Directory Server Settings
Set up Synology NAS as a directory server to provide account authentication service.
After the Directory Server package is installed and running on your Synology NAS, go to Main Menu > Directory Server to enable the service.
Enable Directory Server
To enable Directory Server and provide LDAP service, follow the steps below:
- Go to the Settings tab. Tick Enable LDAP Server.
- In the FQDN (Fully Qualified Domain Name) field, specify the domain name for the LDAP database.
- Enter the password of Bind DN (see below) in the Password field.
- Confirm the password.
- Click Apply.
When the setup is complete, you will see the following information under Authentication Information:
- Base DN: The distinguished name for Directory Server's LDAP database. This is generated from the specified FQDN. For example, if the FQDN is “ldap.synology.com,” its Base DN will be “dc=ldap,dc=synology,dc=com”
- Bind DN: The distinguished name for LDAP's root. For example, if the Base DN of the LDAP database is “dc=ldap,dc=sinology,dc=com,” then the Bind DN of its root will be “uid=root,cn=users,dc=ldap,dc=sinology,dc=com”
If LDAP clients wish to bind to your Directory Server, they should specify the Base DN to connect to the LDAP database, and then authenticate with the Bind DN of root or an LDAP administrator account.
Note:
- A root DN and a Base DN have to be provided to the clients to bind to the LDAP server.
- For more information about FQDN, please see here.
- If you have set up port forwarding or firewall rules for your Synology NAS, make sure ports 389 (for LDAP connections) and 636 (for LDAP SSL connections) are properly configured at Control Panel > External Access > Router Configuration, or at Control Panel > Security > Firewall.