ADWS support for Samba
Douglas Bagnall
douglas.bagnall at catalyst.net.nz
Wed Oct 25 00:10:06 UTC 2023
hi Stefan,
On 21/10/23 03:00, Stefan Kania via samba-technical wrote:
> With Samba 4.19 it is possible (using FL 2016) to create "authentication
> policies" and "authentzicationsilos" but to realy work with the policies
> and silos "Active Directory Administrative Center" must be used. This is
> not working together with a Samba DC because of the missing ADWS-support.
> Will this be possible in the future? Or is there a way to use policies and
> silos without ADAC?
As covered in the samba list thread, the samba-tool interface is a work
in progress, so I won't go into that other than to say I am glad you are
trying it.
Regarding ADWS, it is not likely soon, unless someone funds the work.
It needs a new server talking a new protocol (not "web", despite "Active
Directory Web Services"). As far as I remember, the actual database
manipulations are unremarkable -- you can do all the same things with
LDAP and RPCs (samba-tool is using LDAP for silos).
As ADWS is an occasional admin thing, not an N-connections-per-second
thing, I think it would be a good chance to write the server in Python
or some other language other than C, though that would put renewed
scrutiny on our bindings to LDB and so forth.
That is about as far as we got. It's possible but not trivial.
cheers,
Douglas
More information about the samba-technical
mailing list