samba - Jan 2024 - Azure AD (Entra ID) join specification

I've made some minor changes to the join document for Azure AD. 
Specifically, there was a major mistake in the TransportKey definition. 
If you're working on a join implementation, make sure you pay close 
attention to the changes. Azure accepts just about any blob in the 
TransportKey field, and doesn't perform any validation on it. This only 
becomes obvious when future responses from Azure are garbled nonsense.

-- 
David Mulder
Labs Software Engineer, Samba
SUSE
1221 S Valley Grove Way, Suite 500
Pleasant Grove, UT 84062
(P)+1 385.208.2989
dmulder at suse.com
http://www.suse.com

Whoops, meant to send this to samba-technical, and with the doc attached.

On 1/26/24 9:39 AM, David Mulder via samba wrote:
> I've made some minor changes to the join document for Azure AD. 
> Specifically, there was a major mistake in the TransportKey 
> definition. If you're working on a join implementation, make sure you 
> pay close attention to the changes. Azure accepts just about any blob 
> in the TransportKey field, and doesn't perform any validation on it. 
> This only becomes obvious when future responses from Azure are garbled 
> nonsense.
>
-- 
David Mulder
Labs Software Engineer, Samba
SUSE
1221 S Valley Grove Way, Suite 500
Pleasant Grove, UT 84062
(P)+1 385.208.2989
dmulder at suse.com
http://www.suse.com