[Samba] samba and group managed service accounts (GMSA)
Andrew Bartlett
abartlet at samba.org
Mon Feb 22 18:44:03 UTC 2021
On Mon, 2021-02-22 at 12:03 +0100, Dr. Hansjörg Maurer wrote:
> Hi Andrew
>
>
> Am 16.02.21 um 03:10 schrieb Andrew Bartlett:
> > I've looked into this again and it is clear from
> > https://docs.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/getting-started-with-group-managed-service-accounts
> >
> > that this is a feature which relies on server-side help to work, so
> > it
> > really will need code development on the Samba side.
> >
> > The next step would be to spend some 'quality time' with wireshark
> > and
> > the tools when operating against a Windows server to work out which
> > protocols are being used. A new RPC or an LDAP control would be a
> > smaller change than a Web Services call, which we don't support at
> > all.
> it will take some time, because we have no windows AD-DC available,
> but
> I will ask a colleague to set one up for testing in order to capture
> the
> communication
Thanks, we really do appreciate the research!
Andrew Bartlett
--
Andrew Bartlett (he/him) https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT https://catalyst.net.nz/services/samba
Samba Development and Support, Catalyst IT - Expert Open Source
Solutions
More information about the samba
mailing list