[Samba] samba and group managed service accounts (GMSA)
Dr. Hansjörg Maurer
hansjoerg.maurer at itsd.de
Fri Feb 12 16:53:20 UTC 2021
Hi
we have been successfully running an "azure ad connect cloud
provisioning agent" to sync our local samba-4.12.11 AD to azure.
With the recent agent update MS seems to rely on Group Managed Service
Accounts (GMSA)
Our samba AD has 2012_R2 schema level with GSMA attrinutes and I did a
samba-tool domain functionalprep to 2012_R2
But when the agent tries to create an GMSA it logs the following error
confirmation step ended with an error: System.NullReferenceException:
Object reference not set to an instance of an object.at
Microsoft.ActiveDirectory.SynchronizationAgent.Setup.Utility.HybridAgentAdministrationUtility.CreateGMSA
Are GMSA's supported by samba4-ad and is ther a way toe create one
manually (LDIF)?
Thanks a lot
Regards
Hansjörg
----------------------------
Unser System ist mit einem Mailverschluesselungs-Gateway ausgestattet. Wenn Sie moechten, dass an Sie gerichtete E-Mails verschluesselt werden, senden Sie einfach eine S/MIME-signierte E-Mail oder Ihren PGP Public Key an hansjoerg.maurer at itsd.de.
Our system is equipped with an email encryption gateway. If you want email sent to you to be encrypted please send a S/MIME signed email or your PGP public key to hansjoerg.maurer at itsd.de.
More information about the samba
mailing list