-
-
Save jameswebb68/34ed19ed2b06d99c484b to your computer and use it in GitHub Desktop.
# Your NAS Synology device suddenly lost connection to your Windows Domain Controller, and or intermittent AD connectivity issues. | |
# Symptoms include but not limited to: | |
# - Failing to rejoin after removing the account on the Domain. | |
# - Failing to rejoin without any changes | |
# - Join attempt results in = "Failed to join the Windows domain. Please check your domain and firewall settings and try again" | |
# - Synology is joined, but attempting to connect from domain clients results in "There are no logon servers available to service the logon request" | |
# - This problem happens intermittently, sometimes rebooting the Synology device allows you to rejoin (Not a solution). | |
# - Sometimes rebooting both Synology device and Domain Controller allows you to rejoin (Not a solution). | |
# 1st.) *OPTIONAL* Remove the AD Synology device from Avtice Directory Users/Computers. | |
# Step could be required if your Synology system is currently in a disconnected state. | |
# ie: Inaccessible from Domain systems, and or "no login servers available". | |
# Always try Step 2 first, you have nothing to lose. Permissions for Domain Users/Groups, entered | |
# on your Synology system, for shared folders do not get removed when the Synology Computer object | |
# is deleted from the Domain's Active Directory Users/Computers. | |
# 2nd.) *THE FIX*) Enable SMB1 Protocol - Try the following commands on your Domain Controller: | |
# Use the appropriate commands for the terminal/console/shell you are using. | |
# Goal: Enable SMB1 and restart LanmanWorkstation and LanmanServer SMB Windows services | |
# powershell v4 (ws2012+) | |
Set-SmbServerConfiguration –EnableSMB1Protocol $true | |
# powershell v2 (ws2k8) | |
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 1 -Force | |
# cmd (cmd/run) | |
reg.exe ADD 'HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters' /v SMB1 /t REG_DWORD /d 0x1 /f | |
# restart SMB services (Powershell) | |
Restart-Service LanmanWorkstation -Force; Restart-Service LanmanServer -Force | |
# restart SMB services (cmd) | |
net stop LanmanWorkstation & net start LanmanWorkstation | |
net stop LanmanServer & net start LanmanServer | |
# sc cmd method | |
sc stop LanmanWorkstation & sc start LanmanWorkstation | |
sc stop LanmanServer & sc start LanmanServer | |
# 3rd.) Enjoy the problem never happening again. You might also want to setup a WINS server, since Synology boxes seem to function | |
# much better with one available to them. | |
# Info: Why would SMB1 all of a sudden be relevant to a previously joined device with it disabled? No Clue. | |
# Since I don’t use SMB for anything on the related Domain Controller, I now schedule a task to restart SMB services | |
# once a day. If the problem persists you may want to evaluate your Domain's Network Permissions (Securty Settings) | |
# for NTLM authentication. I can see this being an issue for certain environments. Might want to look into adding an | |
# server exception for your NAS. Granted i have not tested a Synology with zero NTLM (no NTLMv2 only Krb). I am also not sure | |
# what data is passed from NAS to DC in regards to SMB1. Somepoint i will setup a lab and capture data with SMB1 enabled/disabled, | |
# and the activity of the synology system in a dissconnected domain state. |
absolutely incredible! - why the hell does this NOT appear in their stupid help article! saved me a few more bruises from my forehead!
No offense to anyone, but this is not a solution, SMBv1 should be disabled on your Domain
Re-add to DNS\Domain and used the Advanced Domain Options
no news is good news, we shall see
03/06/21 NAS is still being detected in DNS, only runs around 50MB/s as the rest of the network runs at 110+ that is disappointing
03/19/21 NAS is lost in DNS, still in AD, the search goes on, a quick internet search will show this has been an issue with Synology for a long time, we did not experience this until we upgraded to a 2019 Domain though
04/05/21 NAS is lost in DNS, still in AD, found a tidbit about syncing time to the NTP server, trying that now
We have 2 Synology NAS that have run flawlessly for years a 1813+ and a 1817+, this has only been an issue since upgrading to a 2019 Domain. I will just create a static entry if it happens again, kind of tired of spinning my wheels.
Also the OAUTH service keeps reinstalling all the time WTF is up with that, I despise not owning my products anymore!
04/27/21 NAS lost in DNS, tried using "Trusted Domain" in the Management Mode selection of the Domain tab
No offense to anyone, but this is not a solution, SMBv1 should be disabled on your Domain
Re-add to DNS\Domain and used the Advanced Domain Options
no news is good news, we shall see
Want to STRONGLY re-iterate this.
https://techcommunity.microsoft.com/t5/storage-at-microsoft/stop-using-smb1/ba-p/425858
Synology should support SMB2/3 according to this:
https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb1-product-clearinghouse/ba-p/426008
You are an absolute life saver!