional Properties

id Required

Id

Type: integer

realm Required

Realm

Type: string

Kerberos realm name. This is external to TrueNAS and is case-sensitive.
The general convention for kerberos realms is that they are upper-case.

Must be at least 1 characters long

kdc

Kdc

Type: array of string Default: []

List of kerberos domain controllers. If the list is empty then the kerberos
libraries will use DNS to look up KDCs. In some situations this is undesirable
as kerberos libraries are, for intance, not active directory site aware and so
may be suboptimal.

No Additional Items

Each item of this array must be:

Type: string

Must be at least 1 characters long

admin_server

Admin Server

Type: array of string Default: []

List of kerberos admin servers. If the list is empty then the kerberos
libraries will use DNS to look them up.

No Additional Items

Each item of this array must be:

Type: string

Must be at least 1 characters long

kpasswd_server

Kpasswd Server

Type: array of string Default: []

list of kerberos kpasswd servers. If the list is empty then DNS will be used
to look them up if needed.

No Additional Items

Each item of this array must be:

Type: string

Must be at least 1 characters long

Required roles: DIRECTORY_SERVICE_WRITE