From 2bff209128b85bd870ad36fa00ffcc92edbbab08 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 29 Nov 2011 12:47:40 +1100 Subject: s4-samba-tool: Add --principal argument to samba-tool domain exportkeytab MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This allows only a particular principal to be exported to the keytab. This is useful when setting up unix servers in a Samba controlled domain. Based on a request by Gémes Géza Andrew Bartlett Autobuild-User: Andrew Bartlett Autobuild-Date: Tue Nov 29 09:20:55 CET 2011 on sn-devel-104 --- testprogs/blackbox/test_export_keytab.sh | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'testprogs') diff --git a/testprogs/blackbox/test_export_keytab.sh b/testprogs/blackbox/test_export_keytab.sh index 7c637042d4..a2debfef1c 100755 --- a/testprogs/blackbox/test_export_keytab.sh +++ b/testprogs/blackbox/test_export_keytab.sh @@ -49,6 +49,12 @@ testit "create user locally" $VALGRIND $newuser nettestuser $USERPASS $@ || fail testit "dump keytab from domain" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab $@ || failed=`expr $failed + 1` testit "dump keytab from domain (2nd time)" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab $@ || failed=`expr $failed + 1` +testit "dump keytab from domain for cifs principal" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab-server --principal=cifs/$SERVER $@ || failed=`expr $failed + 1` +testit "dump keytab from domain for cifs principal (2nd time)" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab-server --principal=cifs/$SERVER $@ || failed=`expr $failed + 1` + +testit "dump keytab from domain for user principal" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab-2 --principal=nettestuser $@ || failed=`expr $failed + 1` +testit "dump keytab from domain for user principal (2nd time)" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab-2 --principal=nettestuser@$REALM $@ || failed=`expr $failed + 1` + KRB5CCNAME="$PREFIX/tmpuserccache" export KRB5CCNAME @@ -56,6 +62,10 @@ testit "kinit with keytab as user" $VALGRIND $samba4kinit --keytab=$PREFIX/tmpke test_smbclient "Test login with user kerberos ccache" 'ls' -k yes || failed=`expr $failed + 1` +testit "kinit with keytab as user (2)" $VALGRIND $samba4kinit --keytab=$PREFIX/tmpkeytab-2 --request-pac nettestuser@$REALM || failed=`expr $failed + 1` + +test_smbclient "Test login with user kerberos ccache as user (2)" 'ls' -k yes || failed=`expr $failed + 1` + KRB5CCNAME="$PREFIX/tmpadminccache" export KRB5CCNAME @@ -63,5 +73,5 @@ testit "kinit with keytab as $USERNAME" $VALGRIND $samba4kinit --keytab=$PREFIX/ testit "del user" $VALGRIND $samba_tool user delete nettestuser -k yes $@ || failed=`expr $failed + 1` -rm -f $PREFIX/tmpadminccache $PREFIX/tmpuserccache $PREFIX/tmpkeytab +rm -f $PREFIX/tmpadminccache $PREFIX/tmpuserccache $PREFIX/tmpkeytab $PREFIX/tmpkeytab-2 $PREFIX/tmpkeytab-server exit $failed -- cgit