[Samba] AWS AD Connector and Samba4

Jörg Baldzer joerg.baldzer at numberfour.eu
Fri Aug 28 14:25:09 UTC 2015


we want to access our Amazon/AWS Console using users from our internal samba4 directory service. So we tried to connect to our samba4 via the AWS AD Connector. 
Connection (bind) is ok, but no users/groups are found.  Via tcpdump/wireshark we found this query/answer pair:

Query from AD Connector
LDAPMessage searchRequest(5) “dc=companyname,dc=com" wholeSubtree
Filter: (&(ANR=testuser*)(sAMAccountType=805306368))

Answer from Samba4
resultCode: unavailableCriticalExtension (12)

The following controlType is marked as critical in the query:
controlType: 2.16.840.1.113730.3.4.9 (LDAP_CONTROL_VLVREQUEST VLV)

Is it possible to activate / add this controlType in samba4? 

Jörg Baldzer

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Message signed with OpenPGP using AMPGpg
URL: <http://lists.samba.org/pipermail/samba/attachments/20150828/d387d777/signature.sig>

More information about the samba mailing list