NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
RN 2120 Active Directory "Import Error"
I have two office locations, each of which has a ReadyNAS 2120 set up for storing location-based backups as well as serving up home folders for users. Both devices have been live for over a year and connected to our domain. For the sake of this discussion, Location A is where the primary DC (Server 2003) is located and Location B houses the secondary DC (Server 2008). Since Day 1, both NAS devices have pointed to the primary DC at Location A for the Directory Server Address. Time server and DNS settings were pointed to their respective DCs.
First-thing Monday morning, employees at Location B were unable to connect to their individual home folders. I reviewed the Accounts > Authentication page and it shows "Import error" under the "Authentication" heading. For the past two days, I have been trying to troubleshoot and resolve this issue, but to no avail.
Beyond what I know from working with these in the past, I've done quite a bit of searching online for answers to this problem and have tried all of the suggestions that I found, but nothing has gotten this issue fixed. Here is a list of things that I have tried:
- Location A's RN is working fine. So, I mimicked its DNS, time, and authentication settings.
- I removed the RN from the domain and then re-added it. It successfully joins the domain, but it fails while importing users and groups (i.e., "Import error")
- Instead of using information from the primary DC at Location A (i.e., original settings), I decided to use the secondary DC at Location B. So, DNS, time, and authentication settings all pointed to the secondary DC
- Everything in-between the three troubleshooting steps above
I also downloaded and reviewed the logs. I specifically focused on the ADS.log file. I believe the lines below are indicative of the problem, but I do not know where to go from here...
[16-05-24 11:48:12] 1918 rndb_account.c:963 info: 278 domain user found
[16-05-24 11:48:15] 1918 rndb_account.c:989 info: 100/278 users imported so far
[16-05-24 11:48:17] 1918 rndb_account.c:989 info: 200/278 users imported so far
[16-05-24 11:48:19] 1918 rndb_account.c:1204 info: 278/278 users imported in 9104ms.
[16-05-24 11:48:19] 1918 rndb_account.c:2262 error: Error. Fail to insert $home_folder/$user/$group/$group_has_user
[16-05-24 11:48:19] 1918 rndb_account.c:2405 error: rndb_ads_account_import() ==> 3 (12360ms)
[16-05-24 11:48:19] 1918 rndb_api.c:956 error: rndb_import_nolock() ==> 3 (12362ms)
At this point, I'm left scratching my head. I'm not sure what else to try other than backing up the data and doing a factory reset. Before I go that route, though, does anyone have any insight regarding additional troubleshooting steps I can take?
I appreciate any and all assistance. Thank you in advance and take care.
- Chris
71 Replies
Replies have been turned off for this discussion
Can you send in the logs zip files (see the Sending Logs link in my sig)?
Same problem and the same behavior with any domain of Windows 2003, 2008, 20008R2
sent logs.
I apologize for the delayed response. I was traveling for the day and have been effectively "off the grid" until now.
I've e-mailed the logs per your request. If there is any additional information that you need, please let me know. I appreciate your assistance.
Hi CRPearce,
I have sent you a PM.
Does anyone have a solution to this issue?
[16-05-26 00:36:09] 2447 rndb_account.c:1204 info: 15/15 users imported in 273022ms.
[16-05-26 00:36:09] 2447 rndb_account.c:2262 error: Error. Fail to insert $home_folder/$user/$group/$group_has_user
[16-05-26 00:36:09] 2447 rndb_account.c:2405 error: rndb_ads_account_import() ==> 3 (546955ms)
[16-05-26 00:36:09] 2447 rndb_api.c:956 error: rndb_import_nolock() ==> 3 (546955ms)
When the issue originally started, my ReadyNAS 2120 was running firmware v6.4.2. In an attempt to resolve the "Import error" issue, I upgraded to v6.5.0, but that did not make a difference.
Furthermore, the RN 2120 at my other location (i.e., Location A) is working fine. It, too, was running v6.4.2 and continued working after updating it to v6.5.0. Both devices are connected to the same domain. However, I've been tweaking the AD settings within the NAS, specifically time server, DC, and DNS for troubleshooting. Initially, though, the settings were almost identical between the two devices aside from DNS.
I've been told that Netgear's engineers are reviewing the logs that I sent in. I will report back with their findings if they can be of assistance to others.
Hello,
having the same problem, you should check, if the following is working, until a fix is available:
1. Disable AD account caching
2. Please logoff/logon on your windows machine after making changes on the AD settings of the Readynas.
3. Try to access the folders again
Best regards
Dirk
Hello
I have the same problem on my two readynas Rn312 since i have upgrade it To 6.5 OS
I've removed it from the Domain, re added i, downgrade to 6.4.2,
I also try to remove the user folder's on /home but only a factory reset resolve this problem.
I can't do this on the second nas. If anyone have a idea
Thanks
cclvg, have you contacted support?
You should not downgrade to 6.4.2.
Also if you try removing from domain, rejoining etc. we can't find clues to the root cause of the issue if there is a common issue involved.
Dirk, when you suggest turning off AD account caching, are you referring to the "Do not cache ADS accounts locally" checkbox on the Authentication admin page of the RN or a GPO change for the domain?
Hello CRPearce,
I am referring to enable the "Do not cache ADS accounts locally" checkbox on the Authentification admin page of the RN.
On my device, after submitting this setting on the RN and logoff/logon on my Winodws PC, I was able to access the folders on the RN again.
Moreover, the users who have connected to the folders on the RN, after I made the mentioned change, were shown on the user page of the RN again.
Best regards
Dirk
I completely removed my NAS from the Domain and re-added it. it adds fine back to the Domain but it just cant sync the Domain Users.
I've never had the cached AD users option checked. If it syncs correctly, you should see all the Domain Users under the users tab/option
The engineers reviewed my logs. However, they could not determine a root cause because I had removed the ReadyNAS from my domain, which muddied up the logs.
As of right now, all of my users and groups are appearing and the "Import error" is no longer a thing. Refreshing the ADS accounts results in the "Import was successful" message. I will confirm with my users that they can successfully access their home folders and other shares when they return after the holiday weekend.
I am waiting to hear back regarding what fix was implemented in the event that it can help others with the same or similar issue. However, try to avoid removing the RN from the domain as a troubleshooting step and contact support first. That way, they stand a better chance of determining a root cause.
- Chris
The fix in this particular case was something that would have to be done via support. This system had been having import errors for nearly 2 years.
Thanks mdgm
I have an open support ticket with them now so hoping they can resolve the issue as staff havent been able to access it for over a week now and there are a lot of files on there that they need/
Just to reiterate, if you're experiencing the "Import error" issue, do NOT attempt to remove the ReadyNAS from the domain and then readd it. This action prevents support from being able to find a potential common root cause. If one does exist, a firmware update could likely be developed and released to prevent this from happening in the future.
Ultimately, support was able to remote into my ReadyNAS and resolve the problem. The actions taken involved resetting a couple of things, which is why performing a factory reset appears to be resolving this issue for users. So, save yourself the time and aggravation, contact support, and let them remote in.
- Chris
Hi All,
Support did remote into my device but so far no dice.. Perhaps they'll get it fix this week.
They thought it was a timeout issue but changing that setting didn't work.
I don't recommend leaving/rejoining the domain... You could just have something strange cached.
This might help from SSH -- use at your own risk.
# systemctl stop readynasd
# sqlite3 /var/readynasd/db.sq3 'delete from "$home_folder";'
# net cache flush
# systemctl start readynasd
Hello, i have got the same problem of everybody here on the same version (6.5.0)..
I have got twice NAS 314, with the same configuration.
In one all is ok, and in the second, same problem, it could not connect...
It happen aftter the maj to the 6.5.0 all was ok before
If i try what you say, i have got an error from the sqlite commande:"Error: no such table"
But in fact i have found a solution that work a time, but will not work if you refresh an other time the accout.If i do that:
# systemctl stop readynasd
# cd /var/readynasd
# mv db.sq3 db.sq3.old
# systemctl start readynasdFrom this time i get the list of all the account.
But if i reboot the nas, or if i make an update of account in the option ==> error and there is no account any more....Does it help?
Our device still not working. I can't keep trying all this troubleshooting during the day since my users need the system - localUsers it is for the moment.
Hi
I fixed this issue on my Ultra2-plus (unofficially running OS6). I upgraded from 6.4.2 to 6.5 last week and had the same import error.
On checking some of the posts in this thread it was mentioned about purging the contents on the db.sq3 database. On my system when I ran a select from the $home_folder table I found I had 1 entry which didn't match the $users table.
cd /var/readynasd/
sqlite3
sqlite> .open db.sq3
sqlite> select * from "$home_folder";
I had 4 entries of which one didn't match - the first field is user_id
32768|0|0||1
I confirmed that by using
sqlite> select * from "$user" where id = 32768;
if you have a dodgy entry or 2 then just use sql delete
sqlite> delete from "$home_folder" where user_id = <dodgy_id>;
ctrl-d exits the sqlite3
restart readynasd process using the commands from a previous post.
It's the same of
"sqlite3 /var/readynasd/db.sq3 'delete from "$home_folder";'"
but more specific.
And it does not work for me.
Did you try to reboot your nas, or try a manual synchronisation after?
Has i said, it'works "ones" but if you try after or reboot the nas, it never work again until you do againsqlite3 /var/readynasd/db.sq3 'delete from "$home_folder";' (or your command)
That's the case for me. And i made a select i only have:
select * from "$home_folder";
32768|0|0||0That do not exist in $user.
but after a restart or a time, it go back again.
So it does not solve the "source" of the problem but the result. :/The line 32768 was the example from my ReadyNAS. I just outlined how I fixed mine.
I can now import the AD accounts and all is looking good for me.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
