Ping a Specific Port

Question

Steve Shipway

Asked: 2020-10-13 12:01:22 +0800 CST2020-10-13 12:01:22 +0800 CST 2020-10-13 12:01:22 +0800 CST

How to make Service Principals synchronise with Active Directory Domain Services (AADDS)?

772

We have a number of legacy applications that use LDAP for authnz, and so after moving to AAD we needed to have an LDAP endpoint. Azure AD Domain Services (AADDS) was installed to synchronise to LDAP, which is working and allows users to auth against LDAP in these applications.

Some applications require their own identity to use for binding against the LDAP, so I created a "Service Principal" for this purpose. However, the AADDS synchronisation only appears to synchronise User accounts and Groups, under the "AADDC Users" OU. How do I get Service Principals to synchronise? The only current workaround is to create a User account for this purpose.

1 Answers

Voted

Noor Khaldi · Answer 1 · 2020-10-22T10:06:10+08:00

Noor Khaldi

2020-10-22T10:06:10+08:002020-10-22T10:06:10+08:00

Short answer: You can't: https://docs.microsoft.com/en-us/azure/active-directory-domain-services/synchronization

Your workaround is valid, however the prefered method for this is to create a group managed service account (gMSA): https://docs.microsoft.com/en-us/azure/active-directory-domain-services/create-gmsa

0

How to make Service Principals synchronise with Active Directory Domain Services (AADDS)?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?