[Samba] MSA accounts

bd730c5053df9efb bd730c5053df9efb at proton.me
Mon Sep 18 10:53:34 UTC 2023


Andrew, thanks for your reply but I was actually asking about msDS-ManagedServiceAccount. Are they a feature in samba?

Thanks again.
Best regards,

Sent from Proton Mail mobile

-------- Original Message --------
On 17 Sep 2023, 16:27, Andrew Bartlett via samba wrote:

> On Fri, 2023-09-15 at 15:58 +0000, bd730c5053df9efb via samba wrote: > Hi all! > > I recently learned about Managed Service Accounts and thought they > would be a good case use to connect services (dovecot comes to mind) > to AD and according to the documentation I found this kind of > accounts have existed since windows 7 on windows 2008 r2 functioning > level ad domains. However when I try to set a new account using ADUC > on a windows 7 workstation on my samba-4.18.5 DC I see no option to > create an msDS-ManagedServiceAccount account but I do have the option > for a msDS-GroupManagedServiceAccount. Am i missing something on the > workstation RSAT tools or are these kind of accounts not supported on > samba AD? Group managed service accounts are a feature we will add (it is a funded feature), but due to the complexity of the cryptography and the other items in the work stream the current target is Samba 4.21, eg in a year. Sorry! Andrew Bartlett -- Andrew Bartlett (he/him) https://samba.org/~abartlet/ Samba Team Member (since 2001) https://samba.org Samba Team Lead https://catalyst.net.nz/services/samba Catalyst.Net Ltd Proudly developing Samba for Catalyst.Net Ltd - a Catalyst IT group company Samba Development and Support: https://catalyst.net.nz/services/samba Catalyst IT - Expert Open Source Solutions -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba

More information about the samba mailing list