对LDAP的设置,实在超出智商能力所及,看到DSM的官网上有这样的解释:
URL:https://www.synology.cn/en-global/knowledgebase/DSM/help/DSM/AdminCenter/file_directory_service_ldap
Before customizing LDAP attribute mappings, you will need some background knowledge. Synology DSM and the Profile editor both adhere to RFC 2307. For example, you can specify filter > passwd as userFilter, in which case the Synology NAS will interpret records with objectClass=userFilter on your LDAP server as LDAP accounts. If you specify passwd > uid as username, the Synology NAS will interpret username on your LDAP server as an account name. Leaving the mapping empty will apply RFC 2307 rules.
Synology NAS requires a fixed integer to serve as an LDAP account identifier (uidNumber) or a group identifier (gidNumber). However, not all LDAP servers use integers to represent such attributes. Therefore, a keyword HASH() is provided to convert such attributes to integers. For example, your LDAP server might use the attribute userid with a hexadecimal value as the unique identifier for an LDAP account. In this case, you can set passwd > uidNumber to HASH(userid), and then Synology NAS will convert it into an integer.
The following is the summary of customizable attributes:
filter
group: required objectClass for group.
passwd: required objectClass for user.
shadow: required objectClass for user passwords.
group
cn: group name.
gidNumber: GID number of this group.
memberUid: members of this group.
passwd
uidNumber: UID number of this user.
uid: username.
gidNumber: primary GID number of this user.
shadow
uid: username.
userPassword: user password.
所以,真不知道上述解释和张工给出的LDAPfilter之间有怎样的关系啊。拜托张工看在我好歹付了一点费的面子上帮忙看看吧。