This is a brief post which details how to fix an issue with your Synology NAS when it all of a sudden loses it's existing Active Directory domain membership. Even if you try to rejoin the domain, you will get the dreaded error:
"Failed to join the windows domain..."
Fear not my fine friends, after wasting about 3 hours on this issue I've finally figured out the problem and I thought I'd share it with you to save you the time.
It ended up being a simple time mismatch between the Win 2008R2 domain controller and the Synology NAS. There was about a 6 minute difference between the two and therefore the domain controller refused the connection. How to fix it:
First log onto your domain controller and open up an administrator command prompt and type in the following:
The above command stops the time service on the server so we can carry out some changes.
Next we're going to set an external time source for the server to sync with. You can change the external source to whatever you like, I'm using 0.au.pool.ntp.org in the example below
Ensure you change external source to somewhere that suits your region. You can find an internet time server for your region here...
Finally we're going to broadcast to all machines on the domain that this domain server is a reliable time source with the following command:
net start w32time
The final command restarts the time service on your server.That concludes the Windows Server portion of the solution.
Now we're going to reconfigure the Synology NAS so it syncs it's time with the server. Log onto your NAS via the web gui and open the control panel. Now from the System group select:
- Regional Options
- Under the Time tab, select Synchronize with NTP server and input the IP Address of your Windows server and click Apply
- Now click Update Now to sync the Synology NAS time with the Windows Server
Now you can return to the Synology Join Domain option and should be able to join the domain without issue.