Learn about Active Directory features and limitations on a My Cloud.*END
Time and Zone
The Zones must be the same.
The time difference between the My Cloud and the Domain Server must be within 5 minutes.
AD Users and Group Limits
My Cloud supports:
- 800 AD users
- 200 AD groups
- Usernames support alphanumeric values from 1 to 16 characters.
The first character must be a letter. - Names with dots are not supported. (e.g. John.Doe)
AD Admin Account Membership
The account must be a member of each of these Groups.
- Domain Users
- Domain Admins
- Schema Admins
- Enterprise Admins
OS and Functional Level Support
- Server 2003 through 2012
- Domain Functional level 2003 through 2012.
Mixed mode is not supported. - Forrest Functional level 2003 or 2012.
Mixed mode is not supported.
Domain Name Resolution (DNS Server)
Forward and reverse name resolution is required on the network between the My Cloud and the Domain Server.
Domain Name Support
- Fully Qualified Domain Name (FQDN) must be used.
- non-FQDN without the dot [.] are not supported.
- Sub-domains are not supported.
| Domain Name | Support Status |
| CUSTOM.COM | Supported |
| CUSTOM.LOCAL | Supported |
| CUSTOM | non FQDN Not Supported |
| NAME.CUSTOM.COM | Sub-domains Not Supported |
| NAME.CUSTOM.LOCAL | Sub-domains Not Supported |
** Using in an unsupported environment will cause problems.
Default Permissions on Imported AD Users and AD Groups
Active Directory permissions are not imported into the My Cloud.
All Active Directory users and groups imported into the My Cloud will have the DENY permission by default..
Need more help?
Answer ID 11814: Cannot Access and Access Denied for My Cloud Private Shares After Joining an Active Directory Domain
| User | Domain Users group | Domain Admins group | = | Effective permission |
|---|---|---|---|---|
| Read / Write | Read Only | Deny | = | Deny |
| Read / Write | Deny | Read / Write | = | Deny |
| Deny | Read / Write | Read Only | = | Deny |
| Read / Write | Read Only | Read Only | = | Read / Write |
AD Users and Groups Not Imported
These are not imported into the My Cloud.
- Incoming Forest Trust Builders
- DnsAdmins
- IIS_IUSRS
- Cryptographic Operators
- Event Log Readers
- Certificate Service DCOM Access
- RDS Remote Access Servers
- RDS Endpoint Servers
- RDS Management Servers
- Access Control Assistance Operators
- Domain Computers
- Domain Controllers
- Cert Publishers
- Performance Log Users
- Performance Monitor Users
- Distributed COM Users
- Group Policy Creator Owners
- RAS and IAS Servers
- Server Operators
- Network Configuration Operators
- Hyper-V Administrators
- Access Control Assistance Operators
- Account Operators
- Pre-Windows 2000 Compatible Access
- Print Operators
- Windows Authorization Access Group
- Terminal Server License Servers
- Allowed RODC Password Replication Group
- Denied RODC Password Replication Group
- Read-only Domain Controllers
- Enterprise Read-only Domain Controllers
- Cloneable Domain Controllers
- Protected Usersv
- DnsAdmins
- DnsUpdateProxy
- WseRemoteWebAccessUsers
- WseAllowShareAccess
- WseAllowComputerAccess
- WseAllowMediaAccess
- WseAllowAddInAccess
- WseAllowDashboardAccess
- WseAllowHomePageLinks
- WseAlertAdministrators
- WseRemoteAccessUsers
- WseInvisibleToDashboard
- WseManagedGroups
- RA_AllowAddInAccess
- RA_AllowComputerAccess
- RA_AllowDashboardAccess
- RA_AllowHomePageLinks
- RA_AllowMediaAccess
- RA_AllowNetworkAlertAccess
- RA_AllowRemoteAccess
- RA_AllowShareAccess
- RA_AllowVPNAccess
- Remote Desktop Users
- Remote Management Users
- Replicator
- WSSUsers
- WinRMRemoteWMIUsers__
- Administrators
- Guests
- Backup Operators
- Users
