[Samba] drs replicate causes issues with Azure AD delta sync
Jake Black
jblack at xes-inc.com
Wed Mar 23 15:29:21 UTC 2022
Greetings,
Recently I found some results on a few user accounts from an ldapcmp on my domain controllers. So I replicated the domain partition manually with drs replicate and --full-sync.
However our next scheduled Azure AD delta sync removed all group members. The group membership still looked fine in ADUC and all services using the domain controllers directly still worked fine. Initiating a full sync of Azure AD added all group members back.
I understand this looks like a bug in Azure AD Connect and we already have a support ticket with them, however we all know how willing Microsoft is to admit fault. So is there anything in drs replicate that could trigger this and we could point Microsoft to how it is importing LDAP information?
Thank you,
Jake Black
More information about the samba
mailing list