s4:dsdb: Add to ‘user_attrs’ attributes required for Group Managed Service Accounts

author Jo Sutton <josutton@catalyst.net.nz>

Tue, 13 Feb 2024 00:45:10 +0000 (13:45 +1300)

committer Andrew Bartlett <abartlet@samba.org>

Fri, 16 Feb 2024 02:41:36 +0000 (02:41 +0000)
author Jo Sutton <josutton@catalyst.net.nz>
Tue, 13 Feb 2024 00:45:10 +0000 (13:45 +1300)
committer Andrew Bartlett <abartlet@samba.org>
Fri, 16 Feb 2024 02:41:36 +0000 (02:41 +0000)
diff --git a/source4/auth/sam.c b/source4/auth/sam.c

index d7fabe52cec724eaa31f27c919df01dc95f15f83..2543c3566e2948e3936932f0becb05b53e37963a 100644 (file)
--- a/source4/auth/sam.c
+++ b/source4/auth/sam.c
@@ -62,7 +62,12 @@
         "accountExpires",                       \
                                                 \
         /* Needed for RODC rule processing */   \
-       "msDS-KrbTgtLinkBL"
+       "msDS-KrbTgtLinkBL",                    \
+                                               \
+       /* Required for Group Managed Service Accounts. */ \
+       "msDS-ManagedPasswordId",               \
+       "msDS-ManagedPasswordInterval",         \
+       "whenCreated"
  
  #define AUTHN_POLICY_ATTRS                     \
         /* Required for authentication policies / silos */ \
author	Jo Sutton <josutton@catalyst.net.nz>
	Tue, 13 Feb 2024 00:45:10 +0000 (13:45 +1300)
committer	Andrew Bartlett <abartlet@samba.org>
	Fri, 16 Feb 2024 02:41:36 +0000 (02:41 +0000)