Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
This allows only a particular principal to be exported to the keytab.
This is useful when setting up unix servers in a Samba controlled
domain.
Based on a request by Gémes Géza <geza@kzsdabas.hu>
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Nov 29 09:20:55 CET 2011 on sn-devel-104
|
|
user create
Signed-off-by: Theresa Halloran <thallora@linux.vnet.ibm.com>
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
|
|
If we specify a domain, then we indicate that we must use that domain
which overrides the credentials cache we found in the environment.
Andrew Bartlett
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Replace the "samba-tool user setpassword" command with user level
"samba-tool user password" command.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Python version of samba-tool does not require 'domain\' prefix for username.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Python version of samba-tool requires the command and the subcommand to
be specified before the options.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Updated test suite invocations of newuser to "user add" as
the newuser functionality is now being moved to "user add"
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
setpassword"
This is part of the work to reflect the object-action model
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
this leaves the database as-is, which makes it easier to examine the
problem
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This should catch corruption that happens during a test run
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
a 'keytab' is a particular format known to administrators, whereas
'keys' is a bit too vague
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
The test suite has been changed to reflect the move from export to "domain dumpkeys" to reflect the object-action model
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
Changed test suite to reflect the changes from setpassword to "domain setpassword" to fit the object-action model
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
The test suite needs to change from setpassword to "user setpassword" to reflect the new cmd syntax
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
|
|
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Jun 1 10:37:50 CEST 2011 on sn-devel-104
|
|
Autobuild-User: Matthieu Patou <mat@samba.org>
Autobuild-Date: Sat May 21 09:50:34 CEST 2011 on sn-devel-104
|
|
Just have BINDIR, and have it default to ./bin
Andrew Bartlett
|
|
|
|
this fixes the blackbox tests for a top level build
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
metze
|
|
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Nov 27 04:32:11 CET 2010 on sn-devel-104
|
|
This tests that the handling of lowercase realms works in our KDC and
libraries.
Andrew Bartlett
|
|
Autobuild-User: Kai Blin <kai@samba.org>
Autobuild-Date: Thu Oct 28 07:25:16 UTC 2010 on sn-devel-104
|
|
too many Ts
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Fri Oct 15 10:14:27 UTC 2010 on sn-devel-104
|
|
passing -W breaks -k yes
|
|
metze
|
|
|
|
This :local tells selftest.pl to use the local smb.conf for the test
environment, not the generic client smb.conf
This then makes the rest work properly - otherwise, it may attempt to
connect to the wrong KDC for example.
The only problem is that we can't test the 'net join' with this set,
so this is removed from the test. The member server test environment
checks this anyway.
Andrew Bartlett
|
|
By using a CCACHE obtained while the old password was still valid, we
can tell if the server still accepts incoming Kerberos connections
with the old password.
Andrew Bartlett
|
|
Changing the machine account password should not prevent connections
with a current, valid CCACHE. This is because when the password is
changed, the server-side keytab keeps one old password around.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
This patch is for testing the chgdcpass script which is mostly a call to
update_machine_account_password.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
This is a short-term workarround for broken scripts,
which use "exit $failed", without initializing failed.
We need a discussion on the mailing list how to handle this
in a nicer way.
This should fix some random failures in the blackbox tests.
metze
|
|
|
|
"minPwdAge" != 0
|
|
This allows us to run the PKINIT tests only against the main DC (for
which the certificates were generated), while testing the available
encryption types in each functional level.
In particular, we need to assert that AES encryption is available in
the 2008 functional level.
Andrew Bartlett
|
|
syntax
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
metze
|
|
|
|
|
|
|
|
This allows the integration of external tools that can't be linked
into C or python, but need to authenticate as the local machine
account.
The machineaccountccache script demonstrates this, and debugging has
been improved in cli_credentials_set_secrets() by passing back and
error string.
Andrew Bartlett
|
|
metze
|
|
metze
|
|
Need to pass correct config file to tests
|