selftest: add ad_member_idmap_ad server

Add a member server that uses idmap_ad. Gets used in the next commit. Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
author: Ralph Boehme <slow@samba.org> 2017-07-10 16:19:18 +0200
committer: Ralph Boehme <slow@samba.org> 2017-07-12 09:01:17 +0200
commit: 4a7ec5b7604495bee174f9c83b62f55604c6efbc (patch)
tree: 785819f4b37f092fd8e78381eaa76c1f1cb2fdaa /selftest/target
parent: 259e1706e3206b215e136ea9d5beef4c9e3fcdee (diff)
download: samba-4a7ec5b7604495bee174f9c83b62f55604c6efbc.tar.gz
3 files changed, 96 insertions, 0 deletions
diff --git a/selftest/target/Samba.pm b/selftest/target/Samba.pm
index 1600ed8066a..59687722617 100644
--- a/selftest/target/Samba.pm
+++ b/selftest/target/Samba.pm
@@ -346,6 +346,7 @@ sub get_interface($)
 
     # 11-16 used by selftest.pl for client interfaces
 
+    $interfaces{"idmapadmember"} = 19;
     $interfaces{"idmapridmember"} = 20;
     $interfaces{"localdc"} = 21;
     $interfaces{"localvampiredc"} = 22;
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 79b1a53ad2d..54da52b7fa2 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -689,6 +689,95 @@ sub setup_ad_member_idmap_rid($$$$)
 	return $ret;
 }
 
+sub setup_ad_member_idmap_ad($$$$)
+{
+	my ($self, $prefix, $dcvars) = @_;
+
+	# If we didn't build with ADS, pretend this env was never available
+	if (not $self->have_ads()) {
+	        return "UNKNOWN";
+	}
+
+	print "PROVISIONING S3 AD MEMBER WITH idmap_ad config...";
+
+	my $member_options = "
+	security = ads
+	workgroup = $dcvars->{DOMAIN}
+	realm = $dcvars->{REALM}
+	password server = $dcvars->{SERVER}
+	idmap config * : backend = tdb
+	idmap config * : range = 1000000-1999999
+	idmap config $dcvars->{DOMAIN} : backend = ad
+	idmap config $dcvars->{DOMAIN} : range = 2000000-2999999
+";
+
+	my $ret = $self->provision($prefix, $dcvars->{DOMAIN},
+				   "IDMAPADMEMBER",
+				   "loCalMemberPass",
+				   $member_options,
+				   $dcvars->{SERVER_IP},
+				   $dcvars->{SERVER_IPV6});
+
+	$ret or return undef;
+
+	close(USERMAP);
+	$ret->{DOMAIN} = $dcvars->{DOMAIN};
+	$ret->{REALM} = $dcvars->{REALM};
+
+	my $ctx;
+	my $prefix_abs = abs_path($prefix);
+	$ctx = {};
+	$ctx->{krb5_conf} = "$prefix_abs/lib/krb5.conf";
+	$ctx->{domain} = $dcvars->{DOMAIN};
+	$ctx->{realm} = $dcvars->{REALM};
+	$ctx->{dnsname} = lc($dcvars->{REALM});
+	$ctx->{kdc_ipv4} = $dcvars->{SERVER_IP};
+	$ctx->{kdc_ipv6} = $dcvars->{SERVER_IPV6};
+	$ctx->{krb5_ccname} = "$prefix_abs/krb5cc_%{uid}";
+	Samba::mk_krb5_conf($ctx, "");
+
+	$ret->{KRB5_CONFIG} = $ctx->{krb5_conf};
+
+	my $net = Samba::bindir_path($self, "net");
+	my $cmd = "";
+	$cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
+	if (defined($ret->{RESOLV_WRAPPER_CONF})) {
+		$cmd .= "RESOLV_WRAPPER_CONF=\"$ret->{RESOLV_WRAPPER_CONF}\" ";
+	} else {
+		$cmd .= "RESOLV_WRAPPER_HOSTS=\"$ret->{RESOLV_WRAPPER_HOSTS}\" ";
+	}
+	$cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
+	$cmd .= "SELFTEST_WINBINDD_SOCKET_DIR=\"$ret->{SELFTEST_WINBINDD_SOCKET_DIR}\" ";
+	$cmd .= "$net join $ret->{CONFIGURATION}";
+	$cmd .= " -U$dcvars->{USERNAME}\%$dcvars->{PASSWORD}";
+
+	if (system($cmd) != 0) {
+	    warn("Join failed\n$cmd");
+	    return undef;
+	}
+
+	# We need world access to this share, as otherwise the domain
+	# administrator from the AD domain provided by Samba4 can't
+	# access the share for tests.
+	chmod 0777, "$prefix/share";
+
+	if (not $self->check_or_start($ret, "yes", "yes", "yes")) {
+		return undef;
+	}
+
+	$ret->{DC_SERVER} = $dcvars->{SERVER};
+	$ret->{DC_SERVER_IP} = $dcvars->{SERVER_IP};
+	$ret->{DC_SERVER_IPV6} = $dcvars->{SERVER_IPV6};
+	$ret->{DC_NETBIOSNAME} = $dcvars->{NETBIOSNAME};
+	$ret->{DC_USERNAME} = $dcvars->{USERNAME};
+	$ret->{DC_PASSWORD} = $dcvars->{PASSWORD};
+
+	# Special case, this is called from Samba4.pm but needs to use the Samba3 check_env and get_log_env
+	$ret->{target} = $self;
+
+	return $ret;
+}
+
 sub setup_simpleserver($$)
 {
 	my ($self, $path) = @_;
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 772f982cb9d..205e2813db6 100755
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -2130,6 +2130,12 @@ sub setup_env($$$)
 		}
 		return $target3->setup_ad_member_idmap_rid("$path/ad_member_idmap_rid",
 							   $self->{vars}->{ad_dc});
+	} elsif ($envname eq "ad_member_idmap_ad") {
+		if (not defined($self->{vars}->{ad_dc})) {
+			$self->setup_ad_dc("$path/ad_dc");
+		}
+		return $target3->setup_ad_member_idmap_ad("$path/ad_member_idmap_ad",
+							  $self->{vars}->{ad_dc});
 	} elsif ($envname eq "none") {
 		return $self->setup_none("$path/none");
 	} else {
author	Ralph Boehme <slow@samba.org>	2017-07-10 16:19:18 +0200
committer	Ralph Boehme <slow@samba.org>	2017-07-12 09:01:17 +0200
commit	4a7ec5b7604495bee174f9c83b62f55604c6efbc (patch)
tree	785819f4b37f092fd8e78381eaa76c1f1cb2fdaa /selftest/target
parent	259e1706e3206b215e136ea9d5beef4c9e3fcdee (diff)
download	samba-4a7ec5b7604495bee174f9c83b62f55604c6efbc.tar.gz