Synologys cannot connect with AD

All questions pertaining to Windows Active Directory Service can go here
Forum rules
We've moved! Head over to Synology Community ( to meet up with our team and other Synology enthusiasts!
I'm New!
I'm New!
Posts: 1
Joined: Wed Jul 11, 2018 10:10 am

Synologys cannot connect with AD

Unread post by FlorianMo » Wed Jul 11, 2018 10:35 am


Since yesterday we encountered an issue with both our Synologys servers, they lost access to the DC/AD and are raising connection errors regarding those two lines when we check the status of the connection with the domain (it's in French so I'm directly translating):
- "Check if the connection is working between Synology NAS and Active Directory Server" -> Fail
- "Check if the connection is working between Synology NAS and the Kerberos Server" -> Fail
- the 4 other lines are OK

Usually in such situation I would just disconnect the NAS from the domain (go back to WORKGROUP) + reboot and reconnect to the domain but it doesnt solve those 2 failures.
The thing is that even though the NAS seems to not be able to connect on the AD it is yet added properly (the machine pop's up in AD Computers), the NTP is redirected from a global one to one of our DC (used as NTP), DNS is OK, IP is OK and LDAP is connecting properly.
I checked the ports 389, 139 and 445 and they work just fine.
I restarted the service NTDS (+all the services attached).

The problem is only acting on the Synologys and our other servers/computers are fine.

Additional information :
- Both our DC/AD/DNS/DHCP are WIndows 2012r2 and replicate each others, they have not been updated lately.
- 1st Synology is RS3617xs+ DSM 6.2-23739
- 2nd Synology is DS1511+ DSM 6.1.5-15254

Thank you for any help provided (I already raised a ticket to the support but answers are long to come :S)

User avatar
I'm New!
I'm New!
Posts: 6
Joined: Wed Jul 25, 2018 3:04 pm

Re: Synologys cannot connect with AD

Unread post by PolishPaul » Wed Jul 25, 2018 9:30 pm

See my recent post on this forum: ... 5&t=144502

In short, you'll need to add all the DC IP or FQDN into this list (v6.2). I'm not experiencing this with the versions before 6.2.
Control Panel > Domain/LDAP > Advanced Domain Options > DC IP/FQDN
In that list, put in a comma separated list of IP/FQDN's of your domain controllers.



Return to “Windows AD Domain”