mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
5767ee9663
The idea here is that the virtual machine stays on the address allocated by DHCP, but is configured statically. This avoids the need to manually set the address on the host, but avoids the host being instructed by DHCP not to do Dynamic DNS. Andrew Bartlett
629 lines
26 KiB
Python
Executable File
629 lines
26 KiB
Python
Executable File
#!/usr/bin/env python
|
||
|
||
'''automated testing of the steps of the Samba4 HOWTO'''
|
||
|
||
import sys, os
|
||
import optparse
|
||
import wintest
|
||
|
||
def check_prerequesites(t):
|
||
t.info("Checking prerequesites")
|
||
t.setvar('HOSTNAME', t.cmd_output("hostname -s").strip())
|
||
if os.getuid() != 0:
|
||
raise Exception("You must run this script as root")
|
||
t.cmd_contains("grep 127.0.0.1 /etc/resolv.conf", ["nameserver 127.0.0.1"])
|
||
t.putenv("KRB5_CONFIG", '${PREFIX}/private/krb5.conf')
|
||
|
||
def build_s4(t):
|
||
'''build samba4'''
|
||
t.info('Building s4')
|
||
t.chdir('${SOURCETREE}/source4')
|
||
t.putenv('CC', 'ccache gcc')
|
||
t.run_cmd('make reconfigure || ./configure --enable-auto-reconfigure --enable-developer --prefix=${PREFIX} -C')
|
||
t.run_cmd('make -j')
|
||
t.run_cmd('rm -rf ${PREFIX}')
|
||
t.run_cmd('make -j install')
|
||
|
||
def provision_s4(t, func_level="2008", interfaces=None):
|
||
'''provision s4 as a DC'''
|
||
t.info('Provisioning s4')
|
||
t.chdir('${PREFIX}')
|
||
t.del_files(["var", "etc", "private"])
|
||
options=' --function-level=%s -d${DEBUGLEVEL}' % func_level
|
||
if interfaces:
|
||
options += ' --option=interfaces=%s' % interfaces
|
||
t.run_cmd('sbin/provision --realm=${LCREALM} --domain=${DOMAIN} --adminpass=${PASSWORD1} --server-role="domain controller"' + options)
|
||
t.run_cmd('bin/samba-tool newuser testallowed ${PASSWORD1}')
|
||
t.run_cmd('bin/samba-tool newuser testdenied ${PASSWORD1}')
|
||
t.run_cmd('bin/samba-tool group addmembers "Allowed RODC Password Replication Group" testallowed')
|
||
|
||
def start_s4(t, interfaces=None):
|
||
t.info('Starting Samba4')
|
||
t.chdir("${PREFIX}")
|
||
t.run_cmd('killall -9 -q samba smbd nmbd winbindd', checkfail=False)
|
||
t.run_cmd(['sbin/samba',
|
||
'--option', 'panic action=gnome-terminal -e "gdb --pid %PID%"',
|
||
'--option', 'interfaces=%s' % interfaces])
|
||
t.port_wait("localhost", 139)
|
||
|
||
def test_smbclient(t):
|
||
t.info('Testing smbclient')
|
||
t.chdir('${PREFIX}')
|
||
t.cmd_contains("bin/smbclient --version", ["Version 4.0"])
|
||
t.retry_cmd('bin/smbclient -L localhost -U%', ["netlogon", "sysvol", "IPC Service"])
|
||
child = t.pexpect_spawn('bin/smbclient //localhost/netlogon -Uadministrator%${PASSWORD1}')
|
||
child.expect("smb:")
|
||
child.sendline("dir")
|
||
child.expect("blocks available")
|
||
child.sendline("mkdir testdir")
|
||
child.expect("smb:")
|
||
child.sendline("cd testdir")
|
||
child.expect('testdir')
|
||
child.sendline("cd ..")
|
||
child.sendline("rmdir testdir")
|
||
|
||
def create_shares(t):
|
||
t.info("Adding test shares")
|
||
t.chdir('${PREFIX}')
|
||
t.write_file("etc/smb.conf", '''
|
||
[test]
|
||
path = ${PREFIX}/test
|
||
read only = no
|
||
[profiles]
|
||
path = ${PREFIX}/var/profiles
|
||
read only = no
|
||
''',
|
||
mode='a')
|
||
t.run_cmd("mkdir -p test")
|
||
t.run_cmd("mkdir -p var/profiles")
|
||
|
||
|
||
def restart_bind(t):
|
||
t.info("Restarting bind9")
|
||
t.putenv('KEYTAB_FILE', '${PREFIX}/private/dns.keytab')
|
||
t.putenv('KRB5_KTNAME', '${PREFIX}/private/dns.keytab')
|
||
t.run_cmd('killall -9 -q named', checkfail=False)
|
||
t.port_wait("localhost", 53, wait_for_fail=True)
|
||
t.run_cmd("${BIND9}")
|
||
t.port_wait("localhost", 53)
|
||
t.run_cmd("${RNDC} flush")
|
||
t.run_cmd("${RNDC} freeze")
|
||
t.run_cmd("${RNDC} thaw")
|
||
|
||
def test_dns(t):
|
||
t.info("Testing DNS")
|
||
t.cmd_contains("host -t SRV _ldap._tcp.${LCREALM}.",
|
||
['_ldap._tcp.${LCREALM} has SRV record 0 100 389 ${HOSTNAME}.${LCREALM}'])
|
||
t.cmd_contains("host -t SRV _kerberos._udp.${LCREALM}.",
|
||
['_kerberos._udp.${LCREALM} has SRV record 0 100 88 ${HOSTNAME}.${LCREALM}'])
|
||
t.cmd_contains("host -t A ${HOSTNAME}.${LCREALM}",
|
||
['${HOSTNAME}.${LCREALM} has address'])
|
||
|
||
def test_kerberos(t):
|
||
t.info("Testing kerberos")
|
||
t.run_cmd("kdestroy")
|
||
t.kinit("administrator@${REALM}", "${PASSWORD1}")
|
||
t.cmd_contains("klist -e", ["Ticket cache", "Default principal", "Valid starting"])
|
||
|
||
|
||
def test_dyndns(t):
|
||
t.chdir('${PREFIX}')
|
||
t.run_cmd("sbin/samba_dnsupdate --fail-immediately")
|
||
t.run_cmd("${RNDC} flush")
|
||
|
||
|
||
def run_winjoin(t, vm):
|
||
t.setwinvars(vm)
|
||
|
||
t.info("Joining a windows box to the domain")
|
||
t.vm_poweroff("${WIN_VM}", checkfail=False)
|
||
t.vm_restore("${WIN_VM}", "${WIN_SNAPSHOT}")
|
||
t.ping_wait("${WIN_HOSTNAME}")
|
||
child = t.open_telnet("${WIN_HOSTNAME}", "${WIN_USER}", "${WIN_PASS}", set_time=True, set_ip=True)
|
||
child.sendline("netdom join ${WIN_HOSTNAME} /Domain:${LCREALM} /PasswordD:${PASSWORD1} /UserD:administrator")
|
||
child.expect("The command completed successfully")
|
||
child.expect("C:")
|
||
child.sendline("shutdown /r -t 0")
|
||
t.port_wait("${WIN_HOSTNAME}", 139, wait_for_fail=True)
|
||
t.port_wait("${WIN_HOSTNAME}", 139)
|
||
child = t.open_telnet("${WIN_HOSTNAME}", "${WIN_USER}", "${WIN_PASS}", set_time=True, set_ip=True)
|
||
child.expect("C:")
|
||
child.sendline("ipconfig /registerdns")
|
||
child.expect("Registration of the DNS resource records for all adapters of this computer has been initiated. Any errors will be reported in the Event Viewer")
|
||
child.expect("C:")
|
||
|
||
def test_winjoin(t, vm):
|
||
t.setwinvars(vm)
|
||
t.info("Checking the windows join is OK")
|
||
t.chdir('${PREFIX}')
|
||
t.port_wait("${WIN_HOSTNAME}", 139)
|
||
t.retry_cmd('bin/smbclient -L ${WIN_HOSTNAME}.${LCREALM} -Uadministrator@${LCREALM}%${PASSWORD1}', ["C$", "IPC$", "Sharename"], retries=100)
|
||
t.cmd_contains("host -t A ${WIN_HOSTNAME}.${LCREALM}.", ['has address'])
|
||
t.cmd_contains('bin/smbclient -L ${WIN_HOSTNAME}.${LCREALM} -Utestallowed@${LCREALM}%${PASSWORD1}', ["C$", "IPC$", "Sharename"])
|
||
t.cmd_contains('bin/smbclient -L ${WIN_HOSTNAME}.${LCREALM} -k no -Utestallowed@${LCREALM}%${PASSWORD1}', ["C$", "IPC$", "Sharename"])
|
||
t.cmd_contains('bin/smbclient -L ${WIN_HOSTNAME}.${LCREALM} -k yes -Utestallowed@${LCREALM}%${PASSWORD1}', ["C$", "IPC$", "Sharename"])
|
||
child = t.open_telnet("${WIN_HOSTNAME}", "${DOMAIN}\\administrator", "${PASSWORD1}")
|
||
child.sendline("net use t: \\\\${HOSTNAME}.${LCREALM}\\test")
|
||
child.expect("The command completed successfully")
|
||
t.vm_poweroff("${WIN_VM}")
|
||
|
||
|
||
def run_dcpromo(t, vm):
|
||
'''run a dcpromo on windows'''
|
||
t.setwinvars(vm)
|
||
|
||
t.info("Joining a windows VM ${WIN_VM} to the domain as a DC using dcpromo")
|
||
t.vm_poweroff("${WIN_VM}", checkfail=False)
|
||
t.vm_restore("${WIN_VM}", "${WIN_SNAPSHOT}")
|
||
t.ping_wait("${WIN_HOSTNAME}")
|
||
child = t.open_telnet("${WIN_HOSTNAME}", "administrator", "${WIN_PASS}", set_ip=True)
|
||
child.sendline("copy /Y con answers.txt")
|
||
child.sendline('''
|
||
[DCINSTALL]
|
||
RebootOnSuccess=Yes
|
||
RebootOnCompletion=Yes
|
||
ReplicaOrNewDomain=Replica
|
||
ReplicaDomainDNSName=${LCREALM}
|
||
SiteName=Default-First-Site-Name
|
||
InstallDNS=No
|
||
ConfirmGc=Yes
|
||
CreateDNSDelegation=No
|
||
UserDomain=${LCREALM}
|
||
UserName=${LCREALM}\\administrator
|
||
Password=${PASSWORD1}
|
||
DatabasePath="C:\Windows\NTDS"
|
||
LogPath="C:\Windows\NTDS"
|
||
SYSVOLPath="C:\Windows\SYSVOL"
|
||
SafeModeAdminPassword=${PASSWORD1}
|
||
|
||
''')
|
||
child.expect("copied.")
|
||
child.expect("C:")
|
||
child.expect("C:")
|
||
child.sendline("dcpromo /answer:answers.txt")
|
||
i = child.expect(["You must restart this computer", "failed", "C:"], timeout=120)
|
||
if i == 1:
|
||
raise Exception("dcpromo failed")
|
||
t.port_wait("${WIN_HOSTNAME}", 139, wait_for_fail=True)
|
||
t.port_wait("${WIN_HOSTNAME}", 139)
|
||
|
||
|
||
def test_dcpromo(t, vm):
|
||
t.setwinvars(vm)
|
||
t.info("Checking the dcpromo join is OK")
|
||
t.chdir('${PREFIX}')
|
||
t.port_wait("${WIN_HOSTNAME}", 139)
|
||
t.retry_cmd('bin/smbclient -L ${WIN_HOSTNAME}.${LCREALM} -Uadministrator@${LCREALM}%${PASSWORD1}', ["C$", "IPC$", "Sharename"])
|
||
t.cmd_contains("host -t A ${WIN_HOSTNAME}.${LCREALM}.", ['has address'])
|
||
t.cmd_contains('bin/smbclient -L ${WIN_HOSTNAME}.${LCREALM} -Utestallowed@${LCREALM}%${PASSWORD1}', ["C$", "IPC$", "Sharename"])
|
||
|
||
t.cmd_contains("bin/samba-tool drs kcc ${HOSTNAME} -Uadministrator@${LCREALM}%${PASSWORD1}", ['Consistency check', 'successful'])
|
||
t.cmd_contains("bin/samba-tool drs kcc ${WIN_HOSTNAME} -Uadministrator@${LCREALM}%${PASSWORD1}", ['Consistency check', 'successful'])
|
||
|
||
t.kinit("administrator@${REALM}", "${PASSWORD1}")
|
||
for nc in [ '${BASEDN}', 'CN=Configuration,${BASEDN}', 'CN=Schema,CN=Configuration,${BASEDN}' ]:
|
||
t.cmd_contains("bin/samba-tool drs replicate ${HOSTNAME} ${WIN_HOSTNAME} %s -k yes" % nc, ["was successful"])
|
||
t.cmd_contains("bin/samba-tool drs replicate ${WIN_HOSTNAME} ${HOSTNAME} %s -k yes" % nc, ["was successful"])
|
||
|
||
t.cmd_contains("bin/samba-tool drs showrepl ${HOSTNAME} -k yes",
|
||
[ "INBOUND NEIGHBORS",
|
||
"${BASEDN}",
|
||
"Last attempt .* was successful",
|
||
"CN=Configuration,${BASEDN}",
|
||
"Last attempt .* was successful",
|
||
"CN=Configuration,${BASEDN}", # cope with either order
|
||
"Last attempt .* was successful",
|
||
"OUTBOUND NEIGHBORS",
|
||
"${BASEDN}",
|
||
"Last success",
|
||
"CN=Configuration,${BASEDN}",
|
||
"Last success",
|
||
"CN=Configuration,${BASEDN}",
|
||
"Last success"],
|
||
ordered=True,
|
||
regex=True)
|
||
|
||
t.cmd_contains("bin/samba-tool drs showrepl ${WIN_HOSTNAME} -k yes",
|
||
[ "INBOUND NEIGHBORS",
|
||
"${BASEDN}",
|
||
"Last attempt .* was successful",
|
||
"CN=Configuration,${BASEDN}",
|
||
"Last attempt .* was successful",
|
||
"CN=Configuration,${BASEDN}",
|
||
"Last attempt .* was successful",
|
||
"OUTBOUND NEIGHBORS",
|
||
"${BASEDN}",
|
||
"Last success",
|
||
"CN=Configuration,${BASEDN}",
|
||
"Last success",
|
||
"CN=Configuration,${BASEDN}",
|
||
"Last success" ],
|
||
ordered=True,
|
||
regex=True)
|
||
|
||
child = t.open_telnet("${WIN_HOSTNAME}", "${DOMAIN}\\administrator", "${PASSWORD1}", set_time=True)
|
||
child.sendline("net use t: \\\\${HOSTNAME}.${LCREALM}\\test")
|
||
child.expect("The command completed successfully")
|
||
|
||
t.run_net_time(child)
|
||
|
||
t.info("Checking if showrepl is happy")
|
||
child.sendline("repadmin /showrepl")
|
||
child.expect("${BASEDN}")
|
||
child.expect("was successful")
|
||
child.expect("CN=Configuration,${BASEDN}")
|
||
child.expect("was successful")
|
||
child.expect("CN=Schema,CN=Configuration,${BASEDN}")
|
||
child.expect("was successful")
|
||
|
||
t.info("Checking if new users propogate to windows")
|
||
t.run_cmd('bin/samba-tool newuser test2 ${PASSWORD2}')
|
||
t.retry_cmd("bin/smbclient -L ${WIN_HOSTNAME} -Utest2%${PASSWORD2} -k no", ['Sharename', 'Remote IPC'])
|
||
t.retry_cmd("bin/smbclient -L ${WIN_HOSTNAME} -Utest2%${PASSWORD2} -k yes", ['Sharename', 'Remote IPC'])
|
||
|
||
t.info("Checking if new users on windows propogate to samba")
|
||
child.sendline("net user test3 ${PASSWORD3} /add")
|
||
while True:
|
||
i = child.expect(["The command completed successfully",
|
||
"The directory service was unable to allocate a relative identifier"])
|
||
if i == 0:
|
||
break
|
||
time.sleep(2)
|
||
|
||
t.retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest3%${PASSWORD3} -k no", ['Sharename', 'IPC'])
|
||
t.retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest3%${PASSWORD3} -k yes", ['Sharename', 'IPC'])
|
||
|
||
t.info("Checking propogation of user deletion")
|
||
t.run_cmd('bin/samba-tool user delete test2 -Uadministrator@${LCREALM}%${PASSWORD1}')
|
||
child.sendline("net user test3 /del")
|
||
child.expect("The command completed successfully")
|
||
|
||
t.retry_cmd("bin/smbclient -L ${WIN_HOSTNAME} -Utest2%${PASSWORD2} -k no", ['LOGON_FAILURE'])
|
||
t.retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest3%${PASSWORD3} -k no", ['LOGON_FAILURE'])
|
||
t.retry_cmd("bin/smbclient -L ${WIN_HOSTNAME} -Utest2%${PASSWORD2} -k yes", ['LOGON_FAILURE'])
|
||
t.retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest3%${PASSWORD3} -k yes", ['LOGON_FAILURE'])
|
||
t.vm_poweroff("${WIN_VM}")
|
||
|
||
|
||
def run_dcpromo_rodc(t, vm):
|
||
t.setwinvars(vm)
|
||
t.info("Joining a w2k8 box to the domain as a RODC")
|
||
t.vm_poweroff("${WIN_VM}", checkfail=False)
|
||
t.vm_restore("${WIN_VM}", "${WIN_SNAPSHOT}")
|
||
t.ping_wait("${WIN_HOSTNAME}")
|
||
child = t.open_telnet("${WIN_HOSTNAME}", "administrator", "${WIN_PASS}", set_ip=True)
|
||
child.sendline("copy /Y con answers.txt")
|
||
child.sendline('''
|
||
[DCInstall]
|
||
ReplicaOrNewDomain=ReadOnlyReplica
|
||
ReplicaDomainDNSName=${LCREALM}
|
||
PasswordReplicationDenied="BUILTIN\Administrators"
|
||
PasswordReplicationDenied="BUILTIN\Server Operators"
|
||
PasswordReplicationDenied="BUILTIN\Backup Operators"
|
||
PasswordReplicationDenied="BUILTIN\Account Operators"
|
||
PasswordReplicationDenied="${DOMAIN}\Denied RODC Password Replication Group"
|
||
PasswordReplicationAllowed="${DOMAIN}\Allowed RODC Password Replication Group"
|
||
DelegatedAdmin="${DOMAIN}\\Administrator"
|
||
SiteName=Default-First-Site-Name
|
||
InstallDNS=No
|
||
ConfirmGc=Yes
|
||
CreateDNSDelegation=No
|
||
UserDomain=${LCREALM}
|
||
UserName=${LCREALM}\\administrator
|
||
Password=${PASSWORD1}
|
||
DatabasePath="C:\Windows\NTDS"
|
||
LogPath="C:\Windows\NTDS"
|
||
SYSVOLPath="C:\Windows\SYSVOL"
|
||
SafeModeAdminPassword=${PASSWORD1}
|
||
RebootOnCompletion=No
|
||
|
||
''')
|
||
child.expect("copied.")
|
||
child.sendline("dcpromo /answer:answers.txt")
|
||
i = child.expect(["You must restart this computer", "failed"], timeout=120)
|
||
if i != 0:
|
||
raise Exception("dcpromo failed")
|
||
child.sendline("shutdown -r -t 0")
|
||
t.port_wait("${WIN_HOSTNAME}", 139, wait_for_fail=True)
|
||
t.port_wait("${WIN_HOSTNAME}", 139)
|
||
|
||
|
||
|
||
def test_dcpromo_rodc(t, vm):
|
||
t.setwinvars(vm)
|
||
t.info("Checking the w2k8 RODC join is OK")
|
||
t.chdir('${PREFIX}')
|
||
t.port_wait("${WIN_HOSTNAME}", 139)
|
||
t.retry_cmd('bin/smbclient -L ${WIN_HOSTNAME}.${LCREALM} -Uadministrator@${LCREALM}%${PASSWORD1}', ["C$", "IPC$", "Sharename"])
|
||
t.cmd_contains("host -t A ${WIN_HOSTNAME}.${LCREALM}.", ['has address'])
|
||
t.cmd_contains('bin/smbclient -L ${WIN_HOSTNAME}.${LCREALM} -Utestallowed@${LCREALM}%${PASSWORD1}', ["C$", "IPC$", "Sharename"])
|
||
child = t.open_telnet("${WIN_HOSTNAME}", "${DOMAIN}\\administrator", "${PASSWORD1}", set_time=True)
|
||
child.sendline("net use t: \\\\${HOSTNAME}.${LCREALM}\\test")
|
||
child.expect("The command completed successfully")
|
||
|
||
t.info("Checking if showrepl is happy")
|
||
child.sendline("repadmin /showrepl")
|
||
child.expect("${BASEDN}")
|
||
child.expect("was successful")
|
||
child.expect("CN=Configuration,${BASEDN}")
|
||
child.expect("was successful")
|
||
child.expect("CN=Configuration,${BASEDN}")
|
||
child.expect("was successful")
|
||
|
||
t.info("Checking if new users are available on windows")
|
||
t.run_cmd('bin/samba-tool newuser test2 ${PASSWORD2}')
|
||
t.retry_cmd("bin/smbclient -L ${WIN_HOSTNAME} -Utest2%${PASSWORD2} -k no", ['Sharename', 'Remote IPC'])
|
||
t.retry_cmd("bin/smbclient -L ${WIN_HOSTNAME} -Utest2%${PASSWORD2} -k yes", ['Sharename', 'Remote IPC'])
|
||
t.run_cmd('bin/samba-tool user delete test2 -Uadministrator@${LCREALM}%${PASSWORD1}')
|
||
t.retry_cmd("bin/smbclient -L ${WIN_HOSTNAME} -Utest2%${PASSWORD2}", ['LOGON_FAILURE'])
|
||
t.vm_poweroff("${WIN_VM}")
|
||
|
||
|
||
def join_as_dc(t, vm):
|
||
t.setwinvars(vm)
|
||
t.info("Joining ${WIN_VM} as a second DC using samba-tool join DC")
|
||
t.chdir('${PREFIX}')
|
||
t.run_cmd('killall -9 -q samba smbd nmbd winbindd', checkfail=False)
|
||
t.vm_poweroff("${WIN_VM}", checkfail=False)
|
||
t.vm_restore("${WIN_VM}", "${WIN_SNAPSHOT}")
|
||
t.run_cmd('${RNDC} flush')
|
||
t.run_cmd("rm -rf etc private")
|
||
t.open_telnet("${WIN_HOSTNAME}", "${WIN_DOMAIN}\\administrator", "${WIN_PASS}", set_time=True, set_ip=True)
|
||
t.retry_cmd("bin/samba-tool drs showrepl ${WIN_HOSTNAME} -Uadministrator%${WIN_PASS}", ['INBOUND NEIGHBORS'] )
|
||
t.run_cmd('bin/samba-tool join ${WIN_REALM} DC -Uadministrator%${WIN_PASS} -d${DEBUGLEVEL}')
|
||
t.run_cmd('bin/samba-tool drs kcc ${WIN_HOSTNAME} -Uadministrator@${WIN_REALM}%${WIN_PASS}')
|
||
|
||
|
||
def test_join_as_dc(t, vm):
|
||
t.setwinvars(vm)
|
||
t.info("Checking the DC join is OK")
|
||
t.chdir('${PREFIX}')
|
||
t.retry_cmd('bin/smbclient -L ${HOSTNAME}.${WIN_REALM} -Uadministrator@${WIN_REALM}%${WIN_PASS}', ["C$", "IPC$", "Sharename"])
|
||
t.cmd_contains("host -t A ${HOSTNAME}.${WIN_REALM}.", ['has address'])
|
||
child = t.open_telnet("${WIN_HOSTNAME}", "${WIN_DOMAIN}\\administrator", "${WIN_PASS}", set_time=True)
|
||
|
||
t.info("Forcing kcc runs, and replication")
|
||
t.run_cmd('bin/samba-tool drs kcc ${WIN_HOSTNAME} -Uadministrator@${WIN_REALM}%${WIN_PASS}')
|
||
t.run_cmd('bin/samba-tool drs kcc ${HOSTNAME} -Uadministrator@${WIN_REALM}%${WIN_PASS}')
|
||
|
||
t.kinit("administrator@${WIN_REALM}", "${WIN_PASS}")
|
||
for nc in [ '${WIN_BASEDN}', 'CN=Configuration,${WIN_BASEDN}', 'CN=Schema,CN=Configuration,${WIN_BASEDN}' ]:
|
||
t.cmd_contains("bin/samba-tool drs replicate ${HOSTNAME} ${WIN_HOSTNAME} %s -k yes" % nc, ["was successful"])
|
||
t.cmd_contains("bin/samba-tool drs replicate ${WIN_HOSTNAME} ${HOSTNAME} %s -k yes" % nc, ["was successful"])
|
||
|
||
child.sendline("net use t: \\\\${HOSTNAME}.${WIN_REALM}\\test")
|
||
child.expect("The command completed successfully")
|
||
|
||
t.info("Checking if showrepl is happy")
|
||
child.sendline("repadmin /showrepl")
|
||
child.expect("${WIN_BASEDN}")
|
||
child.expect("was successful")
|
||
child.expect("CN=Configuration,${WIN_BASEDN}")
|
||
child.expect("was successful")
|
||
child.expect("CN=Configuration,${WIN_BASEDN}")
|
||
child.expect("was successful")
|
||
|
||
t.info("Checking if new users propogate to windows")
|
||
t.run_cmd('bin/samba-tool newuser test2 ${PASSWORD2}')
|
||
t.retry_cmd("bin/smbclient -L ${WIN_HOSTNAME} -Utest2%${PASSWORD2} -k no", ['Sharename', 'Remote IPC'])
|
||
t.retry_cmd("bin/smbclient -L ${WIN_HOSTNAME} -Utest2%${PASSWORD2} -k yes", ['Sharename', 'Remote IPC'])
|
||
|
||
t.info("Checking if new users on windows propogate to samba")
|
||
child.sendline("net user test3 ${PASSWORD3} /add")
|
||
child.expect("The command completed successfully")
|
||
t.retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest3%${PASSWORD3} -k no", ['Sharename', 'IPC'])
|
||
t.retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest3%${PASSWORD3} -k yes", ['Sharename', 'IPC'])
|
||
|
||
t.info("Checking propogation of user deletion")
|
||
t.run_cmd('bin/samba-tool user delete test2 -Uadministrator@${WIN_REALM}%${WIN_PASS}')
|
||
child.sendline("net user test3 /del")
|
||
child.expect("The command completed successfully")
|
||
|
||
t.retry_cmd("bin/smbclient -L ${WIN_HOSTNAME} -Utest2%${PASSWORD2} -k no", ['LOGON_FAILURE'])
|
||
t.retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest3%${PASSWORD3} -k no", ['LOGON_FAILURE'])
|
||
t.retry_cmd("bin/smbclient -L ${WIN_HOSTNAME} -Utest2%${PASSWORD2} -k yes", ['LOGON_FAILURE'])
|
||
t.retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest3%${PASSWORD3} -k yes", ['LOGON_FAILURE'])
|
||
t.vm_poweroff("${WIN_VM}")
|
||
|
||
|
||
def join_as_rodc(t, vm):
|
||
t.setwinvars(vm)
|
||
t.info("Joining ${WIN_VM} as a RODC using samba-tool join DC")
|
||
t.chdir('${PREFIX}')
|
||
t.run_cmd('killall -9 -q samba smbd nmbd winbindd', checkfail=False)
|
||
t.vm_poweroff("${WIN_VM}", checkfail=False)
|
||
t.vm_restore("${WIN_VM}", "${WIN_SNAPSHOT}")
|
||
t.run_cmd('${RNDC} flush')
|
||
t.run_cmd("rm -rf etc private")
|
||
t.open_telnet("${WIN_HOSTNAME}", "${WIN_DOMAIN}\\administrator", "${WIN_PASS}", set_time=True, set_ip=True)
|
||
t.retry_cmd("bin/samba-tool drs showrepl ${WIN_HOSTNAME} -Uadministrator%${WIN_PASS}", ['INBOUND NEIGHBORS'] )
|
||
t.run_cmd('bin/samba-tool join ${WIN_REALM} RODC -Uadministrator%${WIN_PASS} -d${DEBUGLEVEL}')
|
||
t.run_cmd('bin/samba-tool drs kcc ${WIN_HOSTNAME} -Uadministrator@${WIN_REALM}%${WIN_PASS}')
|
||
|
||
|
||
def test_join_as_rodc(t, vm):
|
||
t.setwinvars(vm)
|
||
t.info("Checking the RODC join is OK")
|
||
t.chdir('${PREFIX}')
|
||
t.retry_cmd('bin/smbclient -L ${HOSTNAME}.${WIN_REALM} -Uadministrator@${WIN_REALM}%${WIN_PASS}', ["C$", "IPC$", "Sharename"])
|
||
t.cmd_contains("host -t A ${HOSTNAME}.${WIN_REALM}.", ['has address'])
|
||
child = t.open_telnet("${WIN_HOSTNAME}", "${WIN_DOMAIN}\\administrator", "${WIN_PASS}", set_time=True)
|
||
|
||
t.info("Forcing kcc runs, and replication")
|
||
t.run_cmd('bin/samba-tool drs kcc ${HOSTNAME} -Uadministrator@${WIN_REALM}%${WIN_PASS}')
|
||
t.run_cmd('bin/samba-tool drs kcc ${WIN_HOSTNAME} -Uadministrator@${WIN_REALM}%${WIN_PASS}')
|
||
|
||
t.kinit("administrator@${WIN_REALM}", "${WIN_PASS}")
|
||
for nc in [ '${WIN_BASEDN}', 'CN=Configuration,${WIN_BASEDN}', 'CN=Schema,CN=Configuration,${WIN_BASEDN}' ]:
|
||
t.cmd_contains("bin/samba-tool drs replicate ${HOSTNAME} ${WIN_HOSTNAME} %s -k yes" % nc, ["was successful"])
|
||
|
||
child.sendline("net use t: \\\\${HOSTNAME}.${WIN_REALM}\\test")
|
||
child.expect("The command completed successfully")
|
||
|
||
t.info("Checking if showrepl is happy")
|
||
child.sendline("repadmin /showrepl")
|
||
child.expect("DSA invocationID")
|
||
|
||
t.cmd_contains("bin/samba-tool drs showrepl ${WIN_HOSTNAME}.${WIN_REALM} -k yes",
|
||
[ "INBOUND NEIGHBORS",
|
||
"OUTBOUND NEIGHBORS",
|
||
"${WIN_BASEDN}",
|
||
"Last attempt .* was successful",
|
||
"CN=Configuration,${WIN_BASEDN}",
|
||
"Last attempt .* was successful",
|
||
"CN=Configuration,${WIN_BASEDN}",
|
||
"Last attempt .* was successful" ],
|
||
ordered=True,
|
||
regex=True)
|
||
|
||
t.info("Checking if new users on windows propogate to samba")
|
||
child.sendline("net user test3 ${PASSWORD3} /add")
|
||
child.expect("The command completed successfully")
|
||
t.retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest3%${PASSWORD3} -k no", ['Sharename', 'IPC'])
|
||
t.retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest3%${PASSWORD3} -k yes", ['Sharename', 'IPC'])
|
||
|
||
# should this work?
|
||
t.info("Checking if new users propogate to windows")
|
||
t.cmd_contains('bin/samba-tool newuser test2 ${PASSWORD2}', ['No RID Set DN'])
|
||
|
||
t.info("Checking propogation of user deletion")
|
||
child.sendline("net user test3 /del")
|
||
child.expect("The command completed successfully")
|
||
|
||
t.retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest3%${PASSWORD3} -k no", ['LOGON_FAILURE'])
|
||
t.retry_cmd("bin/smbclient -L ${HOSTNAME} -Utest3%${PASSWORD3} -k yes", ['LOGON_FAILURE'])
|
||
t.vm_poweroff("${WIN_VM}")
|
||
|
||
|
||
def test_howto(t):
|
||
'''test the Samba4 howto'''
|
||
|
||
check_prerequesites(t)
|
||
|
||
# we don't need fsync safety in these tests
|
||
t.putenv('TDB_NO_FSYNC', '1')
|
||
|
||
if not t.skip("build"):
|
||
build_s4(t)
|
||
|
||
if not t.skip("provision"):
|
||
provision_s4(t)
|
||
|
||
if not t.skip("create-shares"):
|
||
create_shares(t)
|
||
|
||
if not t.skip("starts4"):
|
||
start_s4(t, interfaces='${INTERFACES}')
|
||
if not t.skip("smbclient"):
|
||
test_smbclient(t)
|
||
if not t.skip("startbind"):
|
||
restart_bind(t)
|
||
if not t.skip("dns"):
|
||
test_dns(t)
|
||
if not t.skip("kerberos"):
|
||
test_kerberos(t)
|
||
if not t.skip("dyndns"):
|
||
test_dyndns(t)
|
||
|
||
if t.have_var('WINDOWS7_VM') and not t.skip("windows7"):
|
||
run_winjoin(t, "WINDOWS7")
|
||
test_winjoin(t, "WINDOWS7")
|
||
|
||
if t.have_var('WINXP_VM') and not t.skip("winxp"):
|
||
run_winjoin(t, "WINXP")
|
||
test_winjoin(t, "WINXP")
|
||
|
||
if t.have_var('W2K8R2C_VM') and not t.skip("dcpromo_rodc"):
|
||
t.info("Testing w2k8r2 RODC dcpromo")
|
||
run_dcpromo_rodc(t, "W2K8R2C")
|
||
test_dcpromo_rodc(t, "W2K8R2C")
|
||
|
||
if t.have_var('W2K8R2B_VM') and not t.skip("dcpromo_w2k8r2"):
|
||
t.info("Testing w2k8r2 dcpromo")
|
||
run_dcpromo(t, "W2K8R2B")
|
||
test_dcpromo(t, "W2K8R2B")
|
||
|
||
if t.have_var('W2K8B_VM') and not t.skip("dcpromo_w2k8"):
|
||
t.info("Testing w2k8 dcpromo")
|
||
run_dcpromo(t, "W2K8B")
|
||
test_dcpromo(t, "W2K8B")
|
||
|
||
if t.have_var('W2K3B_VM') and not t.skip("dcpromo_w2k3"):
|
||
t.info("Testing w2k3 dcpromo")
|
||
t.info("Changing to 2003 functional level")
|
||
provision_s4(t, func_level='2003', interfaces='${INTERFACES}')
|
||
create_shares(t)
|
||
start_s4(t, interfaces='${INTERFACES}')
|
||
test_smbclient(t)
|
||
restart_bind(t)
|
||
test_dns(t)
|
||
test_kerberos(t)
|
||
test_dyndns(t)
|
||
run_dcpromo(t, "W2K3B")
|
||
test_dcpromo(t, "W2K3B")
|
||
|
||
if t.have_var('W2K8R2A_VM') and not t.skip("join_w2k8r2"):
|
||
join_as_dc(t, "W2K8R2A")
|
||
create_shares(t)
|
||
start_s4(t, interfaces='${INTERFACES}')
|
||
test_dyndns(t)
|
||
test_join_as_dc(t, "W2K8R2A")
|
||
|
||
if t.have_var('W2K8R2A_VM') and not t.skip("join_rodc"):
|
||
join_as_rodc(t, "W2K8R2A")
|
||
create_shares(t)
|
||
start_s4(t, interfaces='${INTERFACES}')
|
||
test_dyndns(t)
|
||
test_join_as_rodc(t, "W2K8R2A")
|
||
|
||
if t.have_var('W2K3A_VM') and not t.skip("join_w2k3"):
|
||
join_as_dc(t, "W2K3A")
|
||
create_shares(t)
|
||
start_s4(t, interfaces='${INTERFACES}')
|
||
test_dyndns(t)
|
||
test_join_as_dc(t, "W2K3A")
|
||
|
||
t.info("Howto test: All OK")
|
||
|
||
|
||
if __name__ == '__main__':
|
||
parser = optparse.OptionParser("test-howto.py")
|
||
parser.add_option("--conf", type='string', default='', help='config file')
|
||
parser.add_option("--skip", type='string', default='', help='list of steps to skip (comma separated)')
|
||
parser.add_option("--list", action='store_true', default=False, help='list the available steps')
|
||
parser.add_option("--rebase", action='store_true', default=False, help='do a git pull --rebase')
|
||
parser.add_option("--clean", action='store_true', default=False, help='clean the tree')
|
||
parser.add_option("--prefix", type='string', default=None, help='override install prefix')
|
||
parser.add_option("--sourcetree", type='string', default=None, help='override sourcetree location')
|
||
|
||
opts, args = parser.parse_args()
|
||
|
||
if not opts.conf:
|
||
print("Please specify a config file with --conf")
|
||
sys.exit(1)
|
||
|
||
t = wintest.wintest()
|
||
t.load_config(opts.conf)
|
||
t.set_skip(opts.skip)
|
||
|
||
if opts.list:
|
||
t.list_steps_mode()
|
||
|
||
if opts.prefix:
|
||
t.setvar('PREFIX', opts.prefix)
|
||
|
||
if opts.sourcetree:
|
||
t.setvar('SOURCETREE', opts.sourcetree)
|
||
|
||
if opts.rebase:
|
||
t.info('rebasing')
|
||
t.chdir('${SOURCETREE}')
|
||
t.run_cmd('git pull --rebase')
|
||
|
||
if opts.clean:
|
||
t.info('rebasing')
|
||
t.chdir('${SOURCETREE}/source4')
|
||
t.run_cmd('rm -rf bin')
|
||
|
||
test_howto(t)
|