-
-
Save jameswebb68/34ed19ed2b06d99c484b to your computer and use it in GitHub Desktop.
| # Your NAS Synology device suddenly lost connection to your Windows Domain Controller, and or intermittent AD connectivity issues. | |
| # Symptoms include but not limited to: | |
| # - Failing to rejoin after removing the account on the Domain. | |
| # - Failing to rejoin without any changes | |
| # - Join attempt results in = "Failed to join the Windows domain. Please check your domain and firewall settings and try again" | |
| # - Synology is joined, but attempting to connect from domain clients results in "There are no logon servers available to service the logon request" | |
| # - This problem happens intermittently, sometimes rebooting the Synology device allows you to rejoin (Not a solution). | |
| # - Sometimes rebooting both Synology device and Domain Controller allows you to rejoin (Not a solution). | |
| # 1st.) *OPTIONAL* Remove the AD Synology device from Avtice Directory Users/Computers. | |
| # Step could be required if your Synology system is currently in a disconnected state. | |
| # ie: Inaccessible from Domain systems, and or "no login servers available". | |
| # Always try Step 2 first, you have nothing to lose. Permissions for Domain Users/Groups, entered | |
| # on your Synology system, for shared folders do not get removed when the Synology Computer object | |
| # is deleted from the Domain's Active Directory Users/Computers. | |
| # 2nd.) *THE FIX*) Enable SMB1 Protocol - Try the following commands on your Domain Controller: | |
| # Use the appropriate commands for the terminal/console/shell you are using. | |
| # Goal: Enable SMB1 and restart LanmanWorkstation and LanmanServer SMB Windows services | |
| # powershell v4 (ws2012+) | |
| Set-SmbServerConfiguration –EnableSMB1Protocol $true | |
| # powershell v2 (ws2k8) | |
| Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 1 -Force | |
| # cmd (cmd/run) | |
| reg.exe ADD 'HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters' /v SMB1 /t REG_DWORD /d 0x1 /f | |
| # restart SMB services (Powershell) | |
| Restart-Service LanmanWorkstation -Force; Restart-Service LanmanServer -Force | |
| # restart SMB services (cmd) | |
| net stop LanmanWorkstation & net start LanmanWorkstation | |
| net stop LanmanServer & net start LanmanServer | |
| # sc cmd method | |
| sc stop LanmanWorkstation & sc start LanmanWorkstation | |
| sc stop LanmanServer & sc start LanmanServer | |
| # 3rd.) Enjoy the problem never happening again. You might also want to setup a WINS server, since Synology boxes seem to function | |
| # much better with one available to them. | |
| # Info: Why would SMB1 all of a sudden be relevant to a previously joined device with it disabled? No Clue. | |
| # Since I don’t use SMB for anything on the related Domain Controller, I now schedule a task to restart SMB services | |
| # once a day. If the problem persists you may want to evaluate your Domain's Network Permissions (Securty Settings) | |
| # for NTLM authentication. I can see this being an issue for certain environments. Might want to look into adding an | |
| # server exception for your NAS. Granted i have not tested a Synology with zero NTLM (no NTLMv2 only Krb). I am also not sure | |
| # what data is passed from NAS to DC in regards to SMB1. Somepoint i will setup a lab and capture data with SMB1 enabled/disabled, | |
| # and the activity of the synology system in a dissconnected domain state. |
absolutely incredible! - why the hell does this NOT appear in their stupid help article! saved me a few more bruises from my forehead!
No offense to anyone, but this is not a solution, SMBv1 should be disabled on your Domain
Re-add to DNS\Domain and used the Advanced Domain Options
no news is good news, we shall see
03/06/21 NAS is still being detected in DNS, only runs around 50MB/s as the rest of the network runs at 110+ that is disappointing
03/19/21 NAS is lost in DNS, still in AD, the search goes on, a quick internet search will show this has been an issue with Synology for a long time, we did not experience this until we upgraded to a 2019 Domain though
04/05/21 NAS is lost in DNS, still in AD, found a tidbit about syncing time to the NTP server, trying that now
We have 2 Synology NAS that have run flawlessly for years a 1813+ and a 1817+, this has only been an issue since upgrading to a 2019 Domain. I will just create a static entry if it happens again, kind of tired of spinning my wheels.
Also the OAUTH service keeps reinstalling all the time WTF is up with that, I despise not owning my products anymore!
04/27/21 NAS lost in DNS, tried using "Trusted Domain" in the Management Mode selection of the Domain tab
No offense to anyone, but this is not a solution, SMBv1 should be disabled on your Domain
Re-add to DNS\Domain and used the Advanced Domain Options
no news is good news, we shall see
Want to STRONGLY re-iterate this.
https://techcommunity.microsoft.com/t5/storage-at-microsoft/stop-using-smb1/ba-p/425858
Synology should support SMB2/3 according to this:
https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb1-product-clearinghouse/ba-p/426008
You are an absolute life saver!