Do I want / need an LDAP server?

Currently reading
Do I want / need an LDAP server?

Operating system
  1. macOS
Mobile operating system
  1. iOS

First time caller.

I run a Mac OS Server at one location and at another a *nix server. Both are going to be replaced by Synology DS918+'s and as well as office file serving will run email, calendar and contacts. There are a handful of users at each location.

Do I need or want to install LDAP Server on my Synologys?

The Mac Server runs Open Directory, in the *nix box there is a Local Access Directory (and I seem to recall had to set that up before it would let me create any users).

But is LDAP really of use if you 'hot seat' or use a different computer? We don't do that, everyone has their own computer, a standard PC/Mac which they access files on the server via SMB, email using the email app, same for calendar and contacts. I don't see anyone using the web based apps provided by Synology (if that make any difference) or logging in to DSM.

Which mail server are you planning to use? MailPlus Server ($$ for licences) or Mail Server? See my reason for using both Local users and LDAP Server users with Mail Server...
I originally used LDAP Server so that users of my SRM VPN Plus service didn't have an account on the router. This second account on DSM is accessible for password reset only, and then later Mail Server but no File Station/file sharing access.

Off the top of my head I can't remember if some packages only work with Local users, so removing the LDAP question, or not.

I remember installing Mac OS X Server and only later realising I didn't have to have used the Open Directory service. It seemed to be the weak point cos there'd be a lot of work if it got corrupted. Also, moving the domain name to something new was such a job that it wasn't worth the risk of stuffing up the server.
Which mail server are you planning to use?
Thanks, I was reading your linked post earler. Everyone want to know the difference between Server and Plus!

I don't think I need the fancy MailPlus interface so the plan is to use Mail Server. Of your 'advantages' only ".Maildir in a user's File Station home is not visible" maybe of interest. But, I'm not planning on letting users use File Station - all files will be accessed as now via SMB on their Mac in Finder - so they shouldn't even know about .Maildir let alone touch it.

So unless I see another package which _requires_ LDAP I should just stick with local users.

Supplementary mail question. I don't suppose you can run both Mail Server and MailPlus? Not if you're telling me they use separate mail stores. Plus really isn't just a fancy front end for Server.
Last edited:
Provided that hidden '.' files and folder are honoured by however users will access via SMB then you should not have to worry about .Maildir being in the user home folder. I think it was only File Station that didn't honour this and first raised my concern. Of course, if you're users want to use a third party app that has a 'show invisible files' setting then this would be an issue.

Finder with SMB and AFP where both ok (if I remember right).

If you're going to run multiple NAS then using LDAP (or the other Directory Service) will give a single password login between them. But if one is to backup the other then LDAP won't really help. And if the connection breaks between primary LDAP and client ... what then? Look for a way to run two servers and sync the LDAP database?

BTW DS920+ has been announced but not yet available outside of Japan[??]. If you can wait then it may be worth it, or at least compare the 918+ vs 920+.
you should have to worry
"should" or "should not"? A wee typo if I understand the previous part of the sentence?

In any case, I don't have to let users have a home folder. Or at least access to it. I don't think its anything we need.

Yea, always the way. Buy something new and a newer new one arrives the next day. We got a couple of 918+s already as the Mac Server is on its last legs and who knows when the 920 will be in the UK. It appears to have a bit of a better processor but nothing that said I had to wait.
"should" or "should not"? A wee typo if I understand the previous part of the sentence?
Typo :) have updated my post to fix.

Mail Server requires user home folders to be enabled, otherwise it has nowhere to put .Maildir

Yea, always the way. Buy something new and a newer new one arrives the next day
I've a DS218+ and don't see a need to change to the 220+ esp. since I use the eSata port. But I've been thinking how I could consolidate my shelf of WD USB drives into a bigger NAS, so the DS920+ is of interest but the business case isn't looking strong. The kids want feeding, which is a bit selfish 🤣
Do I need or want to install LDAP Server on my Synologys?

Lets say I want to install Nextcloud via Docker on my Syno NAS. Does the LDAP help me now? On a Linux server with LDAP all users automatically had a Nextcloud login. Can I do the same here?

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

  • Question
Hey all. I have had a DS218j for a few years which has a single JBOD volume comprised of a 4 tb disk and...
Coming back to this as it's nearing an end. The original issue was that I have two sets of user accounts...
Sorry you have absolutely right. My excuses
  • Solved
I think the default Syno built-in should work here. Pushes ofc aren't as 'routable' as an SMTP email (eg...
  • Question
I keep thinking about this, having nothing else going on being retired, and the only problem I can foresee...
  • Solved
Awesome setup (923 over 10G that is)! BTRFS vs EXT4 is also something to consider depending on the...
  • Question
You could look into /var/logs/ path via ssh. Maybe there are some logs there regarding Media, along all...

Welcome to! is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads