NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Accessing NAS when Domain Contoller is Off
Hi All
I wonder if anyone can help me. I purchased a ReadyNAS NVX to enable me to backup my companies data and in the event of the server falling over (we only have 1 server in the organisation running SBS 2011). The NAS was setup in an AD security mode to make sure that all folder and files permissions were copied over to the NAS from the server.
The plan was that if the server fell over we could just redirect all of the users to the copy of that data on the NAS until we could get the server back on line. Now here is the problem, when the server is off/disconnected I am unable to access the shares on the NAS, I guess the NAS uses the AD from the domain controller in 'real time' and that as the domain controller and hence AD is not available there is no way to authenticate the users.
Could anyone advise on what I have done wrong and is there a better way that I should have setup the NAS to achieve my goals...a very important factor being that ALL security permissions are copied to the NAS when backing up.
I need to set up a solution that maintains security but can still be accessed if the DC is off.
Hope this all makes sense. Can anyone help please?
Thanks for reading
Steve
I wonder if anyone can help me. I purchased a ReadyNAS NVX to enable me to backup my companies data and in the event of the server falling over (we only have 1 server in the organisation running SBS 2011). The NAS was setup in an AD security mode to make sure that all folder and files permissions were copied over to the NAS from the server.
The plan was that if the server fell over we could just redirect all of the users to the copy of that data on the NAS until we could get the server back on line. Now here is the problem, when the server is off/disconnected I am unable to access the shares on the NAS, I guess the NAS uses the AD from the domain controller in 'real time' and that as the domain controller and hence AD is not available there is no way to authenticate the users.
Could anyone advise on what I have done wrong and is there a better way that I should have setup the NAS to achieve my goals...a very important factor being that ALL security permissions are copied to the NAS when backing up.
I need to set up a solution that maintains security but can still be accessed if the DC is off.
Hope this all makes sense. Can anyone help please?
Thanks for reading
Steve
8 Replies
Replies have been turned off for this discussion
- Run a backup DC, get a UPS for the DC, or run user security mode. Domain controllers are meant to be on at all times.
- Grievous is correct. Because in Domain Mode, the ReadyNAS will rely on authentication from the DC in order to access the NAS, when it's off it will fail to authenticate and not allow users to access the shares; just as you have guessed.
- run a backup DC, in a virtual machine, on the readynas itself
how awesome would that be if it was officially supported.
:) - :lol: That would give a new meaning to VMWare certified for the ReadyNAS.
- or virtualbox certified
- Hi
Thanks for all of you comments. It looks as if I have purchased the wrong product to do the job I need.Grievous Said
Run a backup DC, get a UPS for the DC, or run user security mode. Domain controllers are meant to be on at all times.
Thanks Grievous - I'd love to run a backup DC but I am afraid we have just the 1 server and my MD won't be too keen on buying another, in security mode I can't automatically copy across file and folder security and this is also a requirement. And the point of the NAS was as an emergency in the event of the server failing!
I will have to look about for an alternative product that will hopefully be able to keep a local copy of the AD security setting for the files and folders that will still be able to run stanalone. Hope such a thing exists!!
Thanks again for all of your comments
Steve spwiggins wrote: I will have to look about for an alternative product that will hopefully be able to keep a local copy of the AD security setting for the files and folders that will still be able to run stanalone. Hope such a thing exists!!
I think you will find, that only a backup DC will provide that functionality, ie another windows server with or without raid storage.
In case you were not already aware, you can only have one SBS on a domain, but you can simply get a server 2008r2 standard to use as an alternate AD controller.- Yeah, this is an issue to consider when using a centralized authentication system like Active Directory, it has to be online at all times or you can't authenticate. It's the nature of the beast, so to speak.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
