161
5.5.2 Connecting NAS to an LDAP Directory
LDAP (Lightweight Directory Access Protocol) is a directory that can store the
information of every user and group in a centralized server. Administrators can use
LDAP to manage users in the LDAP directory and allow them to connect to multiple NAS
with the same login details. This feature is intended for use by administrators and users
who have knowledge of Linux servers, LDAP servers, and Samba. A running LDAP server
is required when using this feature.
Re quire m e nts
Required information/settings:
The LDAP server connection and authentication information
The LDAP structure, where the users and groups are stored
The LDAP server security settings
C onne c ting Q NAP Turbo NAS to LDAP Dire c tory
Follow the steps below to connect the QNAP NAS to an LDAP directory:
1. Login to the NAS as an administrator.
2. Go to "Privilege Settings" > "Domain Security". By default, "No domain security" is
enabled. This means only local NAS users can connect to the NAS.
3. Select "LDAP authentication" and complete the settings.
o
LDAP Server Host: The host name or IP address of the LDAP server.
o
LDAP Security: Specify how the NAS will communicate with the LDAP server:
ldap:// = Use a standard LDAP connection (default port: 389.)
ldap:// (ldap + SSL) = Use an encrypted connection with SSL (default port:
686.) This is normally used by older version of LDAP servers.
Ldap:// (ldap + TLS) = Use an encrypted connection with TLS (default port:
389.) This is normally used by newer version of LDAP servers
o
BASE DN: The LDAP domain. For example: dc=mydomain,dc=local
o
Root DN: The LDAP root user. For example cn=admin, dc=mydomain,dc=local
o
Password: The root user password.
o
Users Base DN: The organization unit (OU) where users are stored. For example:
ou=people,dc=mydomain,dc=local
o
Groups Base DN: The organization unit (OU) where groups are stored. For
example ou=group,dc=mydomain,dc=local