[Samba] azure AD Connect | passwords not syncing
abartlet at samba.org
Sun Nov 13 23:43:36 UTC 2016
On Fri, 2016-11-11 at 11:42 +0100, mj via samba wrote:
> We setup the microsoft azure AD Connect on a windows 2012 server, to
> start using (testing) office 365 in the future. We're running a
> 4.4.4 AD.
> This all worked, in the portal.office.com admin section we can see
> > Company Name COMPANY
> > Domains verified 2
> > Domains not verified 1
> > Directory sync enabled true
> > Last directory sync last synced 3 minutes
> > ago
> > Password sync enabled true
> > Last password sync
> > Directory sync client version 1.1.281.0
> > IdFix Tool Download IdFix Tool
> > Directory sync service account Sync_WIN2012-
> > PROXMOX_63nfmdcompany.onmicrosoft.com
> As you can see, the sync seems to work, however: "Last password
> field is empty, even though the password sync functionality IS
> There don't seem to be any errors, and I can see all our AD accounts
> the office365 web interface.
> In all online examples/howto's, the "last password sync" is never
> so our status seems to be irregular.
> Before looking into all kinds of details, the basic question first:
> Is password sync using Azure Connect to the azure cloud supposed to
> work? Does it work for others here?
> Anything special that needs to be done/taken care of on the samba
> of things?
This isn't currently known to work. I did try and test this during a
recent visit to Microsoft for an IO lab, but we didn't get time to set
everything up correctly.
Samba supports the calls that are being made, particularly in Samba
4.5, but a detailed investigation needs to be made to understand the
blocking issues for this particular use case.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba