summaryrefslogtreecommitdiff
path: root/selftest/target/Samba4.pm
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-04-19 16:38:46 +1000
committerAndrew Bartlett <abartlet@samba.org>2011-04-28 05:30:21 +0200
commitfb5e1f4a65042b89c74e545cb739f1720565807d (patch)
tree16ecabf158f0c56b54cf91a56e3af23708084fe6 /selftest/target/Samba4.pm
parenta427652010820fdf8fa82cf425f5162cc70348e0 (diff)
downloadsamba-fb5e1f4a65042b89c74e545cb739f1720565807d.tar.gz
samba-fb5e1f4a65042b89c74e545cb739f1720565807d.tar.bz2
samba-fb5e1f4a65042b89c74e545cb739f1720565807d.zip
selftest: s3member admember test to confirm s3/s4 interopability
This checks that Samba3 joins Samba4 correctly, and allows NTLM and Kerberos logons from a live Samba4 DC. This needs the common krb5.conf generation logic, and because we now override KRB5_CONFIG we must update ktest to have a valid krb5.conf. Based on an original patch by metze Andrew Bartlett
Diffstat (limited to 'selftest/target/Samba4.pm')
-rw-r--r--selftest/target/Samba4.pm76
1 files changed, 23 insertions, 53 deletions
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 22f38b859f..959c16131a 100644
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -11,6 +11,7 @@ use FindBin qw($RealBin);
use POSIX;
use SocketWrapper;
use target::Samba;
+use target::Samba3;
sub new($$$$$) {
my ($classname, $bindir, $binary_mapping, $ldap, $srcdir, $exeext, $server_maxtime) = @_;
@@ -23,7 +24,8 @@ sub new($$$$$) {
binary_mapping => $binary_mapping,
srcdir => $srcdir,
exeext => $exeext,
- server_maxtime => $server_maxtime
+ server_maxtime => $server_maxtime,
+ target3 => new Samba3($bindir, $binary_mapping, $srcdir, $exeext, $server_maxtime)
};
bless $self;
return $self;
@@ -452,56 +454,6 @@ Wfz/8alZ5aMezCQzXJyIaJsCLeKABosSwHcpAFmxlQ==
EOF
}
-sub mk_krb5_conf($$)
-{
- my ($self, $ctx) = @_;
-
- unless (open(KRB5CONF, ">$ctx->{krb5_conf}")) {
- warn("can't open $ctx->{krb5_conf}$?");
- return undef;
- }
- print KRB5CONF "
-#Generated krb5.conf for $ctx->{realm}
-
-[libdefaults]
- default_realm = $ctx->{realm}
- dns_lookup_realm = false
- dns_lookup_kdc = false
- ticket_lifetime = 24h
- forwardable = yes
- allow_weak_crypto = yes
-
-[realms]
- $ctx->{realm} = {
- kdc = $ctx->{kdc_ipv4}:88
- admin_server = $ctx->{kdc_ipv4}:88
- default_domain = $ctx->{dnsname}
- }
- $ctx->{dnsname} = {
- kdc = $ctx->{kdc_ipv4}:88
- admin_server = $ctx->{kdc_ipv4}:88
- default_domain = $ctx->{dnsname}
- }
- $ctx->{domain} = {
- kdc = $ctx->{kdc_ipv4}:88
- admin_server = $ctx->{kdc_ipv4}:88
- default_domain = $ctx->{dnsname}
- }
-
-[appdefaults]
- pkinit_anchors = FILE:$ctx->{tlsdir}/ca.pem
-
-[kdc]
- enable-pkinit = true
- pkinit_identity = FILE:$ctx->{tlsdir}/kdc.pem,$ctx->{tlsdir}/key.pem
- pkinit_anchors = FILE:$ctx->{tlsdir}/ca.pem
-
-[domain_realm]
- .$ctx->{dnsname} = $ctx->{realm}
-";
- close(KRB5CONF);
-}
-
sub provision_raw_prepare($$$$$$$$$$)
{
my ($self, $prefix, $server_role, $netbiosname,
@@ -681,7 +633,7 @@ sub provision_raw_step1($$)
$ctx->{kdc_ipv4} = $ctx->{ipv4};
}
- $self->mk_krb5_conf($ctx);
+ Samba::mk_krb5_conf($ctx);
open(PWD, ">$ctx->{nsswrap_passwd}");
print PWD "
@@ -1190,7 +1142,7 @@ sub provision_rodc($$$)
# so that use the RODC as kdc and test
# the proxy code
$ctx->{kdc_ipv4} = $ret->{SERVER_IP};
- $self->mk_krb5_conf($ctx);
+ Samba::mk_krb5_conf($ctx);
$ret->{RODC_DC_SERVER} = $ret->{SERVER};
$ret->{RODC_DC_SERVER_IP} = $ret->{SERVER_IP};
@@ -1272,6 +1224,7 @@ sub check_env($$)
sub setup_env($$$)
{
my ($self, $envname, $path) = @_;
+ my $target3 = $self->{target3};
$ENV{ENVNAME} = $envname;
@@ -1303,6 +1256,11 @@ sub setup_env($$$)
$self->setup_dc("$path/dc");
}
return $self->setup_rodc("$path/rodc", $self->{vars}->{dc});
+ } elsif ($envname eq "s3member") {
+ if (not defined($self->{vars}->{dc})) {
+ $self->setup_dc("$path/dc");
+ }
+ return $target3->setup_admember("$path/s3member", $self->{vars}->{dc}, 29);
} elsif ($envname eq "all") {
if (not defined($self->{vars}->{dc})) {
$ENV{ENVNAME} = "dc";
@@ -1349,6 +1307,18 @@ sub setup_env($$$)
$ret->{FL2008R2DC_USERNAME} = $fl2008r2dc_ret->{USERNAME};
$ret->{FL2008R2DC_PASSWORD} = $fl2008r2dc_ret->{PASSWORD};
}
+ if (not defined($self->{vars}->{s3member})) {
+ $ENV{ENVNAME} = "s3member";
+ my $s3member_ret = $target3->setup_admember("$path/s3member", $self->{vars}->{dc}, 29);
+ $self->{vars}->{s3member} = $s3member_ret;
+
+ $ret->{S3MEMBER_SERVER} = $s3member_ret->{SERVER};
+ $ret->{S3MEMBER_SERVER_IP} = $s3member_ret->{SERVER_IP};
+ $ret->{S3MEMBER_NETBIOSNAME} = $s3member_ret->{NETBIOSNAME};
+ $ret->{S3MEMBER_NETBIOSALIAS} = $s3member_ret->{NETBIOSALIAS};
+ $ret->{S3MEMBER_USERNAME} = $s3member_ret->{USERNAME};
+ $ret->{S3MEMBER_PASSWORD} = $s3member_ret->{PASSWORD};
+ }
return $ret;
} else {
return undef;
generated by cgit (git 2.34.1) at 2024-06-30 13:34:18 +0000