Avatar of Sheldon Livingston
Sheldon Livingston
Flag for United States of America asked on

Synology permissions

We have a Synology NAS and joined it to our domain.
I wish to create a folder and give an individual domain user access to that folder without the individual needing to supply a username and password... as if the NAS was a share on the server.

Is this possible?
* SynologyNASWindows OS

Avatar of undefined
Last Comment

8/22/2022 - Mon

Yes, refresh the list of users and make sure you see the users from the domain.

Double check the supoorted smb version and the IP of the local system versus the synology nas.
Definition, type of share,

Which synology appliance do you have, version of?
Sheldon Livingston

We have a DS418. I wanted to create a Data share and allow everyone access. When a user currently tries they are prompted for credentials.

you might be kissing a component handler tie-in to AD domain.

Searching the synology could help resolve your issue.
The below deals with an azure AD

The user could provide creds and save the in control keymgr.dll....

To not be prompted until the user changes password....

Smb version might be the cause/explanation...
Your help has saved me hundreds of hours of internet surfing.
Sheldon Livingston

I'm not understanding you @arnold.

We have an on premise server. We were hoping to create shares on the NAS and allocate permissions like normal shares.

Check the shares and whether you have the ntlm optionom the synology through which commonly the token from the Windows system can be validated.

Init prompts, suggests your synology either is not presented by the client or the client does not trust the requestor to provide the auth token.

Checking synology support to confirm all that you need is on the device.

I guess you have to seperate the synology permissions to acces a volume and possible file permissions on the device.
If a user connects to the device, the client has to send an authentication to the NAS, and the NAS device has to validate it against a DC. So it depend a bit, which method you use to connect to the device.

The most easiest way would be to map it like a file share.
For accessing the file system, be aware that not all file systems on the NAS can deal with windows crendetials / permission. So you need a file system (like NTFS) which supports AD Users / groups permission.

If you have that, make sure, you have set them on the directory structure of your NAS. 

See also.

Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Sheldon Livingston

I had joined my NAS to the domain.
To give domain users access I just needed to go into the Control Panel, of the NAS, then Shared Folder.
Select the folder and click Edit.
From there click the Advanced Permissions tab and then the Advanced Share Permissions button at the bottom.
Select Domain Users and then select the appropriate user and assign the permission.

An then you ge the logon sceen, right?

Sheldon Livingston

So, as the NAS admin I did the  process above and gave Fred read/write access. Prior to this Fred would get a prompt and I couldn't figure out the username and password to use.
I did the steps above and now Fred gets right in without a prompt.
He accesses the NAS via \\NASDevice
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy

View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.