“Manage user accounts with efficiency”
LDAP server, also called Directory Services, allows centralized user and group management. LDAP server can be associated with Active Directory for user management. The system can serve as an LDAP domain to store the information of all users and groups, including username and password.
Using the built-in LDAP server of QNAP NAS, the administrator can easily create users and let them access multiple NAS servers with the same username and password. No licenses and extra time on creating user accounts on all the devices are required. QNAP NAS firmware v3.6.0 or above is required.
- Enable LDAP server
- Create LDAP users
- Join a NAS to LDAP domain
- Join a second NAS to LDAP domain
1. Enable LDAP Server
To enable LDAP server on QNAP NAS, login to the NAS web administration page as an administrator, and navigate to “Application Servers” > “LDAP Server”.
Select “Enable LDAP Server”; enter the full LDAP domain name and the password for the LDAP Server, then click “Apply”. The LDAP server is now enabled and ready for use!
2. Create LDAP Users
Navigate to the “Users” tab. Click “Create a User” or “Create Multiple Users” or “Batch Import Users”. Follow the instructions of the wizard to create the LDAP users.
Once you have created some LDAP users, the NAS can be joined to the domain so that you can set the permissions of the LDAP users and allow them to be authenticated by QNAP NAS.
3. Join a NAS to LDAP Domain
To allow the LDAP users to connect to the NAS, the NAS has to be joined to the LDAP domain. Under the “LDAP Server” tab, click “Domain Security” and you will be automatically redirected to “Access Right Management” > “Domain Security”.
From the NAS on where the LDAP server is running, navigate to “Access Right Management” > “Domain Security”. Select “LDAP authentication”, and choose “LDAP server of local NAS” as the server type. Then click “Apply”.
The NAS is now a client of the LDAP server. To view the domain users or groups, go to “Access Right Management” > “Users” or “User Groups”, then select “Domain Users” or “Domain Groups”. You can also set the folder permission for the domain users or groups.
4. Join a Second NAS to LDAP Domain
You can join multiple QNAP NAS servers to the same LDAP domain and allow the LDAP users to connect to the NAS servers using the same login credentials.
To join another NAS to the LDAP domain, login the NAS and navigate to “Access Right Management” > “Domain Security”. Select “LDAP authentication” and then “LDAP server of a remote NAS” as the server type.
Enter the DNS name or IP address of the remote NAS, the name of the LDAP domain that you created previously, and enter the LDAP server password. Click ”Apply”.
About joining QNAP NAS to a third party LDAP server, please refer to the application notes:
Connect the QNAP NAS to an LDAP Directory.