[SOLVED] NAS fails to join domain

[DFLiddle]

Server Version Information:

Code: [Select]

Distributor ID: Ubuntu
Description:    Ubuntu 12.04.2 LTS
Release:        12.04
Codename:       precise

Code: [Select]

Linux zentyal 3.2.0-49-generic #75-Ubuntu SMP Tue Jun 18 17:39:32 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

Code: [Select]

ii  zentyal-ca                           3.0.3                                   Zentyal - Certification Authority
ii  zentyal-common                       3.0.7                                   Zentyal - Common Library
ii  zentyal-core                         3.0.22                                  Zentyal - Core
ii  zentyal-dhcp                         3.0.3                                   Zentyal - DHCP Service
ii  zentyal-dns                          3.0.10                                  Zentyal - DNS Service
ii  zentyal-ebackup                      3.0.6                                   Zentyal - Backup
ii  zentyal-firewall                     3.0.5                                   Zentyal - Firewall
ii  zentyal-ids                          3.0.3                                   Zentyal - Intrusion Detection System
ii  zentyal-network                      3.0.6                                   Zentyal - Network Configuration
ii  zentyal-ntp                          3.0.1                                   Zentyal - NTP Service
ii  zentyal-objects                      3.0.2                                   Zentyal - Network Objects
ii  zentyal-printers                     3.0.4                                   Zentyal - Printer Sharing Service
ii  zentyal-samba                        3.0.21                                  Zentyal - File Sharing and Domain Services
ii  zentyal-services                     3.0.4                                   Zentyal - Network Services
ii  zentyal-software                     3.0.5                                   Zentyal - Software Management
ii  zentyal-usercorner                   3.0.6                                   Zentyal - User Corner
ii  zentyal-users                        3.0.21                                  Zentyal - Users and Groups
Server Environment:
This server is a guest VM in a Proxmox VE 2.3 host running on a Dell PowerEdge R610. It serves as the primary domain controller for eu.wycliffe.net. It is the primary DNS and WINS server, but it is not the gateway for the network. It connects to the Internet through a 3com Baseline Switch 2952 to a ZyXEL ZyWALL USG-200. It is the ZyWALL that functions as DHCP server, gateway, and firewall.

Problem:
One of our storage devices is a Synology RackStation RS411 running an up-to-date DSM 4.2. I want to join this NAS to the domain, but I have had no success doing so, though I have followed Synology's instructions (http://www.synology.com/support/tutorials_show.php?q_id=483) to the letter. Synology Support suggested that the problem lies somewhere in the domain environment.

After I installed the Zentyal server last year, I had no difficulty adding an old Synology RackStation RS407 (DSM 3.1) to the domain. I also have a newer DiskStation DS710+, which is running DSM 4.3 beta, and it joined the domain successfully last week. It is only this RS411 that is showing the problems.

Symptoms:

• Despite the NAS' DNS settings being correct, the domain join process reports that it cannot find the domain without specific information about the DC.
• Despite the inclusion of specific domain information, the process reports failure ("domain join fail").
• The machine account is created, but I notice in Active Directory that the DNS name field is empty, though for all other machines AD shows the correct FQDN.

Log Files:
I have set the log level in /etc/samba/smb.conf to "10" and can see information related to the domain join attempt in /var/log/samba/samba.log, but I do not know how to interpret what I read, and I don't want to include more from the log in this post than I need to. If someone would suggest a filter to thin out the irrelevant clutter, I will be happy to post the log.

Thank you for taking the time to read this post, think about my problem, and offer your help.

[DFLiddle]

Update: I have restored this device to its factory defaults and reloaded it with the current system, DSM 4.3. There is no change to its inability to join the domain. I consistently see the DNS name fail to appear in the machine account that appears in Active Directory. If someone has any idea about the cause of this, whether in Zentyal (now 3.0.26) or Synology, please speak up.

[christian]

There is another post related to Synology not able to join Zentyal domain (or LDAP, I don't remember). Have a look, it may match your problem...

[DFLiddle]

Thanks for the tip, Christian. If you were referring to this post:

http://forum.zentyal.org/index.php/topic,17126.0.html

I'm sorry to say that the only relevant suggestion apparent to me -- changing the administration interface port number -- did not produce any change in the behavior of my RackStation RS411.

[christian]

Well, this is not a matter of "admin interface" but rather port number to be used in order to contact LDAP server, then issue with authentication from NAS using hardcoded password (unless I attached wrong link  )

Based on what you describe, I don't think problem is linked to hardware but you are or were using 3 different DSM versions (3.1, 4 and 4.3 beta)  that are showing different behaviour.
What I don't understand is that your first post refers to AD. Does it mean you have an AD (Windows) server somewhere, perhaps synchronizing with Zentyal ?

[DFLiddle]

After upgrading the domain controller to Zentyal 3.2, I tried adding the Synology RS411 NAS to the domain, and this time I was successful. Nothing changed on the NAS or in the process I used to add it. Please don't ask me which of the many changes implemented in 3.2 made this possible.

[christian]

Good to know. These changes are perhaps documented somewhere 
I'm looking for the "change log" 

[zippydan]

After upgrading the domain controller to Zentyal 3.2, I tried adding the Synology RS411 NAS to the domain, and this time I was successful. Nothing changed on the NAS or in the process I used to add it. Please don't ask me which of the many changes implemented in 3.2 made this possible.

Is there any chance you could go into an overview of what settings you used to connect the Synology to the Zentyal domain?  Right now, I am trying to setup a DS1513+ to connect to a Zentyal 3.5 domain, and I am getting the same domain join error:

Failed to join the Windows domain.  Please check your domain and firewall settings and try again.

Edit: Sorry to resurrect this thread.  Following the example in Russian shown here: https://forum.zentyal.org/index.php?topic=19052.0 I was FINALLY able to get my Synology (running DSM 5.0-4493 Update 3) to join to the Zentyal 3.5 domain.  The only small puzzle piece missing from the explanation in my link: I had to create a user specifically for the Synology box on the Zentyal domain.  I also added that user to the Domain Admins group.