[cifs-protocol] Implement password hash synchronization with Azure AD Connect sync

Stefan Metzmacher metze at samba.org
Wed Nov 6 13:01:10 UTC 2019


Hi DocHelp,

we have customers trying to use Azure AD connect to sync their Samba DC
with Azure.

It works in general, but they report that changed passwords in Samba are
not replicated (at least not in a timely manner). Doing a manual
replication works.

The following page talks about
"password hash synchronization heartbeat events":
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/tshoot-connect-password-hash-synchronization#password-sync-log

What protocol is used for this heartbeat feature?
So far I only saw (I guess unrelated) LDAP traffic as
well as the MS-DRSR replication with DRSGetNCChanges()
from the Azure AD connect host to the Samba AD DC.

It would be good to know which protocols are required for
the AD DC to implement for this to work.

Thanks!
metze

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20191106/67f637cb/signature.sig>


More information about the cifs-protocol mailing list