BlackArmor NAS Network Storage Server

turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Reply
Topic Options
alienreptile
Regular Visitor
alienreptile
Posts: 3
Registered: ‎04-20-2010
0

Joining a NAS 110 to a Windows Domain is a useless broken feature:(

Options

‎04-20-2010 09:37 AM

After finally contacting support due to the limited amount of information on this feature, I've just learned that if you have a Windows domain with more than one DC, the join to the domain feature is not supported.  I have a domain with 2 domain controllers(very typical for a small organization, 1 primary and a backup).  I joined the NAS 110 to the domain succesfully, no problems.  I saw the users available when I went to assign permissions to a share I created on the NAS 110.  I then go to access the share and my domain credentials are constantly rejected even though they are correct.

 

This is a disappointment and I'm mainly posting here to inform others of this since I couldn't find it documented in their KB or in the user guides.  Maybe I missed the documentation and please correct me if I'm wrong.  This post is mainly to complain about a feature that shouldn't be present if it's not done correctly and to inform others who have run accross this so they don't have to call support to find this out.

 

Engineering, please fix this in a firmware upgrade or don't tease people with this feature.  I realize some organizations have 1 domain controller, but quite a bit more have more than one.  It's much easier to manage this if it's joined to our domain.  Now users have to remember yet another username and password.  On top of this, make a warning pop-up or a big note on the Workgroup section of the configuration stating this limitation.  I've spent a few hours working on this making sure I had everything correct before contacting support. 

 

Thanks

Report Inappropriate Content
Message 1 of 5 (3,508 Views)
 
Reply
Seagate Network Specialist
RAsg
Posts: 353
Registered: ‎11-09-2007
0

Re: Joining a NAS 110 to a Windows Domain is a useless broken feature:(

Options

‎04-20-2010 12:32 PM

Hello,

 

Sorry, but I am not understanding completely what was meant by, "my domain credentials are constantly rejected even though they are correct."

Let me list how joining my 440 to the AD Domain works for me.  

 

In the NAS Manager page, Network and Lan section, I made sure the correct DNS Server IP Address was first in the IP list. Next, I went to Network and Workgroup and I successfully joined the Domain. Then I went to Access and Folder Share Permissions.  I modified a share and it showed a list of Domain Users in the Unassigned Users field as it should.  I put one of them in the Full Access field for that Share and Submitted. ( I know you did all this up to this point.)

Next, I went to another computer on the Network and then at Windows Boot I logged in as the Domain User that I just assigned to a share on the NAS. Once on the Desktop I did a Start and Run - \\nas ip and got to the root of the NAS.  I could open the share without credentials because I logged in to the computer at boot as that Domain User.  Then I mapped a letter to the share on the NAS at that point.

I did the same for several other computers.  That's how it works for me.

I have a few computers on a router and a 2008 server and the NAS.  In 2008 I installed AD originally with all defaults and created some users there, very simple setup.  

Report Inappropriate Content
Message 2 of 5 (3,498 Views)
 
Reply
JustMii
Visitor
JustMii
Posts: 1
Registered: ‎04-27-2010
0

Re: Joining a NAS 110 to a Windows Domain is a useless broken feature:(

Options

‎04-27-2010 01:14 PM

Sorry, RAsg, but I followed your instructions line by line.  When I got to the part of seeing the unassigned users, all I saw was the admin, no domain users.

 

Everything else was right on, though.  But still a useless piece of equipment if you can't assing share permissions based on an AD.

Report Inappropriate Content
Message 3 of 5 (3,383 Views)
 
Reply
alienreptile
Regular Visitor
alienreptile
Posts: 3
Registered: ‎04-20-2010
0

Re: Joining a NAS 110 to a Windows Domain is a useless broken feature:(

Options

‎04-27-2010 01:38 PM

RAsg wrote:

Hello,

 

Sorry, but I am not understanding completely what was meant by, "my domain credentials are constantly rejected even though they are correct."

Let me list how joining my 440 to the AD Domain works for me.  

 

In the NAS Manager page, Network and Lan section, I made sure the correct DNS Server IP Address was first in the IP list. Next, I went to Network and Workgroup and I successfully joined the Domain. Then I went to Access and Folder Share Permissions.  I modified a share and it showed a list of Domain Users in the Unassigned Users field as it should.  I put one of them in the Full Access field for that Share and Submitted. ( I know you did all this up to this point.)

Next, I went to another computer on the Network and then at Windows Boot I logged in as the Domain User that I just assigned to a share on the NAS. Once on the Desktop I did a Start and Run - \\nas ip and got to the root of the NAS.  I could open the share without credentials because I logged in to the computer at boot as that Domain User.  Then I mapped a letter to the share on the NAS at that point.

I did the same for several other computers.  That's how it works for me.

I have a few computers on a router and a 2008 server and the NAS.  In 2008 I installed AD originally with all defaults and created some users there, very simple setup.  

I'm sorry you misunderstood the original post.  How many domain controllers do you have?  I'm assuming 1.  If this is correct then that's why it works for you.  My complaint is the feature is incomplete.  If you have a domain with more than 1 domain controller, this feature isn't supported and doesn't work.  So if you have 2 domain controllers such as we do, one primary, and one backup just in case the primary dies we can still function, if you try to access the device via the method you spoke of Start-->Run \\nasip then you are prompted for credentials, you input your credentials, and you are continually prompted for your credentials with no access to the NAS.

 

I haven't had a chance to attempt to figure out what the problem is so I could maybe get a work-around going.

 

 

Report Inappropriate Content
Message 4 of 5 (3,377 Views)
 
Reply
Seagate Network Specialist
RAsg
Posts: 353
Registered: ‎11-09-2007
0

Re: Joining a NAS 110 to a Windows Domain is a useless broken feature:(

Options

‎04-29-2010 09:25 AM

Hello,

 

You are correct.  I only have a single domain controller.  

Take a look at this post.  It may not relate and probably won't help but the poster stated, "this is the only procedure that has worked consistently for the mixed platforms on my domain."

 

Click Here

 

The feature "Active Directory Integration", means when the BlackArmor joins the domain it gets a list of Domain Users which can be assigned to shares.  The Admin doesn't have to create users all over again. I can understand it being labeled as a broken feature when it doesn't work with every configuration. 

 

Hopefully future firmware updates will include enhancements related to this issue.  I know it has been requested already.  

Report Inappropriate Content
Message 5 of 5 (3,299 Views)
 
Reply