[Samba] samba and group managed service accounts (GMSA)

Dr. Hansjörg Maurer hansjoerg.maurer at itsd.de
Mon Feb 22 11:03:12 UTC 2021

Hi Andrew

Am 16.02.21 um 03:10 schrieb Andrew Bartlett:
> I've looked into this again and it is clear from
> https://docs.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/getting-started-with-group-managed-service-accounts
> that this is a feature which relies on server-side help to work, so it
> really will need code development on the Samba side.
> The next step would be to spend some 'quality time' with wireshark and
> the tools when operating against a Windows server to work out which
> protocols are being used.  A new RPC or an LDAP control would be a
> smaller change than a Web Services call, which we don't support at all.
it will take some time, because we have no windows AD-DC available, but 
I will ask a colleague to set one up for testing in order to capture the 



> Do let me know if you want to investigate this for us and I'll try and
> help you make sense of the task.
> Andrew Bartlett
>> Sorry,
>> Andrew Bartlett

Dr. Hansjörg Maurer
itsystems Deutschland AG
Erzgießereistr. 22
80335 München
Tel:   +49-89-52 04 68-41
Fax:   +49-89-52 04 68-59
E-Mail: hansjoerg.maurer at itsd.de
Web:    http://www.itsd.de

Amtsgericht München HRB 132146
USt-IdNr. DE 812991301
Steuer-Nr. 143/100/81575

Stefan Adam
Dr. Michael Krocka
Dr. Hansjörg Maurer

Unser System ist mit einem Mailverschluesselungs-Gateway ausgestattet. Wenn Sie moechten, dass an Sie gerichtete E-Mails verschluesselt werden, senden Sie einfach eine S/MIME-signierte E-Mail oder Ihren PGP Public Key an hansjoerg.maurer at itsd.de.

Our system is equipped with an email encryption gateway. If you want email sent to you to be encrypted please send a S/MIME signed email or your PGP public key to hansjoerg.maurer at itsd.de.

More information about the samba mailing list