To use Microsoft Entra Domain Services, all CacheDrives must be able to access the ME-ID DS using one of the following methods:
- A VPN or SDN connection.
- The Morro Edge service, which can virtually and securely connect all of your sites including the cloud.
The available options are:
- DNS Realm - The FQDN of your domain. The first part of the DNS Realm should be the NetBIOS domain name. For example, if the DNS Realm is "company.local", the NetBIOS domain name is "company". If the first part of the DNS Realm is not the NetBIOS domain name, enter the NetBIOS domain name in the NetBIOS Domain Name field.
- NetBIOS Domain Name - If the NetBIOS domain name differs from the first part of the FQDN, enter the NetBIOS domain name for the user account here.
- Computer OU (optional) - If specified, computer accounts will be created in the specified OU to register Morro CacheDrives. If not specified, computer accounts will be created in the default Computers container.
- Domain Administrator and Password - The credentials of the ME-ID DS Domain user account used to add the CacheDrives to the domain. To join the domain service, the user needs to be assigned the Contributor role of Microsoft Entra Domain Services.
Note: If you encounter authorization issues, try using the Domain Administrator account to isolate the problem. The user name can be specified in the format "Username" or "DOMAIN\Username".
- SWITCH TO MICROSOFT ENTRA DOMAIN SERVICES MODE - Configures all devices to use Microsoft Entra Domain Services for authentication. It will also create a computer account for each Morro CacheDrive in the domain. If Computer OU is specified, the computer accounts will be placed in that OU. An error message will appear if any of the devices fail to join the domain after 60 seconds.
Use the chart near the top of the page to check the current domain status for each device in the account.
The chart shows the following information:
- "Joined" - Shows that the CacheDrive has successfully created a computer account in the domain.
- "Status" - Confirms that the computer account is active and the network connection to the domain is healthy.
- Check - Click Check to verify that the participation in the domain is valid.
- Domain Info - Click Domain Info to show the LDAP server IP address, KDC server IP address, and server time.
- Join Domain - When a CacheDrive is unable to join the domain, diagnose and fix the reported errors, then click "Join Domain" to try again.
- Rejoin Domain - When a joined CacheDrive has a problem and "Status" reports errors, click Rejoin Domain to join the CacheDrive to the domain again.
- Show Errors - Show the errors associated with a failed CacheDrive join or CacheDrive join issues. See below for common join errors.
Realm not found, please check DNS
The specified realm cannot be resolved. Please check the DNS configuration and make sure the Morro CacheDrive can resolve the specified realm.
Cannot Join Domain, please check credential
Check the specified username and password.
After successfully joining to the domain, set Share permissions based on domain accounts. Users can access the CacheDrives with SSO (single sign-on) by using domain credentials from their PC.
Use the Rejoin button in the lower right part of the screen to repeat the AD join process. This can sometimes solve issues with AD integration.
SWITCH TO MORRO USERS MODE: Un-join CacheDrives from the domain and authenticate users in Morro Users mode. User and group information imported from the domain can be kept as an option.