#!/bin/sh incdir=$(dirname $0)/../../../testprogs/blackbox . $incdir/subunit.sh . $incdir/common_test_fns.inc failed=0 smbclient="$BINDIR/smbclient" smbcontrol="$BINDIR/smbcontrol" ldbmodify="$BINDIR/ldbmodify" ldbsearch="$BINDIR/ldbsearch" wbinfo="$BINDIR/wbinfo" global_inject_conf=$(dirname $SMB_CONF_PATH)/global_inject.conf SERVER_FQDN=$(echo "$SERVER.$REALM" | awk '{print tolower($0)}') TRUST_BASE_DN=$($ldbsearch -H ldap://$TRUST_SERVER -b "" -s base defaultNamingContext | awk '/^defaultNamingContext/ {print $2}') if [ $? -ne 0 ]; then echo "Could not find trusted base DN" | subunit_fail_test "test_idmap_ad" exit 1 fi # # Add POSIX ids to trusted domain # add_posix_ids() { cat <$global_inject_conf $smbcontrol winbindd reload-config $wbinfo -p test_smbclient "test_winbind_ignore_domains_ok_ntlm_ip" "ls" "//$SERVER_IP/tmp" -U $TRUST_DOMAIN/$TRUST_USERNAME%$TRUST_PASSWORD || failed=$(expr $failed + 1) test_smbclient "test_winbind_ignore_domains_ok_ntlm_fqdn" "ls" "//$SERVER_FQDN/tmp" -U $TRUST_DOMAIN/$TRUST_USERNAME%$TRUST_PASSWORD || failed=$(expr $failed + 1) test_smbclient "test_winbind_ignore_domains_ok_krb5" "ls" "//$SERVER_FQDN/tmp" -U $TRUST_USERNAME@$TRUST_REALM%$TRUST_PASSWORD -k || failed=$(expr $failed + 1) echo "winbind:ignore domains = $TRUST_DOMAIN" >$global_inject_conf $smbcontrol winbindd reload-config $wbinfo -p test_smbclient_expect_failure "test_winbind_ignore_domains_fail_ntlm_ip" "ls" "//$SERVER_IP/tmp" -U $TRUST_DOMAIN/$TRUST_USERNAME%$TRUST_PASSWORD || failed=$(expr $failed + 1) test_smbclient_expect_failure "test_winbind_ignore_domains_fail_ntlm_fqdn" "ls" "//$SERVER_FQDN/tmp" -U $TRUST_DOMAIN/$TRUST_USERNAME%$TRUST_PASSWORD || failed=$(expr $failed + 1) test_smbclient_expect_failure "test_winbind_ignore_domains_fail_krb5" "ls" "//$SERVER_FQDN/tmp" -U $TRUST_USERNAME@$TRUST_REALM%$TRUST_PASSWORD -k || failed=$(expr $failed + 1) echo "" >$global_inject_conf $smbcontrol winbindd reload-config $wbinfo -p remove_posix_ids testok $0 $failed