[Samba] Azure AD Sync not working

Arthur Toussaint arthur.toussaint at wandercraft.eu
Wed Jul 6 09:35:14 UTC 2022 

Hmm, I downloaded it from there and basically followed the setup all the way through : https://www.microsoft.com/en-us/download/details.aspx?id=47594 
It seems that it is working on the 2012 schema of Samba, I've just seen now that it should only be compatible with 2016, but it worked for me 
Kind regards 
Arthur 


De: "Min Wai Chan" <dcmwai at gmail.com> 
À: "arthur toussaint" <arthur.toussaint at wandercraft.eu> 
Cc: "Simon FONTENEAU" <sfonteneau at tranquil.it>, "samba" <samba at lists.samba.org> 
Envoyé: Mercredi 6 Juillet 2022 11:32:33 
Objet: Re: [Samba] Azure AD Sync not working 

Dear Arthur, 
Mind if I ask, how do you get Azure AD 2.x version running? 

Do you get Server 2016 install and join the Samba AD DC? 
I don't see any documentation on that... 

Thank you 

Regards, 
Min Wai 



On Wed, Jul 6, 2022 at 5:30 PM Arthur Toussaint < [ mailto:arthur.toussaint at wandercraft.eu | arthur.toussaint at wandercraft.eu ] > wrote: 



Oh, but I'm already using Azure AD Connect V2.x, so I should be good 
Thanks 
Arthur 


De: "Min Wai Chan" < [ mailto:dcmwai at gmail.com | dcmwai at gmail.com ] > 
À: "arthur toussaint" < [ mailto:arthur.toussaint at wandercraft.eu | arthur.toussaint at wandercraft.eu ] > 
Cc: "Simon FONTENEAU" < [ mailto:sfonteneau at tranquil.it | sfonteneau at tranquil.it ] >, "samba" < [ mailto:samba at lists.samba.org | samba at lists.samba.org ] > 
Envoyé: Mercredi 6 Juillet 2022 11:28:15 
Objet: Re: [Samba] Azure AD Sync not working 

Dear Arthur, 
Under this 
[ https://docs.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-version-history | https://docs.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-version-history ] 




So unless Samba can connect to windows Server 2016 or higher else that will be gone... 

Thank You 
Regards, 
Min Wai 

On Wed, Jul 6, 2022 at 5:16 PM Arthur Toussaint < [ mailto:arthur.toussaint at wandercraft.eu | arthur.toussaint at wandercraft.eu ] > wrote: 

BQ_BEGIN

What, 
Nope I didn't see that, where did you see that ? 
Kind regards 
Arthur 


De: "Min Wai Chan" < [ mailto:dcmwai at gmail.com | dcmwai at gmail.com ] > 
À: "arthur toussaint" < [ mailto:arthur.toussaint at wandercraft.eu | arthur.toussaint at wandercraft.eu ] > 
Cc: "Simon FONTENEAU" < [ mailto:sfonteneau at tranquil.it | sfonteneau at tranquil.it ] >, "samba" < [ mailto:samba at lists.samba.org | samba at lists.samba.org ] > 
Envoyé: Mercredi 6 Juillet 2022 11:14:35 
Objet: Re: [Samba] Azure AD Sync not working 

Dear Arthur, 
I think you might know that this PTA using windows 2012 R2 will be only available until 31 Aug 2022... 

Thus, this will be a very short solution... 

Regards, 
Min Wai 

On Wed, Jul 6, 2022 at 4:35 PM Arthur Toussaint via samba < [ mailto:samba at lists.samba.org | samba at lists.samba.org ] > wrote: 

BQ_BEGIN
Hi, 
So far I'm using the PTA, which works well, I think I've seen this script but it requires storing password in plaintext if I'm not mistaken, which I don't want to do 
Kind regards 
Arthur 


De: "samba" < [ mailto:samba at lists.samba.org | samba at lists.samba.org ] > 
À: "samba" < [ mailto:samba at lists.samba.org | samba at lists.samba.org ] > 
Envoyé: Mardi 5 Juillet 2022 23:32:07 
Objet: Re: [Samba] Azure AD Sync not working 

Hi Arthur 

Have you tried to implement this script with /check password script ? 
/ 

[ https://github.com/sfonteneau/send_password_in_azure/blob/master/send_password_azure.py | https://github.com/sfonteneau/send_password_in_azure/blob/master/send_password_azure.py ] 

It's less practical but it uses the official Microsoft APIs 

Simon Fonteneau 


Le 05/07/2022 à 14:12, Arthur Toussaint via samba a écrit : 
> Okay, I thought PTA didn't work, but I guess it was because I had "Enable single sign on" enabled, once i unticked that, it worked, thanks a lot ! 
> Kind regards 
> 
> 
> De: "Min Wai Chan"< [ mailto:dcmwai at gmail.com | dcmwai at gmail.com ] > 
> À: "arthur toussaint"< [ mailto:arthur.toussaint at wandercraft.eu | arthur.toussaint at wandercraft.eu ] > 
> Envoyé: Mardi 5 Juillet 2022 13:32:36 
> Objet: Re: [Samba] Azure AD Sync not working 
> 
> Dear Arthur, 
> 
> I'm on Azure Ad connect 1.6.16.0 
> Download from this link below 
> [ [ https://www.microsoft.com/en-us/download/details.aspx?id=103336 | https://www.microsoft.com/en-us/download/details.aspx?id=103336 ] | [ https://www.microsoft.com/en-us/download/details.aspx?id=103336 | https://www.microsoft.com/en-us/download/details.aspx?id=103336 ] ] 
> 
> 
> What I do is change the users sign in 
> 
> 
> And Change to pass-through authentication. 
> 
> 
> 
> And that will change the azure AD to pass-through authentication... 
> 
> Hope this help. 
> 
> Thank You 
> Regards, 
> Min Wai 
> 
> On Tue, Jul 5, 2022 at 4:02 PM Arthur Toussaint < [mailto: [ mailto:arthur.toussaint at wandercraft.eu | arthur.toussaint at wandercraft.eu ] | [ mailto:arthur.toussaint at wandercraft.eu | arthur.toussaint at wandercraft.eu ] ] > wrote: 
> 
> 
> 
> Hi, 
> Thanks a lot, how did you manage to make Passthrough work ? 
> Kind regards 
> Arthur 
> 
> 
> De: "Min Wai Chan" < [mailto: [ mailto:dcmwai at gmail.com | dcmwai at gmail.com ] | [ mailto:dcmwai at gmail.com | dcmwai at gmail.com ] ] > 
> À: "arthur toussaint" < [mailto: [ mailto:arthur.toussaint at wandercraft.eu | arthur.toussaint at wandercraft.eu ] | [ mailto:arthur.toussaint at wandercraft.eu | arthur.toussaint at wandercraft.eu ] ] > 
> Cc: "Dr. Hansjörg Maurer" < [mailto: [ mailto:hansjoerg.maurer at itsd.de | hansjoerg.maurer at itsd.de ] | [ mailto:hansjoerg.maurer at itsd.de | hansjoerg.maurer at itsd.de ] ] >, "samba" < [mailto: [ mailto:samba at lists.samba.org | samba at lists.samba.org ] | [ mailto:samba at lists.samba.org | samba at lists.samba.org ] ] > 
> Envoyé: Mardi 5 Juillet 2022 04:44:30 
> Objet: Re: [Samba] Azure AD Sync not working 
> 
> Dear Arthur, 
> I've face with similar issue on my new Azure AD Connect Setup but same like you password hash synchronization don't seem to work. 
> 
> I'm wondering if the MS site had upgrade to Connect protocol 1st... 
> 
> I don't know and I'm clueless... 
> 
> However for me... currently the only working way is Passthrough... 
> 
> Thank you 
> 
> Regards, 
> Min Wai 
> 
> On Mon, Jul 4, 2022 at 11:09 PM Arthur Toussaint via samba < [mailto: [ mailto:samba at lists.samba.org | samba at lists.samba.org ] | [ mailto:samba at lists.samba.org | samba at lists.samba.org ] ] > wrote: 
> 
> 
> OK, 
> Is there anything I could do to help ? Or anywhere I could find info about the effort done up to now to trace the root cause ? 
> Thanks a lot 
> Arthur 
> 
> 
> De: "samba" < [mailto: [ mailto:samba at lists.samba.org | samba at lists.samba.org ] | [ mailto:samba at lists.samba.org | samba at lists.samba.org ] ] > 
> À: "samba" < [mailto: [ mailto:samba at lists.samba.org | samba at lists.samba.org ] | [ mailto:samba at lists.samba.org | samba at lists.samba.org ] ] > 
> Envoyé: Lundi 4 Juillet 2022 16:58:04 
> Objet: Re: [Samba] Azure AD Sync not working 
> 
> Hi 
> 
> 
> Am 23.06.22 um 11:03 schrieb Arthur Toussaint via samba: 
>> Hi, 
>> 
>> I'm trying to sync my local samba AD to azure AD, but I'm running into an issue with password hash synchronization. 
>> The users sync task works well,but the password hash sync task is always marked "Active" on the interface but never finishes 
>> I'm following this guide : [ [ [ https://wiki.samba.org/index.php/Azure_AD_Sync | https://wiki.samba.org/index.php/Azure_AD_Sync ] | [ https://wiki.samba.org/index.php/Azure_AD_Sync | https://wiki.samba.org/index.php/Azure_AD_Sync ] ] | [ [ https://wiki.samba.org/index.php/Azure_AD_Sync | https://wiki.samba.org/index.php/Azure_AD_Sync ] | [ https://wiki.samba.org/index.php/Azure_AD_Sync | https://wiki.samba.org/index.php/Azure_AD_Sync ] ] ] with samba 4.13.13 
>> Does someone have any pointers on where and what to do to diagnose the issue, I'm not seeing any logs 
>> Also, I'm not sure anyone has managed to sync passwords, so even a "Password sync works for me" answer would be a huge help. 
> Password sync has been working for almost one year, with the config you 
> mention above, but it stopped working some month ago (without any change 
> on the samba side) 
> We did not manage to trace it down up to now 
> 
> Regards 
> 
> Hansjörg 
> 
> 
>> Thanks a lot 
>> Arthur 
> 
> 
-- 
To unsubscribe from this list go to the following URL and read the 
instructions: [ https://lists.samba.org/mailman/options/samba | https://lists.samba.org/mailman/options/samba ] 
-- 
To unsubscribe from this list go to the following URL and read the 
instructions: [ https://lists.samba.org/mailman/options/samba | https://lists.samba.org/mailman/options/samba ] 




BQ_END


BQ_END

More information about the samba mailing list