WD PR4100 - Using Microsoft Online Accounts


#1

Dear all,

I have WD P4100, which I bought for our small home network. I have disabled the Cloud access. We are talking here about access through the local network only.

We have a Windows Workgroup and the family members log in to the computers at home with their Microsoft Online Accounts. This way, they have the same user account and profile settings across all computers in our home.

Now, I want to organise the access in the WD PR4100:so that different users have different access rights to different folders.

Is there anyway to use these Microsoft accounts with the WDPR4100 or am I out of luck? Has anybody managed to make this work? In the KB, there was an article which advised to switch from Microsoft Accounts to local acctouns, which is a pain… :frowning:

Thanks in advance!

Daniel


#2

OK, I am replying to myself in case somebody else is interested.

I saw an article about a similar isssue in a different NAS:

https://blog.danic.net/enabling-transparent-smb-authentication-between-your-microsoft-account-and-your-synology-diskstation/

And I saw that a similar procedure can be used on the PR4100. This is what I did:

a) I created the user accounts through the PR4100 dashboard. As user name, I used the name of the microsoft account without the @outlook.com (for xxxx@outlook.com) I created an account called “Daniel”.

b) I assigned to this account the same password that I have for that Outlook.com aacount.

c) I enabled the SSH connection in the PR4100.

d) I connected to the PR4100 using WinSCP.

e) From WinSCP, I edited the file /etc/passwd and changed the user name “daniel” to "xxxx@outlook.com" in that line:
xxxx@outlook.com:x:1001:1000:Daniel,:/usr/share/ftp:/bin/sh

I did the same change in this other file:
/etc/samba/private/smbpasswd

After making these changes, you have to restart the Samba service.

I connected directly via SSH from Windows PowerShell and executed this command:

smb restart

After that, I noticed the folliowing:

a) The changed user does not appear in the list of users. You cannot grant or deny permissions to it. But…

b) You can add the modified user to groups and regulate the persmissions from there.

I added the modified user to a group and now the permissions work transparently. I am logged on using my hotmail account in my windows PC and I have the right access to the right folders.

I am really happy!

Daniel


#3

Thanks for sharing this!

You’ll probably lose the modifications on reboot, but this can be fixed with crontab or in the init script of any WD app.
E.g. add this to /shares/Volume_1/Nas_Prog/entware/init.sh

sed -i "s#daniel#xxx@outlook.com#" /etc/passwd
sed -i "s#daniel#xxx@outlook.com#" /etc/samba/private/smbpasswd
smb restart

#4

You are right. After rebooting, the changes were lost. I just tried it.

Thanks for suggesting a way around it. I will give it a go.

Daniel


#5

I have not yet tried the trick to make the changes permanent but I wanted to mention that one thing I noticed is that the xxxx@outlook.com users cannot login to the WD Dashboard and I get an unknown user or password message. I have not investigated this but I can imagine that, because the ampersand is not supported when you create a new user from the Dashboard, it is not possible to login with a user that has an ampersand.

Not a big deal for me but it is something one should keep in mind if when impelementing this hack.

Daniel