summaryrefslogtreecommitdiff
path: root/selftest/target
diff options
context:
space:
mode:
Diffstat (limited to 'selftest/target')
-rw-r--r--selftest/target/Samba4.pm120
1 files changed, 120 insertions, 0 deletions
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 2b1472efef..ff8f5ee84b 100644
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -1027,6 +1027,68 @@ sub provision_vampire_dc($$$)
return $ret;
}
+sub provision_subdom_dc($$$)
+{
+ my ($self, $prefix, $dcvars) = @_;
+ print "PROVISIONING SUBDOMAIN DC...";
+
+ # We do this so that we don't run the provision. That's the job of 'net vampire'.
+ my $ctx = $self->provision_raw_prepare($prefix, "domain controller",
+ "localsubdc",
+ "SAMBASUBDOM",
+ "sub.samba.example.com",
+ "2008",
+ 31, $dcvars->{PASSWORD},
+ undef);
+
+ $ctx->{smb_conf_extra_options} = "
+ max xmit = 32K
+ server max protocol = SMB2
+
+[sysvol]
+ path = $ctx->{statedir}/sysvol
+ read only = yes
+
+[netlogon]
+ path = $ctx->{statedir}/sysvol/$ctx->{dnsname}/scripts
+ read only = no
+
+";
+
+ my $ret = $self->provision_raw_step1($ctx);
+ unless ($ret) {
+ return undef;
+ }
+
+ my $dc_realms = Samba::mk_realms_stanza($dcvars->{REALM}, lc($dcvars->{REALM}),
+ $dcvars->{DOMAIN}, $dcvars->{SERVER_IP});
+ Samba::mk_krb5_conf($ctx, $dc_realms);
+
+ my $samba_tool = Samba::bindir_path($self, "samba-tool");
+ my $cmd = "";
+ $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
+ $cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
+ $cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $ctx->{realm} subdomain ";
+ $cmd .= "--parent-domain=$dcvars->{REALM} -U$dcvars->{DC_USERNAME}\@$dcvars->{REALM}\%$dcvars->{DC_PASSWORD}";
+
+ unless (system($cmd) == 0) {
+ warn("Join failed\n$cmd");
+ return undef;
+ }
+
+ $ret->{SUBDOM_DC_SERVER} = $ret->{SERVER};
+ $ret->{SUBDOM_DC_SERVER_IP} = $ret->{SERVER_IP};
+ $ret->{SUBDOM_DC_NETBIOSNAME} = $ret->{NETBIOSNAME};
+
+ $ret->{DC_SERVER} = $dcvars->{DC_SERVER};
+ $ret->{DC_SERVER_IP} = $dcvars->{DC_SERVER_IP};
+ $ret->{DC_NETBIOSNAME} = $dcvars->{DC_NETBIOSNAME};
+ $ret->{DC_USERNAME} = $dcvars->{DC_USERNAME};
+ $ret->{DC_PASSWORD} = $dcvars->{DC_PASSWORD};
+
+ return $ret;
+}
+
sub provision_dc($$)
{
my ($self, $prefix) = @_;
@@ -1329,6 +1391,11 @@ sub setup_env($$$)
$self->setup_dc("$path/dc");
}
return $self->setup_vampire_dc("$path/vampire_dc", $self->{vars}->{dc});
+ } elsif ($envname eq "subdom_dc") {
+ if (not defined($self->{vars}->{dc})) {
+ $self->setup_dc("$path/dc");
+ }
+ return $self->setup_subdom_dc("$path/subdom_dc", $self->{vars}->{dc});
} elsif ($envname eq "s4member") {
if (not defined($self->{vars}->{dc})) {
$self->setup_dc("$path/dc");
@@ -1559,6 +1626,59 @@ sub setup_vampire_dc($$$)
return $env;
}
+sub setup_subdom_dc($$$)
+{
+ my ($self, $path, $dc_vars) = @_;
+
+ my $env = $self->provision_subdom_dc($path, $dc_vars);
+
+ if (defined $env) {
+ $self->check_or_start($env, "single");
+
+ $self->wait_for_start($env);
+
+ $self->{vars}->{subdom_dc} = $env;
+
+ # force replicated DC to update repsTo/repsFrom
+ # for primary domain partitions
+ my $samba_tool = Samba::bindir_path($self, "samba-tool");
+ my $cmd = "";
+ $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$env->{SOCKET_WRAPPER_DEFAULT_IFACE}\"";
+ $cmd .= " KRB5_CONFIG=\"$env->{KRB5_CONFIG}\"";
+ $cmd .= " $samba_tool drs kcc $env->{DC_SERVER}";
+ $cmd .= " $env->{CONFIGURATION}";
+ $cmd .= " -U$dc_vars->{DC_USERNAME}\%$dc_vars->{DC_PASSWORD}";
+ unless (system($cmd) == 0) {
+ warn("Failed to exec kcc\n$cmd");
+ return undef;
+ }
+
+ # as 'subdomain' dc may add data in its local replica
+ # we need to synchronize data between DCs
+ my $base_dn = "DC=".join(",DC=", split(/\./, $env->{REALM}));
+ my $config_dn = "CN=Configuration,DC=".join(",DC=", split(/\./, $dc_vars->{REALM}));
+ $cmd = "SOCKET_WRAPPER_DEFAULT_IFACE=\"$env->{SOCKET_WRAPPER_DEFAULT_IFACE}\"";
+ $cmd .= " KRB5_CONFIG=\"$env->{KRB5_CONFIG}\"";
+ $cmd .= " $samba_tool drs replicate $env->{DC_SERVER} $env->{SUBDOM_DC_SERVER}";
+ $cmd .= " $dc_vars->{CONFIGURATION}";
+ $cmd .= " -U$dc_vars->{DC_USERNAME}\%$dc_vars->{DC_PASSWORD}";
+ # replicate Configuration NC
+ my $cmd_repl = "$cmd \"$config_dn\"";
+ unless(system($cmd_repl) == 0) {
+ warn("Failed to replicate\n$cmd_repl");
+ return undef;
+ }
+ # replicate Default NC
+ $cmd_repl = "$cmd \"$base_dn\"";
+ unless(system($cmd_repl) == 0) {
+ warn("Failed to replicate\n$cmd_repl");
+ return undef;
+ }
+ }
+
+ return $env;
+}
+
sub setup_rodc($$$)
{
my ($self, $path, $dc_vars) = @_;