diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2018-09-03 20:26:17 +1200 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2018-09-05 11:42:25 +0200 |
| commit | 3e5ad20260f8366f1b1bc954f0199b7fd812bec7 (patch) | |
| tree | 7e925b24d61ab8c7c145bfeccfa426b17069b24c /testprogs | |
| parent | 71ba7cb9b1a5896e6fcdcd6d607339c40d335027 (diff) | |
| download | samba-3e5ad20260f8366f1b1bc954f0199b7fd812bec7.tar.gz | |
selftest/samba4.blackbox.export.keytab: Update to use a principal with SPN as UPN
The ability the kinit with an SPN (not also being a UPN) has gone away as
windows doesn't offer this functionality.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Diffstat (limited to 'testprogs')
| -rwxr-xr-x | testprogs/blackbox/test_export_keytab_heimdal.sh | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/testprogs/blackbox/test_export_keytab_heimdal.sh b/testprogs/blackbox/test_export_keytab_heimdal.sh index 608d78a0dd5..529961ea894 100755 --- a/testprogs/blackbox/test_export_keytab_heimdal.sh +++ b/testprogs/blackbox/test_export_keytab_heimdal.sh @@ -24,7 +24,8 @@ samba_tool="$samba4bindir/samba-tool" samba4ktutil="$BINDIR/samba4ktutil" newuser="$samba_tool user create" -SERVER_FQDN="$SERVER.$(echo $REALM | tr '[:upper:]' '[:lower:]')" +DNSDOMAIN=$(echo $REALM | tr '[:upper:]' '[:lower:]') +SERVER_FQDN="$SERVER.$DNSDOMAIN" samba4kinit=kinit if test -x $BINDIR/samba4kinit; then @@ -77,6 +78,9 @@ test_keytab "dump keytab from domain for user principal" "$PREFIX/tmpkeytab-2" " testit "dump keytab from domain for user principal (2nd time)" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab-2 --principal=nettestuser@$REALM $@ || failed=`expr $failed + 1` test_keytab "dump keytab from domain for user principal (2nd time)" "$PREFIX/tmpkeytab-2" "nettestuser@$REALM" 5 +testit "dump keytab from domain for user principal with SPN as UPN" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab-3 --principal=http/testupnspn.$DNSDOMAIN $@ || failed=`expr $failed + 1` +test_keytab "dump keytab from domain for user principal" "$PREFIX/tmpkeytab-3" "http/testupnspn.$DNSDOMAIN@$REALM" 5 + KRB5CCNAME="$PREFIX/tmpuserccache" export KRB5CCNAME @@ -93,11 +97,14 @@ export KRB5CCNAME testit "kinit with keytab as $USERNAME" $VALGRIND $samba4kinit --keytab=$PREFIX/tmpkeytab --request-pac $USERNAME@$REALM || failed=`expr $failed + 1` -KRB5CCNAME="$PREFIX/tmpserverccache" +KRB5CCNAME="$PREFIX/tmpspnupnccache" +export KRB5CCNAME +testit "kinit with SPN from keytab" $VALGRIND $samba4kinit -k -t $PREFIX/tmpkeytab-3 http/testupnspn.$DNSDOMAIN || failed=`expr $failed + 1` + +KRB5CCNAME="$PREFIX/tmpadminccache" export KRB5CCNAME -testit "kinit with SPN from keytab" $VALGRIND $samba4kinit -k -t $PREFIX/tmpkeytab-server cifs/$SERVER_FQDN || failed=`expr $failed + 1` testit "del user" $VALGRIND $samba_tool user delete nettestuser -k yes $@ || failed=`expr $failed + 1` -rm -f $PREFIX/tmpadminccache $PREFIX/tmpuserccache $PREFIX/tmpkeytab $PREFIX/tmpkeytab-2 $PREFIX/tmpkeytab-server +rm -f $PREFIX/tmpadminccache $PREFIX/tmpuserccache $PREFIX/tmpkeytab $PREFIX/tmpkeytab-2 $PREFIX/tmpkeytab-2 $PREFIX/tmpkeytab-server $PREFIX/tmpspnupnccache exit $failed |