TeraStation III FW 1.10 - Active Directory integration problem

[hanst]

   

Model: TS-RX6.0TL/R5 with firmware 1.10

AD domain: Windows 2003 SP2 based

 

I have problems retreiving user and groups information from my active directory.

AD setup was done following http://buffalo.jp/support_s/guide/faq/tsxl/en/contents/15031.html" rel="nofollow">http://buffalo.jp/support_s/guide/faq/tsxl/en/contents/15031.html or http://www.buffalo-technology.com/knowledgebase/users/kb.php?id=10191&category_id=0&sid2=" rel="nofollow">http://www.buffalo-technology.com/knowledgebase/users/kb.php?id=10191&category_id=0&sid2=

 

NTP setup was corrected to internal needs, verified correct with GMT+1 (Western Europe)

DNS has a forwarding A-record SB-EHV-NAS02 to the IP address and a PTR.

 

The TeraStation entered the AD correct on the PDC.

 

DC security eventlog shows:

 

Computer Account Changed:
    -
    Target Account Name:   SB-EHV-NAS02$
    Target Domain:           SB@EINDHOV
    Target Account ID:   SB@EINDHOV\SB-EHV-NAS02$
    Caller User Name:   admin_account
    Caller Domain:           SB@EINDHOV
    Caller Logon ID:   (0x0,0x14B5BADD)
    Privileges:   -
 Changed Attributes:
    Sam Account Name:   -
    Display Name:   -
    User Principal Name:   -
    Home Directory:   -
    Home Drive:   -
    Script Path:   -

 

TeraStation Syslog shows

 

Jan 26 18:58:14 SB-EHV-NAS02 TeraStation[2202]: [Web] SMB status was changed
Jan 26 18:58:14 SB-EHV-NAS02 TeraStation[2202]: [Web] Change value : info.domain=ad
Jan 26 18:58:14 SB-EHV-NAS02 TeraStation[2202]: [Web] Change value : info.wg=eindhov
Jan 26 18:58:14 SB-EHV-NAS02 TeraStation[2202]: [Web] Change value : info.ad_dns=eindhov.sb.compa
Jan 26 18:58:14 SB-EHV-NAS02 TeraStation[2202]: [Web] Change value : info.pdc=dc-name
Jan 26 18:58:14 SB-EHV-NAS02 TeraStation[2202]: [Web] Change value : info.wins=
Jan 26 18:58:17 SB-EHV-NAS02 TeraStation[2202]: [Web] Trying to join domain...
Jan 26 18:58:19 SB-EHV-NAS02 TeraStation[2202]: [Web] Successed to join domain 

 

In the past i had the problem that the domain name eindhov.sb.compa was too long (16, not 15). Also the domain name (pre windows 2000) is still sb@eindhov in the Windows 2003 PDC but i cannot change the domain structure.

 

What's wrong?

 

This is not the first LDAP integration but all others worked with domain sb@eindhov

[bob_stan]

   

I have had occasions when I could no longer access my AD user and groups lists.  I found if I went back to Network/Workgroup Domain and did modify settings again and reentered the AD authorized user name and password, I could once again get the list of users and groups.

[hanst]

   

That won't do it either.

 

I did not find any debug tool so i can't test the LDAP query towards the PDC for mistakes.

[disputator]

   

How many users? (roughly)

 

Is it a sub domain?

 

 

[hanst]

   

eindhov.sb.compa : top domain = compa, then sb, then eindhov .

 

About 100 users.

 

but the pre-windows 2000 domain name is als sb@eindhov  , where "@" is causing problems with LDAP. How can i capture the LDAP call to the PDC to see how the query is structured?