Nice to know there is SO much I don't know. This post helps me learn that there is much to learn and that Synology makes it as "easy" as a difficult process can be. Thank you for all you do.
Thank you for all of your videos. I've learned A LOT about my synology nas from you. I have two plus models because I didn't plan well enough with my first. I might turn one of them into a DNS server and the other into a web server.
Dude this channel is friggin awesome. Wish I had this kind of resource when I set up my 1515+ so many years ago. I'll be upgrading to a newer system soon (hopefully a 1522+ or even 1621+ if not a newer equivalent if/when they come out) and will be using many of your vids to make it even better.
Agreed. Reverse proxy is a great way of accessing your NAS' different services, docker containers etc., paired with e.g. a LE wildcard cert and Synology domain, and thus minimizing the ports exposed to the internet. A much more flexible way when dealing with multiple external users, than say a VPN.
I agree with your agreement! I started out using quick connect, then started using Tailscale. Tailscale is awesome, but still requires client software which is a no go for my non-techie family members. I didn’t realize how easy it was to set up a reverse proxy using the one built into the Synology NAS along with the wild card LE certificate. I took it to the next level by installing pie hole in a docker container, and using the DNS functions in that to automatically point to the Nas. This is an especially helpful on Apple phones and iPads where you can’t change the host file. Doing it this way allows me to use the domain name with the same speed as directly accessing the IP and number on the LAN.
@@mitchellsmith4601 I agree with that as well! But everything sensitive on my NAS is encrypted using Veracrypt. Everything else are just pictures of my cat (I don’t really have a cat, but you get the idea).
AND you can connect a QNAP to the Synology’s directory server. When you make a change to a user or computer in AD on the Synology, the QNAP’s directory server instantly picks it up. If either the Synology or QNAP is unavailable, the other domain controller takes over with the directory information. Pretty cool.
Super useful info! There's a lot of ground to cover with sub domains and correct routing. If you setup the login access subdomains rather than using dns server, I'm guessing you'd have to reconfigure all this? My router just forwards 80, 443 and 5001 to my NAS and then I use the login portal reverse proxy. Love to see an extensive setup in order.. LAN access with SSL, WAN/DDNS with wildcard cert, then dns server, then AD. I'm using mostly docker/container manager and portainer installs so its a little easier to update but I'm still a bit behind on routing correctly. Thanks Rex!
Hi and Thanks for your all valuable info on NAS. I'm a photographer and tired of buying HDDs and SSDs for backing up my life works. Now I'm considering buying a DS1821+. Based on market research, your all information (as much as I could engulf, FYI: I'm not a typical techy person. An average, 51 YO man), prices, Synology RAID calculator, etc., (1) Right now in market there are 24TB HDD in decent price. I don't think I can go all 8-bays with 24TB (Totally 192TB), that won't support by the Model (DS1821+). What's the best option? I can go for all 8-bays, 14tb, which supports the configeration of the model. Basedon the RAID calculations I get 89TB (in RAID 5) or 76TB (in RAID 6). But if I chose to go 4 bays with 24tb and 1-bay I can go for 12tb, then it satisfies the configeration. But based on RAID calculator my available disc space goes way down. What's your best suggestion to buy highest HDD to be a little future proof, at least for 2-3 years????
For anyone wishing to set up a real Active Directory deployment, you can download an evaluation copy of Windows Server directly from Microsoft. The eval runs for 180 days and can be reactivated (rearmed) additional times up to about two years, at which time you'll need to replace the server with another instance. There's no substitute for "real" AD and Windows Server comes with dozens of other roles and functions as well, including DNS, DHCP, file sharing, virtual applications and virtual desktops, the Hyper-V hypervisor, IIS, ftp, and much, much more.
These are awesome things, and I’ve been trying to figure out how to set up my domain to my NAS so this is great. I have a DS 723+ and a DX 517 connected to it. Using that same configuration could I treat the DX as a separate NAS for the server back up that you were referring to? Finally, can you use other DBMS environments like Oracle or SQL Server?
This is awesome information, although I can't for the life of me understand why anybody would want to run a local DNS server unless they were managing a network with over 100 users on it or unless they're doing a lot of unusual things with local DNS. Otherwise, most business-grade routers are more than up to the task of handling local DNS. (Disclosure: I don't have any clients with more than 25 full-time office users.) Related to this, DNS mirroring isn't the reason for having two or more Windows domain controllers. The reason you want to have two or more Windows domain controllers is because if your one and only Active Directory server goes offline users can't log in and folders shared via Active Directory become unavailable. DNS figures into that because Active Directory requires your domain controller to be a DNS host in order to work properly. So, the only clients I have who are running local DNS on anything other than their routers are the ones with Windows domain controllers, and that's really only to support the domain controllers. I am really thrilled to learn that a Synology NAS can also be an Active Directory server, because that's less expensive than buying and maintaining two Windows servers.
You should have two of crucial infrastructure servers: two directory servers, two DNS servers, two mail servers. You can always run them in VMs if that works better for you.
so this is a little like rocket science to me, with a step by step guide i would never be able to do this. is the DNS server basically replacing cloudflare tunnels with the nas?
So.. which nas can run dns but also do plex transcoding nicely? Currently have a 2 bay model but i want to upgrade to minimal 5 bays (if any nas can do both options i want)
Several of these features won't work on two of my devices, would love a video showing which features are available on which Synology NAS devices... this information is painfully hard to find on synology's site
One thing boys in a windows environment highly unlikely you should do this if your running Active Directory with dns required if you want it to work properly
The Synology DNS server is rather rudimentary; there are better DNS servers (Technitium, unbound, ...) with which you actually have a DNS server that also resolves (root zone), and doesn't just forward like Google or Cloudflare.
Do the Seagate Ironwolf Pro drives work with the Synology 1522+? I see you recommend them, but they're not on the compatibility list that Synology has. It looks like the Ironwolf drives are, but not the Ironwolf Pro drives.
@@SpaceRexWill Do you mean that their list is out of date? Or that you're not aware whether or not those drives work with the current Synology NAS or not?
Not with my DS1621+ and its Rzyen 1500B SoC surprising weak for even a basic VM but it will accell at being a backup location for my DIY Nas with a intel 7980Xe delidded and direct die cooled and oced to 4.8Hhz across 18cores it doesnt sip power but it works really really well even beats out a Epyc CPU in the workloads i pkace on it.
That Rzyen 1500B in the 1621+ and 1821+ will handle most sever light tasks you can throw at it. Only place I really get limited is the VM’s or Plex transcoding. But for web / DNS / most docker containers it will scoot
@@SpaceRexWill oh it lives very happily as my Rsync Server but now you got me wondering if I should also offload tasks to it as I kinda gave it 2TB Samsung 970 Pros as cache and 64GB of ram and a 10GB Nic upgrade.
The cost is the server, os, license(s), still have to setup/test/deploy. That is not even remotely in 2000, or 4000 range, it’s well beyond that is what I’m saying :)
@@SpaceRexWill, you don't need Windows Server Standard to use Active Directory. I purchased an entire Dell server earlier this year for a client, complete with Windows Server Essentials 2022, for $4600. Windows Server Essentials was less than $300 of that total cost, and it sets up as a domain controller by default, so it's a relatively inexpensive way to get Active Directory if you want it. But... Windows Server Essentials 2022 is only available as an OEM product, so you do have to buy a whole server in order to get it. If you only need a smaller server than my client did, you can spend under $1000 on it. That said, I see very little reason why anyone would want Active Directory unless they specifically want to run Windows servers, and at least in the Dell world, $1000 doesn't buy you much of a server🤔. Active Directory is a way to centralize control over your network, but it's not the only way. I do think it's cool that a Synology NAS can be an Active Directory host, because it is a lot less expensive to run one Windows server and one NAS than it is to buy and run two Windows domain controllers.
Don't try this at home. Or watch your home burn with this joke of a CPU that barely handles it's GUI. This box is a stellar example how to cut costs while overpricing to the moon. They put Apple to shame.
Dunno man, I mean sure that a NAS won't be running an AWS scaling SASS, but for our small business and personal usage, we have some nice web services with node, docker, apache, our own personal drive, music and photos app in our phones, surveillance station, domain and wildcard certificates in a nice packaged GUI with less energy cost that any of our other computers. We've been running a rack station for about 7 years now, no hardware updates, and Synology support. Can I run it from a raspberry, a VPS or a dedicated server unit? Sure, I do that for other things, but for paying the initial Synology costs absorbed in that time without touching a single line of code for configuration, having even my mom able to access DSM, I think has worth it for us.
Nice to know there is SO much I don't know. This post helps me learn that there is much to learn and that Synology makes it as "easy" as a difficult process can be. Thank you for all you do.
Thank you for all of your videos. I've learned A LOT about my synology nas from you.
I have two plus models because I didn't plan well enough with my first. I might turn one of them into a DNS server and the other into a web server.
Dude this channel is friggin awesome. Wish I had this kind of resource when I set up my 1515+ so many years ago. I'll be upgrading to a newer system soon (hopefully a 1522+ or even 1621+ if not a newer equivalent if/when they come out) and will be using many of your vids to make it even better.
Agreed. Reverse proxy is a great way of accessing your NAS' different services, docker containers etc., paired with e.g. a LE wildcard cert and Synology domain, and thus minimizing the ports exposed to the internet. A much more flexible way when dealing with multiple external users, than say a VPN.
I agree with your agreement! I started out using quick connect, then started using Tailscale. Tailscale is awesome, but still requires client software which is a no go for my non-techie family members. I didn’t realize how easy it was to set up a reverse proxy using the one built into the Synology NAS along with the wild card LE certificate. I took it to the next level by installing pie hole in a docker container, and using the DNS functions in that to automatically point to the Nas. This is an especially helpful on Apple phones and iPads where you can’t change the host file. Doing it this way allows me to use the domain name with the same speed as directly accessing the IP and number on the LAN.
I’m not a fan of connecting any NAS directly to the Internet. There are any number of ways to run a reverse proxy in Linux VM.
@@mitchellsmith4601 I agree with that as well! But everything sensitive on my NAS is encrypted using Veracrypt. Everything else are just pictures of my cat (I don’t really have a cat, but you get the idea).
AND you can connect a QNAP to the Synology’s directory server. When you make a change to a user or computer in AD on the Synology, the QNAP’s directory server instantly picks it up. If either the Synology or QNAP is unavailable, the other domain controller takes over with the directory information. Pretty cool.
Super useful info! There's a lot of ground to cover with sub domains and correct routing. If you setup the login access subdomains rather than using dns server, I'm guessing you'd have to reconfigure all this? My router just forwards 80, 443 and 5001 to my NAS and then I use the login portal reverse proxy. Love to see an extensive setup in order.. LAN access with SSL, WAN/DDNS with wildcard cert, then dns server, then AD. I'm using mostly docker/container manager and portainer installs so its a little easier to update but I'm still a bit behind on routing correctly. Thanks Rex!
Hi and Thanks for your all valuable info on NAS. I'm a photographer and tired of buying HDDs and SSDs for backing up my life works. Now I'm considering buying a DS1821+. Based on market research, your all information (as much as I could engulf, FYI: I'm not a typical techy person. An average, 51 YO man), prices, Synology RAID calculator, etc., (1) Right now in market there are 24TB HDD in decent price. I don't think I can go all 8-bays with 24TB (Totally 192TB), that won't support by the Model (DS1821+). What's the best option? I can go for all 8-bays, 14tb, which supports the configeration of the model. Basedon the RAID calculations I get 89TB (in RAID 5) or 76TB (in RAID 6). But if I chose to go 4 bays with 24tb and 1-bay I can go for 12tb, then it satisfies the configeration. But based on RAID calculator my available disc space goes way down. What's your best suggestion to buy highest HDD to be a little future proof, at least for 2-3 years????
For anyone wishing to set up a real Active Directory deployment, you can download an evaluation copy of Windows Server directly from Microsoft. The eval runs for 180 days and can be reactivated (rearmed) additional times up to about two years, at which time you'll need to replace the server with another instance. There's no substitute for "real" AD and Windows Server comes with dozens of other roles and functions as well, including DNS, DHCP, file sharing, virtual applications and virtual desktops, the Hyper-V hypervisor, IIS, ftp, and much, much more.
Bird's in space. . Oh Yea Baby. . . ! Loved your ability to make the most of all this great technology for our own systems. Keep up the GREAT MAGIC !
All this stuff, was so IT, most from the same concept (hosting/open ports to internet). What other things can we look for as casual/domestic users?
so handsome today..and my Synology Guru..I set up everything using your videos. Thank you so much for these instructions and tips..as always.
These are awesome things, and I’ve been trying to figure out how to set up my domain to my NAS so this is great. I have a DS 723+ and a DX 517 connected to it. Using that same configuration could I treat the DX as a separate NAS for the server back up that you were referring to? Finally, can you use other DBMS environments like Oracle or SQL Server?
This is awesome information, although I can't for the life of me understand why anybody would want to run a local DNS server unless they were managing a network with over 100 users on it or unless they're doing a lot of unusual things with local DNS. Otherwise, most business-grade routers are more than up to the task of handling local DNS. (Disclosure: I don't have any clients with more than 25 full-time office users.) Related to this, DNS mirroring isn't the reason for having two or more Windows domain controllers. The reason you want to have two or more Windows domain controllers is because if your one and only Active Directory server goes offline users can't log in and folders shared via Active Directory become unavailable. DNS figures into that because Active Directory requires your domain controller to be a DNS host in order to work properly. So, the only clients I have who are running local DNS on anything other than their routers are the ones with Windows domain controllers, and that's really only to support the domain controllers. I am really thrilled to learn that a Synology NAS can also be an Active Directory server, because that's less expensive than buying and maintaining two Windows servers.
Thanks!
Thank you!
You should have two of crucial infrastructure servers: two directory servers, two DNS servers, two mail servers. You can always run them in VMs if that works better for you.
I would like a video where u go though running a bitcoin node on a synology. ty
so this is a little like rocket science to me, with a step by step guide i would never be able to do this. is the DNS server basically replacing cloudflare tunnels with the nas?
My DS 720+ is good. I run Plex witch streams all my local TV home security system that records 24/7. It doesn’t seem to lag very much.
So.. which nas can run dns but also do plex transcoding nicely?
Currently have a 2 bay model but i want to upgrade to minimal 5 bays (if any nas can do both options i want)
Several of these features won't work on two of my devices, would love a video showing which features are available on which Synology NAS devices... this information is painfully hard to find on synology's site
One thing boys in a windows environment highly unlikely you should do this if your running Active Directory with dns required if you want it to work properly
The Synology DNS server is rather rudimentary; there are better DNS servers (Technitium, unbound, ...) with which you actually have a DNS server that also resolves (root zone), and doesn't just forward like Google or Cloudflare.
Do the Seagate Ironwolf Pro drives work with the Synology 1522+? I see you recommend them, but they're not on the compatibility list that Synology has. It looks like the Ironwolf drives are, but not the Ironwolf Pro drives.
I don’t follow their list anymore
@@SpaceRexWill Do you mean that their list is out of date? Or that you're not aware whether or not those drives work with the current Synology NAS or not?
the dns video link is missing?
Not with my DS1621+ and its Rzyen 1500B SoC surprising weak for even a basic VM but it will accell at being a backup location for my DIY Nas with a intel 7980Xe delidded and direct die cooled and oced to 4.8Hhz across 18cores it doesnt sip power but it works really really well even beats out a Epyc CPU in the workloads i pkace on it.
That Rzyen 1500B in the 1621+ and 1821+ will handle most sever light tasks you can throw at it. Only place I really get limited is the VM’s or Plex transcoding. But for web / DNS / most docker containers it will scoot
@@SpaceRexWill oh it lives very happily as my Rsync Server but now you got me wondering if I should also offload tasks to it as I kinda gave it 2TB Samsung 970 Pros as cache and 64GB of ram and a 10GB Nic upgrade.
Also incorrect you don’t need 2000 and 4000 for a single server license that’s misinformation sir
Where are you getting yours from?
www.microsoft.com/en-us/d/windows-server-2022-standard-cal/dg7gmgf0d6m5/0002?activetab=pivot:overviewtab
@@SpaceRexWill in my particular case I’m a non profit. So my price from Microsoft will never be what you pay.
The cost is the server, os, license(s), still have to setup/test/deploy. That is not even remotely in 2000, or 4000 range, it’s well beyond that is what I’m saying :)
@@SpaceRexWill, you don't need Windows Server Standard to use Active Directory. I purchased an entire Dell server earlier this year for a client, complete with Windows Server Essentials 2022, for $4600. Windows Server Essentials was less than $300 of that total cost, and it sets up as a domain controller by default, so it's a relatively inexpensive way to get Active Directory if you want it. But... Windows Server Essentials 2022 is only available as an OEM product, so you do have to buy a whole server in order to get it. If you only need a smaller server than my client did, you can spend under $1000 on it. That said, I see very little reason why anyone would want Active Directory unless they specifically want to run Windows servers, and at least in the Dell world, $1000 doesn't buy you much of a server🤔. Active Directory is a way to centralize control over your network, but it's not the only way. I do think it's cool that a Synology NAS can be an Active Directory host, because it is a lot less expensive to run one Windows server and one NAS than it is to buy and run two Windows domain controllers.
@@kristopherleslie8343not at all lol
Decent for home use but overpriced in some cases
Don't try this at home. Or watch your home burn with this joke of a CPU that barely handles it's GUI. This box is a stellar example how to cut costs while overpricing to the moon. They put Apple to shame.
Which cpu you referencing?
@@Aaron451451Intel Celeron probably
@@Aaron451451 any Synology CPU choice is a joke for the price you pay for
Dunno man, I mean sure that a NAS won't be running an AWS scaling SASS, but for our small business and personal usage, we have some nice web services with node, docker, apache, our own personal drive, music and photos app in our phones, surveillance station, domain and wildcard certificates in a nice packaged GUI with less energy cost that any of our other computers.
We've been running a rack station for about 7 years now, no hardware updates, and Synology support.
Can I run it from a raspberry, a VPS or a dedicated server unit? Sure, I do that for other things, but for paying the initial Synology costs absorbed in that time without touching a single line of code for configuration, having even my mom able to access DSM, I think has worth it for us.