because It took me some time to figure this out - here is a guide of how to setup a synology for remote workers in what I think is the best way
→ Have on large shared folder called “projects” or whatever. with subfolders for each project
→ have setup synology drive , MFA and all that jazz, that is not part of this, this is just permissions.
so lets say you have 20 projects in that shared folder but only want a external user to see and use 1 of those subfolders . Here is how I do it.
-
Disable Home Service because its just annoying if you dont need home directories, it will spam “my drive” as default and not the team drive you actually want
settings/user/advanced unceck “Enable user home service” -
create a user, give it no access to everthing , dont do any override on the project shared folder - we will do that via group permissions.
-
create a group for your users that are part of the same project and add the users. no need to setup permissions here!
-
go to filestation, right click the projects shared folder → propertiees → permissions
Enable READ for “THIS FOLDER” only as ion the screenshot, otherwise the users will not be able to see the project share at all. -
right click on the subfolder you want to share → properties → permissions → and enable read/write permissions on the folder, you can go into as fine detail as to what the users can do where here
- if all goes well the user will only be able to see the one folder on your nas
same goes with synology drive
hope this helps someone, its pa bit annoying to set up but its pretty slick once it works