On Fri, 2023-03-10 at 13:06 -0800, Ray Klassen via samba wrote:> I'm very interested in this. Can one of the devs elaborate on what has been > accomplished with this? Specifically, I'd like to know if the support is > bidirectional -- can azure change passwords in samba ad?No, I just fixed the issue where it couldn't pull a password from Samba to Azure AD Azure AD Cloud connect work out of the box (ish) Azure AD connect needs the service account to also be made a domain admin Andrew, -- Andrew Bartlett (he/him) https://samba.org/~abartlet/ Samba Team Member (since 2001) https://samba.org Samba Developer, Catalyst IT https://catalyst.net.nz/services/samba
On 3/11/23 04:33, Andrew Bartlett via samba wrote:> On Fri, 2023-03-10 at 13:06 -0800, Ray Klassen via samba wrote: >> I'm very interested in this. Can one of the devs elaborate on what has been >> accomplished with this? Specifically, I'd like to know if the support is >> bidirectional -- can azure change passwords in samba ad? > > No, I just fixed the issue where it couldn't pull a password from Samba > to Azure AD > > Azure AD Cloud connect work out of the box (ish) > Azure AD connect needs the service account to also be made a domain > admincool! While we're at it, could we document this in the wiki alongside an explanation what the difference between AD Cloud Connect and Azure AD Connect actually is? :)) It's already a year or two since we looked into this and my memory seems to fade more quickly then I'm able add new stuff. :) Thanks! -slow -- Ralph Boehme, Samba Team https://samba.org/ SerNet Samba Team Lead https://sernet.de/en/team-samba SAMBA+ Samba packages https://samba.plus/ -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenPGP_signature Type: application/pgp-signature Size: 840 bytes Desc: OpenPGP digital signature URL: <http://lists.samba.org/pipermail/samba/attachments/20230311/7d5cadf5/OpenPGP_signature.sig>
Yeah that's how I had it set up originally. And then it stopped working. Then I had to use pass through. Which has admittedly worked all right. It makes password expiry closer to real time anyway. On Fri., Mar. 10, 2023, 7:33 p.m. Andrew Bartlett, <abartlet at samba.org> wrote:> On Fri, 2023-03-10 at 13:06 -0800, Ray Klassen via samba wrote: > > I'm very interested in this. Can one of the devs elaborate on what has been > > accomplished with this? Specifically, I'd like to know if the support is > > bidirectional -- can azure change passwords in samba ad? > > > No, I just fixed the issue where it couldn't pull a password from Samba to > Azure AD > > Azure AD Cloud connect work out of the box (ish) > Azure AD connect needs the service account to also be made a domain admin > > Andrew, > > -- > > Andrew Bartlett (he/him) https://samba.org/~abartlet/ > Samba Team Member (since 2001) https://samba.org > Samba Developer, Catalyst IT https://catalyst.net.nz/services/samba > >