In order to use Azure AD Domain Services with Morro CacheDrives, all CacheDrives must be able to access the AAD DS:
- Using VPN or SDN connection.
- Use Morro Edge service, which can virtually and securely connect all of your sites including the cloud.
The available options are:
- DNS Realm - The FQDN of your domain. The first part of the DNS Realm must be the NetBIOS domain name. (Example: DNS Realm is company.local, where the NetBIOS domain name is "company".)
- NetBIOS Domain Name - If the NetBIOS domain name differs from the suffix of the FQDN, then the NetBIOS name for the user account needs to be included.
- Computer OU (optional) - If specified, computer accounts will be created in the specified OU to register Morro CacheDrives. If not specified, computer accounts will be created in the default Computers container.
- Domain Administrator and Password are the credentials of the AAD DS Domain user account used to add the CacheDrives to the domain. To join the domain service, the user needs to be assigned the Contributor role of Azure AD Domain Service. Also when you encounter authorization issues, you can try with Domain Administrator to isolate the problem. User name can be specified in the format "Username", or "DOMAIN\Username".
- SWITCH TO AZURE AD DOMAIN SERVICES MODE - Configures all devices to use Azure AD Domain Services for authentication. It will also create a computer account for each Morro CacheDrive in the domain. If Computer OU is specified, the computer accounts will be placed in that OU. Diagnostic errors will show if not all devices join the domain successfully after 60 seconds.
Use the chart near the top of the page to check the current domain status for each device in the account.
The chart shows if all CacheDrives joined the AD domain successfully. Users can access the CacheDrives with SSO (Single- Sign-On) by using domain credentials from their PC.
- "Joined" - Shows that the CacheDrive has successfully created a computer account in the domain.
- "Status" - Confirms the computer account is active and the network connection to the domain is healthy.
- Check - Tests if the participation in the domain is valid.
- Domain Info - Displays LDAP Server IP address, KDC Server IP address, and server time.
- Join Domain - When a CacheDrive is unable to join the domain, diagnose and fix the reported errors and click "Join Domain" to try again.
- Rejoin Domain - When a joined CacheDrive has a problem and "Status" reports errors, use this button to join the CacheDrive to the domain again.
- Show Errors - Reports errors (see table below) when a CacheDrive is unable to join the domain or a joined CacheDrvie has a problem.
Realm not found, please check DNS
The specified realm cannot be resolved. Please check the DNS configuration and make sure Morro CacheDrive can resolve the specified realm.
Cannot Join Domain, please check credential
Check specified Username and Password.
After successfully joined to the domain, you probably need to set Share permission based on domain accounts.
Use the Rejoin button in the lower right part of the screen to repeat the AD join process. This can sometimes solve issues with AD integration.
SWITCH TO MORRO USERS MODE: Un-join CacheDrives from the domain and authenticate users in Morro Users mode. Users and groups information imported from the domain can be kept as an option.