mirror of
https://github.com/samba-team/samba.git
synced 2025-01-22 22:04:08 +03:00
tests/krb5: Add tests of PAC group handling
In which we make AS and TGS requests and verify the SIDs we expect are returned in the PAC. Example command to test against Windows Server 2019 functional level 2016 with FAST enabled: ADMIN_USERNAME=Administrator ADMIN_PASSWORD=locDCpass1 \ CLAIMS_SUPPORT=1 COMPOUND_ID_SUPPORT=1 DC_SERVER=ADDC.EXAMPLE.COM \ DOMAIN=EXAMPLE EXPECT_PAC=1 FAST_SUPPORT=1 KRB5_CONFIG=krb5.conf \ PYTHONPATH=bin/python REALM=EXAMPLE.COM SERVER=ADDC.EXAMPLE.COM \ SKIP_INVALID=1 SMB_CONF_PATH=smb.conf STRICT_CHECKING=1 \ TKT_SIG_SUPPORT=1 python3 python/samba/tests/krb5/group_tests.py Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Tue Nov 8 03:37:37 UTC 2022 on sn-devel-184
This commit is contained in:
Joseph Sutton
Andrew Bartlett
parent
53f9ac4b6f
commit
612eeff270
1203
python/samba/tests/krb5/group_tests.py
Executable file
1203
python/samba/tests/krb5/group_tests.py
Executable file
File diff suppressed because it is too large
Load Diff
@ -115,6 +115,7 @@ EXCLUDE_USAGE = {
|
||||
'python/samba/tests/krb5/kpasswd_tests.py',
|
||||
'python/samba/tests/krb5/claims_tests.py',
|
||||
'python/samba/tests/krb5/lockout_tests.py',
|
||||
'python/samba/tests/krb5/group_tests.py',
|
||||
}
|
||||
|
||||
EXCLUDE_HELP = {
|
||||
|
||||
@ -142,3 +142,24 @@
|
||||
^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_tgs_claims_remove_claims.ad_dc
|
||||
^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_tgs_claims_remove_claims_to_krbtgt.ad_dc
|
||||
^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_tgs_claims_to_krbtgt.ad_dc
|
||||
#
|
||||
# Group tests
|
||||
#
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_domain_local_Samba_4_17_tgs_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_domain_local_as_req_to_krbtgt.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_domain_local_compression_as_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_domain_local_compression_tgs_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_domain_local_no_compression_as_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_domain_local_no_compression_tgs_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_domain_local_as_req_to_krbtgt.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_domain_local_compression_as_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_domain_local_no_compression_as_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_group_removal_compression_tgs_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_group_removal_no_compression_tgs_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_group_removal_tgs_req_to_krbtgt.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_universal_as_req_to_krbtgt.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_universal_compression_as_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_universal_no_compression_as_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_resource_sids_given_compression_tgs_req_to_krbtgt.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_resource_sids_given_compression_tgs_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_resource_sids_given_no_compression_tgs_req_to_krbtgt.ad_dc
|
||||
|
||||
@ -538,3 +538,38 @@ samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_
|
||||
^samba.tests.krb5.lockout_tests.samba.tests.krb5.lockout_tests.LockoutTests.test_lockout_transaction_kdc.ad_dc:local
|
||||
^samba.tests.krb5.lockout_tests.samba.tests.krb5.lockout_tests.LockoutTests.test_lockout_transaction_rename_kdc.ad_dc:local
|
||||
^samba.tests.krb5.lockout_tests.samba.tests.krb5.lockout_tests.LockoutTests.test_logon_kdc.ad_dc:local
|
||||
#
|
||||
# Group tests
|
||||
#
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_domain_local_Samba_4_17_tgs_req_to_krbtgt.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_domain_local_Samba_4_17_tgs_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_domain_local_as_req_to_krbtgt.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_domain_local_compression_as_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_domain_local_compression_tgs_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_domain_local_no_compression_as_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_domain_local_no_compression_tgs_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_domain_local_tgs_req_to_krbtgt.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_exclude_asserted_identity_tgs_req_to_krbtgt.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_exclude_asserted_identity_tgs_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_exclude_claims_valid_tgs_req_to_krbtgt.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_exclude_claims_valid_tgs_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_global_as_req_to_krbtgt.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_global_as_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_domain_local_as_req_to_krbtgt.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_domain_local_compression_as_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_domain_local_no_compression_as_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_group_removal_compression_tgs_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_group_removal_no_compression_tgs_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_group_removal_tgs_req_to_krbtgt.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_universal_as_req_to_krbtgt.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_universal_compression_as_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_universal_no_compression_as_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_resource_sids_given_compression_tgs_req_to_krbtgt.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_resource_sids_given_compression_tgs_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_resource_sids_given_no_compression_tgs_req_to_krbtgt.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_tgs_req_to_krbtgt.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_tgs_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_universal_as_req_to_krbtgt.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_universal_as_req_to_service.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_user_group_removal_tgs_req_to_krbtgt.ad_dc
|
||||
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_user_group_removal_tgs_req_to_service.ad_dc
|
||||
|
||||
@ -1754,6 +1754,10 @@ planoldpythontestsuite(
|
||||
'ad_dc:local',
|
||||
'samba.tests.krb5.lockout_tests',
|
||||
environ=krb5_environ)
|
||||
planoldpythontestsuite(
|
||||
'ad_dc',
|
||||
'samba.tests.krb5.group_tests',
|
||||
environ=krb5_environ)
|
||||
|
||||
for env in [
|
||||
'vampire_dc',
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user