对LDAP的设置，实在超出智商能力所及，看到DSM的官网上有这样的解释：
URL：https://www.synology.cn/en-global/knowledgebase/DSM/help/DSM/AdminCenter/file_directory_service_ldap
Before customizing LDAP attribute mappings, you will need some background knowledge. Synology DSM and the Profile editor both adhere to RFC 2307. For example, you can specify filter > passwd as userFilter, in which case the Synology NAS will interpret records with objectClass=userFilter on your LDAP server as LDAP accounts. If you specify passwd > uid as username, the Synology NAS will interpret username on your LDAP server as an account name. Leaving the mapping empty will apply RFC 2307 rules.

Synology NAS requires a fixed integer to serve as an LDAP account identifier (uidNumber) or a group identifier (gidNumber). However, not all LDAP servers use integers to represent such attributes. Therefore, a keyword HASH() is provided to convert such attributes to integers. For example, your LDAP server might use the attribute userid with a hexadecimal value as the unique identifier for an LDAP account. In this case, you can set passwd > uidNumber to HASH(userid), and then Synology NAS will convert it into an integer.

The following is the summary of customizable attributes:

    filter
        group: required objectClass for group.
        passwd: required objectClass for user.
        shadow: required objectClass for user passwords.
    group
        cn: group name.
        gidNumber: GID number of this group.
        memberUid: members of this group.
    passwd
        uidNumber: UID number of this user.
        uid: username.
        gidNumber: primary GID number of this user.
    shadow
        uid: username.
        userPassword: user password.

所以，真不知道上述解释和张工给出的LDAPfilter之间有怎样的关系啊。拜托张工看在我好歹付了一点费的面子上帮忙看看吧。