Hi All,
We have a Ubuntu AD on version 4.7.6 and are trying to implement Office 365. We
have been able to configure so far
- Password sync
- Filtering users in certain OUs in AD to Azure AD
What we can't get to work is seamless SSO. Initially we installed the Azure
AD sync in a server 2012 (AD member server) and tried to run the SSO, it comes
up with "An error occurred locating computer account" . Then as a test
we added a 2008R2 server and promoted it as DC. We ran the same steps and got
the same message. Through powershell we get "directory service is
unavailable" error.
We then ran a netmon trace on the 2008R2 box when running the powershell bits
and it seems to be connecting to the Ubuntu server. It seems to using
GSS-SPNEGO
LDAPSASLBuffer: BufferLength: 102, AuthMechanism: GSS-SPNEGO
The smb.conf looks like
[global]
workgroup = LIN
realm = LIN.GROUP
netbios name = SERVER5
server role = active directory domain controller
idmap_ldb:use rfc2307 = yes
log file = /var/log/samba/log.%m
log level = 4
winbind nss info = rfc2307
acl allow execute always = True
server services = -dns
allow dns updates = nonsecure and secure
ldap server require strong auth = no
client ldap sasl wrapping = plain
We have logged a call with Microsoft Azure support.
Any thoughts?
Regards,
Praveen Ghimire
