diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2012-06-27 12:47:59 +1000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2012-06-27 11:29:17 +0200 |
| commit | 207984464f90387472cd01a825fd7cb06ad86d12 (patch) | |
| tree | 33841a15804fa41db4d990d3b96bcf82b3b4b08e | |
| parent | 6f718782634add2f8a7eb1b1d416b18ac7b3b260 (diff) | |
| download | samba-207984464f90387472cd01a825fd7cb06ad86d12.tar.gz samba-207984464f90387472cd01a825fd7cb06ad86d12.tar.bz2 samba-207984464f90387472cd01a825fd7cb06ad86d12.zip | |
s4-selftest: Test login with a password expired user
This uses rkpty to test changing an expired password.
Andrew Bartlett
| -rw-r--r-- | selftest/knownfail | 1 | ||||
| -rwxr-xr-x | testprogs/blackbox/test_kinit.sh | 33 |
2 files changed, 34 insertions, 0 deletions
diff --git a/selftest/knownfail b/selftest/knownfail index b888afc038..c67915d135 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -147,6 +147,7 @@ ^samba4.ldap.acl.*.AclSearchTests.test_search5\(.*\)$ # ACL search behaviour not enabled by default ^samba4.ldap.acl.*.AclSearchTests.test_search6\(.*\)$ # ACL search behaviour not enabled by default ^samba4.rpc.lsa.forest.trust #Not fully provided by Samba4 +^samba4.blackbox.kinit\(.*\).kinit with user password for expired password\(.*\) # We need to work out why this fails only during the pw change ^samba3.smb2.create.gentest ^samba3.smb2.create.blob ^samba3.smb2.create.open diff --git a/testprogs/blackbox/test_kinit.sh b/testprogs/blackbox/test_kinit.sh index 0e915f0243..3a741891e8 100755 --- a/testprogs/blackbox/test_kinit.sh +++ b/testprogs/blackbox/test_kinit.sh @@ -161,6 +161,39 @@ testit "kinit with user password" $samba4kinit $enctype --password-file=$PREFIX/ test_smbclient "Test login with user kerberos ccache" 'ls' -k yes || failed=`expr $failed + 1` +cat > $PREFIX/tmpldbmodify <<EOF +dn: cn=nettestuser,cn=users,$BASEDN +changetype: modify +replace: pwdLastSet +pwdLastSet: 0 +EOF + +USERPASS=$NEWUSERPASS +NEWUSERPASS=testPaSS@911% + +testit "modify pwdLastSet" $VALGRIND $ldbmodify $PWSETCONFIG $PREFIX/tmpldbmodify $PREFIX/tmpldbmodify -k yes $@ || failed=`expr $failed + 1` + +cat > $PREFIX/tmppasswordchange <<EOF +expect nettestuser@${REALM}'s Password: +send ${USERPASS}\n +expect Your password will expire at +expect Changing password +expect New password: +send ${NEWUSERPASS}\n +expect Repeat new password: +send ${NEWUSERPASS}\n +expect Success: Password changed +EOF + +testit "kinit with user password for expired password" $rkpty $PREFIX/tmppasswordchange $samba4kinit $enctype --request-pac nettestuser@$REALM && failed=`expr $failed + 1` + +test_smbclient "Test login with user kerberos ccache" 'ls' -k yes || failed=`expr $failed + 1` + +echo $NEWUSERPASS > $PREFIX/tmpuserpassfile +testit "kinit with user password" $samba4kinit $enctype --password-file=$PREFIX/tmpuserpassfile --request-pac nettestuser@$REALM || failed=`expr $failed + 1` + +test_smbclient "Test login with user kerberos ccache" 'ls' -k yes || failed=`expr $failed + 1` + KRB5CCNAME="$PREFIX/tmpccache" export KRB5CCNAME |