summaryrefslogtreecommitdiff
path: root/testprogs
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2009-06-30 12:11:14 +1000
committerAndrew Bartlett <abartlet@samba.org>2009-06-30 12:11:14 +1000
commit89a074b784295204aa8d7dd585bf3533ac7971a7 (patch)
tree830e6fd5cf0e3924e8735abd4530f6eba3bf4b86 /testprogs
parent6ba0e7f7b21b7b7e57d92c1aa90331cb93964217 (diff)
downloadsamba-89a074b784295204aa8d7dd585bf3533ac7971a7.tar.gz
samba-89a074b784295204aa8d7dd585bf3533ac7971a7.tar.bz2
samba-89a074b784295204aa8d7dd585bf3533ac7971a7.zip
s4:heimdal Allow KRB5_NT_ENTERPRISE names in all DB lookups
The previous code only allowed an KRB5_NT_ENTERPRISE name (an e-mail list user principal name) in an AS-REQ. Evidence from the wild (Win2k8 reportadely) indicates that this is instead valid for all types of requests. While this is now handled in heimdal/kdc/misc.c, a flag is now defined in Heimdal's hdb so that we can take over this handling in future (once we start using a system Heimdal, and if we find out there is more to be done here). Andrew Bartlett
Diffstat (limited to 'testprogs')
-rwxr-xr-xtestprogs/blackbox/test_kinit.sh2
1 files changed, 2 insertions, 0 deletions
diff --git a/testprogs/blackbox/test_kinit.sh b/testprogs/blackbox/test_kinit.sh
index 840002f51e..2349afae7e 100755
--- a/testprogs/blackbox/test_kinit.sh
+++ b/testprogs/blackbox/test_kinit.sh
@@ -51,6 +51,8 @@ export KRB5CCNAME
echo $PASSWORD > ./tmppassfile
#testit "kinit with keytab" $samba4kinit --keytab=$PREFIX/dc/private/secrets.keytab $SERVER\$@$REALM || failed=`expr $failed + 1`
testit "kinit with password" $samba4kinit --password-file=./tmppassfile --request-pac $USERNAME@$REALM || failed=`expr $failed + 1`
+testit "kinit with password (enterprise style)" $samba4kinit --enterprise --password-file=./tmppassfile --request-pac $USERNAME@$REALM || failed=`expr $failed + 1`
+testit "kinit with password (windows style)" $samba4kinit --windows --password-file=./tmppassfile --request-pac $USERNAME@$REALM || failed=`expr $failed + 1`
testit "kinit with pkinit" $samba4kinit --request-pac --renewable --pk-user=FILE:$PREFIX/dc/private/tls/admincert.pem,$PREFIX/dc/private/tls/adminkey.pem $USERNAME@$REALM || failed=`expr $failed + 1`
testit "kinit renew ticket" $samba4kinit --request-pac -R