Synology Windows Domain Controller Setup 

This video series is spot on for what I need. You can't get this series out fast enough. Thanks!!!

Glad to see this series. Having moved to this for some larger customers, I have been very impressed with how well it works. Using it with High Availability, Snapshots, and HyperBackup has brought the customers and me much peace of mind.

Really looking forward to the whole series Willie!

Willie, this is amazing, please keep those next videos on AD coming !!!

Excellent video W! Looking forward to the rest. Working in a Mac environment we used Open Directory. Never had to setup an Active Directory server.

I appreciate that Synology offer this and I’ve played around with it in the past but there isn’t any scenario outside of a home network or lab that I would be willing to implement this.

Willie, could you cover Drive Mappings that follow the Users and Roaming Profiles?

Fantastic series Willie! Half of my customers already run Synology for years as they are pretty small offices but this year I am fully transitioning and upgrading/replacing traditional Windows server/AD/primary vendor hardware based solutions entirely with fully redundant Synology based private cloud solution adding in some C2 services. All in one package and provider and easy to secure. I'm quite excited but I can't tell if it's a little sort of Novell/NetWare vibe from way back when, (I do miss NetWare, those were the days) or just that I have a consolidated vendor solution I can replace these others with for far less headache hassle and cost which I guess also relates to the NetWare vibe a little. I don't know, either way very excited to see your perspective on this as I just might learn something and that's always a good thing in my book.

Came across your channel while looking for Synology vids. I've been wanting to add a domain environment to my home network. Synology rules!

Good job Willie. Really enjoyed what you presented here. Looking forward to the next one. 👍

Another like from me for this idea. Wife's very small office (8-10 users) looking to get rid of an old, huge Dell R710 and use something small form factor such as this 👍

Thanks for the series. Most interesting. Always HATED dealing with MS Licensing. Many hours of my life gone and unrecoverable dealing with it. The WORST. If this is a truly supportable AD Platform then I am real interested in what is to come. For this to be truly supportable platform it must have a video regarding Disaster Recovery Planning. Recovery to bare metal or maybe it requires a Second Domain Controller and transfer of FSMO roles. Must include a video or 2 on actual BACKUP - RESTORE Process. A truly tested Backup and duplicatable Recovery process . This AD Solution should not be used in Production without a robust Disaster Recovery Process. Thanks again for the content.

You, my sir, are my new God! Exactly what I was looking for! TY much!

Wonderful , can’t wait to see how to mapped network drive automatically, setup wake on lan, and setup default settings like Wi-Fi password, VPN

Nice video never used this in Synology before going to try it out

Great video and awesome work ! Do you think a video about migration of a windows domain to synology could be coming soon ?

Awesome video Willie. I would love to see how you would handle/setup Synology ADS in an Unifi network, with the UDM acting as a dns server.

If this is going to be part of a series, might I suggest taking a workgroup user profile and transferring to a domain user profile?

Right on time, I'm currently deploying it

THX for the Video. I checked it out and the key-point is, that you can't join a Synology as a secondary DC to an existing Windows AD.

great video I want to see adding a client to the domain next.

Hi Willie, first time commenter, long time viewer. Love most of your videos as they are relevant to what I like to do and explore. I have no business, but between my family have several (err, six) Synology NAS boxes over 3 sites and a heap of Unifi switches, access points, EdgeRouters, and a UDM Pro SE. There are a small number of windows computers connected to each of the networks. Synology and Unifi just work so well together. To my question: What if any, is the benefit of creating a 'active directory' setup in this topology? I'd like to try setting one up, but am struggling to understand what benefit it has for me. Appreciate your thoughts. Thanks for the content. I enjoy watching your explanations on things tech. Regards Richard.

I would also like to see best practices for locking down access to Synology NAS.

Dumped DC and AD great video though, been a long time coming!

Can’t find your follow up videos on adding pcs to the domain.

Wow thanks

The key with this is that you can run the same admin tools to drive the AD settings as if it were a windows server. Great for small biz.

Appreciate your video and many thanks. I have several vlans in my LAN office network. Do I need to setup separate ms active directory for each vlan or I just create one global active directory and allow inter-vlan routing access to this active directory.

Thank you. Great !

Did you ever follow up with the "Migrate from a Windows Server Domain" thing? Looks useful but I haven't found a demo anywhere.

Please please make a video on how domain group policy integrates with the Synology directory server 🙏

Thank you for taking the time to create these videos. I have a video request. Compare a Synology NAS Domain controller vs a Windows Active Directory server. Can ADML ADMX be used on a SAMBA server such as the Synology Domain controller?

Hi Willie: You mentioned seeing your next video. How do I know which one is your next video which is supposed to be a continuation of the current one (Synology Windows Domain Controller Setup)?

Perfect timing Willie! Our business has a Google Workspace Business Plus subscription and I’m thinking of deploying GCPW. Any experience with that or thoughts on using it in conjunction with Synology directory server?

I want to see these in a video one force all domain clients to use control alt delete as soon as the join the network at login also next one is time sync and other one is mobile profiles and other one is auto map network drives I saw this on my NAS also how to properly link 2 snylogy NAS's together via Central Management and emby so much better than plex too I have it setup it works better as a system but also works as a DVD and Live tv and other stuff too even has CC support for TV

Hi, My nas Did not create the domain , its shows check the domain host name , what can i do for it ? please help me to resolve this issues

Why does my domain controller look different; I don't have those options.

Hello Willie. Great vid (as always), interesting idea, but it's got some serious potential consequences to consider when creating an AD: 1. Running single AD controller is not a great idea, so to make this at least sort-of-by-the-book you'll need 2 devices. 2. There's no PDC and BDC anymore, and you're starting with an obsolete configuration. Sure it will work, but still... 3. I never looked into running AD on these but how granular is Group Policy Management on these things? User profiles with redirected folders, etc? Wouldn't it make more sense if money is the issue to buy used server? They cost next to nothing now. Run on dedicated AD controller on it and nothing else? Have a secondary AD server as a vm somewhere and you're set. IMHO it makes perfect sense to host user folders on Synology, use it for backups, or run containers but hosting AD on a device that at the same time does a lot of other things... i don't know man...

Can I use the last option (migrate from domain) when my dc has crashed?

Hi Willie, I get this error: The error is: "DNS name does not exist". (error code 0x0000232B RCODE_NAME_ERROR) Could you help me with that?

I recently configured my Synology DS923+ with the directory service which I migrated from a Windows Server 2022 AD virtual machine I was running and I was able to join my Windows 11 VM to the domain and log in just fine, but when I try to add any Linux machines to the Domain they are able to be added but will not log in using the domain credentials… any thoughts?

Another Video Request: Compare Synology Directory Server to Synology C2 Identity cloud service + C2 Identity Edge Server

Hello Sir Willie! Im your Fan! Great videos you got here a big help to Noob like me :). Do you have a video for setting Synology AD Roaming Profile? Thanks in advance.

What are the best practices for backing up domain controller on Synology?

Hello Willie, I am looking to setup Synology Directory Server. What I'm looking for is drive mappings and how to keep the local desktop once joining Synology domain and backup the local files to each domain connected pc. Do you still have training videos on this stuff.

Tried adding a server and installing Exchange server on it when running Synology as a domain controller ? (I'm never going to run an exchange-server again, but this would be an ultimate compatibility test...)

Have you considered to test Zentyal? I just test it and I kind of like it and you don't need to depend to have a Synology NAS to get a local AD server.

Can we see importing group policy admx/adm/damp templates (example: set allowed Google chrome extensions)

Hey there Willie. I love your channel. Excellent content that is frequently relevant to me. I was a Windows Admin ages ago, but shifted to development over the years. I'm curious about your thoughts regarding the following. I'm on an all UniFi network, and all my family members have MS Accounts. I'm wondering about using UniFi's UID in conjunction with an Azure AD setup, rather than an on-prem AD (whether Synology or Windows Server). Have you looked into a use case like this?

This is something I am interested in but have zero experience with yet. So please forgive me if my question is too far out in left field. How does this compare with other solutions such as Zentyal? And how does something like Pi hole fit in if I decide to use a domain controller? Now you have me thinking. Can I use it to login to my wifi network?

Hi Willie, great video and timing as I plan to deploy a Synology unit as a replacement windows server. I need to size a unit but Synology's NAS selector is vague. You know of a good Synology NAS sizing resource? Core services for this unit are File Server, "Active Directory", Active Backup for 365 & C2 backup.

Can you doing some home share folders and goup share folders, like Admins/Family?Guests, and more if you can think of any and so when someone signins to the domain and are part of the family group they will already have a shared drive so so they can see alll things that family members should see, like pictures or music or videos? and the admin group would have a shared folder for ISO storage (apps and OS) and no sure what guests should have but maybe some other groups that a family member or business should have, so change family members group to Finance or accounting. Stuff like that would be good so when they login they will have instant access to shares they need to do their job.

Hi Willie! Really appreciate you doing this series, would this be ok to cover max 25 workstations? Also, one of the main things am after is to disable RDP clipboard through GPO? Is that possible with this setup, there a lot of guides out there, but nothing stands out. Any suggestions?

Willy CAN U SET UP Synology AD as a Domain Print Server? and use AD Policies to deploy it to workstations. I tried it on ds218+ but it fail at the point when it start downloading printer drivers to Synology AD. My question is , Is it possible ? or not? Have u done it? Thanks for grate videos

hi, sir i have a synology NAS RS1619Xs+. and i want to make domain controller in that server. Because you already mention that how to create domain controller in NAS so this setting we can do. But How our site workstation can join the domain. Our site workstation have not connected directly to our office network. They have only internet on site. Please kindly help me regarding this. Thanks

Thanks Willie, great video series. I recently upgraded an older Synology + Mac server setup at a customer and moved the AD portion of the old Mac server to a new Synology HA cluster. Although your videos confirmed for me the steps I already did for this setup, there are still some things that are not totally clear to me. One thing is the DNS forwarding: by default it uses the LAN router, which forwards requests (usually) to the server handed over to the router by the ISP via DHCP. Would entering this DNS (or any other good DNS service) directly as a forwarder in Synology DNS server provide some extra performance? And if so, are there any drawbacks?

It seems to me that if you want to implement AD for a small company then getting a Synology is a cost effective way to get it done. Am I crazy ?

how is it that I am the only one that cant seem to find the active directory on my packages?

can user still change their own password if the secondary domain is set to "Read Only"?

If possible to deploy printers GPOs with it?

What does Microsoft think about Synology poaching its product? Is it legal? Sure, the codes are all Synology, but can Microsoft sue for some sort of copyright infringement?

WTH am I supposed to do with all the money for CALs?

can it deploy .msi files?

Licensing ridiculous - just buying windows pro should give you a CAL - 100% reason for dropping ADDC

I didn’t realize you were using the emulator was under the assumption you were virtualizing a real windows server to be a dc. Man if you roll this out in production lol let me know the horror stories 😂

We switched from Windows Server 2012 R2 to Synology Directory Services few years ago, its pretty decent system. There was no migration option that time, but it was not complicated anyway. The only everybody should keep in mind, more such packages you use on NAS, more is NAS behaving as application server, then data / backup device. Its better then to split and have NAS for things like AD, DNS, Mail System etc and may be second NAS for data backups itself. AD and DNS is sensitive for fast response, at time of data backup processes via Active backup or Hyper Backup, workstations might have authorization issues.

Call me paranoid but there's no way I'm ever using Synology as a DC in a production environment. Sounds like asking for unsupported trouble for little benefit when a small windows VM will work just fine. Overall I've been unimpressed with a lot of Synology on the software side, hyperbackup and the built in replications were not reliable enough in production. I do still love them as simple iscsi targets.