Synology Active Directory Server Setup Guide (& Tips & Tricks)

All questions regarding Synology's Directory Server package can go here
Forum rules
1) This is a user forum for Synology users to share experience/help out each other: if you need direct assistance from the Synology technical support team, please use the following form:

https://account.synology.com/support/su ... p?lang=enu



2) To avoid putting users' DiskStation at risk, please don't paste links to any patches provided by our Support team as we will systematically remove them. Our Support team will provide the correct patch for your DiskStation model.
sieberta
Versed
Versed
Posts: 275
Joined: Sun Feb 22, 2015 2:59 pm

Re: Synology Active Directory Server Setup Guide (& Tips & Tricks)

Unread post by sieberta » Fri May 18, 2018 3:15 pm

Without knowing more information, it is hard to provide direction... Googling your error message related to samba may help?

I would look hard at the DNS configuration settings on your client using IPCONFIG /ALL and possibly NSLOOKUP.

I would also ensure the user you're trying to use to join to the domain has adequate permissions.

Beyond that, lots and lots of screenshots of your client network configuration, domain join screens, and your server domain configuration would be helpful. That said, if you black out everything you might want to for security purposes, it will be the same information we really need.

sieberta
sieberta
---------
Devices: DS415+ (2014), DS216+II (2016), DS916+ (2017)
Applications: Active Directory Server, Antivirus by McAfee, Cloud Station Server, Cloud Sync, CMS, DNS Server, DHCP Server, Hyper Backup, Hyper Backup Vault, SMB/CIFS, SFTP, Snapshot Replication, Storage Analyzer, VPN Server, WebDAV Server

ZidanSilverlane
I'm New!
I'm New!
Posts: 2
Joined: Sat May 19, 2018 3:07 am

Re: Synology Active Directory Server Setup Guide (& Tips & Tricks)

Unread post by ZidanSilverlane » Sat May 19, 2018 3:15 am

Before anything, I would like to offer my respect and enormous gratitude to Sieberta. Your guide was thorough and complete. Of course one would need to be at least just one level above a noob to understand it, but anyone that has actually landed on this posted is most likely at that level.

Again, thank you for this guide is worth money.


Tim. I think I had the similar problem.. Did you try changing your DNS preferences on your Adapter settings? Point it to yoor NAS.

Now, I do have one question:

Is it normal that when I apply a policy, I run GPUPDATE /ALL, log out from the administrator account, log back in with a test account, the policies have not yet been applied? Only after a while do the policies seem to take effect. Is this normal or have I made a mistake somewhere?
All of this is being tested on a VirtualBox enviroment-A virtual machine is holding the RSMT, joined on the domain, I log in with administrator, apply settings, gpupdate, log out and log back in with a test account.

ZidanSilverlane
I'm New!
I'm New!
Posts: 2
Joined: Sat May 19, 2018 3:07 am

Re: Synology Active Directory Server Setup Guide (& Tips & Tricks)

Unread post by ZidanSilverlane » Sat May 19, 2018 3:18 am

I would like to add, that while testing this system, on a virtualbox running on a host connected to the WIFI using a wifi usb adapter, applying policies and updating was rather problematic. It would sometimes not find the domain. I ran a wire from router to the host pc: problem solved.

I mention this because while testing one might assume that the system is flawed and abandon the project in mind. But knowing that with an ethernet cable the problem is solved, the project can still be developed. Hope it helps anyone

sieberta
Versed
Versed
Posts: 275
Joined: Sun Feb 22, 2015 2:59 pm

Re: Synology Active Directory Server Setup Guide (& Tips & Tricks)

Unread post by sieberta » Sat May 19, 2018 12:05 pm

ZidanSilverlane wrote:
Sat May 19, 2018 3:15 am
Before anything, I would like to offer my respect and enormous gratitude to Sieberta. Your guide was thorough and complete. Of course one would need to be at least just one level above a noob to understand it, but anyone that has actually landed on this posted is most likely at that level.

Again, thank you for this guide is worth money.


Tim. I think I had the similar problem.. Did you try changing your DNS preferences on your Adapter settings? Point it to yoor NAS.

Now, I do have one question:

Is it normal that when I apply a policy, I run GPUPDATE /ALL, log out from the administrator account, log back in with a test account, the policies have not yet been applied? Only after a while do the policies seem to take effect. Is this normal or have I made a mistake somewhere?
All of this is being tested on a VirtualBox enviroment-A virtual machine is holding the RSMT, joined on the domain, I log in with administrator, apply settings, gpupdate, log out and log back in with a test account.
Yes and no. It is appropriate for what you're doing, but not for what you could be doing.

Don't use an administrator account to do a GPUPDATE, use the user account. There is no real reason to use an administrator account that I am aware of. Most policies you'll probably leave setup to 'run in the logged-in users security context', which is appropriate for the actual user, not the admin.

That said, I learned that you must run the command prompt with elevated privileges when doing a GPUPDATE. It will claim it completes successfully, but some of the policies are not applied.

Lastly, I only do GPUPDATE when testing policies. I let them auto-propagate under standard deployment conditions.

Thanks for all of the kind praise. I would mention, at least as it relates to active directory, I really am only that one-step above a noob that you indicated one needs to be to understand the guide... I've learned a lot through my deployment of SAD and other's posts here since I created that How-To post.

The power of community...

sieberta
sieberta
---------
Devices: DS415+ (2014), DS216+II (2016), DS916+ (2017)
Applications: Active Directory Server, Antivirus by McAfee, Cloud Station Server, Cloud Sync, CMS, DNS Server, DHCP Server, Hyper Backup, Hyper Backup Vault, SMB/CIFS, SFTP, Snapshot Replication, Storage Analyzer, VPN Server, WebDAV Server

Post Reply

Return to “Active Directory Server”