Difference between revisions of "Joining Active Directory"
m (3 revision(s))
Revision as of 17:28, 10 November 2007
With the Terastation Pro/Terastation Pro v2 it is possible to join an active directory domain. Hopefully this article helps many to get it setup faster.
- There must be a machine account for your TeraStation on your Domain controller existing,
- This machine account for the TS must be flagged as trusted for delegation,
- Inside your DNS-server there must be the (A)Host entry for the TS in the Forward-Lookup-Zone and
- inside your Reverse-Lookup-Zone there must be the PTR-Record.
- Make sure the time of the terastation does not differ more than 10 minutes from the AD server
If 2) and 4) are not given then the TeraStation/LinkStation Pro/ProII is not allowed to join the ADS as BDC, Backup domain controller, which is the working scheme of the ADS client on the Stations.
If 1-4 is given the TersStation/LinkStation Pro/Pro II is able to join. Inside the Network setup you only have to enter the NetBIOS name, the full qualified Domain name and the full qualified PDC name with Domain Administrator name and password.
The LDAP on the Station then is contacting the PDC (Forward-Lookup-Zone set) and is asking for a copy of existing users. If "trusted for delegation" the TS will receive the answer (Trusted flagged and Reverse-Lookup-Zone set). So, if the last settings are not existing the answer will not be given and send. Here are about 95% of all ADS-issues located.
Normal Windows Clients in any ADS do not need to be set up this way since the PDC, the Primary Domain Controller, is handling all stuff by its own. But TeraStation Pro / Pro II and LinkStation Pro are separate things. They both communicate using the internal LDAP to communicate with the PDC. But the PDC in general is not contacted by any clients since he is the one-and-own master. So the PDC must be configured to accept the Station as a unit in the network which is allowed to contact the PDC. This is done by flagging the machine account as "trusted for delegation". Now the PDC is answering the requests. Additional the complete DNS forward and backward communication is done by both entries in the DNS-Server running on the PDC. Please note that you also should set the primary DNS IP-Address (inside network IP-Address setup of the Stations) to this and not to the gateway/router.