× NETGEAR will be terminating ReadyCLOUD service by July 1st, 2023. For more details click here.
Orbi WiFi 7 RBE973
Reply

RN 102 / OS 6.4.x : Error "Fail to insert $home_folder/$user/$group/$group_has_user" (AD import)

McLukic
Star

RN 102 / OS 6.4.x : Error "Fail to insert $home_folder/$user/$group/$group_has_user" (AD import)

Dear members,

 

I am struggling with an issue on several different RN102 devices, on various 6..4.x OSes (.0 and .2).

 

There are :

  • one functionality which does not work, and
  • an error/symptom of a problem

(although I am not sure that the broken functionality and the symptom are linked).

 

The error I get is an "Import error" when trying to "Refresh ADS accounts".

status.log shows following error : LOGMSG_FAIL_SYNC_WITH_ADS Failed to sync ADS account information for the realm <mydomain.local>

I also see following errors in ads.log :

rndb_account.c:1253 info: 100/154 groups imported so far               
rndb_account.c:1368 info: 154/154 groups imported in 1477ms.               
rndb_ads_utils.c:574 info: ADS CMD::ldap search open: LANG=C net -P ads search \(\&\(objectClass=user\)\(\!\(sAMAccountType=805306369\)\)\(\!\(sAMAccountType=805306370\)\)\) sAMAccountName objectSid distinguishedName mail primaryGroupID memberOf cn   
rndb_account.c:933 info: 203 domain user found                
rndb_account.c:959 info: 100/203 users imported so far               
rndb_account.c:959 info: 200/203 users imported so far               
rndb_account.c:1174 info: 203/203 users imported in 1798ms.               
rndb_account.c:2183 error: Error. Fail to insert $home_folder/$user/$group/$group_has_user               
rndb_account.c:2325 error: rndb_ads_account_import() ==> 3 (3746ms)                
rndb_api.c:957 error: rndb_import_nolock() ==> 3 (4092ms)   

When typing id <username> or getent group <groupname> on the console, I do have all changes in the AD reflected on the ReadyNAS, and I can set permissions correctly from WIndows. But I wonder what the issue might be.

 

The problem is that I cannot properly set default permission group and file access rights from the Web interface : looking up group or user names (with the magnifying glass) is not working.

Strangely, I can set the ownership of a shared folder to an AD user or group, but setting specific permissions through the Web UI is imposible.

 

Thank you for any help you might provide !

 

 

Message 1 of 6

Accepted Solutions
McLukic
Star

Re: RN 102 / OS 6.4.x : Error "Fail to insert $home_folder/$user/$group/$group_has_user" (

Hi Adam,

 

Just to let you know that thanks to the 6.5.1 update, I finally got it to work.

 

I had some remaining issues right after the update but using the steps listed here :

https://community.netgear.com/t5/ReadyNAS-in-Business/RN-104-OS-6-5-AD-group-membership-not-synced-f...

 

I know have a working box.

 

One issue though : all permissions are now mapped to non-existent user ID, meaning I have to reset all files on all shares to the right permissions. For me this is acceptable as it is really easy and scriptable, but I have to warn about that.

 

 


View solution in original post

Message 5 of 6

All Replies
mdgm-ntgr
NETGEAR Employee Retired

Re: RN 102 / OS 6.4.x : Error "Fail to insert $home_folder/$user/$group/$group_has_user" (

One of your units (the most recently purchased) still has a few days of basic support left. If you are seeing this issue on the unit you purchased late last year perhaps open a support case for that NAS.

Message 2 of 6
Adam86
Aspirant

Re: RN 102 / OS 6.4.x : Error "Fail to insert $home_folder/$user/$group/$group_has_user" (

Did you ever manage to fix this?

 

I have just started having this problem with one of my ReadyNAS units, I really do not want to have to do a Factory Reset to get up and running again.

 

This is my log:

 

[16-03-21 14:53:56] 2092 rndb_ads_utils.c:152 info: ADS CMD::get domain sid: net getdomainsid
[16-03-21 14:53:57] 2092 rndb_ads_utils.c:574 info: ADS CMD::ldap search open: LANG=C net -P ads search \(objectClass=group\) sAMAccountName objectSid distinguishedName
[16-03-21 14:53:57] 2092 rndb_account.c:1262 info: 71 domain group found
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Network Configuration Operators sid=S-1-5-32-556 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Performance Log Users sid=S-1-5-32-559 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Cryptographic Operators sid=S-1-5-32-569 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Event Log Readers sid=S-1-5-32-573 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Incoming Forest Trust Builders sid=S-1-5-32-557 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Terminal Server License Servers sid=S-1-5-32-561 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=IIS_IUSRS sid=S-1-5-32-568 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Remote Desktop Users sid=S-1-5-32-555 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=RDS Remote Access Servers sid=S-1-5-32-575 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=RDS Endpoint Servers sid=S-1-5-32-576 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=RDS Management Servers sid=S-1-5-32-577 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Hyper-V Administrators sid=S-1-5-32-578 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Access Control Assistance Operators sid=S-1-5-32-579 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Remote Management Users sid=S-1-5-32-580 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Performance Monitor Users sid=S-1-5-32-558 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Windows Authorization Access Group sid=S-1-5-32-560 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Administrators sid=S-1-5-32-544 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Users sid=S-1-5-32-545 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Certificate Service DCOM Access sid=S-1-5-32-574 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Backup Operators sid=S-1-5-32-551 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Pre-Windows 2000 Compatible Access sid=S-1-5-32-554 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Guests sid=S-1-5-32-546 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Distributed COM Users sid=S-1-5-32-562 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Print Operators sid=S-1-5-32-550 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Replicator sid=S-1-5-32-552 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Server Operators sid=S-1-5-32-549 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1299 debug: sAMAccountName=Account Operators sid=S-1-5-32-548 is not domain object. domain sid is S-1-5-21-1569414911-2469442253-3283264600
[16-03-21 14:53:57] 2092 rndb_account.c:1398 info: 71/71 groups imported in 574ms.
[16-03-21 14:53:57] 2092 rndb_ads_utils.c:574 info: ADS CMD::ldap search open: LANG=C net -P ads search \(\&\(objectClass=user\)\(\!\(sAMAccountType=805306369\)\)\(\!\(sAMAccountType=805306370\)\)\) sAMAccountName objectSid distinguishedName mail primaryGroupID memberOf cn
[16-03-21 14:53:58] 2092 rndb_account.c:963 info: 17 domain user found
[16-03-21 14:53:58] 2092 rndb_account.c:1204 info: 17/17 users imported in 569ms.
[16-03-21 14:53:58] 2092 rndb_account.c:2262 error: Error. Fail to insert $home_folder/$user/$group/$group_has_user
[16-03-21 14:53:58] 2092 rndb_account.c:2405 error: rndb_ads_account_import() ==> 3 (1904ms)
[16-03-21 14:53:58] 2092 rndb_api.c:956 error: rndb_import_nolock() ==> 3 (1909ms)
Message 3 of 6
McLukic
Star

Re: RN 102 / OS 6.4.x : Error "Fail to insert $home_folder/$user/$group/$group_has_user" (

Hi,

 

Unfortunately not... I did not open a real case @ Netgear, though.

 

 

Message 4 of 6
McLukic
Star

Re: RN 102 / OS 6.4.x : Error "Fail to insert $home_folder/$user/$group/$group_has_user" (

Hi Adam,

 

Just to let you know that thanks to the 6.5.1 update, I finally got it to work.

 

I had some remaining issues right after the update but using the steps listed here :

https://community.netgear.com/t5/ReadyNAS-in-Business/RN-104-OS-6-5-AD-group-membership-not-synced-f...

 

I know have a working box.

 

One issue though : all permissions are now mapped to non-existent user ID, meaning I have to reset all files on all shares to the right permissions. For me this is acceptable as it is really easy and scriptable, but I have to warn about that.

 

 


Message 5 of 6
Adam86
Aspirant

Re: RN 102 / OS 6.4.x : Error "Fail to insert $home_folder/$user/$group/$group_has_user" (

Perfect! Thanks for this, it worked a treat!

 

Just need to fix my permissions now but that's no biggy.

Message 6 of 6
Top Contributors
Discussion stats
  • 5 replies
  • 3880 views
  • 0 kudos
  • 3 in conversation
Announcements