Table of Contents
: Install process
: New notification options
: WORM folder protection
: Container Manager (Docker)
: Secure SignIn new features
As of today, 07/03/2023, the new DSM 7.2 BETA is available, as it was announced during the 2023 and Beyond event at the end of last year.
The installers are listed on the beta portal accessible on the following URL.
https://prerelease.synology.com/en-global/download/dsm72_beta
The current version is DSM 7.2 - 64216 and the following release notes are below.
Important Note
- This beta software is for evaluation purposes only and should not be installed in production environments. Synology cannot be held responsible for any damage, such as accidental data loss, caused by this beta software.
- After installing this update, you will not be able to downgrade to a previous DSM version.
- This update will restart your Synology NAS.
- Starting from this version, logs for drives will no longer appear in Storage Manager > HDD and will be available only in Log Center.
- Removed the "Automatically create port forwarding rules" option from QuickConnect advanced settings to increase network security.
Known Issues
- Users of Surveillance Station should keep their current DSM version. The package update compatible with this DSM version is currently in development. Once the package update is officially released, it will be available for download in the Package Center.
- This DSM update is not applicable to the following models: DS418, DS218, DS218play, DS118 and HD6500. The update compatible with these models is currently in development and is scheduled to be available in the next release.
What’s New
- Added support for WriteOnce shared folders. This feature is based on the Write Once, Read Many (WORM) technology and can be enabled to prevent files from being modified, deleted, or renamed for a specified period.
- Added support for volume encryption. All volume encryption keys are stored in the Encryption Key Vault, which can be set up on a local Synology NAS or via KMIP on a remote Synology NAS.
- Added more Synology NAS models to support M.2 NVMe SSD storage pools. Learn more
- Added more SSD cache group management options, including changing the RAID type and replacing a drive.
- Added support for inline zero-block removal to increase the efficiency of data deduplication.
- Adjusted how drive information is presented in Storage Manager. Users can now quickly check the condition of their drives by looking at the "Drive Status" field.
- Users can now view the amount of used and free space for each storage pool and volume in Storage Manager.
- Added a warning notification for when the available shared folder quota is low.
- Supports deleting individual desktop notifications.
- Supports sending DSM notifications via additional webhook providers, including LINE and Microsoft Teams.
- Supports creating custom notification rules for system events, giving users greater control over what notifications to receive.
- Supports exporting a list of users and of groups.
- Added support for SAML to integrate DSM with external SSO servers.
- Added the option to allow non-admin users to safely eject USB devices.
- Users can now manually input the IP addresses or FQDNs of one or more domain controllers in the trusted domain. This allows Synology NAS to sync domain data directly with the specified domain controllers.
- Users can now enable Synology's email server to send DSM notifications directly to their Synology Account.
Limitation
- S.M.A.R.T. testing for M.2 NVMe SSDs is no longer supported.
- Starting from DSM 7.2 Beta, Virtual Machine Manager will no longer support creating clusters with older DSM versions. Please update each host in the cluster to the same DSM version or above versions for the Virtual Machine Manager cluster to operate properly.
- Virtual DSM running DSM 7.2 Beta requires Virtual Machine Manager 2.6 or above.
Install process
The installation process is almost identical to all the current DSM 7 installations.
New notification options
One of the first things that we can see is the notification on the DSM desktop that is inviting us to set up a new notification setup.
The notification section has been remapped compared to 7.1.1. version with the removal of the SMS tab (it is now part of the webhook provider), and separating the Push and Webhooks options. One of the biggest changes here is the ability to change the actual event option and their values. This means an option to change two variables and any event messages.
This will for sure help out to bring out localized errors for your users in case the DSM itself does not support your language.
As seen in the first image, the email notification channel still exists and now uses Synology's email server ([email protected]
as the sender's email address) to send all notifications that are generated in DSM.
We need to log in to an existing Synology Account for all this to work, but other than that, there is not much to configure here if we choose this method.
Push services on the other hand are quite simple in configuration, there is just a simple requirement to download and install DSFinder mobile app and activate the Push service options inside it.
On top of device push notifications, we have the option to choose a browser-based notification that will again be coordinating with Synology's notification.synology.com web service
Last but not least, webhook options. Now, in DSM 7.2 webhooks have had a bit of an update in terms of providers. So no longer do we have Synology Chat and the rest of the world. Now there is official support for Microsoft Teams, as well as LINE.
One example of a custom webhook integration would be with Mattermost. Configuring incoming webhook on the Mattermost side we can use that URL in the configuration wizard. The result would be that all notifications (or rule categories that were chosen) are shipped to the desired channel.
What notifications are being delivered will depend on the rules chosen for the webhook or email channel of communication (push notifications have no option to select specific rule categories).
On top of the three predefined rule categories (those can't be deleted or changed), we can make our own. This option in a combination with editing the events themselves is indeed a breath of fresh air when it comes to notifications.
WORM folder protection
The new WriteOnceReadMany folder protection is part of the shared folder creation wizard. As compared to the 7.1.1 version, the second step in the wizard will offer both encryption and WORM security features.
WORM works in two modes, enterprise, and compliance. The former will allow only administrator class users to delete the shared folder while the latter will not allow anyone to do the same.
On top of this, the auto lock settings will further protect the data with the use of lock and retention options.
In case we select the creation of a folder in compliance WORM mode, there will be a final warning, sort of a "point of no return" telling us that we will not be able to delete the folder once it is created.
The created folder will have its settings listed in the control panel as expected, and any additional modification on the WORM side of things will not be possible.
Container Manager (Docker)
While most beta versions of various DSM apps are updated to accommodate the new 7.2 version, some of them have had new features in them. One example is the Snapshot Replication which needs to be updated in case we want to replicate WORM folder.
Out of all packages, one package, in particular, has had a lot of love in the recent version, and that would be Docker, or as they call it in the latest version Container Manager.
Important Notes
- Container Manager is the successor of Docker and will be available for updates in Package Center.
Compatibility & Installation
- Container Manager 20.10.3 requires DSM 7.2 and above.
- Added support for the following models with the ARMv8 architecture: DS223, and DS420j.
What's New
- Revamped the package icon and user interface for a better container managing experience.
- Supports Docker Compose on the Project page.
- Supports displaying the health status of containers.
- Updated to be compatible with Docker Compose 2.5.1.
- Supports automatic update detection for images with the "latest" tag.
Fixed Issues
- Fixed an issue where the package might not be able to run after a DSM update.
- Minor bug fixes.
Limitation
- Docker Swarm is not supported on the following models with the ARMv8 architecture: DS420j, DS223.
As we can see in the release notes, apart from the look and feel, the CM has added support for docker-compose (Projects) and a big deal for many users, support for ARM8 CPUs. This means that some J models as well as value series are becoming Docker-capable, nice!
The main addition here is the mentioned docker-compose functionality. The editor includes syntax check and correction, so anyone not willing to use Portainer or pure command line, to run compose files, can use the webUI in the new Container Manager.
As expected we can't edit settings until the container has been stopped, but that is to be expected. All in all a nice surprise I have to say, and a great effort from the Synology team that goes to show that they do support micro-services and containerization in general.
Secure SignIn - new features
I have written about Secure SignIn in the past when it was first got released as part of the new DSM 7. This time around there are several new features that will make use of your biometric-capable device as well as the new Passkey (Apple macOS/iOS feature).
In order to configure and use Secure SignIn, we need to have DSM access configured over HTTPS and that excludes the QuickConnect option. So, DDNS or custom and valid 3rd party domain have to be in place before we can continue with the configuration.
As always, 2FA options are under Personal settings in the main user menu (upper right corner). Under the Security tab, there are now some new features when we select the 2FA option.
In DSM 7.1, USB and TouchID were the only options, so for example, Mac users that didn't have computers with biometric readers were unable to use this feature. Now, however, we can log in using a FaceID device like an iPhone.
Finally, the setup process is completed.
In order to log into DSM with the help of passkey and biometrics as our 2FA method the process is following.
This way, our 2FA step was substituted by using the passkey option that in the end got verified with the on-device biometrics, FaceID in this particular case.
As a side note, both PLEX and Wireguard work fine with DSM 7.2, and for more info on running Wireguard on your NAS read up in the following article
Testing will continue and I will post any issue in this article. If anyone wants anything specific tested let me know in the comment section and if I am able to test it I will to the best of my abilities.