Joining Active Directory
With the Terastation Pro/Terastation Pro v2 it is possible to join an active directory domain. Hopefully this article helps many to get it setup faster.
- There must be a machine account for your TeraStation on your Domain controller existing,
- This machine account for the TS must be flagged as trusted for delegation,
- Inside your DNS-server there must be the (A)Host entry for the TS in the Forward-Lookup-Zone and
- inside your Reverse-Lookup-Zone there must be the PTR-Record.
If 2) and 4) are not given then the TS is not allowed to join the ADS as BDC, Backup domain controller, which is the working scheme of the ADS client.
If 1-4 is given the TS is able to join. In TeraStation network setup you only have to enter the NetBIOS name, the full qualified Domain name and the full qualified PDC name with Domain Administrator name and password.
The LDAP on the TS then is contacting the PDC (Forward-Lookup-Zone set) and is asking for a copy of existing users. If "trusted for delegation" the TS will receive the answer (Trusted flagged and Reverse-Lookup-Zone set). So, if the last settings are not existing the answer will not be given and send. Here are about 95% of all ADS-issues located.