Manage Users

On the Manage Users page, you can manage LDAP users and settings related to account credentials and logins.

User

The User tab provides options to manage users in the LDAP directory.

To create a user:

  1. Click Create > Create user.
  2. Specify the following information for the LDAP user and click Next:
  3. Select the groups to which the user belongs on the Join groups page, and click Next.
  4. If necessary, add additional attributes for the user on the More attributes page, and click Next.
  5. Click Done to complete the setup. The distinguished name (DN) of the user in the LDAP database is "uid=username,cn=users,Base DN".

To import users:

  1. Click Create > Import users.
  2. Tick the following options according to your needs:
  3. Select the type of delimiter you used to separate the fields in the list from the Delimiter drop-down menu.
  4. Click Browse to select a .txt or .csv file to upload.
  5. Confirm the preview is correct and click OK to import.

Note:

When you prepare a file to import, place each user account on an individual row. Each piece of information should be separated by a delimiter in the following order (choose tab, comma, or semicolon from the Delimiter drop-down menu):

  1. Username
  2. Password
  3. Description
  4. Email
  5. Employee number
  6. Department
  7. Employee type
  8. Title
  9. Work phone
  10. Home phone
  11. Mobile phone
  12. Address
  13. Birthday (the format should be YYYY/MM/DD, e.g., 2000/1/1)
  14. Group name

The format of an import file should meet the following requirements:

To edit user properties:

  1. Select the user you wish to edit at the User tab and click Edit.
  2. Edit the user properties at the corresponding tabs.
  3. Click OK to save the settings.

Note:

To delete a user:

  1. Select a user you wish to delete on the User tab, and click Delete.
  2. Click Delete again in the pop-up message to confirm the deletion.

Note:

To activate a user:

Select a user account that is currently locked, disabled, or expired, and click Activate to change its status to Normal.

Note:

Advanced

The Advanced tab provides options to modify advanced user settings.

To configure advanced user settings:

Tick the corresponding boxes according to your needs:

Note:

To enable password expiration:

To fortify the security for user accounts, you can tick Enable password expiration, setting up the following password expiration policies to enforce regular and periodical password changes.

Note:

Once password expiration has been enabled, all passwords older than the period you specified will expire.

Auto Lock

Auto lock improves the security of your Synology NAS by locking the accounts with too many failed login attempts. This feature reduces the risk of accounts being broken into using brute-force attacks.

To enable auto lock:

  1. Tick Enable auto lock.
  2. Enter a number of failed login attempts in the Login attempts field and a number of minutes in the Within (minutes) field. An account will be locked when it exceeds the number of failed login attempts within the specified number of minutes.
  3. Tick Enable lock expiration and enter a number to unlock a locked account after the specified number of minutes.
  4. Click Apply to save the settings.