2021-06-05 01:32:17 +03:00
if [ $# -lt 4 ] ; then
2022-04-22 16:46:05 +03:00
cat <<EOF
2023-09-05 07:22:01 +03:00
Usage: test_net_offline.sh DC_SERVER DC_USERNAME DC_PASSWORD PREFIX_ABS
2021-06-05 01:32:17 +03:00
EOF
2022-04-22 16:46:05 +03:00
exit 1
2021-06-05 01:32:17 +03:00
fi
DC_SERVER = $1
DC_USERNAME = $2
DC_PASSWORD = $3
BASEDIR = $4
2022-04-22 16:46:05 +03:00
HOSTNAME = $( dd if = /dev/urandom bs = 1 count = 32 2>/dev/null | sha1sum | cut -b 1-10)
2021-06-05 01:32:17 +03:00
2022-04-22 16:46:05 +03:00
RUNDIR = $( pwd )
2021-06-05 01:32:17 +03:00
cd $BASEDIR
2022-04-22 16:46:05 +03:00
WORKDIR = $( mktemp -d -p .)
WORKDIR = $( basename $WORKDIR )
2021-06-05 01:32:17 +03:00
ODJFILE = " $BASEDIR / $WORKDIR /odj_provision.txt "
cp -a client/* $WORKDIR /
sed -ri " s@(dir|directory) = (.*)/client/@\1 = \2/ $WORKDIR /@ " $WORKDIR /client.conf
sed -ri " s/netbios name = .*/netbios name = $HOSTNAME / " $WORKDIR /client.conf
rm -f $WORKDIR /private/secrets.tdb
cd $RUNDIR
failed = 0
net_tool = " $BINDIR /net --configfile= $BASEDIR / $WORKDIR /client.conf --option=security=ads "
2023-09-04 17:49:52 +03:00
samba_texpect = " $BINDIR /texpect "
2021-06-05 01:32:17 +03:00
# Load test functions
2022-04-22 16:46:05 +03:00
. $( dirname $0 ) /subunit.sh
2021-06-05 01:32:17 +03:00
netbios = $( grep "netbios name" $BASEDIR /$WORKDIR /client.conf | cut -f2 -d= | awk '{$1=$1};1' )
# 1. Test w/o dcname
2022-04-22 16:46:05 +03:00
testit "provision without dcname" $VALGRIND $net_tool offlinejoin provision domain = $REALM machine_name = $netbios savefile = $ODJFILE -U$DC_USERNAME %$DC_PASSWORD || failed = $( expr $failed + 1)
2021-06-05 01:32:17 +03:00
2022-04-22 16:46:05 +03:00
testit "requestodj" $VALGRIND $net_tool offlinejoin requestodj loadfile = $ODJFILE || failed = $( expr $failed + 1)
2021-06-05 01:32:17 +03:00
2022-04-22 16:46:05 +03:00
testit "testjoin" $VALGRIND $net_tool ads testjoin -P --use-kerberos= required || failed = $( expr $failed + 1)
2021-06-05 01:32:17 +03:00
rm -f $ODJFILE
2023-09-04 17:18:35 +03:00
testit "leave" $VALGRIND $net_tool ads leave -U$DC_USERNAME %$DC_PASSWORD || failed = $( expr $failed + 1)
2021-06-05 01:32:17 +03:00
# 2. Test with dcname
2022-04-22 16:46:05 +03:00
testit "provision with dcname" $VALGRIND $net_tool offlinejoin provision domain = $REALM machine_name = $netbios savefile = $ODJFILE dcname = $DC_SERVER -U$DC_USERNAME %$DC_PASSWORD || failed = $( expr $failed + 1)
2021-06-05 01:32:17 +03:00
2022-04-22 16:46:05 +03:00
testit "requestodj" $VALGRIND $net_tool offlinejoin requestodj loadfile = $ODJFILE || failed = $( expr $failed + 1)
2021-06-05 01:32:17 +03:00
2022-04-22 16:46:05 +03:00
testit "testjoin" $VALGRIND $net_tool ads testjoin -P --use-kerberos= required || failed = $( expr $failed + 1)
2021-06-05 01:32:17 +03:00
rm -f $ODJFILE
2023-09-04 17:18:35 +03:00
testit "leave" $VALGRIND $net_tool ads leave -U$DC_USERNAME %$DC_PASSWORD || failed = $( expr $failed + 1)
2021-06-05 01:32:17 +03:00
# 3. Test with defpwd
2022-04-22 16:46:05 +03:00
testit "provision with dcname and default password" $VALGRIND $net_tool offlinejoin provision domain = $REALM machine_name = $netbios savefile = $ODJFILE dcname = $DC_SERVER defpwd -U$DC_USERNAME %$DC_PASSWORD || failed = $( expr $failed + 1)
2021-06-05 01:32:17 +03:00
2022-04-22 16:46:05 +03:00
testit "requestodj" $VALGRIND $net_tool offlinejoin requestodj loadfile = $ODJFILE || failed = $( expr $failed + 1)
2021-06-05 01:32:17 +03:00
2022-04-22 16:46:05 +03:00
testit "testjoin" $VALGRIND $net_tool ads testjoin -P --use-kerberos= required || failed = $( expr $failed + 1)
2021-06-05 01:32:17 +03:00
rm -f $ODJFILE
2023-09-04 17:18:35 +03:00
testit "leave" $VALGRIND $net_tool ads leave -U$DC_USERNAME %$DC_PASSWORD || failed = $( expr $failed + 1)
2023-09-04 17:49:52 +03:00
test_compose_odj( ) {
local mode = $1
local composeargv = ( )
# Retrieve the necessary information to compose the ODJ blob
# The machine needs to be correctly joined at this point
local netbios_domain_name = $( $net_tool ads lookup | awk -F': ' '/^Pre-Win2k Domain/ {print $2}' )
local domain_sid = $( $net_tool getdomainsid | awk -F': ' " /^SID for domain $netbios_domain_name / {print \$2} " )
local domain_guid = $( $net_tool ads lookup | awk -F': ' '/^GUID/ {print $2}' )
local forest_name = $( $net_tool ads lookup | awk -F': ' '/^Forest/ {print $2}' )
local dc_name = $( $net_tool ads info | awk -F': ' '/^LDAP server name/ {print $2}' )
local dc_address = $( $net_tool ads info | awk -F': ' '/^LDAP server:/ {print $2}' )
local ret = 1
local out = ""
composeargv = ( \
" domain_sid= ${ domain_sid } " \
" domain_guid= ${ domain_guid } " \
" forest_name= ${ forest_name } " \
" -S ${ dc_name } " \
" -I ${ dc_address } " \
" savefile= ${ ODJFILE } "
)
case $mode in
machacct)
cmd = '$net_tool offlinejoin composeodj ${composeargv[@]} -P 2>&1'
out = $( eval $cmd )
ret = $?
; ;
stdinfd)
cmd = 'echo ${netbios} | $net_tool offlinejoin composeodj ${composeargv[@]} -U${netbios^^}\$ 2>&1'
out = $( PASSWD_FD = 0 eval $cmd )
ret = $?
; ;
callback)
tmpfile = $BASEDIR /$WORKDIR /composeodj_password_script
cat >$tmpfile <<EOF
expect Password for [ ${ netbios_domain_name ^^ } \\ ${ netbios ^^ } \$ ] :
send $netbios \n
EOF
cmd = '$samba_texpect -v $tmpfile $net_tool offlinejoin composeodj ${composeargv[@]} 2>&1'
out = $( eval $cmd )
ret = $?
rm -f $tmpfile
; ;
*)
out = " Unknown mode ' $mode ' "
; ;
esac
if [ $ret -ne 0 ] ; then
echo " Failed to compose ODJ blob: $out "
return 1
fi
}
# 4. Test composeodj
modes = ( "machacct" "stdinfd" "callback" )
for mode in " ${ modes [@] } " ; do
defpwd = "defpwd"
if [ " $mode " = = "machacct" ] ; then
defpwd = ""
fi
testit " provision[ $mode ] " $VALGRIND $net_tool offlinejoin provision domain = $REALM machine_name = $netbios savefile = $ODJFILE $defpwd -U$DC_USERNAME %$DC_PASSWORD || failed = $( expr $failed + 1)
testit " requestodj [ $mode ] " $VALGRIND $net_tool offlinejoin requestodj loadfile = $ODJFILE || failed = $( expr $failed + 1)
testit " testjoin [ $mode ] " $VALGRIND $net_tool ads testjoin -P --use-kerberos= required || failed = $( expr $failed + 1)
testit " removeodjblob [ $mode ] " rm $ODJFILE || failed = $( expr $failed + 1)
testit " composeodj [ $mode ] " test_compose_odj $mode || failed = $( expr $failed + 1)
testit " removesecretsdb [ $mode ] " rm $BASEDIR /$WORKDIR /private/secrets.tdb || failed = $( expr $failed + 1)
testit " requestodj [ $mode ] " $VALGRIND $net_tool offlinejoin requestodj loadfile = $ODJFILE || failed = $( expr $failed + 1)
testit " removeodjblob [ $mode ] " rm $ODJFILE || failed = $( expr $failed + 1)
testit " testjoin [ $mode ] " $VALGRIND $net_tool ads testjoin -P --use-kerberos= required || failed = $( expr $failed + 1)
testit " leave [ $mode ] " $VALGRIND $net_tool ads leave -U$DC_USERNAME %$DC_PASSWORD || failed = $( expr $failed + 1)
done
2021-06-05 01:32:17 +03:00
rm -rf $BASEDIR /$WORKDIR
exit $failed
