[Samba] Extending Samba-4 Schema to get Microsoft LAPS working
Ardos
raghav at ardos.in
Sat Nov 24 04:57:23 UTC 2018
Hello Rowland,
Finally Microsoft LAPS is working in our environment and I thank you for
your support.
However, I noticed one thing. Microsoft LAPS is supposed to manage even
the Built-In Account - "Administrator", but it not doing so. In my
environment, While I am trying to figure out why it doesn't manage the
Built-in administrator account, I have enabled another Group Policy to
change the password of Built-in Administrator Account and disabled the
same. Other local administrators are managed using Microsoft LAPS.
Thanks again for your support.
Best regards,
Raghavendra
On 23/11/18 2:32 PM, Rowland Penny via samba wrote:
> On Fri, 23 Nov 2018 08:03:15 +0530
> Ardos <raghav at ardos.in> wrote:
>
>> Hi,
>>
>> Thank you very much for your support.
>>
>> With your ldif, one of the attributes got added to computer
>> container. Second one is having a trouble. The modification command
>> is reporting it is not able to find the attribute although it is very
>> much in the schema. I am checking this part out. Any suggestions to
>> figure out what's wrong and correct it?
>>
> Not really, I have never used LAPS, but I have extended AD several
> times and it always the same, add an ldif containing the attributes,
> then another containing the objectclasses. In your case the second ldif
> needed to modify an existing objectclass.
>
> All I can suggest is to check if both attributes are in AD and if they
> have been added to the computer objectclass.
>
> Rowland
>
More information about the samba
mailing list