Synology Windows Domain Controller Setup

47 thoughts on “Synology Windows Domain Controller Setup”

• Why does my domain controller look different; I don't have those options.

• Hi Willie! Really appreciate you doing this series, would this be ok to cover max 25 workstations? Also, one of the main things am after is to disable RDP clipboard through GPO? Is that possible with this setup, there a lot of guides out there, but nothing stands out. Any suggestions?

• Came across your channel while looking for Synology vids. I've been wanting to add a domain environment to my home network. Synology rules!

• Hi Willie: You mentioned seeing your next video. How do I know which one is your next video which is supposed to be a continuation of the current one (Synology Windows Domain Controller Setup)?

• I recently configured my Synology DS923+ with the directory service which I migrated from a Windows Server 2022 AD virtual machine I was running and I was able to join my Windows 11 VM to the domain and log in just fine, but when I try to add any Linux machines to the Domain they are able to be added but will not log in using the domain credentials… any thoughts?

• Hello Sir Willie! Im your Fan! Great videos you got here a big help to Noob like me :). Do you have a video for setting Synology AD Roaming Profile? Thanks in advance.

• Thank you. Great !

• You, my sir, are my new God! Exactly what I was looking for! TY much!

• The key with this is that you can run the same admin tools to drive the AD settings as if it were a windows server. Great for small biz.

• how is it that I am the only one that cant seem to find the active directory on my packages?

• Another Video Request: Compare Synology Directory Server to Synology C2 Identity cloud service + C2 Identity Edge Server

• Thank you for taking the time to create these videos. I have a video request. Compare a Synology NAS Domain controller vs a Windows Active Directory server. Can ADML ADMX be used on a SAMBA server such as the Synology Domain controller?

• Thanks Willie, great video series. I recently upgraded an older Synology + Mac server setup at a customer and moved the AD portion of the old Mac server to a new Synology HA cluster. Although your videos confirmed for me the steps I already did for this setup, there are still some things that are not totally clear to me. One thing is the DNS forwarding: by default it uses the LAN router, which forwards requests (usually) to the server handed over to the router by the ISP via DHCP. Would entering this DNS (or any other good DNS service) directly as a forwarder in Synology DNS server provide some extra performance? And if so, are there any drawbacks?

• It seems to me that if you want to implement AD for a small company then getting a Synology is a cost effective way to get it done. Am I crazy ?

• We switched from Windows Server 2012 R2 to Synology Directory Services few years ago, its pretty decent system. There was no migration option that time, but it was not complicated anyway.
  The only everybody should keep in mind, more such packages you use on NAS, more is NAS behaving as application server, then data / backup device. Its better then to split and have NAS for things like AD, DNS, Mail System etc and may be second NAS for data backups itself. AD and DNS is sensitive for fast response, at time of data backup processes via Active backup or Hyper Backup, workstations might have authorization issues.

• Can you doing some home share folders and goup share folders, like Admins/Family?Guests, and more if you can think of any and so when someone signins to the domain and are part of the family group they will already have a shared drive so so they can see alll things that family members should see, like pictures or music or videos? and the admin group would have a shared folder for ISO storage (apps and OS) and no sure what guests should have but maybe some other groups that a family member or business should have, so change family members group to Finance or accounting. Stuff like that would be good so when they login they will have instant access to shares they need to do their job.

• Hi Willie, great video and timing as I plan to deploy a Synology unit as a replacement windows server. I need to size a unit but Synology's NAS selector is vague. You know of a good Synology NAS sizing resource? Core services for this unit are File Server, "Active Directory", Active Backup for 365 & C2 backup.

• I appreciate that Synology offer this and I’ve played around with it in the past but there isn’t any scenario outside of a home network or lab that I would be willing to implement this.

• I didn’t realize you were using the emulator was under the assumption you were virtualizing a real windows server to be a dc.

  Man if you roll this out in production lol let me know the horror stories 😂

• Willy CAN U SET UP Synology AD as a Domain Print Server? and use AD Policies to deploy it to workstations. I tried it on ds218+ but it fail at the point when it start downloading printer drivers to Synology AD. My question is , Is it possible ? or not? Have u done it?

  Thanks for grate videos

• Perfect timing Willie! Our business has a Google Workspace Business Plus subscription and I’m thinking of deploying GCPW. Any experience with that or thoughts on using it in conjunction with Synology directory server?

• This is something I am interested in but have zero experience with yet. So please forgive me if my question is too far out in left field.

  How does this compare with other solutions such as Zentyal? And how does something like Pi hole fit in if I decide to use a domain controller?

  Now you have me thinking.
  Can I use it to login to my wifi network?

• Another like from me for this idea. Wife's very small office (8-10 users) looking to get rid of an old, huge Dell R710 and use something small form factor such as this 👍

• Glad to see this series. Having moved to this for some larger customers, I have been very impressed with how well it works. Using it with High Availability, Snapshots, and HyperBackup has brought the customers and me much peace of mind.

• Thanks for the series. Most interesting. Always HATED dealing with MS Licensing. Many hours of my life gone and unrecoverable dealing with it. The WORST. If this is a truly supportable AD Platform then I am real interested in what is to come.

  For this to be truly supportable platform it must have a video regarding Disaster Recovery Planning. Recovery to bare metal or maybe it requires a Second Domain Controller and transfer of FSMO roles.

  Must include a video or 2 on actual BACKUP – RESTORE Process. A truly tested Backup and duplicatable Recovery process .

  This AD Solution should not be used in Production without a robust Disaster Recovery Process.

  Thanks again for the content.

• What does Microsoft think about Synology poaching its product? Is it legal? Sure, the codes are all Synology, but can Microsoft sue for some sort of copyright infringement?

• Appreciate your video and many thanks. I have several vlans in my LAN office network. Do I need to setup separate ms active directory for each vlan or I just create one global active directory and allow inter-vlan routing access to this active directory.

• Awesome video Willie. I would love to see how you would handle/setup Synology ADS in an Unifi network, with the UDM acting as a dns server.

• Please please make a video on how domain group policy integrates with the Synology directory server 🙏

• If possible to deploy printers GPOs with it?

• can it deploy .msi files?

• Really looking forward to the whole series Willie!

• WTH am I supposed to do with all the money for CALs?

• Willie, could you cover Drive Mappings that follow the Users and Roaming Profiles?

• Can we see importing group policy admx/adm/damp templates (example: set allowed Google chrome extensions)

• THX for the Video. I checked it out and the key-point is, that you can't join a Synology as a secondary DC to an existing Windows AD.

• Tried adding a server and installing Exchange server on it when running Synology as a domain controller ? (I'm never going to run an exchange-server again, but this would be an ultimate compatibility test…)

• Fantastic series Willie! Half of my customers already run Synology for years as they are pretty small offices but this year I am fully transitioning and upgrading/replacing traditional Windows server/AD/primary vendor hardware based solutions entirely with fully redundant Synology based private cloud solution adding in some C2 services. All in one package and provider and easy to secure. I'm quite excited but I can't tell if it's a little sort of Novell/NetWare vibe from way back when, (I do miss NetWare, those were the days) or just that I have a consolidated vendor solution I can replace these others with for far less headache hassle and cost which I guess also relates to the NetWare vibe a little. I don't know, either way very excited to see your perspective on this as I just might learn something and that's always a good thing in my book.

• Wonderful , can’t wait to see how to mapped network drive automatically, setup wake on lan, and setup default settings like Wi-Fi password, VPN

• If this is going to be part of a series, might I suggest taking a workgroup user profile and transferring to a domain user profile?

• I want to see these in a video one force all domain clients to use control alt delete as soon as the join the network at login also next one is time sync and other one is mobile profiles and other one is auto map network drives I saw this on my NAS also how to properly link 2 snylogy NAS's together via Central Management and emby so much better than plex too I have it setup it works better as a system but also works as a DVD and Live tv and other stuff too even has CC support for TV

• Excellent video W! Looking forward to the rest. Working in a Mac environment we used Open Directory. Never had to setup an Active Directory server.

• Hello Willie. Great vid (as always), interesting idea, but it's got some serious potential consequences to consider when creating an AD:
  1. Running single AD controller is not a great idea, so to make this at least sort-of-by-the-book you'll need 2 devices.
  2. There's no PDC and BDC anymore, and you're starting with an obsolete configuration. Sure it will work, but still…
  3. I never looked into running AD on these but how granular is Group Policy Management on these things? User profiles with redirected folders, etc?
  Wouldn't it make more sense if money is the issue to buy used server? They cost next to nothing now. Run on dedicated AD controller on it and nothing else? Have a secondary AD server as a vm somewhere and you're set.
  IMHO it makes perfect sense to host user folders on Synology, use it for backups, or run containers but hosting AD on a device that at the same time does a lot of other things… i don't know man…

• Willie, this is amazing, please keep those next videos on AD coming !!!

• Have you considered to test Zentyal? I just test it and I kind of like it and you don't need to depend to have a Synology NAS to get a local AD server.

• can user still change their own password if the secondary domain is set to "Read Only"?

• I would also like to see best practices for locking down access to Synology NAS.

Comments are closed.