summaryrefslogtreecommitdiffstats
path: root/testprogs/blackbox/test_net_offline.sh
diff options
context:
space:
mode:
Diffstat (limited to 'testprogs/blackbox/test_net_offline.sh')
-rwxr-xr-xtestprogs/blackbox/test_net_offline.sh162
1 files changed, 162 insertions, 0 deletions
diff --git a/testprogs/blackbox/test_net_offline.sh b/testprogs/blackbox/test_net_offline.sh
new file mode 100755
index 0000000..d885b33
--- /dev/null
+++ b/testprogs/blackbox/test_net_offline.sh
@@ -0,0 +1,162 @@
+if [ $# -lt 4 ]; then
+ cat <<EOF
+Usage: test_net_offline.sh DC_SERVER DC_USERNAME DC_PASSWORD PREFIX_ABS
+EOF
+ exit 1
+fi
+
+DC_SERVER=$1
+DC_USERNAME=$2
+DC_PASSWORD=$3
+BASEDIR=$4
+
+HOSTNAME=$(dd if=/dev/urandom bs=1 count=32 2>/dev/null | sha1sum | cut -b 1-10)
+
+RUNDIR=$(pwd)
+cd $BASEDIR
+WORKDIR=$(mktemp -d -p .)
+WORKDIR=$(basename $WORKDIR)
+ODJFILE="$BASEDIR/$WORKDIR/odj_provision.txt"
+
+cp -a client/* $WORKDIR/
+sed -ri "s@(dir|directory) = (.*)/client/@\1 = \2/$WORKDIR/@" $WORKDIR/client.conf
+sed -ri "s/netbios name = .*/netbios name = $HOSTNAME/" $WORKDIR/client.conf
+rm -f $WORKDIR/private/secrets.tdb
+cd $RUNDIR
+
+failed=0
+
+net_tool="$BINDIR/net --configfile=$BASEDIR/$WORKDIR/client.conf --option=security=ads"
+samba_texpect="$BINDIR/texpect"
+
+# Load test functions
+. $(dirname $0)/subunit.sh
+
+netbios=$(grep "netbios name" $BASEDIR/$WORKDIR/client.conf | cut -f2 -d= | awk '{$1=$1};1')
+
+# 1. Test w/o dcname
+
+testit "provision without dcname" $VALGRIND $net_tool offlinejoin provision domain=$REALM machine_name=$netbios savefile=$ODJFILE -U$DC_USERNAME%$DC_PASSWORD || failed=$(expr $failed + 1)
+
+testit "requestodj" $VALGRIND $net_tool offlinejoin requestodj loadfile=$ODJFILE || failed=$(expr $failed + 1)
+
+testit "testjoin" $VALGRIND $net_tool ads testjoin -P --use-kerberos=required || failed=$(expr $failed + 1)
+
+rm -f $ODJFILE
+
+testit "leave" $VALGRIND $net_tool ads leave -U$DC_USERNAME%$DC_PASSWORD || failed=$(expr $failed + 1)
+
+# 2. Test with dcname
+
+testit "provision with dcname" $VALGRIND $net_tool offlinejoin provision domain=$REALM machine_name=$netbios savefile=$ODJFILE dcname=$DC_SERVER -U$DC_USERNAME%$DC_PASSWORD || failed=$(expr $failed + 1)
+
+testit "requestodj" $VALGRIND $net_tool offlinejoin requestodj loadfile=$ODJFILE || failed=$(expr $failed + 1)
+
+testit "testjoin" $VALGRIND $net_tool ads testjoin -P --use-kerberos=required || failed=$(expr $failed + 1)
+
+rm -f $ODJFILE
+
+testit "leave" $VALGRIND $net_tool ads leave -U$DC_USERNAME%$DC_PASSWORD || failed=$(expr $failed + 1)
+
+# 3. Test with defpwd
+
+testit "provision with dcname and default password" $VALGRIND $net_tool offlinejoin provision domain=$REALM machine_name=$netbios savefile=$ODJFILE dcname=$DC_SERVER defpwd -U$DC_USERNAME%$DC_PASSWORD || failed=$(expr $failed + 1)
+
+testit "requestodj" $VALGRIND $net_tool offlinejoin requestodj loadfile=$ODJFILE || failed=$(expr $failed + 1)
+
+testit "testjoin" $VALGRIND $net_tool ads testjoin -P --use-kerberos=required || failed=$(expr $failed + 1)
+
+rm -f $ODJFILE
+
+testit "leave" $VALGRIND $net_tool ads leave -U$DC_USERNAME%$DC_PASSWORD || failed=$(expr $failed + 1)
+
+test_compose_odj() {
+ local mode=$1
+ local composeargv=()
+
+ # Retrieve the necessary information to compose the ODJ blob
+ # The machine needs to be correctly joined at this point
+ local netbios_domain_name=$($net_tool ads lookup | awk -F': ' '/^Pre-Win2k Domain/ {print $2}')
+ local domain_sid=$($net_tool getdomainsid | awk -F': ' "/^SID for domain $netbios_domain_name/ {print \$2}")
+ local domain_guid=$($net_tool ads lookup | awk -F': ' '/^GUID/ {print $2}')
+ local forest_name=$($net_tool ads lookup | awk -F': ' '/^Forest/ {print $2}')
+ local dc_name=$($net_tool ads info | awk -F': ' '/^LDAP server name/ {print $2}')
+ local dc_address=$($net_tool ads info | awk -F': ' '/^LDAP server:/ {print $2}')
+ local ret=1
+ local out=""
+
+ composeargv=( \
+ "domain_sid=${domain_sid}" \
+ "domain_guid=${domain_guid}" \
+ "forest_name=${forest_name}" \
+ "-S ${dc_name}" \
+ "-I ${dc_address}" \
+ "savefile=${ODJFILE}"
+ )
+ case $mode in
+ machacct)
+ cmd='$net_tool offlinejoin composeodj ${composeargv[@]} -P 2>&1'
+ out=$(eval $cmd)
+ ret=$?
+ ;;
+ stdinfd)
+ cmd='echo ${netbios} | $net_tool offlinejoin composeodj ${composeargv[@]} -U${netbios^^}\$ 2>&1'
+ out=$(PASSWD_FD=0 eval $cmd)
+ ret=$?
+ ;;
+ callback)
+ tmpfile=$BASEDIR/$WORKDIR/composeodj_password_script
+ cat >$tmpfile <<EOF
+expect Password for [${netbios_domain_name^^}\\${netbios^^}\$]:
+send $netbios\n
+EOF
+ cmd='$samba_texpect -v $tmpfile $net_tool offlinejoin composeodj ${composeargv[@]} 2>&1'
+ out=$(eval $cmd)
+ ret=$?
+ rm -f $tmpfile
+ ;;
+ *)
+ out="Unknown mode '$mode'"
+ ;;
+ esac
+
+ if [ $ret -ne 0 ]; then
+ echo "Failed to compose ODJ blob: $out"
+ return 1
+ fi
+}
+
+# 4. Test composeodj
+
+modes=("machacct" "stdinfd" "callback")
+for mode in "${modes[@]}"; do
+
+ defpwd="defpwd"
+ if [ "$mode" == "machacct" ]; then
+ defpwd=""
+ fi
+
+ testit "provision[$mode]" $VALGRIND $net_tool offlinejoin provision domain=$REALM machine_name=$netbios savefile=$ODJFILE $defpwd -U$DC_USERNAME%$DC_PASSWORD || failed=$(expr $failed + 1)
+
+ testit "requestodj [$mode]" $VALGRIND $net_tool offlinejoin requestodj loadfile=$ODJFILE || failed=$(expr $failed + 1)
+
+ testit "testjoin [$mode]" $VALGRIND $net_tool ads testjoin -P --use-kerberos=required || failed=$(expr $failed + 1)
+
+ testit "removeodjblob [$mode]" rm $ODJFILE || failed=$(expr $failed + 1)
+
+ testit "composeodj [$mode]" test_compose_odj $mode || failed=$(expr $failed + 1)
+
+ testit "removesecretsdb [$mode]" rm $BASEDIR/$WORKDIR/private/secrets.tdb || failed=$(expr $failed + 1)
+
+ testit "requestodj [$mode]" $VALGRIND $net_tool offlinejoin requestodj loadfile=$ODJFILE || failed=$(expr $failed + 1)
+
+ testit "removeodjblob [$mode]" rm $ODJFILE || failed=$(expr $failed + 1)
+
+ testit "testjoin [$mode]" $VALGRIND $net_tool ads testjoin -P --use-kerberos=required || failed=$(expr $failed + 1)
+
+ testit "leave [$mode]" $VALGRIND $net_tool ads leave -U$DC_USERNAME%$DC_PASSWORD || failed=$(expr $failed + 1)
+done
+
+rm -rf $BASEDIR/$WORKDIR
+
+exit $failed