Active Directory size limitation?

A member of my domain picked up a dl2100 and wants me to get it hooked into our network, but I’m having issues with how the device UI is interacting with my active directory. Although it connects properly and shows me some users (800, plus the default local account), my directory is much larger than that. The users it shows seem to have been selected at random as opposed to the first 800 alphabetically, and have no corelation to OU organization. The user list does not change upon reboots.

This is a pretty serious problem as I’m trying to setup secured access to the shares. I’ve already discovered that I can’t change share properties while connected to AD, since the system times out, and it just seems like the system is incapable of handling a large AD. Am I missing something? I grabbed the latest firmware update (1.06.133), was that a mistake?



Welcome to the WD Community. 

Try reaching out to support to check what’s the limit of users allowed by the unit. 

The DL line is for small business and end users.

For a big company with a 1000 + users, I’ll recommend a WD Sentinel.

WD contact info:

I’ve submitted a support request and am waiting to hear back, thanks for your reply.

The unit is for use by a small group within our large academic research institution, and will only be used by ~6 people max. The spec is perfect for their application (plus we’re WD fans, our NAS systems are all populated with WD Reds), but if it has a built in user limit I’ll have to return it and go back to recommending Synology diskstations.

I’m really hoping I just did something wrong, if this is normal than I’d assume it would hold true for any research institution which would cut off a huge market for these systems.

The DX4000 is an older windows based unit.  It has domain join and the you can select a security group.  That way only the users in that group are listed in the dashboard users.  I am not really recommending it for you as it is getting kinda old and hard to get drives that work in it.  Just sayin :slight_smile:

The DS 5100/6100 mentioned must be a Domain Controller and has a 25 user limit so that is out.

I do not know linux at all.  I think it is Samba or something under the hood in the DL that does the active directory.  Some smart Linux dude might could set it to import just your group.

Before you return it though you might just try it without the AD integration.  Manually add a couple of your users with the same username and password of the domain and see how that works.  Problem is you will have to update the passwords on the DL manually if they change on the domain.

1 Like

Miracuously, a test security group that was marked for deletion is among the limited number of groups that are loaded. I’ve removed the delete request and loaded it with the desired users, and am now trying to use the security group to manage share permissions, but even though it shows up in the “Users>Groups” tab, it doesn’t show up as a configurable user/group when looking at the actual Share folder. Cool.

Thank you for your response Gramps, did the DS 5-6100 systems list a 25 user limit? I’m still waiting for even a confirmation (or any communication) on my support request as to wheter there is a limit. I guess I could make generic local logins for each user (cloning domain credentials isn’t viable), which isn’t a great solution but at least would be workable.

I’ve started looking into modifying krb5.conf directly, hopefully this will lead to something useful.


I’ve managed to add users manually by modifying /etc/samba/smb.conf (tested working with a handful of AD accounts) but a reboot will reset the system to the GUI based values. Any thoughts on how I can prevent this from happening?

no clue

can you mark smb.conf read only?  Will that stand a reboot?

Oh, the ds series limits

The WD Sentinel DS5100 is a complete, fully configured solution with automatic backup
and restore software for up to 25 users
and 50 computers, all at a very affordable price. By combining a single solution for both
storage and server requirements, the
WD Sentinel DS5100 is a great solution for any small business looking for their first server.

Support just confirmed that there is an 800 AD user limit and 200 AD group limit on the DL2100

I might poke at the manual config for another day or two, but it’s likely the unit is getting returned.

Thanks for the update with the numbers. 

You might look at the DX 4200  It runs windows Storage Server 2012 Workgroup  which is “plain ole Windows”

You could just create shares on it and give your group permissions

I forgot about it when someone mentioned the DS

The DX line is overkill for this lab’s needs (and budget), and if I were to pickup a 4+ bay at that price point I might as well go with something that I know works. There are dual bays I have experience with in the cost range of the DL2100 that I can populate with the same drives for ~$100 more, which is the route I’ll be going.

Between subnet specific access (putting the system on a 10.X.X.X internal network caused the webUI to show a “can’t access” page and the WD explorer program to freak out) and the issues with AD integration, this has left a pretty bad taste in my mouth for WD NAS products. Limitations are expected in a low-mid cost solution, but there’s a difference between dealing with them as expected, and having them pop up as surprises during installation.

Just be sure an put WD Drives in your NAS !  JK, does not matter to me.  I just try to help folks who buy stuff make it do what it should.  I started almost 20 years ago with Microsft Small Business Server.  I ended up with a DL4100 so I can answer some basic questions, but I know nothing about *nix

I don’t think WD fully has their arms around business needs yet.  For example all the shares in the DL default to public where I think Business wants the default to be private.  They want it to be simple, and I want it to be secure.

If you have the time and desire I am not sure I followed your issue with the 10.x.x.x  I know that ( will say all, I may be wrong) all of the Windows Essentials products require the server and clients to be on the same subnet for their features to work.  I have not tried the DL on different subnets.

Also curious wwhat NAS you end up with?  Qnap?

Again thank you for your time and feedback.  It helps


There’s an ungodly amount of rack storage in our server room that I’m not involved in (not sure what hardware they’re working with), but for smaller stuff we’re mostly synology guys. We all lost some sleep during the whole SynLocker thing last year, but other than that it has been smooth sailing. The only outstanding issue we have is that some of our datasets wind up having 100,000+ files in a single directory which can cause some issues during an automated backup.

The subnet thing turns out to have been just a dashboard security restriction setting, which was my own inexperience rather than an actual problem. I accessed it via the public IP it originally pulled, then shifted it to a 10.X.X.X (we do this to protect printers/NAS/whatever and cut back on IP usage) by setting it up with a hostame and IP reservation in our DNS and rebooted. In my defense, the onset of the issue was a bit confusing. The explorer software showed me the device, let me attempt to connect to it, but gave me a username dropdown without entries and would lock up when I tried to do anything. Slightly frustrating.

It’s possible the DX line is much more business oriented, but it’s difficult for me to take the additional time to find out, when there are alternatives available that everyone here has already vetted and is comfortable with. I was really hoping this unit would be quickly absorbed into our family because I really do like the WD hardware. I’m serious when I say everything is populated with Reds, and if it isn’t yet, it will be once the other drives cough Seagate cough eventually fail.

Thanks for the info

FWIW Microsoft has a “new” product Windows Storage Server 2012R2 Essentials to get their foot in the NAS market. It is an OEM thing and curently only Seagate and Thecus are shipping versions of it. I keep hoping WD will offer one but no clue and have not seen even a hint of one.

So it is real Server 2012R2 Standard with the Essentials role.  The Essential role gives you an easy to administer dashboard to create user, shares, remote access etc.  As well as client PC backup which I am in love with.  It has a 25 user limit also and does not have the sweet AD Group option like the DX4000.  It does have a security group along the lines of “make user invisible to the dashboard”  So in my case joined to an SBS domain I can hide all the service accounts that show up as users and then I just have 5 users listed instead of 18 and it is happy.  I am not real sure how well this would scale to 1k users though.  I mean there is a powershell cmd to put the world in that group and then you could take out the users you wanted, but I have not thought this through if you had more than one of these boxes.

Anyway’s the 2 bay is under $350 with no drives which includes the windows server OS so that ain’t too shabby :slight_smile: Though the Seagate is headless and I am just not going to put my data on a headless server.  There is not a way to do a full system restore that I am aware of.  The Thecus has vga and HDMI out.

You probably should stick with what works for now but keep an eye out for this other thing.  Oh, they are also Atom CPU’s which means there is a 4gb ram limitation.  Seems to work fine for a NAS.  You would not want to run a LOB app on it.