[Samba] Azure AD Sync not working
Simon FONTENEAU
sfonteneau at tranquil.it
Wed Jul 6 09:48:07 UTC 2022
Historically yes.
Now the password is not stored in plain text, it is simply retrieved
when changing the password thanks to a check password script then sent
to Microsoft directly.
Inconvenience:
- Does not sync current passwords, new password only
- If sending failed the password is lost
The operation is similar to what google does
Simon Fonteneau
Le 06/07/2022 à 10:32, Arthur Toussaint a écrit :
> Hi,
> So far I'm using the PTA, which works well, I think I've seen this
> script but it requires storing password in plaintext if I'm not
> mistaken, which I don't want to do
> Kind regards
> Arthur
>
> ------------------------------------------------------------------------
> *De: *"samba" <samba at lists.samba.org>
> *À: *"samba" <samba at lists.samba.org>
> *Envoyé: *Mardi 5 Juillet 2022 23:32:07
> *Objet: *Re: [Samba] Azure AD Sync not working
>
> Hi Arthur
>
> Have you tried to implement this script with /check password script ?
> /
>
> https://github.com/sfonteneau/send_password_in_azure/blob/master/send_password_azure.py
>
> It's less practical but it uses the official Microsoft APIs
>
> Simon Fonteneau
>
>
> Le 05/07/2022 à 14:12, Arthur Toussaint via samba a écrit :
> > Okay, I thought PTA didn't work, but I guess it was because I had
> "Enable single sign on" enabled, once i unticked that, it worked,
> thanks a lot !
> > Kind regards
> >
> >
> > De: "Min Wai Chan"<dcmwai at gmail.com>
> > À: "arthur toussaint"<arthur.toussaint at wandercraft.eu>
> > Envoyé: Mardi 5 Juillet 2022 13:32:36
> > Objet: Re: [Samba] Azure AD Sync not working
> >
> > Dear Arthur,
> >
> > I'm on Azure Ad connect 1.6.16.0
> > Download from this link below
> > [https://www.microsoft.com/en-us/download/details.aspx?id=103336
> |https://www.microsoft.com/en-us/download/details.aspx?id=103336 ]
> >
> >
> > What I do is change the users sign in
> >
> >
> > And Change to pass-through authentication.
> >
> >
> >
> > And that will change the azure AD to pass-through authentication...
> >
> > Hope this help.
> >
> > Thank You
> > Regards,
> > Min Wai
> >
> > On Tue, Jul 5, 2022 at 4:02 PM Arthur Toussaint <
> [mailto:arthur.toussaint at wandercraft.eu
> |arthur.toussaint at wandercraft.eu ] > wrote:
> >
> >
> >
> > Hi,
> > Thanks a lot, how did you manage to make Passthrough work ?
> > Kind regards
> > Arthur
> >
> >
> > De: "Min Wai Chan" < [mailto:dcmwai at gmail.com |dcmwai at gmail.com ] >
> > À: "arthur toussaint" < [mailto:arthur.toussaint at wandercraft.eu
> |arthur.toussaint at wandercraft.eu ] >
> > Cc: "Dr. Hansjörg Maurer" < [mailto:hansjoerg.maurer at itsd.de
> |hansjoerg.maurer at itsd.de ] >, "samba" <
> [mailto:samba at lists.samba.org |samba at lists.samba.org ] >
> > Envoyé: Mardi 5 Juillet 2022 04:44:30
> > Objet: Re: [Samba] Azure AD Sync not working
> >
> > Dear Arthur,
> > I've face with similar issue on my new Azure AD Connect Setup but
> same like you password hash synchronization don't seem to work.
> >
> > I'm wondering if the MS site had upgrade to Connect protocol 1st...
> >
> > I don't know and I'm clueless...
> >
> > However for me... currently the only working way is Passthrough...
> >
> > Thank you
> >
> > Regards,
> > Min Wai
> >
> > On Mon, Jul 4, 2022 at 11:09 PM Arthur Toussaint via samba <
> [mailto:samba at lists.samba.org |samba at lists.samba.org ] > wrote:
> >
> > BQ_BEGIN
> > OK,
> > Is there anything I could do to help ? Or anywhere I could find info
> about the effort done up to now to trace the root cause ?
> > Thanks a lot
> > Arthur
> >
> >
> > De: "samba" < [mailto:samba at lists.samba.org |samba at lists.samba.org ] >
> > À: "samba" < [mailto:samba at lists.samba.org |samba at lists.samba.org ] >
> > Envoyé: Lundi 4 Juillet 2022 16:58:04
> > Objet: Re: [Samba] Azure AD Sync not working
> >
> > Hi
> >
> >
> > Am 23.06.22 um 11:03 schrieb Arthur Toussaint via samba:
> >> Hi,
> >>
> >> I'm trying to sync my local samba AD to azure AD, but I'm running
> into an issue with password hash synchronization.
> >> The users sync task works well,but the password hash sync task is
> always marked "Active" on the interface but never finishes
> >> I'm following this guide : [
> [https://wiki.samba.org/index.php/Azure_AD_Sync
> |https://wiki.samba.org/index.php/Azure_AD_Sync ] |
> [https://wiki.samba.org/index.php/Azure_AD_Sync
> |https://wiki.samba.org/index.php/Azure_AD_Sync ] ] with samba 4.13.13
> >> Does someone have any pointers on where and what to do to diagnose
> the issue, I'm not seeing any logs
> >> Also, I'm not sure anyone has managed to sync passwords, so even a
> "Password sync works for me" answer would be a huge help.
> > Password sync has been working for almost one year, with the config you
> > mention above, but it stopped working some month ago (without any change
> > on the samba side)
> > We did not manage to trace it down up to now
> >
> > Regards
> >
> > Hansjörg
> >
> >
> >> Thanks a lot
> >> Arthur
> >
> >
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list