ºÚÁϺ£½Ç91Èë¿Ú

This article covers how to integrate QNAP NAS devices with ºÚÁϺ£½Ç91Èë¿Ú’s LDAP, enabling user management and authentication using ºÚÁϺ£½Ç91Èë¿Ú accounts and credentials. To configure the integration, it's important understand the relationship between the products and how they are integrated. The following diagram in conjunction with the instructions that follow, show the basic interoperation of ºÚÁϺ£½Ç91Èë¿Ú’s LDAP authentication service, the QNAP NAS, and the client attempting to access files.

Prerequisites:

• Cloud LDAP is configured correctly in ºÚÁϺ£½Ç91Èë¿Ú. See Use Cloud LDAP to learn more.
• LDAP users and/or user groups are configured in ºÚÁϺ£½Ç91Èë¿Ú. See Create an LDAP Group to learn more.

Configuring ºÚÁϺ£½Ç91Èë¿Ú User Groups for QNAP QTS via LDAP

To proceed, Cloud LDAP and a LDAP BindDN user must be configured. If you’ve not configured a BindDN User, see Creating an LDAP Bind User to learn more.

To configure ºÚÁϺ£½Ç91Èë¿Ú user groups for QNAP:

1. Log in to the .
2. Go to USER MANAGEMENT > User Groups.
   1. Select a user group that you want to be synced to QNAP QTS.
   2. Under the Details tab, select both Create Linux group for this user group and Enable Samba Authentication checkboxes.
   3. Fill out a Linux Group Name and Group GID.
      • Note: QTS reserves a GID range from 0 to 99. When adding a new account, ensure that the UID and GID does not conflict with an existing UID or GID.
   4. At the bottom right, click Save to apply your changes.
3. Repeat this step for all of the user groups you want to be available in QNAP QTS.

Configuring QTS for Microsoft Networking

In order to access file shares on Windows devices, the name of the workgroup configured in QTS must be identical to the name of the workgroup configured in your ºÚÁϺ£½Ç91Èë¿Ú LDAP Instance. 

To view Workgroup information in the LDAP Directory:

1. First, get the name of the QNAP QTS Workgroup:
   1. In QNAP QTS, go to Control Panel > Network & File Services > Win/Mac/NFS/WebDAV > Microsoft Networking.
2. Then view the name of the ºÚÁϺ£½Ç91Èë¿Ú Workgroup:
   1. In the ºÚÁϺ£½Ç91Èë¿Ú Admin Portal, go to USER AUTHENTICATION > LDAP.
   2. Click on the ºÚÁϺ£½Ç91Èë¿Ú LDAP instance.
   3. Go the Details tab > LDAP Configuration to locate the Workgroup.

Configuring QNAP QTS to use ºÚÁϺ£½Ç91Èë¿Ú LDAP

To configure the QNAP QTS device to use ºÚÁϺ£½Ç91Èë¿Ú LDAP:

1. In QNAP QTS, go to Control Panel > Privilege > Domain Security. 
2. Select LDAP authentication. 
3. For Select the type of LDAP server, select Remote LDAP server. 
4. For the LDAP server host, enter .
5. For the LDAP security setting, select a security type such as ldap://(ldap+TLS).
   
6. For the Base DN, enter the string displayed in ºÚÁϺ£½Ç91Èë¿Ú under ORG DN in LDAP’s Details Tab.
   This should look like the value: o=XXXXXXXXXXXXX,dc=jumpcloud,dc=com
7. For the Root DN, enter the string displayed in ºÚÁϺ£½Ç91Èë¿Ú under Samba Service Account DN in ºÚÁϺ£½Ç91Èë¿Ú’s LDAP Details Tab.
   This should look like the value: uid=your.ldab.bind.userid,ou=Users,o=XXXXXXXXXX,dc=jumpcloud,dc=com
8. Enter the password for the SAMBA SERVICE ACCOUNT (the ºÚÁϺ£½Ç91Èë¿Ú BindDN User LDAP password).
9. For Users base DN and Group base DN, enter the same string:
   ou=Users,o=XXXXXXXXX,dc=jumpcloud,dc=com
   Where the o= value is the same from your earlier configurations from earlier.
10. Click Apply. The LDAP authentication options window will appear.
11. Select LDAP users only: Only LDAP users can access the NAS via Microsoft Networking.
12. Click Finish.

The NAS connects to the ºÚÁϺ£½Ç91Èë¿Ú LDAP directory. The connection is established when the Status displays Online.

Verifying LDAP Users and User Groups

ºÚÁϺ£½Ç91Èë¿Ú Users will be displayed in Users or Shared Folders under Domain Users.

ºÚÁϺ£½Ç91Èë¿Ú User Groups will be displayed in User Groups under Domain Groups.