On Sat, 2017-06-10 at 13:28 +0200, Torsten Fohrer via samba
wrote:> Hi everyone,
>
> I like to connect azure ad to my samba4 installation via AD Azure
> Sync
> (with password passthrough authentication).
>
> Passthrough authentication and User synchronizations working with a
> Windows
> 2016 domain member server without any harm.
>
> But group membership synchronizations fails always because AD Azure
> Sync
> cannot parse the member attribute (reference-value-not-ldap-
> conformant).
>
> Any ideas?
At this point we need to figure out how what we are sending differs
from what Windows AD sends.
I would love to have the time to dig into the whole Azure AD / Office
365 and GSync integration area, and ensure it 'just works', because our
users really should be able to expect that.
Sadly I'm up to my ears fixing other Samba issues, so I'll need you to
do some more of the digging.
Sorry,
Andrew Bartlett
--
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Development and Support, Catalyst IT
https://catalyst.net.nz/services/samba