TS-451: How to use built-in AD for everything?

[starkruzr]

FTR: I actually have a TS-451, which isn't an option in the dropdown. I'd like to use the built-in domain controller functionality to distribute access to all services on the NAS -- for example, people should be able to log in at the web front-end as DOMAIN\user and have access to all of the applications you can see as the local "admin" user. This sort of works; my domain users can at least log in, but they have only access to the file manager app when they log in.

What I can't figure out yet:

• How to grant access to additional applications to NAS domain users
• How to get the built-in DNS server in the NAS to go out to DNS forwarders or other root servers for DNS entries. As it is, it looks like it develops and resolves a list of local lookup references for the domain and literally nothing else. This is not functioning DNS!

Does anyone know how to get the "domain controller" functionality up to spec?

[NoName]

i am not using the AD, but have you tried changing the users in the Control-Panel -> Privilege Setting -> Users. there i can select local users and domain users. I have no domain users, but for the local users there is a button in the right column 'Actions', normally the right most button, which opens a dialog for application privileges.The button has four yellow squares, may be they should represent folders...

I am wondering what you consider to be the built-in DNS server? I guess you have not configured anything? To answer the question some more information for your network is needed. Do you have a router, or a DHCP server?

[storageman]

Why do users need to login to the NAS, this requirement is rare. Share access is enough for most people + the client apps.
As for DNS are you joined to AD and still have issues?

[razormoon]

You're asking for your users to be able to login in using DOMAIN\user which tells me that you are running a domain on your network. Why not join the NAS to AD? The NAS will automatically migrate your users.

Also, the permissions you seek can be found in the App Center. Choose the app you want to set permissions for by clicking the drop down arrow >> Display On menu item.

Capture.PNG

The problem is that some of these apps are not compatible with AD permissions. There are some Q mobile apps that do not allow you to log on using domain credentials (although there are some that do), for instance.
The NAS can indeed be set as domain controller/DNS Server. I haven't tried successfully as I'm probably seeing the same thing as you are. I'm going to say that I just don't know how to do it on QTS.

I usually have my NAS joined to domain as client, but haven't done so after beta. Haven't found the time.

[asdf123]

There's another thread on the same topic that has a trick to modify /etc/group and add your domain user to the administrators group that worked for some people. Didn't work for me but give it a try.
viewtopic.php?f=20&t=69751&p=598170#p598170