summaryrefslogtreecommitdiff
path: root/source4/selftest/tests.py
Commit message (Collapse)AuthorAgeFilesLines
* s4:torture/smb2/read: add test for cancelling SMB aioRalph Boehme2018-11-061-0/+1
| | | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=13667 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> (cherry picked from commit e37ff8c5fe18d400e378bf2591e209b30473d9f9)
* testprogs/blackbox: add samba4.blackbox.test_primary_group testStefan Metzmacher2018-11-051-0/+2
| | | | | | | | | | | This demonstrates the bug, that happens when the primaryGroupID of a user is changed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13418 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 364ed537e0bcb3a97cae0f2d1ff72de9423ce0e6)
* s4:selftest: test kinit with the interdomain trust user accountAlexander Bokovoy2018-09-051-0/+1
| | | | | | | | | | | | | | To test it, add a blackbox test that ensures we pass a keytab-based authentication with the trust user account for a trusted domain. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539 Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Alexander Bokovoy <ab@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 7df505298f71432d5adbcffccde8f97c117a57a6)
* selftest: add a durable handle test with delayed disconnectRalph Boehme2018-09-051-0/+1
| | | | | | | | Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> (cherry picked from commit 5508024a861e7c85e6c837552ad142aa1d5e8eca)
* s4:selftest: reformat smb2_s3only listRalph Boehme2018-09-051-1/+6
| | | | | | | | | | No change besides reformatting the list to one entry per line. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> (cherry picked from commit 3255822f75163cb38e53f634a5c6b03d46bfaff1)
* CVE-2018-1140 dns: Add a test to trigger the LDB casefolding issue on ↵Kai Blin2018-08-111-0/+3
| | | | | | | | | invalid chars BUG: https://bugzilla.samba.org/show_bug.cgi?id=13466 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* CVE-2018-10919 tests: Add tests for guessing confidential attributesTim Beale2018-08-111-0/+3
| | | | | | | | | | | | | | | | | | | | | Adds tests that assert that a confidential attribute cannot be guessed by an unprivileged user through wildcard DB searches. The tests basically consist of a set of DB searches/assertions that get run for: - basic searches against a confidential attribute - confidential attributes that get overridden by giving access to the user via an ACE (run against a variety of ACEs) - protecting a non-confidential attribute via an ACL that denies read- access (run against a variety of ACEs) - querying confidential attributes via the dirsync controls These tests all pass when run against a Windows Dc and all fail against a Samba DC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434 Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
* s4:selftest: run test_ldb_simple.sh with more auth optionsStefan Metzmacher2018-06-041-0/+7
| | | | | | | | | | | This demonstrates the broken GENSEC_FEATURE_LDAP_STYLE handling in our LDAP server. Bug: https://bugzilla.samba.org/show_bug.cgi?id=13427 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit fc1c5bd3be2c3f90eab2f31e43cf053f7ff13782)
* tests/replica_sync_rodc: Test conflict handling on an RODCGarming Sam2018-02-271-0/+6
| | | | | | | | | | | | | | | | There are two cases we are interested in: 1) RODC receives two identical DNs which conflict 2) RODC receives a rename to a DN which already exists Currently these issues are ignored, but the UDV and HWM are being updated, leading to objects/updates being skipped. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13269 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 45d19167d52e42bd2f9369dbe37a233902cc81b0)
* samba-tool visualize for understanding AD DC behaviourDouglas Bagnall2018-01-131-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | To work out what is happening in a replication graph, it is sometimes helpful to use visualisations. We introduce a samba-tool subcommand to write Graphviz dot output and generate text-based heatmaps of the distance in hops between DCs. There are two subcommands, two graphical modes, and (roughly) two modes of operation with respect to the location of authority. `samba-tool visualize ntdsconn` looks at NTDS Connections. `samba-tool visualize reps` looks at repsTo and repsFrom objects. In '--distance' mode (default), the distances between DCs are shown in a matrix in the terminal. With '--color=yes', this is depicted as a heatmap. With '--utf8' it is a lttle prettier. In '--dot' mode, Graphviz dot output is generated. When viewed using dot or xdot, this shows the network as a graph with DCs as vertices and connections edges. Certain types of degenerate edges are shown in different colours or line-styles. Normally samba-tool talks to one database; with the '-r' (a.k.a. '--talk-to-remote') option attempts are made to contact all the DCs known to the first database. This is necessary to get sensible results from `samba-tool visualize reps` because the repsFrom/To objects are not replicated, and it can reveal replication issues in other modes. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:selftest: replace --option=usespnego= with --option=clientusespnego=Stefan Metzmacher2018-01-101-14/+14
| | | | | | | | | | | I guess that's what we try to test here, as 'use spnego' was only evaluated on in the smb server part. The basically tests the 'raw NTLMv2 auth' option, we set it to yes on some environments, but keep a knownfail for the ad_member. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* source4/tests: typo in env nameJamie McClymont2018-01-041-1/+1
| | | | | | Signed-off-by: Jamie McClymont <jamiemcclymont@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* samba-tool: --help test, ensuring help tree coverageDouglas Bagnall2017-12-221-0/+1
| | | | | | | | | | `samba-tool [COMMAND] --help` will list sub-commands of COMMAND (or top-level commands if COMMAND is omitted). This ensures that `samba-tool COMMAND SUBCOMMAND --help` works for all the commands found in the help tree. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* dsdb encrypted secrets moduleGary Lockyer2017-12-181-0/+2
| | | | | | | | | | | | | | | | | Encrypt the samba secret attributes on disk. This is intended to mitigate the inadvertent disclosure of the sam.ldb file, and to mitigate memory read attacks. Currently the key file is stored in the same directory as sam.ldb but this could be changed at a later date to use an HSM or similar mechanism to protect the key. Data is encrypted with AES 128 GCM. The encryption uses gnutls where available and if it supports AES 128 GCM AEAD modes, otherwise nettle is used. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* tests dsdb encrypted secrets moduleGary Lockyer2017-12-181-0/+15
| | | | | | | | | | | Add tests to check that the encrypted_secrets module encrypts secrets/sensitive attributes on disk. This test also proves that the provision and join operations correctly configure the encrypted_secrets module. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:selftest: remove samba.blackbox.pdbtest.s4winbind testStefan Metzmacher2017-12-131-2/+0
| | | | | | | | | This is marked as knownfail for quite some time. I don't think such a test is a reason to the 'auth methods' option. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s4:selftest: remove samba.blackbox.pdbtest.s4winbind_wbclient testStefan Metzmacher2017-12-131-1/+0
| | | | | | | The "winbind_wbclient" backend is unused and will be removed soon. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool: validate password early in `domain provision`Jamie McClymont2017-12-101-0/+1
| | | | | | | | | | | | | | | | | Checks password against default quality and length standards when it is entered, allowing a second chance to enter one (if interactive), rather than running through the provisioning process and bailing on an exception Includes unit tests for the newly-added python wrapper of check_password_quality plus black-box tests for the checks in samba-tool. Breaks an openldap test which uses an invalid password. BUG: https://bugzilla.samba.org/show_bug.cgi?id=9710 BUG: https://bugzilla.samba.org/show_bug.cgi?id=12235 Signed-off-by: Jamie McClymont <jamiemcclymont@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
* source4 dsdb modules: Add new module "unique_object_sids"Gary Lockyer2017-12-101-0/+5
| | | | | | | | | New module that sets the LDB_FLAG_INTERNAL_UNIQUE_VALUE on all local objectSIDS and ensure it is cleared for any foreign security principals. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13004 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
* selftest: Rework samba.dsdb locking test to samba.dsdb_lockAndrew Bartlett2017-12-081-0/+1
| | | | | | | | | | | | | | | This avoids running the test while samba is modifying and locking the same database, as this can lead to a deadlock. The deadlock is not seen in production as the LDB read lock is not held while waiting for another process, but this test needs to do this to demonstrate the locking safety. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Fri Dec 8 21:47:55 CET 2017 on sn-devel-144
* gpo: Add gpo testsDavid Mulder2017-11-201-0/+4
| | | | | | | | Lays down a sysvol gpttmpl.inf with password policies, then runs the samba_gpoupdate command. Verifies policies are applied to the samdb. Signed-off-by: David Mulder <dmulder@suse.com> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* tests: Add a blackbox test for smbcontrolGary Lockyer2017-10-191-0/+7
| | | | | | | | | Add tests to check that samba processes have started and that they can be pinged. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* selftest: Rename ntlmauth tests to ntlmdisabledTim Beale2017-09-261-2/+2
| | | | | | | | | | There are already some existing ntlm_auth tests, so the new tests I've added make things a bit confusing. Also, ntlmdisabled probably better reflects the specific case we're trying to test. Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* selftest: Add new AD DC testenv with NTLM disabledTim Beale2017-09-261-1/+1
| | | | | | | | | | | | | This is so that we test the source4 case as well. Currently the only testenv with NTLM disabled is ktest, and that only exercises the source3 code. I've tried to support the new test environment with minimal changes to the Samba4.pm setup code. Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* selftest: Add some tests for linked attribute conflictsTim Beale2017-09-181-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | Currently we have tests that check we can resolve object conflicts, but these don't test anything related to conflicting linked attributes. This patch adds some basic tests that checks that Samba can resolve conflicting linked attributes. This highlights some problems with Samba, as the following tests currently fail: - test_conflict_single_valued_link: Samba currently can't resolve a conflicting targets for a single-valued linked attribute - the replication exits with an error. - test_link_deletion_conflict: If 2 DCs add the same linked attribute, currently when they resolve this conflict the RMD_VERSION for the linked attribute incorrectly gets incremented. This means the version numbers get out of step and subsequent changes to the linked attribute can be dropped/ignored. - test_full_sync_link_conflict: fails for the same reason as above. Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Autobuild-User(master): Garming Sam <garming@samba.org> Autobuild-Date(master): Mon Sep 18 09:56:41 CEST 2017 on sn-devel-144
* s4-drsuapi: Avoid segfault when replicating as a non-admin with ↵Andrew Bartlett2017-08-291-0/+5
| | | | | | | | | | | | | | | | GUID_DRS_GET_CHANGES Users who are not administrator do not get b_state->sam_ctx_system filled in. We should probably use the 'sam_ctx' variable in all cases (instead of b_state->sam_ctx*), but I'll make this change in a separate patch, so that the bug fix remains independent from other tidy-ups. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12946 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* getncchanges.py: Add a new test for replicationTim Beale2017-08-181-0/+10
| | | | | | | | | | | | | | | | | | | | | | This adds a new test to check that if objects are modified during a replication, then those objects don't wind up missing from the replication data. Note that when this scenario occurs, samba returns the objects in a different order to Windows. This test doesn't care what order the replicated objects get returned in, so long as they all have been received by the end of the test. As part of this, I've refactored _check_replication() in drs_base.py so it can be reused in new tests. In these cases, the objects are split up over multiple different chunks. So asserting that the objects are returned in a specific order makes it difficult to run the same test on both Samba and Windows. Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Garming Sam <garming@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12972
* tests: replace traffic_summary test with python blackbox testGary Lockyer2017-08-171-0/+3
| | | | | | | | | | | | | | Replace the shell subunit test for script/traffic_summary.pl with a python black box test. This involves moving the test files to more standard locations. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org> Autobuild-Date(master): Thu Aug 17 07:59:38 CEST 2017 on sn-devel-144
* scripts: Scripts to replay and generate samba trafficGary Lockyer2017-08-171-0/+12
| | | | | | | | | | | | | | | | | | | | | | | | Scripts to generate representative network traffic and replay this to a samba instance. For load testing, performance profiling and capacity planning. traffic_learner process a file generated by traffic_summary and generate a model that can be used by traffic_replay to generate samba network traffic. traffic_replay Replay a summary file generated by traffic_summary, or use a model created by traffic_learner to generate network traffic. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Pair-programmed-with: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Tim Beale <timbeale@catalyst.net.nz>
* dnsserver: Tests for dns wildcard entriesGary Lockyer2017-08-151-1/+1
| | | | | | | | | | Add tests for dns wildcards. Tests validated against Windows Server 2012 R2 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12952
* s4:auth/ntlmssp: add support for using "winbind" as DCStefan Metzmacher2017-08-071-2/+2
| | | | | | | This adds support for trusted domains to the auth stack on AD DCs. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* selftest: Add tests for credentials.get_named_ccache()Andrew Bartlett2017-07-281-0/+3
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* tests auth_log: Add new tests for NETLOGONGary Lockyer2017-07-241-0/+18
| | | | | | | | | | | | | Tests for the logging of NETLOGON authentications in the netr_ServerAuthenticate3 message processing Test code based on the existing auth_log tests. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12865 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* python/tests: add python test for cracknamesBob Campbell2017-07-241-0/+5
| | | | | | | | | | | | | This fails due the bug, which causes the related test in drsuapi_cracknames.c to flap. It also fails due to us not yet supporting DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL or DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12842 Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* Add code to run the tests for 'samba-tool user edit'Rowland Penny2017-07-051-0/+4
| | | | | | | | Signed-off-by: Rowland Penny <rpenny@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org> Autobuild-User(master): Alexander Bokovoy <ab@samba.org> Autobuild-Date(master): Wed Jul 5 17:53:24 CEST 2017 on sn-devel-144
* selftest: Add test to confirm NTLM authentication is enabledTim Beale2017-07-041-0/+5
| | | | | | | | | (or later, that it is disabled) Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> BUG: https://bugzilla.samba.org/show_bug.cgi?id=11923
* selftest: Use new ntlmv2-only and mschapv2-and-ntlmv2-only optionsAndrew Bartlett2017-07-041-3/+4
| | | | | | | This will allow the py_credentials test to tell if these are in use Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* tests: Add simple check whether netlogon server is runningTim Beale2017-07-041-0/+5
| | | | | | | | | | Netlogon only needs to run in DC environment. This is a simple test to check whether the netlogon service is running. This will allow us to disable the netlogon service on setups that don't require it. Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* pycredentials: add function to return the netr_AuthenticatorGary Lockyer2017-06-221-0/+3
| | | | | | | | | | | Add method new_client_authenticator that returns data to allow a netr_Authenticator to be constructed. Allows python to make netr_LogonSamLogonWithFlags, netr_LogonGetDomainInfo and similar calls Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Tests lsa.String: add String constructor, str and reprGary Lockyer2017-06-221-0/+2
| | | | | | | | | Tests for the String constructor, str and repr methods added to the samba.dcerpc.lsa.String python object Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* selftest: Add a test for @ATTRIBUTES and @INDEXLIST generationAndrew Bartlett2017-06-151-0/+3
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* selftest: Test join.py and confirm that the DNS record is createdAndrew Bartlett2017-06-101-0/+3
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* selftest: run dns tests in multiple envsAndrew Bartlett2017-06-101-0/+2
| | | | | | | | This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
* selftest/rodc: Do not run in single mode, this causes deadlocksGarming Sam2017-06-071-0/+2
| | | | | | | | | | | Attempting to 'ls' the file server against a single process AD will get stuck. This also appears as the KDC being busy. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Garming Sam <garming@samba.org> Autobuild-Date(master): Wed Jun 7 05:14:17 CEST 2017 on sn-devel-144
* tests net_join: use private secrets database.Gary Lockyer2017-05-251-1/+4
| | | | | | | | | Tests were leaving entries in the secrets database that caused subsequent test cases to fail. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* auth_log: Add test that execises the SamLogon python bindingsGary Lockyer2017-05-251-2/+11
| | | | | | Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* tests password_hash: Add ldap based tests for WDigestGary Lockyer2017-05-251-0/+4
| | | | | | | | | | | Add tests of the WDigest values using ldap. This allows the tests to be run against Windows, to validate the calculated values. Tests validated against Windows Server 2012 R2 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool tests: Tests for virtualCryptSHAxxx roundsGary Lockyer2017-05-251-0/+1
| | | | | | | | | Add tests to for the new rounds option for the virtualCryptSHA256 and virtualCryptSHA512 attributes. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool user: Tests for virtualWDigest attributesGary Lockyer2017-05-251-0/+1
| | | | | | | | | | Add tests for the new virtualWDigest attributes, these return the hashes stored in supplementalCredentials Primary:WDigest in a form suitable for use with htdigest authentication. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* testprogs: Add 'net rpc user' test against AD DCAndreas Schneider2017-05-111-0/+1
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
View Lorry Controller Status