Synology active directory

Synology active directory

Adding a synology to a windows domain

Hello there, everybody! Synology has just revealed that version 6.1 will provide the ability to set the NAS as an ADDC. This is a big deal for me, but I don’t have any spare NAS to test the latest DSM 6.1 beta on. So all I ask is that if someone tries it, please let me know how it goes. The DSM 6.1 final edition is scheduled to be released in the middle of 2017.
It appears to be a traditional Samba-based AD implementation, which in my experience is shaky at best. If they have a decent implementation, that’s great, but I’m not holding my breath for non-Windows implementations. I’ve yet to see one that consistently works.
I had a domain that was completely run on Samba4.
I had a few hiccups in the beginning since I began it when Samba4 was still in beta.
I didn’t drive it into development until the ‘beta’ label was removed.
I’d consider it a viable option, but I’d be reluctant to put it on a NAS directly.
So, first and foremost, I’m afraid samba isn’t compiled with all of the required switches to function as an AD server. Second, the memory on your NAS (512MB) is insufficient for this reason. RaspberryPI v3 with real-time module running Samba4 as AD server site to your NAS would be a better solution in your situation.

Manage user accounts and computers with synology active

In a small setup like that, Azure AD would easily become more costly than running your own.

Active directory server auf synology diskstation installieren

Standard edition of Windows Server 2019.

Synology diskstation zur windows ad-domäne hinzufügen

If it’s just a few office users, run VMs in Hyper-V and maybe even suggest switching to a VDI solution. Then the workstations will last much longer and you’ll be able to install them for less money (thin clients, even, if you want). Then, since it is centralized, the client backup issue vanishes. Your remote access issue vanishes as well, since they’ll all be communicating via RDP anyway.
My Domain Controllers have been virtualized. Since my 150-person DCs are seldom used, running them in a virtual machine works well. A low-cost server, such as two Intel NUCs (for redundant servers), could be a good low-cost choice if you don’t have much money. What is the financial situation? My budget was zero when I first started, and having $1200 was difficult. This month, we received an additional $100,000 to invest before the end of the year. We currently have a yearly budget of $2 million. Our parent company has a 50 million dollar budget, so what you buy and do is limited. I’m sure you’re dealing with a very minimal budget.

Synology active directory 2 – follow-up

During this evaluation, we often discover that a customer’s active directory environment has a single point of failure – most small businesses don’t have the resources to afford several servers, and previous systems administrators may not have had the foresight to adopt best practices for building server resiliency.
DNS is an example of a single-server environment point of failure that we see all too often. In certain instances, the PDC can act as the only internal DNS provider. Meaning, whether there is a power failure or if a PDC goes down for some reason, the whole office would lose internet access – a costly outage before technical assistance arrives!
However, many of these clients have secondary “server”-like devices such as NAS units, Linux computers, and so on. Although using these as a “backup” DNS provider is not recommended, we strive to provide the best technical support possible while using resources that a client already has – saving them money!

Synology nas setup – joining an ad domain – ep-209

The goal “SYNOLOGY” is a Synology® NAS that has been set up as the domain controller for “MyDomain.Com.” It is equipped with the Active Directory and DNS packages, which have been installed and configured. This video will show you how to set up AD & DNS on a Synology®.
In the source Active Directory, there are local and global domain groups and users. Global groups are made up of users, global groups are made up of domain local groups, and domain local groups are used in share and NTFS permissions (AGDLP principle).
When the migration is taking place, the settings presume that no users are running. If you’re using a multiple-pass method (pre-copy/final copy), you’ll also need to enable either the “Use Volume Shadow Copy” (“Source and Destination”) or the “Ignore errors resulting from locked files” (“Error Processing”) option for the pre-copy pass(es) to avoid errors caused by locked files.

About the author



View all posts