NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

KWheelerAZ's avatar
KWheelerAZ
Aspirant
Jan 27, 2016
Solved

AD Integration versus Local Users

I have a ReadyNAS 316 running 6.4.1. The ReadyNAS is installing in a Windows Server environment. I have remote users connecting via ReadyNAS Remote.

 

Question: Should I be exploring AD (Active Directory) integration or can I just use this with Local User authentication?

 

I want to set up a Drive Map in GPO. Does that require AD integratyion to map a drive letter?

 

TIA

 


  • KWheelerAZ wrote:

     

     

    I want to set up a Drive Map in GPO. Does that require AD integratyion to map a drive letter?

     

     


    This is really a windows policy question.  If the share is accessible to the user, then the NAS has no way of knowing if a drive letter is being mapped or not.

     

    The NAS won't prevent share access as long as the user credentials presented by Windows (local or AD) are valid.  

     

    If guest access is enabled on the share, then if access is also allowed if the user credentials are unknown to the NAS.  However, if invalid credentials (e.g. wrong password) are used, then access is denied.

     

     

    Note that ReadyCloud is designed around home users, not business.  The ReadyCloud user account is completely independent from the NAS local account for that same user (which makes no sense to me, but that is the way it is set up).  A VPN might be a better way to enable remote access.

6 Replies

Replies have been turned off for this discussion
  • mdgm-ntgr's avatar
    mdgm-ntgr
    NETGEAR Employee Retired

    Do you mean ReadyCLOUD rather than ReadyNAS Remote?

  • StephenB's avatar
    StephenB
    Guru - Experienced User

    KWheelerAZ wrote:

     

     

    I want to set up a Drive Map in GPO. Does that require AD integratyion to map a drive letter?

     

     


    This is really a windows policy question.  If the share is accessible to the user, then the NAS has no way of knowing if a drive letter is being mapped or not.

     

    The NAS won't prevent share access as long as the user credentials presented by Windows (local or AD) are valid.  

     

    If guest access is enabled on the share, then if access is also allowed if the user credentials are unknown to the NAS.  However, if invalid credentials (e.g. wrong password) are used, then access is denied.

     

     

    Note that ReadyCloud is designed around home users, not business.  The ReadyCloud user account is completely independent from the NAS local account for that same user (which makes no sense to me, but that is the way it is set up).  A VPN might be a better way to enable remote access.

    • BrianL2's avatar
      BrianL2
      NETGEAR Employee Retired

      Hi KWheelerAZ,

       

      There's an NETGEAR article that somehow answers your question. I would follow StephenBs suggestion because it is the most likely solution in accessing your files remotely.

       


      Kind regards,

       

      BrianL
      NETGEAR Community Team

      • mdgm-ntgr's avatar
        mdgm-ntgr
        NETGEAR Employee Retired

        It's also worth noting that if you are using ReadyCLOUD you can't use AD integration.

  • Thank you all for your responses. So I've done a TON more digging and research on this topic and here's some of what I found out for future ReadyNAS users:

     

    1. ReadyNAS can support Local Users & ReadyCLOUD (and ReadyNAS Remote) or Active Directory integration, but NOT both. Enabling AD integration disables ReadyCLOUD & ReadyNAS Remote and the UI on OS 6.4.1 says almost exactly that when you try.

    2. When using GPO (group policy object) Drive Maps to map drive letters, the GPO appends the NetBIOS domain name to the beginning of the 'Connect As...' user name. There seems to be no way to prevent this (that I found in Microsoft's documentation or Tech Notes anyway).

    3. The best solution I've run across thus far seems to be using a VBScript logon script in the GPO Logon Script object to make the mapping connection to the ReadyNAS. You could also use a BAT file and NET USE commands, but the VBS options appears FAR more robust. Either way you CAN specify EXACT username & password without Microsoft appending anything anywhere.

    Thank you all for your support.

     

    • BrianL2's avatar
      BrianL2
      NETGEAR Employee Retired

      Hi KWheelerAZ,

       

      Thanks for your contribution. This will surely help those who are new ReadyNAS and ReadyCLOUD users. I hope that you will continue to be an active NETGEAR community member.

       

       

      Kind regards,

       

      BrianL
      NETGEAR Community Team

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More