Auth_mgr:Cannot renew kerberos ticket

[2finebxrs]

Unable to get my NAS to register with AD. I have tried every option in the authentication method and all fail. Main error is Database is empty or connection error.
When I try workgroup I get the error: With settings that you've already applied to authentication, system can't connect to the destination server. Probably there is a problem with this server availability or you entered wrong password. Make sure that destination server are running and have configured services that you want to use, then try to connect again.
The time on the server is correct and matches the domain controller time. Any suggestions you may have are greatly appreciated.

[To-M]

Was it working before? Was there any changes made to the network? Any other errors showing in the Event Viewer?
Can you with another Domain Admin account? Can you restore from your past configuration that you saved from the GUI located in Maint. Misc then select a last known good date to restore the settings.cnf file that you saved in the past so that you can restore the configuration with your ADS settings and reboot.

[2finebxrs]

Was it working before? Was there any changes made to the network? Any other errors showing in the Event Viewer?
Can you with another Domain Admin account? Can you restore from your past configuration that you saved from the GUI located in Maint. Misc then select a last known good date to restore the settings.cnf file that you saved in the past so that you can restore the configuration with your ADS settings and reboot.

I switched this server over from an iSCSI server to a NAS so it never has been a domain member before. No changes in the network and I don't see anything in the event viewer regarding this issue. I tried my domain admin account and it failed with the same error as the domain administrator account. Restoring is not an option since this server was never a domain machine since it was an iSCSI VMware datastore before this. I really do appreciate the suggestions. Thank you.

[To-M]

Are you on the latest build up70? Make sure in the DNS settings to point the ADS IP in the DSS V7. IF timing is ok not over 5 min then ok. Are you in the same network, you most likely are but checking.
See if you can ping by name on both directions.

[2finebxrs]

Yes sir, I am on version 7.0 update 70. The DNS and NTP settings on the NAS are pointed to our domain controller and the time looks to be identical between the two. Both the NAS and DC are on the same network/subnet and I can ping both directions using the FQDN. Question: I have tried all authentication methods and options with no luck. Our current domain function level is 2012 and I assume I should be using Windows ADS with IDMAP backend RID. Is this correct? Thank you!

[To-M]

Yes use RID!!! So now test with PDC option, what your doing here is just to see if you can import the Users and Groups with entering the IP of the ADS server and the Admin and Password. IF that does not work something else is blocking it (Firewall, some type of virus protection bla bla bla.... but--->) can you directly connect the DSS V7 to the ADS on another empty NIC port? Using PDC can help trouble shot closer to the issue but not all the times.

[To-M]

So its the same Realm name you use on up66? Is so then download the up66 build or roll back to 66 from the GUI and reboot. Like I said we had a case where the ADS had to be rebooted for it to work not sure if that will work for you as well but just a thought.