Setting permissions on Synology NAS

With Synology File Station, you can set access privileges to files and subfolders. This feature is especially useful when allowing different groups of users to access different subfolders in a shared folder.

Depending on how your NAS is configured, individual users, or groups of users may have been granted access already. It's important to check the existing permissions first to check how things are configured for your specific device.

Checking existing permissions

Within File Station, right click a folder, and select Permission. Note the current setup, which may include users, groups or both:

Try to maintain the same type of setup - i.e. if groups are configured to allow access to a folder, add the user you want to have access to the relevant group. If users are configured, you may continue in the same fashion.

Allowing users and groups to access files and subfolders

  1. Select the files and folders for which you want to set access privileges.
  2. Right-click on one of the files or folders, or go to the Action menu. Select Properties.
  3. Optional: go to the Owner section to select an owner for the selected files and folders from the Owner drop-down menu.
  4. Go to the Permission tab, select a user or group, and then click Edit to open the Permission Editor.
  5. Do any of the following in the Permission Editor window to manage permissions for selected the files and folders:
    1. User or group: Specify the user or group whose permissions you wish to customize.
    2. Inherit from: For view only. View the information here to see if the permission is inherited (from a parent folder) or explicit (shown as None).
    3. Type: Select Allow or Deny to grant or deny permission to the user or group.
    4. Apply to: Select how the permissions will be applied to any combination of the folder itself (This folder), subfolders within it (Child folders), files within it (Child files), or all files and subfolders within this folder (All descendants).
    5. Permission: Manage the user or group's access permissions to the selected files and folders by ticking the desired Administration, Read, and Write permissions checkboxes. Typically, only Read or Read and Write are required.
  6. Click Save to save and exit the Permission Editor window.
  7. Click Save to save and exit the Properties window.

Understanding inheritance of permissions

When you have a shared folder that everyone has access to, but only specific users should have access to specific folders, it's important to ensure that permissions from higher level folders are removed from the subfolder.

For example, you have a folder called "Shared Files" to which all users have access. Beneath that, there is a folder "Management Files" that only the management team should access. The permissions for the "Shared Files" would look like this:

By default, the permissions for "Management Files" looks like this:

Note that the "administrators" and "Authenticated Users" are greyed out - these are inherited permissions from the folder above. That means that if you add a user or group here to grant them permissions, these are applied in addition to the permissions shown. If you click Advanced Options and Make inherited permissions explicit then the permissions are editable, and can be removed. That way, you can setup the permissions as you see fit. In this example, we have removed "Authenticated Users" because we do not want every user to have access - just administrators, and those added to the "Management Files" group:

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us