NSS 3000 no AD users

Unanswered Question
Sep 24th, 2009
User Badges:

I am attempting to join our NSS3000 to our active directory domain. It joins and creates a computer account but when I goto to users there is nothing there. Is there a document outlining the exact procedure to join to an active directory domain. We are running a Server 2008 enterprise domain, with the domain functional level at 2008.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jkbanman1 Thu, 09/24/2009 - 11:51
User Badges:

Ok I managed to get it to see my AD Users after a couple tries. Maybe I was not patient enough.


Now I have created a share I added my active directory group to have read-write access I click update but I cannot connect using my ad accounts. When I go back into the share properties the groups are gone. Am I missing something?

clindoan Thu, 09/24/2009 - 12:58
User Badges:

You need to do following setting to make sure AD feature is working properly:

1) The NTP time setting needs to set to use Windows 2008 time server (Go to Admin=> Time: Enter 3 fields with IP address of the 2008 server). Making sure the NTP service is running from the machine.

2) The AD feature designed for two set of users as documented, if your AD users list is less than the range of 3000-3500 users, then you don't need to enable the large ADS Domains ( A check box from Network => Identification). If the AD Domains has the range of 3000-3500 and higher of users, then this feature is needed to enable.


I believe the NSS3000 and the Windows 2008 Server is out of sync with NTP time. Try to sync the NTP time from NSS3000 to 2008 server, this would fix your problem.


There is a release notes that said, Windows 2008 server is not supported, however, it is working with CIsco NAS products.  I think it should be fine.

jkbanman1 Thu, 09/24/2009 - 14:08
User Badges:

Ok so I have had to enable the Large Directory support check box. I have placed out ntp server into all 3 lines. When I go into sharing to edit my share I can see all the AD accounts... I move over my domain administrators group in to read-write group then click to save... go back in and it is still gone. and I have not access to the share?


I have Public, all the cifs creation attributes, allow users to rename and cifs check off. Whats missing, why can my domain users not authenicate to the share or why will the groups not stay attached to the share?

Actions

This Discussion