Connecting Synology NAS to Cloudron LDAP fails
-
Hi, I really would like to connect our Synology NAS (DSM 7.1.1) to our Cloudron LDAP so our Cloudron users can login to the NAS with the same credentials. That saves a lot of time and issues with user management.
After some trial and error I got to a point where I can't solve the issue, who knows how to continue?
In Synology DSM there is a wizard to start the connection:
Step 1: (server IP and DNS IP's)
Step 2: Enter needed info, got inspiration from the Cloudorn docs
BIND DN: cn=admin,ou=system,dc=cloudron
Password: set in LDAP Cloudron
BASE DN: ou=users,dc=cloudron
Step 3: check and join, first 3 checks succeeded but 4th one failed:
Details:
-
I imc67 marked this topic as a question on
-
Without being able to debug this further, for a start, the
filterseems wrong. The Cloudron provided user records would have the followingobjectClassattribute:objectclass: [ 'user', 'inetorgperson', 'person' ]so use one of those three entries there. Also Cloudron has no attribute
uidNumbermaybe usingentryuuidworks there though. -
Hi, I really would like to connect our Synology NAS (DSM 7.1.1) to our Cloudron LDAP so our Cloudron users can login to the NAS with the same credentials. That saves a lot of time and issues with user management.
After some trial and error I got to a point where I can't solve the issue, who knows how to continue?
In Synology DSM there is a wizard to start the connection:
Step 1: (server IP and DNS IP's)
Step 2: Enter needed info, got inspiration from the Cloudorn docs
BIND DN: cn=admin,ou=system,dc=cloudron
Password: set in LDAP Cloudron
BASE DN: ou=users,dc=cloudron
Step 3: check and join, first 3 checks succeeded but 4th one failed:
Details:
@imc67 said in Connecting Synology NAS to Cloudron LDAP fails:
Schermafbeelding 2022-12-22 om 09.32.22.png
I was able to make some more progress at this screenshot.
For user profile:
filter: (objectClass=user)
uid: username
uidNumber: HASH(uid)For group profile:
filter: (objectClass=user)
cn: cn
uidNumber: HASH(uid)Then you have to enable CIFS plain text authentication.
I am stuck at the final step. It is late here so will try to figure it out over the weekend.
-
@imc67 were you able to figure this out?
@hakunamatata said in Connecting Synology NAS to Cloudron LDAP fails:
@imc67 were you able to figure this out?
No I wasn’t, and in the meantime I phased out the NAS because I upgraded to a huge VPS for my Cloudron and it can fully replace the NAS.
-
I think there may be an issue in the mapping between the Synology LDAP and Cloudron LDAP If you look at the first screenshot provided by imc67, we have the option to select which LDAP profile to use. If you use the standard profile, you immediately run into the issues that imc67 described. However if you change the profile to custom (see screenshot below), everything checks out fine except for the "Check server schema" which goes away if one enables CIFS plain text authentication. But then you still get stuck when the Synology tries to join the Cloudron directory.
I'm trying to find the logs on the synology to get more details.
Here are the synology docs for how to join a Synology NAS to an external LDAP directory: https://kb.synology.com/en-me/DSM/help/DSM/AdminCenter/file_directory_service_join?version=7
