Your Synology NAS must be running DSM 7.0 or above.

1. Bind users to JumpCloud LDAP
2. Configure groups
3. Enable Samba authentication for JumpCloud LDAP
4. Join your Synology NAS to JumpCloud LDAP

Bind users to JumpCloud LDAP

To allow JumpCloud users to access your Synology NAS, you need to bind them to JumpCloud LDAP.

1. Sign in to JumpCloud using an administrator account.
2. Go to the Users page and click a user.
3. Under the Details tab, expand the section User Security Settings and Permissions.
   
4. Tick Enable as LDAP Bind DN.
5. Click save.
6. Repeat steps 1 - 5 to configure user accounts that should be bound to JumpCloud LDAP.
   

Configure groups

1. Go to the User Groups page.
2. Click a group containing user accounts that are bound to JumpCloud LDAP.
3. Under the Details tab, tick Create Linux group for this user group.
4. Name the Group Name.¹ This will be the display name on your Synology NAS.
5. Set a number for the Group GID. To avoid group GID conflicts with DSM local groups, this number should start from 1000000.
6. Click save.
7. Repeat steps 1 - 6 to configure groups you wish to use on your Synology NAS.
   

Enable Samba authentication for JumpCloud LDAP

1. Go to the LDAP page and click JumpCloud LDAP.
2. Under the Details tab, tick Configure Samba Authentication.
3. Name the Workgroup.
   
4. Enter the SID (Security Identifier) of Synology NAS in the SID field.² To get the SID, follow the steps below:
   1. Sign in to your Synology NAS via SSH (refer to this article for detailed instructions).
   2. Enter "net getlocalsid".
   3. Copy and paste the SID into JumpCloud.
      
5. Specify a user from the Samba Service Account drop-down menu. This user is used for joining your Synology NAS to JumpCloud LDAP.
   
6. Go to the User Groups tab and select the groups that will be used on your Synology NAS.
7. Select Samba Authentication Enabled from the Samba Authentication drop-down menu. This option allows group members to access files of your Synology NAS via SMB.
8. Click save to apply the settings.
   

Join your Synology NAS to JumpCloud LDAP

1. Sign in to DSM using an administrator account.
2. Go to Control Panel > File Services > SMB.
3. Tick Enable SMB service.
4. Name the Workgroup. This name should be the same as what you have entered for the workgroup of JumpCloud LDAP (refer to step 3 in Enable Samba authentication for JumpCloud LDAP).
5. Click Apply.
   
6. Go to Control Panel > Domain/LDAP > Domain/LDAP.
7. Click Join.
8. Configure the following settings and click Next:
   • Server type: Select Auto-detect or LDAP.
   • Server address: Enter "ldap.jumpcloud.com".
9. Configure the following settings:
   • Bind DN or LDAP administrator account: Enter the Samba Service Account DN shown at JumpCloud's LDAP > JumpCloud LDAP > Details.
   • Password: Enter the password of Samba service account.
   • Encryption: Select SSL/TLS or STARTTLS.
   • Base DN: Enter the following in the field. You can find this information on JumpCloud's LDAP > JumpCloud LDAP > Details.
     
     ou=Users,o=your organization ID,dc=jumpcloud,dc=com
     
10. Click Next, and the wizard will run a precondition check and join your Synology NAS to the JumpCloud LDAP service.