Joining AD creates a computer account with duplicate SID

Questions about using Windows AD service.
Post Reply
Da BIG One
First post
Posts: 1
Joined: Fri Jul 01, 2022 4:57 pm

Joining AD creates a computer account with duplicate SID

Post by Da BIG One »

I've tried it twice, add my QNAP TS-431XeU to my domain.
It creates a computeraccount in OU=computers, and works for a while, a few hours later it stops working.
I started investigating, and saw that the computer account was deleted, by the RID master because of a duplicate SID with a Service account for my ADConnect utility for synchronising with Azure Active Directory. Resulted in breaking my AD to AAD Connection.
Automatically generated account starting with "ADSync" used to run the ADSync service.
I restored the account, but all security features connected with that account got removed when the account was deleted and didn't know how to restore that, so I had to re-install my ADConnect.

Then (thinking it was a crazy fluke) I tried it again, and again a nice computer account in OU=Computers, and deleted because of a duplicate SID with yet another account that writes changes to AD from AAD with ADConnect starting with "MSOL" and again breaking my AD Connect sync.
I've managed to create another custom account to handle this process, but not before I disabled the domain membership on the QNAP.

Now to get the QNAP working again I have to join it to the domain again, but I'm scared that it will create another account with a duplicate SID, and what account will it be this time?
I've also tried to make a LDAP connection but I can't get that to work either.

Please advise what to do, as my QNAP NAS is now of no use to me.
FSC830
Experience counts
Posts: 2043
Joined: Thu Mar 03, 2016 1:11 am

Re: Joining AD creates a computer account with duplicate SID

Post by FSC830 »

Did you open a ticket at support and reported this issue?
I guess, only QNAP can fix it.

Regards
Post Reply

Return to “Windows Domain & Active Directory”