08-29-2011 03:46 AM
I've seen plenty of messages that there are bugs in the code that deals with Active Directory in the NAS110 (and presumably other BA-NAS models). Has Seagate fixed these bugs in a new firmware release? I have firmware version 1000.1081 (Oct 2010) and the web management GUI says no update is available.
Some of the other messages in this forum suggest these workarounds:
- use SetSPN (Service Principal Name command line tool) fix incorrect SPN created by NAS110
- use only lowercase password
- create DNS forward and reverse entries
There's mention of a bug that if you reboot the NAS (using its web GUI), Active Directory association is lost. It just happened to me (though I did not reboot it).
If this is accurate, why hasn't Seagate fixed such a critical component (Active Directory) of their code?
Baffled owner of a NAS110,
08-29-2011 09:46 AM
Hmmm, suspecting that the NAS 110 's web interface might not be accurately reporting whether a firmware update is available (on the System->Firmware Update->Auto Update page), I browsed Seagate's web site and found there actually is a newer firmware version 1000.1211 available. Guess they even have bugs in their auto update GUI - arghhh.
So, I updated it to this newest version in hopes they fixed the AD bugs (and anything else that was buggy). Does anybody know if AD is fixed in this version?
The 1 page .PDF of "Release Notes" that is posted on their web site should be a total EMBARRASSMENT to Seagate! It contains no useful notes and was written by someone that can barely speak English. I sure hope the developers are better at coding than the documentors are at writing
The odd thing is that I thought the user manual was quite well written for a product of this nature and price.
08-29-2011 10:01 AM - edited 08-29-2011 10:02 AM
Looks like there are still bugs with authenticating in AD When I tried to map a drive (in Vista) to a shared folder on the NAS110, it prompted me for a user name & password. I entered my user name (domain\user) and password, checked the remember box and clicked OK. It accepted the credentials, but it will not let me access the mapped drive, reporting "W:\ is not accessible. Network Access is denied.". I guess I'll rebuild the shared folders' permissions in the NAS110's GUI (it currently does show my domain username as having FULL access).
Removing my user name from the NAS110's "Full Access" list, then simply adding it back and clicking on [Submit] did the trick. Now I can access the shared folder from my PC. Hopefully this bug is a one time event because of the firmware update? But based on other users complaining of AD issues, I think the problem will likely happen again...
08-30-2011 02:28 PM
I called Seagate tech support and learned that my Active Directory problems may be happening because my SBS 2008 server's Fully Qualified Domain Name (FQDN) ends with ".local", which the tech said results in an "unresolvable FQDN". I am not a networking expert, so in laymans terms I think he was saying .local is not registered on the Internet, so therefore it is not routable (findable).
I then asked why does the NAS110's domain configuration page (under Network->Workgroup) allow one to enter ".local" in the "Domain Name" field, if it does not meet their FQDN requirements? He had no answer
I then mentioned to the tech about Microsoft's KB article 296250, titled "The Domain Name System name recommendations for Small Business Server 2000 and Windows Small Business Server 2003". It states 3 different suggestions for FQDN naming, the first of which mentions using, you guessed it, ".local":
Make the name a private domain name that is used for name resolution on the internal Small Business Server network. This name is usually configured with the first-level domain of .local. At the present time, the .local domain name is not registered on the Internet.
In looking at customers' servers (I am an IT consultant) over the years, I frequently see .local in use. That means Seagate's NAS implementation, as relates to AD and domains, is destined to fail for a good portion of Windows server environments!
I'll bet many of the AD bugs/issues listed in this forum are related to this FQDN issue!
I also asked the tech if a more senior tech or guru might be able to explain a workaround, which the tech described as "you need to create a manual routing table entry"? He said they had no whitepapers on this issue, and that he'd pass my request on to his lead tech, but insisted nobody at Seagate would be willing to provide a solution
Come on Seagate - start reading these forums and make your products better!!!
A frustrated customer...