7/27/2025

Step-by-Step Guide to Configure TrueNAS with Windows Server 2025 Standard


Prerequisites

Hardware and Software Requirements:

  1. TrueNAS system (SCALE or CORE, version 13 or later recommended) installed on compatible hardware (minimum 8GB RAM, SSD for boot drive, and sufficient storage drives).
  2. Windows Server 2025 Standard installed and configured with Active Directory Domain Services (AD DS) and DNS roles.
  3. Both systems connected to the same network with proper IP addressing (preferably static IPs).
  4. Administrative credentials for both TrueNAS and Windows Server.
  5. A Windows client machine for testing access to shares (optional but helpful).

Network Configuration:

  1. Ensure both TrueNAS and Windows Server are on the same subnet or have routable network connectivity.
  2. Verify DNS resolution: TrueNAS must resolve the Windows Server’s AD domain name (e.g., example.local).

TrueNAS Version:

  1. This guide focuses on TrueNAS SCALE 25.04 or TrueNAS CORE 13, as these are recent versions compatible with modern Windows Server environments. If you’re using an older version, consider upgrading.

Windows Server Setup:

  1. AD domain is fully configured with at least one domain controller.
  2. DNS server is running on the Windows Server, and the TrueNAS system can query it.


Step 1: Prepare TrueNAS Network Configuration

Access TrueNAS Web Interface:

  1. Boot your TrueNAS system and note the IP address displayed on the console.
  2. Open a web browser on a computer in the same network and navigate to http://<TrueNAS_IP> (or https://<TrueNAS_IP> if SSL is enabled).
  3. Log in with the default credentials (username: truenas_admin or root, password set during installation).

Configure Network Settings:

  1. Navigate to Network > Global Configuration.
  2. Set the Hostname to a meaningful name (e.g., truenas01).
  3. Set the Domain to match your AD domain (e.g., example.local).
  4. Under Nameserver 1, enter the IP address of your Windows Server’s DNS server (e.g., 192.168.1.10).
  5. Save changes.

Configure Network Interface:

  1. Go to Network > Interfaces.
  2. Edit the active network interface (e.g., en0).
  3. Assign a static IP address (recommended) or ensure DHCP is providing a consistent IP.
  4. Example: IP Address: 192.168.1.100, Subnet Mask: 255.255.255.0, Gateway: 192.168.1.1.
  5. Save and test the configuration by pinging the Windows Server from the TrueNAS shell:
  6. Go to System Settings > Shell.
  7. Run ping <Windows_Server_IP>.
  8. Ensure you get a response.

Verify DNS Resolution:

  1. In the TrueNAS shell, run:
  2. bash

nslookup <domain_name>
  1. Example: nslookup example.local. Confirm it resolves to the Windows Server’s IP.
  2. If DNS fails, double-check the DNS server IP in the network settings.

Step 2: Join TrueNAS to Active Directory


Prepare Windows Server AD:

  1. Log in to your Windows Server 2025.
  2. Open Active Directory Users and Computers.
  3. Create a user account for TrueNAS to use for AD binding (e.g., truenas_bind).
  4. Example: Username: truenas_bind, Password: SecurePass123!.
  5. Ensure the password does not expire (set “Password never expires” in user properties).
  6. Optionally, pre-create a computer account for TrueNAS in AD under the desired OU (e.g., OU=Servers,DC=example,DC=local).

Configure Active Directory in TrueNAS:

  1. In the TrueNAS web interface, go to Credentials > Directory Services.
  2. Click Configure Active Directory.
  3. Fill in the following fields:
  4. Domain Name: Your AD domain (e.g., example.local).
  5. Bind User: The AD user for binding (e.g., example\truenas_bind).
  6. Bind Password: The password for the bind user (e.g., SecurePass123!).
  7. Enable: Check this box to activate AD integration.
  8. NetBIOS Name: Set to the TrueNAS hostname (e.g., truenas01).
  9. Site (optional): Specify your AD site if applicable.
  10. Kerberos Realm: Select the default realm created for your domain (TrueNAS auto-detects this).
  11. Click Advanced Options for additional settings:
  12. Ensure Allow Trusted Domains is unchecked unless you have a multi-domain setup.
  13. Set Verbose Logging for troubleshooting if needed.
  14. Click Save.

Verify AD Join:

  1. After saving, TrueNAS will attempt to join the AD domain. This may take a few seconds.
  2. Check the status under Directory Services > Active Directory. It should show “Healthy” or “Joined”.
  3. If it fails, check:
  4. DNS resolution (nslookup example.local).
  5. Correct bind user credentials.
  6. Firewall settings on Windows Server allowing TrueNAS to connect (ports 53, 88, 135, 389, 445, etc.).
  7. In the TrueNAS shell, verify AD integration:
  8. bash

wbinfo -u
  1. This should list AD users. Also, run wbinfo -g to list AD groups.


Step 3: Create a Storage Pool and Dataset


Create a Storage Pool:

  1. Go to Storage > Pools > Add.
  2. Select Create new pool and click Create Pool.
  3. Name the pool (e.g., DataPool).
  4. Select available disks (e.g., two or more drives for RAID-Z1 redundancy).
  5. Choose a Vdev configuration (e.g., RAID-Z1 for redundancy).
  6. Click Create and confirm to erase the selected disks.

Create a Dataset for SMB:

  1. In the Pools section, click the three dots next to your pool and select Add Dataset.
  2. Name the dataset (e.g., SMBShare).
  3. Set Share Type to SMB (this optimizes the dataset for Windows file sharing).
  4. Under Advanced Options, set Case Sensitivity to Insensitive (recommended for Windows).
  5. Click Save.

Set Permissions for the Dataset:

  1. Click the three dots next to the dataset and select Edit Permissions.
  2. Set Owner to an AD user or group (e.g., example\Administrator or example\Domain Admins).
  3. Set ACL Type to SMB.
  4. Apply permissions recursively if needed.
  5. Click Save.


Step 4: Configure SMB Shares


Enable SMB Service:

  1. Go to Services > SMB.
  2. Toggle Enable and check Start on Boot.
  3. Click Save and start the SMB service.

Create an SMB Share:

  1. Go to Sharing > Windows Shares (SMB) > Add.
  2. Click the folder icon to select the dataset path (e.g., /mnt/DataPool/SMBShare).
  3. Name the share (e.g., DataShare).
  4. Check Enabled.
  5. Optionally, enable Access Based Enumeration (ABE) if you want only authorized users to see files/folders (note: ABE may have issues with Windows Server 2025; see troubleshooting below).
  6. Click Save.

Verify SMB Configuration:

  1. In the TrueNAS shell, run:
  2. bash

testparm -s
  1. This displays the SMB configuration. Ensure the share appears correctly.


Step 5: Configure Windows Server to Access TrueNAS SMB Share


Verify Network Connectivity:

  1. From the Windows Server, open a Command Prompt and ping the TrueNAS IP:
  2. cmd

ping <TrueNAS_IP>
  1. Example: ping 192.168.1.100.

Map the SMB Share:

  1. Open File Explorer on the Windows Server.
  2. Right-click This PC and select Map Network Drive.
  3. Choose a drive letter (e.g., Z:).
  4. Enter the share path: \\<TrueNAS_IP>\<Share_Name> (e.g., \\192.168.1.100\DataShare).
  5. Check Connect using different credentials if needed.
  6. Enter AD credentials (e.g., example\Administrator and password).
  7. Click Finish.

Test Access:

  1. Verify you can access the share and read/write files.
  2. If access is denied, check:
  3. Dataset permissions in TrueNAS.
  4. AD user permissions.
  5. Firewall settings on both systems (ensure SMB ports 445 and 139 are open).


Step 6: Optional - Configure NFS (Alternative to SMB)

If you prefer NFS over SMB for specific use cases (e.g., faster performance for non-Windows clients):

Create an NFS Share:

  1. Go to Storage > Pools, select your dataset, and ensure it’s set to Generic share type.
  2. Navigate to Sharing > Unix Shares (NFS) > Add.
  3. Select the dataset path (e.g., /mnt/DataPool/SMBShare).
  4. Add authorized networks (e.g., 192.168.1.0/24).
  5. Click Save.

Enable NFS Service:

  1. Go to Services > NFS.
  2. Toggle Enable and check Start on Boot.
  3. Save and start the service.

Access NFS on Windows Server:

  1. Enable the NFS client on Windows Server:
  2. Open Control Panel > Programs > Programs and Features > Turn Windows features on or off.
  3. Enable Client for NFS under Services for Network File System.
  4. Mount the NFS share:
  5. cmd

mount \\<TrueNAS_IP>\mnt\DataPool\SMBShare Z:
  1. Test access to the mounted drive.


Step 7: Troubleshooting Common Issues

AD Join Fails:

  1. Ensure DNS settings are correct (TrueNAS must resolve the AD domain).
  2. Verify bind user credentials and permissions.
  3. Check Windows Server firewall rules (open ports 53, 88, 135, 389, 445, 464, 636).

SMB Share Not Accessible:

  1. Verify SMB service is running (Services > SMB).
  2. Check dataset permissions and ACLs.
  3. Ensure the Windows Server’s AD credentials have access to the share.
  4. If using ABE, test with it disabled, as Windows Server 2025 may have compatibility issues.


Slow Performance:

  1. Use SSDs for storage pools to improve performance.
  2. Ensure network interfaces are configured for gigabit or higher speeds.
  3. For NFS, consider enabling RDMA if your hardware supports it.


Windows Server 2025 VM Installation Issues:

  1. If running Windows Server 2025 as a VM on TrueNAS, ensure VirtIO drivers are injected into the ISO for proper disk detection.
  2. Use UEFI boot mode for modern hardware and verify the ISO is correctly mounted.


Step 8: Backup and Security

Enable Snapshots:

  1. Go to Data Protection > Periodic Snapshot Tasks > Add.
  2. Select the dataset (e.g., SMBShare).
  3. Set a schedule (e.g., daily snapshots).
  4. Save to enable automatic backups.

Secure TrueNAS:

  1. Change the default admin password.
  2. Enable two-factor authentication (2FA) in System > General.
  3. Restrict SSH access and use key-based authentication.


Backup AD Data:

  1. On Windows Server, configure regular backups of AD using Windows Server Backup.
  2. Store backups on the TrueNAS SMB share for redundancy.


Step 9: Advanced Configuration (Optional)

Replication to Windows Server:

  1. If you need to replicate TrueNAS datasets to Windows Server 2025, use rsync or a third-party tool, as direct ZFS replication to Windows is not supported.
  2. Install rsync on Windows Server (e.g., via Cygwin) and configure a task in TrueNAS under Data Protection > Rsync Tasks.

Virtual Machines:

  1. TrueNAS SCALE supports VMs, so you can run Windows Server 2025 as a VM on TrueNAS if needed. Follow the VM creation wizard in Virtualization > Add VM and use a Windows Server ISO with VirtIO drivers.


TrueNAS Apps:

  1. Install apps like Plex or Nextcloud on TrueNAS SCALE to enhance functionality. Go to Apps > Discover Apps and follow the setup wizard


Additional Notes

  1. TrueNAS SCALE vs. CORE: TrueNAS SCALE is Linux-based and supports modern features like Kubernetes apps, while CORE is FreeBSD-based and better for legacy systems. For Windows Server 2025, SCALE is recommended due to its active development.


  1. Windows Server 2025 Compatibility: Ensure TrueNAS is updated to the latest version (e.g., SCALE 25.04 or CORE 13) to avoid compatibility issues with SMB or AD integration.
  2. Documentation: Refer to the TrueNAS Documentation Hub for detailed settings