kerberos.realm.update

Update a kerberos realm by id. This will be automatically populated during the domain join process in an Active Directory environment. Kerberos realm names are case-sensitive, but convention is to only use upper-case.

Type: object

Type: array
No Additional Items

Tuple Validation

Parameter 1: id

id

Type: integer

ID of the Kerberos realm to update.
Parameter 2: data

data

Type: object

Updated Kerberos realm configuration data.

 No Additional Properties

Realm

Type: string

Kerberos realm name. This is external to TrueNAS and is case-sensitive. The general convention for kerberos realms is that they are upper-case.

Must be at least 1 characters long

Primary Kdc


The master Kerberos domain controller for this realm. TrueNAS uses this as a fallback if it cannot get credentials because of an invalid password. This can help in environments where the domain uses a hub-and-spoke topology. Use this setting to reduce credential errors after TrueNAS automatically changes its machine password.

Type: string

Must be at least 1 characters long

Type: null

Kdc

Type: array of string

List of kerberos domain controllers. If the list is empty then the kerberos libraries will use DNS to look up KDCs. In some situations this is undesirable as kerberos libraries are, for intance, not active directory site aware and so may be suboptimal.

 No Additional Items
Each item of this array must be:
Type: string

Must be at least 1 characters long

Admin Server

Type: array of string

List of kerberos admin servers. If the list is empty then the kerberos libraries will use DNS to look them up.

 No Additional Items
Each item of this array must be:
Type: string

Must be at least 1 characters long

Kpasswd Server

Type: array of string

List of kerberos kpasswd servers. If the list is empty then DNS will be used to look them up if needed.

 No Additional Items
Each item of this array must be:
Type: string

Must be at least 1 characters long

KerberosRealmEntry

Type: object

The updated Kerberos realm configuration.

 No Additional Properties

Id

Type: integer

Unique identifier for the Kerberos realm configuration.

Realm

Type: string

Kerberos realm name. This is external to TrueNAS and is case-sensitive. The general convention for kerberos realms is that they are upper-case.

Must be at least 1 characters long

Primary Kdc

Default: null

The master Kerberos domain controller for this realm. TrueNAS uses this as a fallback if it cannot get credentials because of an invalid password. This can help in environments where the domain uses a hub-and-spoke topology. Use this setting to reduce credential errors after TrueNAS automatically changes its machine password.

Type: string

Must be at least 1 characters long

Type: null

Kdc

Type: array of string Default: []

List of kerberos domain controllers. If the list is empty then the kerberos libraries will use DNS to look up KDCs. In some situations this is undesirable as kerberos libraries are, for intance, not active directory site aware and so may be suboptimal.

 No Additional Items
Each item of this array must be:
Type: string

Must be at least 1 characters long

Admin Server

Type: array of string Default: []

List of kerberos admin servers. If the list is empty then the kerberos libraries will use DNS to look them up.

 No Additional Items
Each item of this array must be:
Type: string

Must be at least 1 characters long

Kpasswd Server

Type: array of string Default: []

List of kerberos kpasswd servers. If the list is empty then DNS will be used to look them up if needed.

 No Additional Items
Each item of this array must be:
Type: string

Must be at least 1 characters long



Required roles: DIRECTORY_SERVICE_WRITE