Domain/LDAP Users or Groups

If your DiskStation is joined to a directory service as a Windows Domain or LDAP client, you can set up and modify domain/LDAP users' or groups' access permission to DiskStation shared folders and DSM applications, and enable the home service for all domain/LDAP users.

Domain/LDAP User

Depending on the type of directory service you are joining, click the Domain Users or LDAP Users tab to set up the shared folder and application permissions and the quota of disk capacity of each user.
Note: Disk capacity quota setup is not applicable to Docker DSM.

The rules of privilege settings include the following:

User Home

Like local users, all domain/LDAP users can access their own home folder via CIFS, AFP, FTP, or File Station.

Users with administrative privileges can access all personal folders located in the homes shared folder. All users' home folders are located in one of the sub-folders under a folder named "@DH-domain name" (for domain users) or "@LH-FQDN name" (for LDAP users). The name of the user's home folder is the user account plus an unique number.

    Note:
  1. To delete the homes shared folder, user home service must be disabled first.
  2. Enabling the home service for domain/LDAP users will also enable the home service for local users if it's not enabled yet.

Domain/LDAP Group

Depending on the type of directory service you are joining, click the Domain Group or LDAP Group tab to configure domain/LDAP groups' access privileges to shared folders. The priority of privileges is: NA > RW > RO.