Looking for a tool to help you create rankable content?
Try it for $7
Research Writing Prompts
Access the Internet for the latest information
Did you know that Synology NAS provides Active Directory functionality? Properly install the Synology Directory Server package from Package Center and set up a Windows domain.
It's a great option for small businesses that want to control user access and simplify administration - combined with a file server role. Synology NAS offers two worlds. Typically, a Windows Server license with CALs (Client Access Licenses) costs around $1,000.
In this article, I will tell you how to set up Synology Directory Server.
Hardware requirements for Synology Active Directory Server
A Synology NAS with DSM version of at least DSM v6.2 or later is required. The current version at the time of writing this article is 7.1. I recommend using the latest version.
meet charlie ay
The Marketing Assistant You Deserve
Check hardware requirementshere;Your Synology NAS should be listed
Synology with low processor performance cannot install Synology Directory Server.
I recommend the Synology NAS model DS723+ without a disk or with a bundled 12 TB disk.
Synology 2-bay DiskStation DS723+ (diskless)
- Up to 471/225 MB/s sequential read/write streams make file operations fast and efficient
- Take advantage of comprehensive file and photo management, data protection, virtualization and monitoring solutions
- Two 1GbE ports allow for easy integration into existing environments, with optional 10GbE connectivity for more specialized bandwidth-intensive applications
- Use the DX517 expansion drive to add 5 additional drive bays for up to 7 storage drives
- For product setup help and more information, please visit Synology Knowledge Center or YouTube channel
Synology DS723+ 2-Bay Diskstation NAS (AMD RyzenTM 4 Threads R1600 Dual Core 2GB RAM 2xRJ-45 1GB LAN Port) Size 24TB 2X 12TB Seagate IronWolf
- Ryzen R1600
- Systemspeicher 2 GB DDR4 ECC
- 2 RJ-45 1GbE LAN ports
- 1 USB 3.2 Gen 1 port
- Synology DS723+, 2 GB RAM, 2 x GB LAN, 2 x 12 TB Seagate IronWolf (24 TB installed)
For better performance, please consider purchasing a Synology Memory Stick.
Hard Drive Recommendations for Synology NAS
Synology Directory Server package features and limitations
- Support for roaming profiles and home folders
- It also supports group-based access control.
- Support Group Policy
- Support for Windows RSAT tool (installed on Windows 10 or Windows 11 PC)
- it only supports one domain
- It only supports one domain controller
- Supports primary or secondary controllers
- DFS not supported
- Active Directory Module for Windows PowerShell is not supported
Also pay attention to the officialSynology Directory Serverpage
笔记本电脑电源 - 令人难以置信的触摸屏
Microsoft Surface Pro 9 (2022), 13-inch 2-in-1 Tablet and Laptop
A few tips before installation
- Give your Synology NAS a meaningful hostname
- Set a static IP address
- The Synology NAS should not be a domain member, otherwise the package installation will fail.
If you plan to purchase a Synology NAS, please use my affiliate link to purchase. There is absolutely no extra cost for you (I get a commission from the seller) but definitely a huge help for me as your move helps pay for maintaining this site and adding more goodies. Thank you in advance for your support!
How to install Synology Active Directory Server
You can find the Synology Directory Server package in the Package Center of your Synology NAS. If you see the packaging, your NAS is compatible.
You also need to install DNS Server package, which you can find in Synology Package Center. I recommend installing a DNS server first, as this is a requirement. No DNS Manager configuration is required as Synology Directory Server package handles everything.
You need to configure one thing on your DNS server. It is redirected to a DNS server connected to the Internet. It can be the IP address of your internet router or an external DNS server, eg Google 18.104.22.168, 8.8..4.4. In the image below, I have configured a forward to an incoming internet router.
A reader kindly mentioned that adding an external DNS server in the domain/LDAP settings in the control panel would also work. Add additional DNS servers, separated by commas.
My Synology Series Articles
Synology Directory Server
Which Synology NAS
How to use Synology Hyper Backup
WordPress on Synology
Configure Active Directory Server
After installing the Active Directory Server package, you can find it in the main menu. Click on the package and a wizard will guide you through the package. The first question is critical. You will need to enter the domain name and password of the administrator account. Before setting up your server, take some time to choose your domain name.
Go to DNS Manager. You will see a new DNS zone (Active Directory integrated) containing your domain name. As you know, Windows Active Directory requires a DNS zone. The installation wizard will create it automatically. If you click on a region name, all standard datasets will be displayed. When each client joins the domain, a new record is created for it. Of course, you can also create records manually.
Manage Synology Active Directory Server
In the three tabs on the left, Status, Users and Computers, and Policy Domain, you're back in Active Directory. The Users and Computers tab shows the structure of Active Directory. It's the same structure you see in a Windows domain. The Add button allows you to create new users, computers or organizational units.
However, I recommend co-managing Active Directory on Windows 10 machinesRSAT(remote server administration) tool.
Starting with Windows 10 October 2018 Update, RSAT is included. You need to enable it using the "Features on Demand" option. After successful activation, you can find the RSAT tool under Windows Administrative Tools.
Don't forget to join your Windows 10 computer to the domain first.
I will use my Synology NAS to create shared folders. To do this, go to "Shared Folders" in the Control Panel. New in the Permissions tab: you can select Domain Users and Domain Groups from the drop-down menu. As you know, local users and local groups still exist. These are local accounts of the Synology NAS. If you have created any accounts, they will remain unchanged after installing Synology Directory Server.
There is no option to use Group Policy on Synology NAS. However, you can use RSAT's Windows Group Policy Management Tool. It works the same, I haven't found any issues with Synology Active Directory Server yet. It's a great tool for small businesses to set up folder redirection, roaming policies, or drive mapping. Even for businesses with 20 or fewer computers, it makes sense to organize your network and provide your users with a consistent experience.
I have found that using the "User must change password at next logon" check mark does not work when using the Windows Active Directory for Users and Computers (ADUC) tool. You get a strange error message. Please set this option on your Synology NAS if you want to use it.
In theory, you could also use other packages from your package manager. But I suggest you don't use them or use them as little as possible. Only use Synology NAS as "Windows Server". Better to buy another NAS.
It's helpful to think about how to secure your server. The general backup rule is to save your data3 times.1x production and 2x backup.
In Package Center you'll find a great package called "Hyperbackup". You can choose to back up to an external USB drive, or add another Synology NAS as a backup destination and use it to store data offsite.
Hyperbackup provides the ability to back up data to a cloud provider. I recommend backing up to another Synology NAS and additionally backing up to the cloud. For example, Amazon S3 is a low-cost cloud provider. Of course you can also choose other suppliers. Hyperbackup supports all of these and is easy to set up.
When choosing a cloud provider, figure out which one is best and whether you can easily store your data abroad.
Back to the backup rule: Storing data in the cloud would be third backup.
Can Synology Active Directory replace my Windows domain?
Synology Active Directory (AD) provides a domain controller (DC) to replace the Windows domain controller. So the answer is yes. However, if you already have a licensed Windows Server, I would not change your domain to a Synology NAS unless the license is for an older version of Windows Server.
What is the difference between Active Directory and a domain controller?
no difference. These two words mean the same thing.
How to connect my Windows PC to Active Directory hosted on Synology NAS?
This is the same procedure you would follow if you had a Windows domain controller. You need to know the domain name and domain account ID with domain administrator rights.
Synology NAS provides a Windows server as a domain controller, eliminating the need to purchase expensive Windows licenses. Installing and maintaining a Windows server is a complex process. Using a Synology NAS as a directory service is very easy. It also helps minimize IT support costs. However, it is best not to forget to update your Synology NAS to take advantage of the latest security updates.
Overall, Synology NAS is easy to set up. If you're looking for a simple, software-based solution, this is it.
I hope this article is helpful to you. Let me know in the comments section below or via email if you have any firstname.lastname@example.org.
Any purchase made by clicking on a product link on this site may earn me an affiliate commission.
Please note that product quantities or prices may change at any time.
As an Amazon affiliate, I earn income from qualifying purchases.
As an AliExpress affiliate, I earn money on qualifying purchases.
As an Amazon affiliate, I earn from qualifying sales