[Samba] Azure AD SSPR
Mike Forsman
mikef72869 at gmail.com
Mon Nov 18 15:44:07 UTC 2019
Hi All,
Samba 4.9.2. Domain and forest level at 2008.
We are trying to configure password reset through Azure AD and are
encountering the following error on the server running the AD Connect tool:
TrackingId: 3cad8144-fb82-4cc4-849b-31b2b43cc277, Reason: Synchronization
Engine returned an error hr=80004001, message=Not implemented, Context:
cloudAnchor: User_82f99156-5aff-41f1-a1c5-502f356e9039, SourceAnchorValue:
4qR5c9aR9UGAzTV1kShOgg==, UserPrincipalName: testuser at mydomain.com,
Details:
Microsoft.CredentialManagement.OnPremisesPasswordReset.Shared.PasswordResetException:
Synchronization Engine returned an error hr=80004001, message=Not
implemented
at
AADPasswordReset.SynchronizationEngineManagedHandle.ThrowSyncEngineError(Int32
hr)
at
AADPasswordReset.SynchronizationEngineManagedHandle.ChangePassword(String
cloudAnchor, String sourceAnchor, String oldPassword, String newPassword)
at
Microsoft.CredentialManagement.OnPremisesPasswordReset.PasswordResetCredentialManager.ChangePassword(String
changePasswordXMLRequestString)
AD and Azure AD are configured per MS Docs:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-sspr-writebackhttps://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-sspr-deployment#implementation
There is nothing in the Samba DC's logs other than showing that the test
user logged into O365. Could this be related to Bug 14153 (
https://bugzilla.samba.org/show_bug.cgi?id=14153)?
Thanks,
Mike
More information about the samba
mailing list