[Samba] How to add or modify msDS-PrincipalName Attribute
James Atwell
james.atwell365 at gmail.com
Thu Aug 12 19:29:30 UTC 2021
Rowland,
Thanks for the reply and link. I'm not familiar with working with
ldb modules. Can you point me in the direction to learn how? Thank you.
-James
On 8/12/2021 12:44 PM, Rowland Penny via samba wrote:
> On Thu, 2021-08-12 at 12:18 -0400, James Atwell via samba wrote:
>> Hello,
>>
>> I'm attempting to use DUO for 2FA against a Samba 4.11.6 DC. on
>> Ubuntu 16.04. I understand the OS and Samba is outdated. Everything
>> goes
>> well until the service user attempts to authenticate an AD user. The
>> error from DUO is the service user is unable to fetch the
>> msDS-PrincipalName. When I look at the attribute for the user I see
>> it's
>> missing. ADSI and ADUC does not let me modify. Can I manually or
>> auto
>> add this for all users in the domain?
> It is one of the 'constructed' attributes, so you cannot add it
> manually, try reading this thread:
>
> https://lists.samba.org/archive/samba-technical/2018-January/125185.html
>
> Rowland
>
>
>
More information about the samba
mailing list