Hybrid cloud solution with Microsoft 365 and Synology NAS
A powerful hybrid cloud solution can be built with affordable Synology NAS devices and Microsoft 365 cloud services. The data stored in the Microsoft Cloud is backed up locally on the NAS. It is also possible to synchronize local SMB/CIFS shares directly to Sharepoint. In addition, the Docker function of the Synology NAS can be used to operate a UniFi controller.
Infrastructure & Devices
The system is set up relatively unspectacularly: Since no VPN is required, a normal provider router is sufficient. (e.g. Swisscom InternetBox or CentroBusiness) To improve security, an inexpensive firewall solution can also be used, of course. It is important that the Synology NAS has an Intel processor so that Docker and M365 cloud backup that can be used.
Components used:
- Provider router (here Swisscom Centro Business 2.0)
- UniFi switch USW-Lite-16-PoE-EU
- Synology DiskStation DS220+ NAS (alternatives)
- Sharp MFP printer
- Windows 10 & Windows 11 PCs, notebooks, tablets
- Various smartphones (Android and iOS)
Cloud services used:
- Microsoft 365 Business Standard
- Microsoft Exchange Online
- Microsoft Sharepoint Online
- Microsoft OneDrive for Business
- Exchange Online Plan 1
- Microsoft Exchange Online
- Synology Quck Connect
- UniFi Cloud Access
Setup of the Synology NAS
Basically, it is recommended to set up the NAS directly with the latest DSM 7. The package “Active Backup for Microsoft 365” can then be installed via the package center. To save the backups, a shared folder must be created via the control panel. It is enough if only the administrator has read and write access to the share.
Configuration Active Backup for Microsoft 365
After that, the backup must be configured. The following gallery shows the setup process:
Configuration Scan to Sharepoint with Synology Cloud Sync
Synology Cloud Sync is a service that allows synchronization of various cloud services with local SMB shares. This can be used to allow devices that can “only” write to local SMB shares (e.g. MFP devices) to write data directly to a cloud service like Microsoft SharePoint Online.
It is recommended to create a scan user and a share for the scanner. Only the scan user and the administrator need read and write access to the share. The following gallery shows the connection to Microsoft Sharepoint Online. Other cloud services are of course possible, but differ from the setup.
Install UniFi Controller as Docker Container
The blog TomTut.de gives a very good tutorial on how to install Docker and the UniFi controller on the Synology NAS.
Setting up the clients
Finally, setting up the devices is very simple. As long as the devices have Windows 10 Pro or Windows 11 Pro installed, you can work with Azure AD. In many cases, however, users prefer local accounts. Home Versions of Windows can’t user Azure AD. So there Local Accounts must be used anyway.
Additional to installing the Microsoft 365 apps (Outlook, Excel, Word, PowerPoint, etc.), One Drive for Business must be set up and the Sharepoint sites used must be linked. By synchronizing the document and desktop folders with OneDrive for Business, you can provide a basic data loss protection level. Active Backup for Microsoft 365 will then back up this data to the local Synology NAS.
For those who want full machine backups, Veeam Agent for Microsoft Windows FREE can be used to back up to an SMB share of the Synology NAS. Synology offers with Active Backup for Business an on-board Solution.
Expansion possibilities
Larger NAS versions have enough power to run VMs via the Synology Virtual Machine Manager (VMM). This allows running a small Windows Server 2022 Essentials domain controller over which users can be managed and synchronized with Azure AD via Microsoft AD Connect. This of course also allows managing the local PCs via GPOs etc. The Synology NAS can also be fully integrated into AD and then additionally used as a local file server. Of course, small application servers and Linux appliances can also be operated in this way.