Changeset 745 for trunk/server/testprogs/blackbox/test_kinit.sh
- Timestamp:
- Nov 27, 2012, 4:43:17 PM (13 years ago)
- Location:
- trunk/server
- Files:
-
- 2 edited
-
. (modified) (1 prop)
-
testprogs/blackbox/test_kinit.sh (modified) (5 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/server
- Property svn:mergeinfo changed
/vendor/current merged: 581,587,591,594,597,600,615,618,740
- Property svn:mergeinfo changed
-
trunk/server/testprogs/blackbox/test_kinit.sh
r414 r745 17 17 DOMAIN=$5 18 18 PREFIX=$6 19 shift 6 19 ENCTYPE=$7 20 shift 7 20 21 failed=0 21 22 22 23 samba4bindir="$BUILDDIR/bin" 24 samba4srcdir="$SRCDIR/source4" 23 25 smbclient="$samba4bindir/smbclient$EXEEXT" 24 26 samba4kinit="$samba4bindir/samba4kinit$EXEEXT" 25 net="$samba4bindir/net$EXEEXT" 27 samba_tool="$samba4bindir/samba-tool$EXEEXT" 28 ldbmodify="$samba4bindir/ldbmodify$EXEEXT" 29 ldbsearch="$samba4bindir/ldbsearch$EXEEXT" 26 30 rkpty="$samba4bindir/rkpty$EXEEXT" 27 31 samba4kpasswd="$samba4bindir/samba4kpasswd$EXEEXT" 28 enableaccount="$PYTHON `dirname $0`/../../source4/setup/enableaccount" 32 enableaccount="$samba_tool enableaccount" 33 machineaccountccache="$samba4srcdir/scripting/bin/machineaccountccache" 29 34 30 35 . `dirname $0`/subunit.sh … … 46 51 } 47 52 53 enctype="-e $ENCTYPE" 54 55 PWSETCONFIG="-H ldap://$SERVER -U$USERNAME%$PASSWORD" 56 export PWSETCONFIG 57 48 58 KRB5CCNAME="$PREFIX/tmpccache" 49 59 export KRB5CCNAME 50 60 51 echo $PASSWORD > ./tmppassfile 52 #testit "kinit with keytab" $samba4kinit --keytab=$PREFIX/dc/private/secrets.keytab $SERVER\$@$REALM || failed=`expr $failed + 1` 53 testit "kinit with password" $samba4kinit --password-file=./tmppassfile --request-pac $USERNAME@$REALM || failed=`expr $failed + 1` 54 testit "kinit with password (enterprise style)" $samba4kinit --enterprise --password-file=./tmppassfile --request-pac $USERNAME@$REALM || failed=`expr $failed + 1` 55 testit "kinit with password (windows style)" $samba4kinit --windows --password-file=./tmppassfile --request-pac $USERNAME@$REALM || failed=`expr $failed + 1` 56 testit "kinit with pkinit (name specified)" $samba4kinit --request-pac --renewable --pk-user=FILE:$PREFIX/dc/private/tls/admincert.pem,$PREFIX/dc/private/tls/adminkey.pem $USERNAME@$REALM || failed=`expr $failed + 1` 57 testit "kinit with pkinit (enterprise name specified)" $samba4kinit --request-pac --renewable --pk-user=FILE:$PREFIX/dc/private/tls/admincert.pem,$PREFIX/dc/private/tls/adminkey.pem --enterprise $USERNAME@$REALM || failed=`expr $failed + 1` 58 testit "kinit with pkinit (enterprise name in cert)" $samba4kinit --request-pac --renewable --pk-user=FILE:$PREFIX/dc/private/tls/admincertupn.pem,$PREFIX/dc/private/tls/adminkey.pem --pk-enterprise || failed=`expr $failed + 1` 59 testit "kinit renew ticket" $samba4kinit --request-pac -R 61 testit "reset password policies beside of minimum password age of 0 days" $VALGRIND $samba_tool pwsettings $PWSETCONFIG set --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=0 --max-pwd-age=default || failed=`expr $failed + 1` 62 63 echo $PASSWORD > $PREFIX/tmppassfile 64 #testit "kinit with keytab" $samba4kinit $enctype --keytab=$PREFIX/dc/private/secrets.keytab $SERVER\$@$REALM || failed=`expr $failed + 1` 65 testit "kinit with password" $samba4kinit $enctype --password-file=$PREFIX/tmppassfile --request-pac $USERNAME@$REALM || failed=`expr $failed + 1` 66 testit "kinit with password (enterprise style)" $samba4kinit $enctype --enterprise --password-file=$PREFIX/tmppassfile --request-pac $USERNAME@$REALM || failed=`expr $failed + 1` 67 testit "kinit with password (windows style)" $samba4kinit $enctype --renewable --windows --password-file=$PREFIX/tmppassfile --request-pac $USERNAME@$REALM || failed=`expr $failed + 1` 68 testit "kinit renew ticket" $samba4kinit $enctype --request-pac -R 60 69 61 70 test_smbclient "Test login with kerberos ccache" 'ls' -k yes || failed=`expr $failed + 1` 62 71 63 testit "domain join with kerberos ccache" $VALGRIND $net join $DOMAIN $CONFIGURATION -W "$DOMAIN" -k yes $@ || failed=`expr $failed + 1` 64 testit "check time with kerberos ccache" $VALGRIND $net time $SERVER $CONFIGURATION -W "$DOMAIN" -k yes $@ || failed=`expr $failed + 1` 72 testit "check time with kerberos ccache" $VALGRIND $samba_tool $CONFIGURATION -k yes $@ time $SERVER || failed=`expr $failed + 1` 65 73 66 testit "add user with kerberos ccache" $VALGRIND $net user add nettestuser $CONFIGURATION -k yes $@ || failed=`expr $failed + 1`67 74 USERPASS=testPass@12% 68 echo $USERPASS > ./tmpuserpassfile 75 echo $USERPASS > $PREFIX/tmpuserpassfile 76 testit "add user with kerberos ccache" $VALGRIND $samba_tool user add nettestuser $USERPASS $CONFIGURATION -k yes $@ || failed=`expr $failed + 1` 69 77 70 testit "set user password with kerberos ccache" $VALGRIND $net password set $DOMAIN\\nettestuser $USERPASS $CONFIGURATION -k yes $@ || failed=`expr $failed + 1` 78 echo "Getting defaultNamingContext" 79 BASEDN=`$ldbsearch $options --basedn='' -H ldap://$SERVER -s base DUMMY=x defaultNamingContext | grep defaultNamingContext | awk '{print $2}'` 80 81 cat > $PREFIX/tmpldbmodify <<EOF 82 dn: cn=nettestuser,cn=users,$BASEDN 83 changetype: modify 84 add: servicePrincipalName 85 servicePrincipalName: host/nettestuser 86 EOF 87 88 testit "modify servicePrincipalName" $VALGRIND $ldbmodify -H ldap://$SERVER $PREFIX/tmpldbmodify -k yes $@ || failed=`expr $failed + 1` 89 90 testit "set user password with kerberos ccache" $VALGRIND $samba_tool password set $DOMAIN\\nettestuser $USERPASS $CONFIGURATION -k yes $@ || failed=`expr $failed + 1` 71 91 72 92 testit "enable user with kerberos cache" $VALGRIND $enableaccount nettestuser -H ldap://$SERVER -k yes $@ || failed=`expr $failed + 1` … … 75 95 export KRB5CCNAME 76 96 77 testit "kinit with user password" $samba4kinit --password-file=./tmpuserpassfile --request-pac nettestuser@$REALM || failed=`expr $failed + 1`97 testit "kinit with user password" $samba4kinit $enctype --password-file=$PREFIX/tmpuserpassfile --request-pac nettestuser@$REALM || failed=`expr $failed + 1` 78 98 79 99 test_smbclient "Test login with user kerberos ccache" 'ls' -k yes || failed=`expr $failed + 1` 80 100 81 101 NEWUSERPASS=testPaSS@34% 82 testit "change user password with ' net password change' (rpc)" $VALGRIND $netpassword change -W$DOMAIN -U$DOMAIN\\nettestuser%$USERPASS $CONFIGURATION -k no $NEWUSERPASS $@ || failed=`expr $failed + 1`102 testit "change user password with 'samba-tool password change' (rpc)" $VALGRIND $samba_tool password change -W$DOMAIN -U$DOMAIN\\nettestuser%$USERPASS $CONFIGURATION -k no $NEWUSERPASS $@ || failed=`expr $failed + 1` 83 103 84 echo $NEWUSERPASS > ./tmpuserpassfile85 testit "kinit with user password" $samba4kinit --password-file=./tmpuserpassfile --request-pac nettestuser@$REALM || failed=`expr $failed + 1`104 echo $NEWUSERPASS > $PREFIX/tmpuserpassfile 105 testit "kinit with user password" $samba4kinit $enctype --password-file=$PREFIX/tmpuserpassfile --request-pac nettestuser@$REALM || failed=`expr $failed + 1` 86 106 87 107 test_smbclient "Test login with user kerberos ccache" 'ls' -k yes || failed=`expr $failed + 1` … … 90 110 USERPASS=$NEWUSERPASS 91 111 NEWUSERPASS=testPaSS@56% 92 echo $NEWUSERPASS > ./tmpuserpassfile112 echo $NEWUSERPASS > $PREFIX/tmpuserpassfile 93 113 94 cat > ./tmpkpasswdscript <<EOF114 cat > $PREFIX/tmpkpasswdscript <<EOF 95 115 expect Password 96 116 password ${USERPASS}\n 97 117 expect New password 98 118 send ${NEWUSERPASS}\n 99 expect Newpassword119 expect Verify password 100 120 send ${NEWUSERPASS}\n 101 121 expect Success 102 122 EOF 103 123 104 testit "change user password with kpasswd" $rkpty ./tmpkpasswdscript $samba4kpasswd nettestuser@$REALM || failed=`expr $failed + 1`124 testit "change user password with kpasswd" $rkpty $PREFIX/tmpkpasswdscript $samba4kpasswd nettestuser@$REALM || failed=`expr $failed + 1` 105 125 106 testit "kinit with user password" $samba4kinit --password-file=./tmpuserpassfile --request-pac nettestuser@$REALM || failed=`expr $failed + 1`126 testit "kinit with user password" $samba4kinit $enctype --password-file=$PREFIX/tmpuserpassfile --request-pac nettestuser@$REALM || failed=`expr $failed + 1` 107 127 108 128 NEWUSERPASS=testPaSS@78% 109 echo $NEWUSERPASS > ./tmpuserpassfile129 echo $NEWUSERPASS > $PREFIX/tmpuserpassfile 110 130 111 131 test_smbclient "Test login with user kerberos ccache" 'ls' -k yes || failed=`expr $failed + 1` 112 132 113 cat > ./tmpkpasswdscript <<EOF133 cat > $PREFIX/tmpkpasswdscript <<EOF 114 134 expect New password 115 135 send ${NEWUSERPASS}\n 116 expect Newpassword136 expect Verify password 117 137 send ${NEWUSERPASS}\n 118 138 expect Success 119 139 EOF 120 140 121 testit "set user password with kpasswd" $rkpty ./tmpkpasswdscript $samba4kpasswd --cache=$PREFIX/tmpccache nettestuser@$REALM || failed=`expr $failed + 1`141 testit "set user password with kpasswd" $rkpty $PREFIX/tmpkpasswdscript $samba4kpasswd --cache=$PREFIX/tmpccache nettestuser@$REALM || failed=`expr $failed + 1` 122 142 123 testit "kinit with user password" $samba4kinit --password-file=./tmpuserpassfile --request-pac nettestuser@$REALM || failed=`expr $failed + 1` 143 testit "kinit with user password" $samba4kinit $enctype --password-file=$PREFIX/tmpuserpassfile --request-pac nettestuser@$REALM || failed=`expr $failed + 1` 144 145 test_smbclient "Test login with user kerberos ccache" 'ls' -k yes || failed=`expr $failed + 1` 146 147 NEWUSERPASS=testPaSS@910% 148 echo $NEWUSERPASS > $PREFIX/tmpuserpassfile 149 150 cat > $PREFIX/tmpkpasswdscript <<EOF 151 expect New password 152 send ${NEWUSERPASS}\n 153 expect Verify password 154 send ${NEWUSERPASS}\n 155 expect Success 156 EOF 157 158 testit "set user password with kpasswd and servicePrincipalName" $rkpty $PREFIX/tmpkpasswdscript $samba4kpasswd --cache=$PREFIX/tmpccache host/nettestuser@$REALM || failed=`expr $failed + 1` 159 160 testit "kinit with user password" $samba4kinit $enctype --password-file=$PREFIX/tmpuserpassfile --request-pac nettestuser@$REALM || failed=`expr $failed + 1` 124 161 125 162 test_smbclient "Test login with user kerberos ccache" 'ls' -k yes || failed=`expr $failed + 1` … … 128 165 export KRB5CCNAME 129 166 130 testit "del user with kerberos ccache" $VALGRIND $net user delete nettestuser $CONFIGURATION -k yes $@ || failed=`expr $failed + 1` 167 lowerrealm=$(echo $REALM | tr '[A-Z]' '[a-z]') 168 test_smbclient "Test login with user kerberos lowercase realm" 'ls' -k yes -Unettestuser@$lowerrealm%$NEWUSERPASS || failed=`expr $failed + 1` 169 test_smbclient "Test login with user kerberos lowercase realm 2" 'ls' -k yes -Unettestuser@$REALM%$NEWUSERPASS --realm=$lowerrealm || failed=`expr $failed + 1` 131 170 132 rm -f tmpccfile tmppassfile tmpuserpassfile tmpuserccache tmpkpasswdscript 171 testit "del user with kerberos ccache" $VALGRIND $samba_tool user delete nettestuser $CONFIGURATION -k yes $@ || failed=`expr $failed + 1` 172 173 rm -f $KRB5CCNAME 174 testit "kinit with machineaccountccache script" $machineaccountccache $CONFIGURATION $KRB5CCNAME || failed=`expr $failed + 1` 175 test_smbclient "Test machine account login with kerberos ccache" 'ls' -k yes || failed=`expr $failed + 1` 176 177 testit "reset password policies" $VALGRIND $samba_tool pwsettings $PWSETCONFIG set --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=default --max-pwd-age=default || failed=`expr $failed + 1` 178 179 rm -f $PREFIX/tmpccache tmpccfile tmppassfile tmpuserpassfile tmpuserccache tmpkpasswdscript 133 180 exit $failed
Note:
See TracChangeset
for help on using the changeset viewer.
