sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-08 21:18:16 +03:00
Code
b923da5857
samba-mirror/source3/script/tests/test_winbind_ignore_domains.sh
Ralph Boehme 32197d21da selftest: add a test for "winbind:ignore domains" 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14602

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-01-21 21:48:30 +00:00

105 lines
3.3 KiB
Bash
Executable File
Raw Blame History

#!/bin/sh
incdir=`dirname $0`/../../../testprogs/blackbox
. $incdir/subunit.sh
. $incdir/common_test_fns.inc
failed=0
smbclient="$BINDIR/smbclient"
smbcontrol="$BINDIR/smbcontrol"
ldbmodify="$BINDIR/ldbmodify"
ldbsearch="$BINDIR/ldbsearch"
wbinfo="$BINDIR/wbinfo"
global_inject_conf=$(dirname $SMB_CONF_PATH)/global_inject.conf
SERVER_FQDN=$(echo "$SERVER.$REALM" | awk '{print tolower($0)}')
TRUST_BASE_DN=$($ldbsearch -H ldap://$TRUST_SERVER -b "" -s base defaultNamingContext | awk '/^defaultNamingContext/ {print $2}')
if [ $? -ne 0 ] ; then
echo "Could not find trusted base DN" | subunit_fail_test "test_idmap_ad"
exit 1
fi
#
# Add POSIX ids to trusted domain
#
add_posix_ids() {
cat <<EOF | $ldbmodify -H ldap://$TRUST_SERVER \
-U "$TRUST_DOMAIN\Administrator%$TRUST_PASSWORD"
dn: CN=Administrator,CN=Users,$TRUST_BASE_DN
changetype: modify
add: uidNumber
uidNumber: 2500000
EOF
cat <<EOF | $ldbmodify -H ldap://$TRUST_SERVER \
-U "$TRUST_DOMAIN\Administrator%$TRUST_PASSWORD"
dn: CN=Domain Users,CN=Users,$TRUST_BASE_DN
changetype: modify
add: gidNumber
gidNumber: 2500001
EOF
cat <<EOF | $ldbmodify -H ldap://$TRUST_SERVER \
-U "$TRUST_DOMAIN\Administrator%$TRUST_PASSWORD"
dn: CN=Domain Admins,CN=Users,$TRUST_BASE_DN
changetype: modify
add: gidNumber
gidNumber: 2500002
EOF
}
#
# Remove POSIX ids from trusted domain
#
remove_posix_ids() {
cat <<EOF | $ldbmodify -H ldap://$TRUST_SERVER \
-U "$TRUST_DOMAIN\Administrator%$TRUST_PASSWORD"
dn: CN=Administrator,CN=Users,$TRUST_BASE_DN
changetype: modify
delete: uidNumber
uidNumber: 2500000
EOF
cat <<EOF | $ldbmodify -H ldap://$TRUST_SERVER \
-U "$TRUST_DOMAIN\Administrator%$TRUST_PASSWORD"
dn: CN=Domain Users,CN=Users,$TRUST_BASE_DN
changetype: modify
delete: gidNumber
gidNumber: 2500001
EOF
cat <<EOF | $ldbmodify -H ldap://$TRUST_SERVER \
-U "$TRUST_DOMAIN\Administrator%$TRUST_PASSWORD"
dn: CN=Domain Admins,CN=Users,$TRUST_BASE_DN
changetype: modify
delete: gidNumber
gidNumber: 2500002
EOF
}
add_posix_ids
echo "" > $global_inject_conf
$smbcontrol winbindd reload-config
$wbinfo -p
test_smbclient "test_winbind_ignore_domains_ok_ntlm_ip" "ls" "//$SERVER_IP/tmp" -U $TRUST_DOMAIN/$TRUST_USERNAME%$TRUST_PASSWORD || failed=`expr $failed + 1`
test_smbclient "test_winbind_ignore_domains_ok_ntlm_fqdn" "ls" "//$SERVER_FQDN/tmp" -U $TRUST_DOMAIN/$TRUST_USERNAME%$TRUST_PASSWORD || failed=`expr $failed + 1`
test_smbclient "test_winbind_ignore_domains_ok_krb5" "ls" "//$SERVER_FQDN/tmp" -U $TRUST_USERNAME@$TRUST_REALM%$TRUST_PASSWORD -k || failed=`expr $failed + 1`
echo "winbind:ignore domains = $TRUST_DOMAIN" > $global_inject_conf
$smbcontrol winbindd reload-config
$wbinfo -p
test_smbclient_expect_failure "test_winbind_ignore_domains_fail_ntlm_ip" "ls" "//$SERVER_IP/tmp" -U $TRUST_DOMAIN/$TRUST_USERNAME%$TRUST_PASSWORD || failed=`expr $failed + 1`
test_smbclient_expect_failure "test_winbind_ignore_domains_fail_ntlm_fqdn" "ls" "//$SERVER_FQDN/tmp" -U $TRUST_DOMAIN/$TRUST_USERNAME%$TRUST_PASSWORD || failed=`expr $failed + 1`
test_smbclient_expect_failure "test_winbind_ignore_domains_fail_krb5" "ls" "//$SERVER_FQDN/tmp" -U $TRUST_USERNAME@$TRUST_REALM%$TRUST_PASSWORD -k || failed=`expr $failed + 1`
echo "" > $global_inject_conf
$smbcontrol winbindd reload-config
$wbinfo -p
remove_posix_ids
testok $0 $failed
View Git Blame Copy Permalink