mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
s4:selftest: test kinit with the interdomain trust user account
To test it, add a blackbox test that ensures we pass a keytab-based authentication with the trust user account for a trusted domain. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539 Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Alexander Bokovoy <ab@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
parent
80324ff6e2
commit
7df505298f
@ -446,6 +446,7 @@ plantestsuite("samba4.blackbox.trust_token", "fl2008r2dc", [os.path.join(bbdir,
|
||||
plantestsuite("samba4.blackbox.trust_token", "fl2003dc", [os.path.join(bbdir, "test_trust_token.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$DOMSID', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$TRUST_DOMSID', 'external'])
|
||||
plantestsuite("samba4.blackbox.ktpass(ad_dc_ntvfs)", "ad_dc_ntvfs", [os.path.join(bbdir, "test_ktpass.sh"), '$PREFIX/ad_dc_ntvfs'])
|
||||
plantestsuite("samba4.blackbox.password_settings(ad_dc_ntvfs:local)", "ad_dc_ntvfs:local", [os.path.join(bbdir, "test_password_settings.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', "$PREFIX/ad_dc_ntvfs"])
|
||||
plantestsuite("samba4.blackbox.trust_user_account", "fl2008r2dc:local", [os.path.join(bbdir, "test_trust_user_account.sh"), '$PREFIX', '$REALM', '$DOMAIN', '$TRUST_REALM', '$TRUST_DOMAIN'])
|
||||
plantestsuite("samba4.blackbox.cifsdd(ad_dc_ntvfs)", "ad_dc_ntvfs", [os.path.join(samba4srcdir, "client/tests/test_cifsdd.sh"), '$SERVER', '$USERNAME', '$PASSWORD', "$DOMAIN"])
|
||||
plantestsuite("samba4.blackbox.nmblookup(ad_dc_ntvfs)", "ad_dc_ntvfs", [os.path.join(samba4srcdir, "utils/tests/test_nmblookup.sh"), '$NETBIOSNAME', '$NETBIOSALIAS', '$SERVER', '$SERVER_IP', nmblookup4])
|
||||
plantestsuite("samba4.blackbox.locktest(ad_dc_ntvfs)", "ad_dc_ntvfs", [os.path.join(samba4srcdir, "torture/tests/test_locktest.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$DOMAIN', '$PREFIX'])
|
||||
|
44
testprogs/blackbox/test_trust_user_account.sh
Executable file
44
testprogs/blackbox/test_trust_user_account.sh
Executable file
@ -0,0 +1,44 @@
|
||||
#!/bin/sh
|
||||
|
||||
if [ $# -lt 1 ]; then
|
||||
cat <<EOF
|
||||
Usage: test_trust_user_account.sh PREFIX OUR_REALM OUR_FLAT REMOTE_REALM REMOTE_FLAT
|
||||
EOF
|
||||
exit 1;
|
||||
fi
|
||||
|
||||
PREFIX="$1"
|
||||
OUR_REALM="$2"
|
||||
OUR_FLAT="$3"
|
||||
REMOTE_REALM="$4"
|
||||
REMOTE_FLAT="$5"
|
||||
shift 5
|
||||
|
||||
. `dirname $0`/subunit.sh
|
||||
|
||||
|
||||
samba_tool="$BINDIR/samba-tool"
|
||||
samba4bindir="$BINDIR"
|
||||
samba4srcdir="$SRCDIR/source4"
|
||||
samba4kinit="kinit -k"
|
||||
if test -x $BINDIR/samba4kinit; then
|
||||
samba4kinit="$BINDIR/samba4kinit --use-keytab"
|
||||
fi
|
||||
|
||||
KEYTAB="$PREFIX/tmptda.keytab"
|
||||
|
||||
KRB5_TRACE=/dev/stderr
|
||||
export KRB5_TRACE
|
||||
|
||||
testit "retrieve keytab for TDA of $REMOTE_REALM" $samba_tool domain exportkeytab $KEYTAB $CONFIGURATION --principal "$REMOTE_FLAT\$@$OUR_REALM" || failed=`expr $failed + 1`
|
||||
|
||||
KRB5CCNAME="$PREFIX/tmptda.ccache"
|
||||
export KRB5CCNAME
|
||||
|
||||
rm -f $KRB5CCNAME
|
||||
|
||||
testit "kinit with keytab for TDA of $REMOTE_REALM" $samba4kinit -t $KEYTAB "$REMOTE_FLAT\$@$OUR_REALM" || failed=`expr $failed + 1`
|
||||
|
||||
rm -f $KRB5CCNAME $KEYTAB
|
||||
|
||||
exit $failed
|
Loading…
Reference in New Issue
Block a user