Problem:
A TrueNAS system connected to a Univention Corporate Server (UCS) domain is experiencing Kerberos authentication failures. A newly added user to a group assigned access to a TrueNAS share is unable to access the folder. Diagnostics reveal inconsistencies in Kerberos key versions and Service Principal Names (SPNs) across domain controllers (DCs).
Solution:
- Remove the TrueNAS Computer Account:
- Delete the STOR1$ account from the UCS domain via the Univention Management Console (UMC).
- Rejoin the TrueNAS to the Domain:
- Reconfigure the TrueNAS to join the domain, ensuring it uses the correct DNS settings and Kerberos configuration.