[Samba] Office365
Praveen Ghimire
PGhimire at sundata.com.au
Thu Aug 29 04:35:41 UTC 2019
Hi All,
We have a Ubuntu AD on version 4.7.6 and are trying to implement Office 365. We have been able to configure so far
- Password sync
- Filtering users in certain OUs in AD to Azure AD
What we can't get to work is seamless SSO. Initially we installed the Azure AD sync in a server 2012 (AD member server) and tried to run the SSO, it comes up with "An error occurred locating computer account" . Then as a test we added a 2008R2 server and promoted it as DC. We ran the same steps and got the same message. Through powershell we get "directory service is unavailable" error.
We then ran a netmon trace on the 2008R2 box when running the powershell bits and it seems to be connecting to the Ubuntu server. It seems to using GSS-SPNEGO
LDAPSASLBuffer: BufferLength: 102, AuthMechanism: GSS-SPNEGO
The smb.conf looks like
[global]
workgroup = LIN
realm = LIN.GROUP
netbios name = SERVER5
server role = active directory domain controller
idmap_ldb:use rfc2307 = yes
log file = /var/log/samba/log.%m
log level = 4
winbind nss info = rfc2307
acl allow execute always = True
server services = -dns
allow dns updates = nonsecure and secure
ldap server require strong auth = no
client ldap sasl wrapping = plain
We have logged a call with Microsoft Azure support.
Any thoughts?
Regards,
Praveen Ghimire
More information about the samba
mailing list