Active Directory Fails to Connect to 2K16 Domain

My Cloud OS 3 Personal & Network Attached Storage My Cloud EX2
1

Hi,

My MyCloud EX2 Ultras (both of them) worked great at an older firmware version, but when I upgraded to 2.31.195 they fail to connect to the domain (was working fine with earlier firmware).

I know I’m typing the password right to connect to the domain because when I type it wrong, I receive a different message than what I receive when I type it correctly.

I’ve reviewed Answer ID 6122. So I’ve checked these things:

  • My times are all within 5 minutes of each other and I’m using the same timezone.
  • The account I’m using is a member of the Domain Users, Domain Admins, Schema Admins, and Enterprise Admins.
  • The account doesn’t use a dot in its name.
  • Using FQDN with exactly one dot.

I see forward and reverse name resolution is required for AD Domain joining. I believe that means that if I do an:

nslookup <my cloud ex2 ultra’s ip>
nslookup <my cloud ex2 ultra’s hostname>

On a Windows 10 system on that network, and the DNS replies with consistent answers we’re good to go for this requirement, right? That’s what I did and saw what I expected to see as a reply from the DNS. If not let me know what the correct test to do is.

The only possible thing I think it could be is that I’m using Server 2K16 for my Domain Controllers. See compatibility with 2003 - 2012 (i.e., NOT 2016!).

So, the message I get when I try to connect the box to the domain is:

“Connection Failed. Please check your configuration.”

I tried turning detailed logging on, but nothing interesting seems to go into the logs about the nature of the connection problem.

I should add that LDAP Server Signing on the Domain Controllers is off. Not sure if it would ever work with it on.

Any ideas on how to figure out what the roadblock is?

2

Been playing this a lot over the last week. With odd results, but ultimately positive. :slight_smile:

  1. Noticed that Windows in domain systems could resolve NAS hostname, FQDN of NAS hostname, IP of NAS hostname to each other.

  2. Noticed (via SSH in to NAS) that NAS could not resolve any non-qualified hostnames. Normally you fix this with a change to /etc/resolv.conf by adding: search . Doing so made it resolve such nslookups. However, these changes aren’t permanent. They disappeared every time I rebooted or tried to join to the domain. Domain joining failed anyway. :frowning:

  3. I may have turned another MS related feature on in UI. Can’t recall what it was. May have had something to do with Windows network discovery. I believe it was near the Active Directory config link in UI. As far as I could tell there were no changes.

  4. After letting the systems just sit by themselves over the extended holiday season, I can in to try again and noticed that (somehow), /etc/resolv.conf now had my “search ” line and a “domain ” line it it. Not sure how they magically found there way in there, but then I tried joining the domain and it worked! So sadly, no idea why.

  5. One other note, the password to login to the domain’s password was expiring, but hadn’t yet expired until yesterday. When I came in today, I changed the password in AD when it told me I needed to, then tried to login which failed (as expected) with the rpc / login error . Changed the password to the new on and viola, it connected very nicely, to my surprise.