I work for a research group at the university. As we need some additional storage we're setting up a QNAP NAS locally for our research group.
The IT department controls the Windows domain (and user management) centrally for the entire university and I'm just an employee with a regular domain user login.
Provided I have administrative access to a Windows PC on the domain (for several PCs I have this for maintenance), I can configure access control to that machine finding AD users/groups on the domain and specifying access (login, folders etc.).
I'm trying to determine if I can do something similar with a QNAP, meaning:
- Joining the QNAP NAS to the domain
- Not as a domain controller, but as a 'domain client'
- So without domain administrative rights
- To use existing domain users and groups for access right management on the NAS
- For convenience, so we don't need to create local NAS login for all the employees that need access to the NAS file shares
Is this possible or do you always need administrative domain rights to allow the NAS to use AD users/groups? The question also relates to QNAP LDAP authentication as I understand this is also possible in the university's domain.
My understanding of AD/LDAP/Windows domains is very limited, so I any feedback that could shed some light on the matter would be very welcome.