summaryrefslogtreecommitdiff
path: root/testprogs/blackbox
AgeCommit message (Collapse)AuthorFilesLines
2012-05-24s4-selftest: Demonstrate the correct behaviour between specified usernames ↵Andrew Bartlett1-0/+8
and kerberos ccache This shows that a username/password on the command line must always override any credentials cache in the environment. Andrew Bartlett
2012-05-24auth/credentials: 'workgroup' set via command line will not drop existing ccacheAlexander Bokovoy1-1/+0
The root cause for existing ccache being invalidated was use of global loadparm with 'workgroup' value set as if from command line. However, we don't really need to take 'workgroup' parameter value's nature into account when invalidating existing ccache. When -U is used on the command line, one can specify a password to force ccache invalidation. The commit also reverts previous fix now that root cause is clear.
2012-05-24s4-selftest: Always delete the user at the end of test_passwords.shAndrew Bartlett1-1/+1
If this test is run in the "dc" environment (rather than "dc:local") is would not delete the test user. Andrew Bartlett
2012-05-23blackbox: fix samba4.blackbox.kinit testAlexander Bokovoy1-0/+1
This deserves some explanation. With commit 518232d4578d700f5f5ea1609275a6cd1de3a1e7 samba4.blackbox.kinit test set was wrapped with password settings reset before and after the tests with an idea to maintain reliable state for the tests. As result, the resetting of the password settings was done after the test that tried to use smbclient with a Kerberos ticket obtained with machine account credentials. However, the code in credentials_krb5.c, function cli_credentials_get_client_gss_creds(), never worked correctly when credentials were already in ccache. Instead, gensec_gssapi module always re-kinited even if existing credentials were available in the ccache. This had an effect on 'samba4.blackbox.kinit(dc:local).reset password policies(dc:local)' test equal to never having initialized ccache at all, as if 'rm -f $KRB5CCNAME' was run before the test. When the issue of not using already initialized credentials from ccache was fixed with d0aae88f1290e6a7a6d4bfc24aa62795e4892a31 'auth-credentials: Support using pre-fetched ccache when obtaining kerberos credentials' commit, Samba 4 credentials library started to correctly re-used already obtained credentials from ccaches. This caused failure of the test 'samba4.blackbox.kinit(dc:local).reset password policies(dc:local)' because machine account has no permissions to modify password settings. Thus, the correct fix is to reset ccache state before performing the test. Autobuild-User: Alexander Bokovoy <ab@samba.org> Autobuild-Date: Wed May 23 18:46:12 CEST 2012 on sn-devel-104
2012-03-02selftest: Rework samba4.blackbox.bogusdomain to use a temporary userAndrew Bartlett1-3/+11
This avoids leaving an account in the test environment after the test is run and therefore avoids issues with interations with other tests. Also, we now use the local administrator account in the member server to add the test account. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri Mar 2 14:44:36 CET 2012 on sn-devel-104
2012-02-01selftest: Remove unused support for --exeextAndrew Bartlett7-27/+27
2012-01-30s3: check that a user in a bogus domain name is mapped to the localnetbios ↵Matthieu Patou1-0/+20
name of a domain member This means that if we authentify for BOGUS\administrator in AD domain FOREST with samba being domain member with the netbiosname MEMBER then BOGUS\administrator will be mapped to MEMBER\administrator if the password match.
2012-01-24selftest: Add test for smbpasswd against pdb_samba4Andrew Bartlett1-4/+41
Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Jan 24 11:05:09 CET 2012 on sn-devel-104
2011-12-07s4-selftest re-enable nsstest on libnss_winbind.soAndrew Bartlett1-0/+22
2011-11-29s4-samba-tool: Add --principal argument to samba-tool domain exportkeytabAndrew Bartlett1-1/+11
This allows only a particular principal to be exported to the keytab. This is useful when setting up unix servers in a Samba controlled domain. Based on a request by Gémes Géza <geza@kzsdabas.hu> Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Nov 29 09:20:55 CET 2011 on sn-devel-104
2011-10-23s4: samba-tool subcommand rename - change samba-tool user add to samba-tool ↵Theresa Halloran3-3/+3
user create Signed-off-by: Theresa Halloran <thallora@linux.vnet.ibm.com> Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2011-10-18s4-selftest When testing for a credentials cache, do not specify a domainAndrew Bartlett5-5/+5
If we specify a domain, then we indicate that we must use that domain which overrides the credentials cache we found in the environment. Andrew Bartlett
2011-07-28tests-blackbox: Revert the test to use user-level change password commandAmitay Isaacs1-1/+1
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-28test-blackbox: use python version of change password commandAmitay Isaacs1-7/+7
Replace the "samba-tool user setpassword" command with user level "samba-tool user password" command. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-28test-blackbox: Rearrange arguments for samba-tool user setpassword commandAmitay Isaacs1-1/+1
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-28test-blackbox: Remove 'domain\' from username for samba-tool user setpasswordAmitay Isaacs1-2/+2
Python version of samba-tool does not require 'domain\' prefix for username. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-28test-blackbox: Rearrange the arguments in required order for samba-tool timeAmitay Isaacs1-1/+1
Python version of samba-tool requires the command and the subcommand to be specified before the options. Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-28samba-tool: updated test suite to account for newuser changeGiampaolo Lauria3-3/+3
Updated test suite invocations of newuser to "user add" as the newuser functionality is now being moved to "user add" Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-28samba-tool: update test suite to reflect the move from password to "user ↵Giampaolo Lauria2-9/+9
setpassword" This is part of the work to reflect the object-action model Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-21s4-test: don't fix broken objects during dbcheck testAndrew Tridgell1-1/+1
this leaves the database as-is, which makes it easier to examine the problem
2011-07-21dbcheck: test the --reindex optionAndrew Tridgell1-0/+5
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-07-21s4-test: added dbcheck run to test suiteAndrew Tridgell1-0/+21
This should catch corruption that happens during a test run Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-07-21samba-tool: use 'exportkeytab' instead of 'dumpkeys'Andrew Tridgell1-2/+2
a 'keytab' is a particular format known to administrators, whereas 'keys' is a bit too vague Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2011-07-21samba-tool: updated test suite for the new domain dumpkeys optionGiampaolo Lauria1-2/+2
The test suite has been changed to reflect the move from export to "domain dumpkeys" to reflect the object-action model Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-21samba-tool: update test suite for the new domain objectGiampaolo Lauria2-8/+8
Changed test suite to reflect the changes from setpassword to "domain setpassword" to fit the object-action model Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-21samba-tool: update test suite for add setpasswordGiampaolo Lauria1-2/+2
The test suite needs to change from setpassword to "user setpassword" to reflect the new cmd syntax Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-13s4-test: fixed usage message on renamedc.shAndrew Tridgell1-1/+1
2011-06-01samba-tool: update tests for new 'user enable' syntaxAndrew Tridgell2-2/+2
Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Wed Jun 1 10:37:50 CEST 2011 on sn-devel-104
2011-05-21s4: add blackbox test for renameMatthieu Patou1-0/+42
Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Sat May 21 09:50:34 CEST 2011 on sn-devel-104
2011-04-16selftest: Remove duplication between BUILDIR and BINDIRAndrew Bartlett7-9/+9
Just have BINDIR, and have it default to ./bin Andrew Bartlett
2011-02-16testprogs/blackbox/subunit: add testok() for easier integration of s3 tests.Michael Adam1-0/+9
2011-02-07blackbox: removed assumption of build directoryAndrew Tridgell5-5/+18
this fixes the blackbox tests for a top level build Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-12-24testprogs:test_kinit: create tmp files under $PREFIXStefan Metzmacher1-22/+22
metze
2010-11-27blackbox.ldb: Support using system ldbsearch.Jelmer Vernooij1-1/+2
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sat Nov 27 04:32:11 CET 2010 on sn-devel-104
2010-11-16s4-test_kinit Add tests for lowercase realm combinationsAndrew Bartlett1-0/+4
This tests that the handling of lowercase realms works in our KDC and libraries. Andrew Bartlett
2010-10-28s4 net: rename to samba-tool in order to not clash with s3 netKai Blin5-36/+36
Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Thu Oct 28 07:25:16 UTC 2010 on sn-devel-104
2010-10-15s4-test: fixed a typo in test_kinit.shAndrew Tridgell1-1/+1
too many Ts Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Fri Oct 15 10:14:27 UTC 2010 on sn-devel-104
2010-10-15s4-test: fixed test_kinit.sh time command testAndrew Tridgell1-1/+1
passing -W breaks -k yes
2010-07-31s4:blackblock/ktpass: use test specific user nameStefan Metzmacher1-7/+6
metze
2010-07-17s4 unittests: add blackblox test for ktpassMatthieu Patou1-0/+37
2010-07-16s4:testprogs Operate the blackbox kinit and net tests using the :local configAndrew Bartlett1-1/+0
This :local tells selftest.pl to use the local smb.conf for the test environment, not the generic client smb.conf This then makes the rest work properly - otherwise, it may attempt to connect to the wrong KDC for example. The only problem is that we can't test the 'net join' with this set, so this is removed from the test. The member server test environment checks this anyway. Andrew Bartlett
2010-07-15s4:testprogs Show that we no longer delete the old keytab entriesAndrew Bartlett1-3/+5
By using a CCACHE obtained while the old password was still valid, we can tell if the server still accepts incoming Kerberos connections with the old password. Andrew Bartlett
2010-07-15s4:testprogs Prove kerberos still works after a password changeAndrew Bartlett1-0/+25
Changing the machine account password should not prevent connections with a current, valid CCACHE. This is because when the password is changed, the server-side keytab keeps one old password around. Andrew Bartlett Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-15s4: Unit test update_machine_account_password through kinitMatthieu Patou1-0/+39
This patch is for testing the chgdcpass script which is mostly a call to update_machine_account_password. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-07-10testprogs/blackbox/subunit.sh: initialize failed to 0Stefan Metzmacher1-0/+3
This is a short-term workarround for broken scripts, which use "exit $failed", without initializing failed. We need a discussion on the mailing list how to handle this in a nicer way. This should fix some random failures in the blackbox tests. metze
2010-07-03s4:kinit blackbox test - set/reset also here the "minPwdAge"Matthias Dieter Wallnöfer1-0/+7
2010-07-03s4:blackbox/test_passwords.sh - perform also here the adaptions for ↵Matthias Dieter Wallnöfer1-2/+2
"minPwdAge" != 0
2010-06-29s4:selftest Split out PKINIT tests from test_kinit.sh and test enc typesAndrew Bartlett2-14/+79
This allows us to run the PKINIT tests only against the main DC (for which the certificates were generated), while testing the available encryption types in each functional level. In particular, we need to assert that AES encryption is available in the 2008 functional level. Andrew Bartlett
2010-05-09s4:blackbox/test_kinit.sh - Test the new "net user add <user> [<password>]" ↵Matthias Dieter Wallnöfer1-1/+1
syntax
2010-04-16s4-test: check that a weak password is rejected by kpasswdAndrew Tridgell1-0/+44
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>