Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[vreid47362]

I wonder ....... Are the active directory access and authentication issues being, at least partially, caused by the samba.conf file maintaining a security level of security=share instead of security=ADS?  I believe it might be possible for the device to "look" like it's joined the directory by making all of the other Samba ADS items, but not changing its security level to ADS. 

Also, is winbind running on the NAS?  Has winbind been added to /etc/nsswitch.conf?  Obviously, we can't answer these questions ourselves because of limited access to the NAS.  But the questions are still valid.

Link to getting Samba to talk to active directory:
http://wiki.samba.org/index.php/Samba_&_Active_Directory

[hilaireg]

A few posts on the forum elude to ADS-related fixes in f/w 1.03 ... hasn't released as of yet; I suspect it will probably be release in the early part of 2009.

Cheers,

[chaicka]

Few months with a DNS-343 that cannot function with the Active Directory forest in my environment. Still awaits for FW 1.03 to be release, which seems to be taking quite a long time.

Shouldn't the focus be on fixing current issues instead of looking at adding new features at this point of time?

Sales of DNS-343 ain't going well too..... Most SMEs are awaiting for the AD issue to be fixed, else quite a headache to manage user accounts & access separately.

[hilaireg]

Agreed,

Once the HDD & RAID subsystems are debugged, it would be nice to see some work effort done on the A/D integration ... of course I'm being selfish here 

I have the DNS-343 configured to WORKGROUP for the time being and NO user account management.  Folks have been made aware that it's a PUBLIC device and that files stored there are accessible to all ... and most importantly, that a backup of one's files should still be performed.

Several folks have found some very creative ways of dealing with authentication using folder permissions; unfortunately, with everything on my 'plate' these days, I can't see myself getting dragged into a daily folder management.

Cheers,

[chaicka]

If an earlier beta firmware of DNS-343 works perfectly for Active Directory, what's so difficult to fix it in firmware versions later than that beta firmware.

Without proper Active Directory support, there is a limitation to the number of user accounts supported/functional in DNS-343. The only way to overcome is to use in Active Directory mode.

[chaicka]

Is there any updates to a fix for this issue?

[siegecraft4]

I'm also still awaiting an update. Frankly, the patch time is completely unacceptable.

I understand the need to prioritize patches, but a little information about when an AD fix is expected would go a long way.

[chaicka]

I have already given up... advising SMEs customers to not buy this NAS as it doesn't work with Active Directory.

[D-Link Multimedia]

Just so you guys do not think we are completely ignoring this thread...

I have personally tested and replicated your situations here. The Bug has already been found and WILL be fixed on final release of 1.03.

[eddyg]

Any idea when that will be released? It's getting pretty urgent.

[hilaireg]

Just so you guys do not think we are completely ignoring this thread...

I have personally tested and replicated your situations here. The Bug has already been found and WILL be fixed on final release of 1.03.

Appreciate the update; patiently waiting 

[chaicka]

Looks like it's time to revisit the DNS-343 with Active Directory. The new 1.03b66 firmware change log seems to indicate it's been fixed.

With more than 6 months gone, our DNS-343 is now only left with a handful of months warranty. Pray hard it doesn't break anything...

[Agent Smith]

Chalk up another vote for fixing AD support.

I've had to tell my customers they have two choices:  Netgear's higher-end line of NAS boxes or Windows-based fileservers.

What I don't understand is why this is taking so long  (I've been trolling here for months, finally joined today just to throw my $0.02 in).  D-Link is a networking company.  99% of corporate networks use domains.  The DNS-343 is a network hard drive, yet it doesn't work with said corporate networks.  What's wrong with this picture?

[chaicka]

Bad news... even with the beta firmware 1.03b66, the network access to shares on DNS343 isn't working as designed despite able to configure access rights delegation.

[ascendnet]

I've gotten a bit further with AD connectivity. User level permissions seem to work fine, although group level still doesn't work for me. Below is what I did to get it working....

DNS-343 Setup:
Firmware 1.02
Network Type = Active Directory
Host Name = aninas
Realm Name = ANI.LOCAL
AD Server Name = anisvr

I can browse/map to the device without issue by IP address (ex. \\192.168.100.200\Volume_1)
When I try to browse by name it continuously asks for username/password (ex. \\aninas\Volume_1)
Since I could not ping aninas I thought maybe there was a problem with name resolution so I manually added an A Record for aninas on my DNS server pointing to it's IP address. This still did not allow me to connect by name.

One thing I noticed is that when I use the D-Link Easy Search Utility to map a drive is shows the drive mapped as "Volume_1 on 'DNS-343 (aninas)' (X:)". To me this looks like it's mounting the share on a device called dns-343, not aninas. So just as a test I tried to browse to \\dns-343\Volume_1, which did not work. Since I also could not ping dns-343 by name I created another DNS record for dns-343 to point to 192.168.100.200. Now when I browse to \\dns-343\Volume_1 it works properly.

If I look at the status page of the DNS-343 it shows a name of "aninas" and a description of "dns-343". My first thought was that there is a bug in the unit that make it think it's name was it's description. So I tried changing the description to aninas to see if that would change things, it did not. So what I think is that the device thinks it's name is dns-343 regardless of what you put for a name.

So if you are experiancing this problem try creating a dns record for "dns-343" to point to it's IP address and see if that helps.

This isn't a complete workaround since I can only make user level authentication work and not group level. But this is much better setup for me then leaving it in workgroup mode. I hope this will help some other with the same issue as well as D-Link to fix things for us.