UCS 5.0 Fresh Install Fails to Join Existing Active Directory Domain

Hello everyone,

I’ve installed a fresh copy of UCS 5.0 (ISO) as a virtual machine on a new Synology NAS (RS2821RP+). The install completed successfully and without any errors. After the reboot I accessed the server via Google Chrome (Version 100.0.4896.127 (Official Build) (64-bit)) to complete the setup. I was able to choose my language and location settings, set up the static IP and then choose the option to join into an existing Microsoft Active Directory domain. The address of the domain controller and Username were prefilled with the correct info so I only had to type the Administrator password. When I click the next button I received an error.

An error occurred
Could not fulfill the request.
Server error message:
The connection to the Active Directory server was refused. Please recheck the password.


I was very careful to check my typing of the password and have even typed it in Notepad to copy and paste it into the password field.

I have also successfully joined client machines to this domain using the very same Administrator account and password.

As a workaround I created a new domain user and delegated control to join computers to the domain. Then I used this account to try and join the UCS server to the domain. This failed in the same way as the Administrator account.

On another attempt I checked the Google Chrome console and saw that there were several errors with status 408 (Request Timeout) and one of status 400 (Bad Request).


I also attempted to access the server and complete the setup using Mozilla Firefox (99.0.1 (64-bit)) to see if there was a problem with Chromium based browsers but I experienced the exact same issue as on Google Chrome.- Here is the output of the console during this attempt (The obfuscated line represents the FQDN of the server, abc-nas1.ad.org.com).


I’m not entirely certain where to go from here so I’m looking for some help from the community to see if I can be pointed in the right direction.

Thanks to anyone who reads this and can provide any assistance.

Here is some extra info that may help to understand the environment and possibly provide some clues:


Currently using Ubiquiti UniFi security gateway and switches. Some VLANS have been created to separate devices but there are currently no firewall rules that would block traffic (Ubiquiti allows inter-VLAN traffic by default).

Server Network
VLAN: 10

Workstation Network
VLAN: 20
DHCP: DHCP Relay to

Synology Directory Server (Equivalent to Microsoft Windows Server 2008 R2)
Domain Name: ad(dot)org(dot)com
NetBIOS Name: org

Domain Controller
Synology NAS RS2821RP+ Running DSM 7.1
FQDN: abc-nas1(dot)ad(dot)org(dot)com
IP Address: (Static)
VLAN: 10

UCS Server
Synology Virtual Machine (2 CPU Cores, 4 GB RAM)
FQDN: Was not asked for a hostname or domain during setup. Attempted manual hostname change to abc-ucs1 by editing /etc/hostname, /etc/hosts, and using hostnamectl set-hostname then rebooting.
IP Address: (Static)
DNS 1:
DNS 2: (A secondary NAS that hasn’t been configured yet)
VLAN: 10

HP ProBook 650 G8
FQDN: ProBook-ABCDEF(dot)ad(dot)org(dot)com
IP Address: (DHCP)
DNS 1:
DNS 2: (A secondary NAS that hasn’t been configured yet)
VLAN: 20

Hi everyone, I have some more info to share.

I tested by installing UCS 4.4 in a VM and I’ve encountered the same issue with the password. The issue seems to be more likely on the Synology end. I’ll do some more research and report back later.

Hi everyone, I’ve confirmed the issue based on the Synology Directory Server manual.

The Compatibility and Limitations section lists the following limitation:

Synology Directory Server supports a single domain and a single domain controller only

Therefore I have switched away from using the Synology Directory Server in favour of running a full UCS Primary Directory Node in a VM.

Have a great day!

Their AD integration is broken… and in some cases to fix it or security issues you need to update every package on your NAS… at which point many become unsupported.

I would recommend that anyone thinking of using synology or getting ready to replace equipment DOES NOT.

They are continually removing functionality every software revision & now are requiring licensing for the most basic of items.

Air gapping is also becoming impossible, the NAS requires a permanent connection to the internet, to “validate” package licences.