[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Tue Jun 3 21:49:03 MDT 2014
The branch, master has been updated
via 23848f3 s3-rpc_server: Use C99 types in rpc_pipes.h
via a23c62a s4-messaging: Make header guard less generic
via 5722831 winbind: Fix template homedir to match source3
via 67a9d21 make winbindd work in "samba4" member server modes
via 191d754 s3-param: Add lp_dnsdomain() for use by winbindd
via 5a71f46 winbindd: Use rpc_pipe_open_interface() so that winbindd uses the correct rpc servers
via 902f14c s3-rpc_server: Give log messages on failure
via e85ab68 winbindd: Remove pointless if statement
via 04bc200 winbindd: explain that this check protects the AD DC machine account password (for now at least)
via 822b492 dsdb: Do not give an error is metadata.tdb does not yet exist
via d62e0f8 selftest: Add knownfail entries for wbinfo --user-info tests only on the failing environments
via 5f29774 selftest: move all winbind test rules to one place
via 67cdbde selftest: enable winbind enum users/groups in s4 environments
via 6add082 selftest: Make test_wbinfo.sh work with s3-winbindd
via 4688cf7 libwbclient-tests: No longer hardcoded password and test domain
via a1c7aa0 selftest: Run samba4.blackbox.wbinfo against plugin_s4_dc
via 2b558f2 selftest: Set winbind separator = /
via b2c0a6a selftest: Ensure winbindd is fully operating before running tests
via 34e8dec selftest: consitently use the name s4member
from f9a9e18 docs: Remove out of date Kerberos and security chapter
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 23848f35474f96f101da20644205099c0b1d3c9e
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu May 8 12:16:24 2014 +1200
s3-rpc_server: Use C99 types in rpc_pipes.h
Change-Id: Ic282f02f421870ff8a8623005979f8a034902d88
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Jun 4 05:48:29 CEST 2014 on sn-devel-104
commit a23c62add4e30407c257394d8aae383dca492df0
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue May 6 13:38:44 2014 +1200
s4-messaging: Make header guard less generic
Change-Id: I659bbb317e69aee6632db8bce3c4bdb5f9ad3d8d
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 57228317fc2339b83cccf4b1f3515d8a3b435a3c
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Mar 28 16:32:06 2014 +1300
winbind: Fix template homedir to match source3
Fix provided by Andy Igoshin <ai at vsu.ru>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10324
Andrew Bartlett
Change-Id: Ie94d207fed91e9dfd85ee3c3339c376b25ac5fa4
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 67a9d2183ec0f9177a66100ed4fc251979e39bc9
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Apr 9 15:54:07 2014 +1200
make winbindd work in "samba4" member server modes
These modes are useful for testing aspects of the code like the rpc proxy.
Andrew Bartlett
Change-Id: I87b3ac0df299dd176599f824f8815880470c6401
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 191d754091a5a060cfd3d9a5f4e744a561b56abb
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri May 16 20:04:21 2014 +1200
s3-param: Add lp_dnsdomain() for use by winbindd
Change-Id: I987aa533ebe11c93b9e836fafc7b19c81bf600a5
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 5a71f46f46fc3d4cbc2fe6c06e0d1661ccead488
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Apr 28 21:07:59 2014 +1200
winbindd: Use rpc_pipe_open_interface() so that winbindd uses the correct rpc servers
This means that in the AD DC, we use the AD DC servers, while in the classic DC or file server we continue
to use the built-in SAMR and LSA servers.
Andrew Bartlett
Change-Id: I63b1443f5665016f7fcbed35907ec29d4424ab18
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 902f14c084a53e5e0b36ed9b214251c8b78b19f3
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Apr 29 09:08:25 2014 +1200
s3-rpc_server: Give log messages on failure
Change-Id: I240d58fdf71bbab42d1ffb63bb52b9650fd4bd85
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit e85ab6851893c9d3cef2272268d69cad3ef30ee7
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Apr 28 21:03:40 2014 +1200
winbindd: Remove pointless if statement
Change-Id: I7d2646078f6e7ba596b92da7d37c285d10ad38c0
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 04bc200e95c3473238a541460a714b13f67375b8
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon May 19 11:08:00 2014 +1200
winbindd: explain that this check protects the AD DC machine account password (for now at least)
Change-Id: I2e2eb2e7fc4a12f27025f42e4cc41560311ce6c8
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 822b4927288231b7a90579af9792608a0bdef706
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri May 23 16:41:33 2014 +1200
dsdb: Do not give an error is metadata.tdb does not yet exist
Change-Id: I88ee188c776364fd66da388ce01fc9288aa2ded0
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit d62e0f8a2575f3d067c350f9873d0a308462bdcf
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue May 20 09:23:33 2014 +1200
selftest: Add knownfail entries for wbinfo --user-info tests only on the failing environments
This is better than skipping on every environment in the test
Andrew Bartlett
Change-Id: Ib4b114059d8f8bb05a9bdc2eca0f71310fc5a3bc
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 5f29774071a7698a4d4ab73c2059f8f16d507776
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon May 19 17:32:56 2014 +1200
selftest: move all winbind test rules to one place
We now run wbinfo_simple additionally against plugin_s4_dc and dc
This also extends many of the tests to run against more environments,
hence the additional knownfail entries.
For winbind.wbclient, the fl2003dc environment has been selected not
to run with password history so as to allow the winindd.wbinfo test to
complete (once switched to running winbindd).
Andrew Bartlett
Change-Id: I475fd9937e515796b5e47c042a8bfa85f76441ca
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 67cdbde5f2d96a9438326e7272c851fc510ac9a1
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue May 20 11:16:07 2014 +1200
selftest: enable winbind enum users/groups in s4 environments
Change-Id: I5a9218294580670048636645315a9cf217618e58
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 6add082461358c01d255dbf87e4e48ba43f38218
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon May 12 17:10:14 2014 +1200
selftest: Make test_wbinfo.sh work with s3-winbindd
Change-Id: I41ed850b6424eac3fb8b6603d5b87c66bb77dd51
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 4688cf77c425eb52f9765a94b0479a2327d2e354
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon May 12 14:29:27 2014 +1200
libwbclient-tests: No longer hardcoded password and test domain
The password is made more complex, and the test domain is made to
use the command line options.
Andrew Bartlett
Change-Id: Ia1ec24a9fc393e7f7b210f845bcf32dbc933d48f
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit a1c7aa0b348527be5e798030771690937fddf350
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Apr 9 15:37:33 2014 +1200
selftest: Run samba4.blackbox.wbinfo against plugin_s4_dc
Change-Id: I5580de814d5fe000d352f3c78743837d26f9422d
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 2b558f2096410b1afd2a6d5bde2862b4cc4fd587
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon Mar 31 20:47:18 2014 +1300
selftest: Set winbind separator = /
This avoids a pile of shell-script escape pain, and fixes some tests.
Andrew Bartlett
Change-Id: Ie1d0e32ab484a5b0ddbc4073831fe6de27e38e92
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit b2c0a6a8510a55899a20ff923ce865f1760e6984
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sat May 24 09:44:58 2014 +1200
selftest: Ensure winbindd is fully operating before running tests
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
commit 34e8deccf989a43a811cb8e0a00fc82e67867b71
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sat May 24 22:47:30 2014 +1200
selftest: consitently use the name s4member
This avoids a conflict with the Samba3.pm defined member environment, and so spurious
failures in make test for the member environment dependent on test ordering.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/param/loadparm.c | 2 +-
nsswitch/libwbclient/tests/wbclient.c | 43 ++++----
nsswitch/tests/test_idmap_rfc2307.sh | 16 ++--
nsswitch/tests/test_wbinfo.sh | 11 +-
selftest/knownfail | 117 ++++++++++++++++++---
selftest/selftest.pl | 1 +
selftest/target/Samba3.pm | 3 +-
selftest/target/Samba4.pm | 43 +++++++-
source3/include/proto.h | 1 +
source3/param/loadparm.c | 3 +
source3/rpc_server/rpc_ncacn_np.c | 2 +
source3/rpc_server/rpc_pipes.h | 8 +-
source3/script/tests/test_wbinfo_sids2xids_int.py | 2 +-
source3/selftest/tests.py | 50 +--------
source3/winbindd/winbindd_change_machine_acct.c | 4 +
source3/winbindd/winbindd_samr.c | 67 +++++++-----
source4/dsdb/samdb/ldb_modules/schema_load.c | 4 +-
source4/lib/messaging/messaging.h | 4 +-
source4/selftest/tests.py | 61 +++++++++--
source4/torture/winbind/struct_based.c | 2 +-
source4/winbind/wb_cmd_getpwnam.c | 4 +-
source4/winbind/wb_cmd_getpwuid.c | 4 +-
22 files changed, 300 insertions(+), 152 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
index bf0cbc0..5a0ef88 100644
--- a/lib/param/loadparm.c
+++ b/lib/param/loadparm.c
@@ -2294,7 +2294,7 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx)
lpcfg_do_global_parameter_var(lp_ctx, "samba kcc command",
"%s/samba_kcc", dyn_SCRIPTSBINDIR);
lpcfg_do_global_parameter(lp_ctx, "template shell", "/bin/false");
- lpcfg_do_global_parameter(lp_ctx, "template homedir", "/home/%WORKGROUP%/%ACCOUNTNAME%");
+ lpcfg_do_global_parameter(lp_ctx, "template homedir", "/home/%D/%U");
lpcfg_do_global_parameter(lp_ctx, "client signing", "default");
lpcfg_do_global_parameter(lp_ctx, "server signing", "default");
diff --git a/nsswitch/libwbclient/tests/wbclient.c b/nsswitch/libwbclient/tests/wbclient.c
index cd44d69..771b848 100644
--- a/nsswitch/libwbclient/tests/wbclient.c
+++ b/nsswitch/libwbclient/tests/wbclient.c
@@ -31,6 +31,8 @@
#include "lib/param/param.h"
#include "lib/util/samba_util.h"
#include "lib/crypto/arcfour.h"
+#include "auth/credentials/credentials.h"
+#include "lib/cmdline/popt_common.h"
#define WBC_ERROR_EQUAL(x,y) (x == y)
@@ -464,12 +466,13 @@ static bool test_wbc_authenticate_user_int(struct torture_context *tctx,
struct wbcAuthErrorInfo *error = NULL;
wbcErr ret;
- ret = wbcAuthenticateUser(getenv("USERNAME"), correct_password);
+ ret = wbcAuthenticateUser(cli_credentials_get_username(cmdline_credentials), correct_password);
torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
- "wbcAuthenticateUser of %s failed", getenv("USERNAME"));
+ "wbcAuthenticateUser of %s failed",
+ cli_credentials_get_username(cmdline_credentials));
ZERO_STRUCT(params);
- params.account_name = getenv("USERNAME");
+ params.account_name = cli_credentials_get_username(cmdline_credentials);
params.level = WBC_AUTH_USER_LEVEL_PLAIN;
params.password.plaintext = correct_password;
@@ -498,14 +501,14 @@ static bool test_wbc_authenticate_user_int(struct torture_context *tctx,
static bool test_wbc_authenticate_user(struct torture_context *tctx)
{
- return test_wbc_authenticate_user_int(tctx, getenv("PASSWORD"));
+ return test_wbc_authenticate_user_int(tctx, cli_credentials_get_password(cmdline_credentials));
}
static bool test_wbc_change_password(struct torture_context *tctx)
{
wbcErr ret;
- const char *oldpass = getenv("PASSWORD");
- const char *newpass = "Koo8irei";
+ const char *oldpass = cli_credentials_get_password(cmdline_credentials);
+ const char *newpass = "Koo8irei%$";
struct samr_CryptPassword new_nt_password;
struct samr_CryptPassword new_lm_password;
@@ -569,23 +572,23 @@ static bool test_wbc_change_password(struct torture_context *tctx)
params.new_password.response.nt_data = new_nt_password.data;
params.level = WBC_CHANGE_PASSWORD_LEVEL_RESPONSE;
- params.account_name = getenv("USERNAME");
- params.domain_name = "SAMBA-TEST";
+ params.account_name = cli_credentials_get_username(cmdline_credentials);
+ params.domain_name = cli_credentials_get_domain(cmdline_credentials);
ret = wbcChangeUserPasswordEx(¶ms, NULL, NULL, NULL);
torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
"wbcChangeUserPassword for %s failed", params.account_name);
- if (!test_wbc_authenticate_user_int(tctx, "Koo8irei")) {
+ if (!test_wbc_authenticate_user_int(tctx, newpass)) {
return false;
}
- ret = wbcChangeUserPassword(getenv("USERNAME"), "Koo8irei",
- getenv("PASSWORD"));
+ ret = wbcChangeUserPassword(cli_credentials_get_username(cmdline_credentials), newpass,
+ cli_credentials_get_password(cmdline_credentials));
torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
"wbcChangeUserPassword for %s failed", params.account_name);
- return test_wbc_authenticate_user_int(tctx, getenv("PASSWORD"));
+ return test_wbc_authenticate_user_int(tctx, cli_credentials_get_password(cmdline_credentials));
}
static bool test_wbc_logon_user(struct torture_context *tctx)
@@ -607,8 +610,8 @@ static bool test_wbc_logon_user(struct torture_context *tctx)
"%s", "wbcLogonUser succeeded for NULL where it should "
"have failed");
- params.username = getenv("USERNAME");
- params.password = getenv("PASSWORD");
+ params.username = cli_credentials_get_username(cmdline_credentials);
+ params.password = cli_credentials_get_password(cmdline_credentials);
ret = wbcAddNamedBlob(¶ms.num_blobs, ¶ms.blobs,
"foo", 0, discard_const_p(uint8_t, "bar"), 4);
@@ -638,7 +641,7 @@ static bool test_wbc_logon_user(struct torture_context *tctx)
strlen("S-1-2-3-4")+1);
torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
"%s", "wbcAddNamedBlob failed");
- params.password = getenv("PASSWORD");
+ params.password = cli_credentials_get_password(cmdline_credentials);
ret = wbcLogonUser(¶ms, &info, &error, &policy);
torture_assert_wbc_equal(tctx, ret, WBC_ERR_AUTH_ERROR,
"wbcLogonUser for %s should have failed with "
@@ -653,11 +656,11 @@ static bool test_wbc_logon_user(struct torture_context *tctx)
torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
"%s", "wbcInterfaceDetails failed");
- ret = wbcLookupName(iface->netbios_domain, getenv("USERNAME"), &sid,
+ ret = wbcLookupName(iface->netbios_domain, cli_credentials_get_username(cmdline_credentials), &sid,
&sidtype);
wbcFreeMemory(iface);
torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
- "wbcLookupName for %s failed", getenv("USERNAME"));
+ "wbcLookupName for %s failed", cli_credentials_get_username(cmdline_credentials));
ret = wbcSidToString(&sid, &sidstr);
torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
@@ -669,7 +672,7 @@ static bool test_wbc_logon_user(struct torture_context *tctx)
torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
"%s", "wbcAddNamedBlob failed");
wbcFreeMemory(sidstr);
- params.password = getenv("PASSWORD");
+ params.password = cli_credentials_get_password(cmdline_credentials);
ret = wbcLogonUser(¶ms, &info, &error, &policy);
torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
"wbcLogonUser for %s failed", params.username);
@@ -688,9 +691,9 @@ static bool test_wbc_getgroups(struct torture_context *tctx)
uint32_t num_groups;
gid_t *groups;
- ret = wbcGetGroups(getenv("USERNAME"), &num_groups, &groups);
+ ret = wbcGetGroups(cli_credentials_get_username(cmdline_credentials), &num_groups, &groups);
torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
- "wbcGetGroups for %s failed", getenv("USERNAME"));
+ "wbcGetGroups for %s failed", cli_credentials_get_username(cmdline_credentials));
wbcFreeMemory(groups);
return true;
}
diff --git a/nsswitch/tests/test_idmap_rfc2307.sh b/nsswitch/tests/test_idmap_rfc2307.sh
index d3087a1..cb60364 100755
--- a/nsswitch/tests/test_idmap_rfc2307.sh
+++ b/nsswitch/tests/test_idmap_rfc2307.sh
@@ -74,24 +74,24 @@ testit "add ldap group mapping record" $VALGRIND $ldbadd -H ldap://$DC_SERVER -U
rm -f $PREFIX/tmpldbmodify
-testit "wbinfo --name-to-sid" $wbinfo --name-to-sid "$DOMAIN\\$USERNAME" || failed=$(expr $failed + 1)
-user_sid=$($wbinfo -n "$DOMAIN\\$USERNAME" | cut -d " " -f1)
-echo "$DOMAIN\\$USERNAME resolved to $user_sid"
+testit "wbinfo --name-to-sid" $wbinfo --name-to-sid "$DOMAIN/$USERNAME" || failed=$(expr $failed + 1)
+user_sid=$($wbinfo -n "$DOMAIN/$USERNAME" | cut -d " " -f1)
+echo "$DOMAIN/$USERNAME resolved to $user_sid"
testit "wbinfo --sid-to-uid=$user_sid" $wbinfo --sid-to-uid=$user_sid || failed=$(expr $failed + 1)
user_uid=$($wbinfo --sid-to-uid=$user_sid | cut -d " " -f1)
-echo "$DOMAIN\\$USERNAME resolved to $user_uid"
+echo "$DOMAIN/$USERNAME resolved to $user_uid"
testit "test $user_uid -eq $USERUID" test $user_uid -eq $USERUID || failed=$(expr $failed + 1)
# Not sure how to get group names with spaces to resolve through testit
-#testit "wbinfo --name-to-sid" $wbinfo --name-to-sid="$DOMAIN\\$GROUPNAME" || failed=$(expr $failed + 1)
-group_sid=$($wbinfo --name-to-sid="$DOMAIN\\$GROUPNAME" | cut -d " " -f1)
-echo "$DOMAIN\\$GROUPNAME resolved to $group_sid"
+#testit "wbinfo --name-to-sid" $wbinfo --name-to-sid="$DOMAIN/$GROUPNAME" || failed=$(expr $failed + 1)
+group_sid=$($wbinfo --name-to-sid="$DOMAIN/$GROUPNAME" | cut -d " " -f1)
+echo "$DOMAIN/$GROUPNAME resolved to $group_sid"
testit "wbinfo --sid-to-gid=$group_sid" $wbinfo --sid-to-gid=$group_sid || failed=$(expr $failed + 1)
group_gid=$($wbinfo --sid-to-gid=$group_sid | cut -d " " -f1)
-echo "$DOMAIN\\$GROUPNAME resolved to $group_gid"
+echo "$DOMAIN/$GROUPNAME resolved to $group_gid"
testit "test $group_gid -eq $GROUPGID" test $group_gid -eq $GROUPGID || failed=$(expr $failed + 1)
diff --git a/nsswitch/tests/test_wbinfo.sh b/nsswitch/tests/test_wbinfo.sh
index 461d780..c9758b8 100755
--- a/nsswitch/tests/test_wbinfo.sh
+++ b/nsswitch/tests/test_wbinfo.sh
@@ -57,10 +57,10 @@ testit "wbinfo -u against $TARGET" $wbinfo -u || failed=`expr $failed + 1`
testit "wbinfo -g against $TARGET" $wbinfo -g || failed=`expr $failed + 1`
# Convert netbios name to IP
# Does not work yet
-knownfail "wbinfo -N against $TARGET" $wbinfo -N $NETBIOSNAME || failed=`expr $failed + 1`
+testit "wbinfo -N against $TARGET" $wbinfo -N $NETBIOSNAME || failed=`expr $failed + 1`
# Convert IP to netbios name
# Does not work yet
-knownfail "wbinfo -I against $TARGET" $wbinfo -I $SERVER_IP || failed=`expr $failed + 1`
+testit "wbinfo -I against $TARGET" $wbinfo -I $SERVER_IP || failed=`expr $failed + 1`
# Convert name to SID
testit "wbinfo -n against $TARGET" $wbinfo -n "$DOMAIN/$USERNAME" || failed=`expr $failed + 1`
@@ -151,8 +151,8 @@ testfail "wbinfo -Y against $TARGET using invalid SID" $wbinfo -Y "S-1-22-1-3000
testit "wbinfo -t against $TARGET" $wbinfo -t || failed=`expr $failed + 1`
#didn't really work anyway
-knownfail "wbinfo --trusted-domains against $TARGET" $wbinfo --trusted-domains || failed=`expr $failed + 1`
-knownfail "wbinfo --all-domains against $TARGET" $wbinfo --all-domains || failed=`expr $failed + 1`
+testit "wbinfo --trusted-domains against $TARGET" $wbinfo --trusted-domains || failed=`expr $failed + 1`
+testit "wbinfo --all-domains against $TARGET" $wbinfo --all-domains || failed=`expr $failed + 1`
testit "wbinfo --own-domain against $TARGET" $wbinfo --own-domain || failed=`expr $failed + 1`
@@ -177,7 +177,7 @@ testit "wbinfo -i against $TARGET" $wbinfo -i "$DOMAIN/$USERNAME" || failed=`exp
testit "wbinfo --uid-info against $TARGET" $wbinfo --uid-info $admin_uid || failed=`expr $failed + 1`
echo "test: wbinfo --group-info against $TARGET"
-rawgid=`$wbinfo --group-info "Domain admins" | sed 's/.*:\([0-9][0-9]*\):/\1/'`
+gid=`$wbinfo --group-info "$DOMAIN/Domain admins" | cut -d: -f3`
if test x$? = x0; then
echo "success: wbinfo --group-info against $TARGET"
else
@@ -187,7 +187,6 @@ fi
testfail "wbinfo --group-info against $TARGET with $USERNAME" $wbinfo --group-info $USERNAME && failed=`expr $failed + 1`
-gid=`echo $rawgid | sed 's/.*:\([0-9][0-9]*\):/\1/'`
testit "wbinfo --gid-info against $TARGET" $wbinfo --gid-info $gid || failed=`expr $failed + 1`
testit "wbinfo -r against $TARGET" $wbinfo -r "$DOMAIN/$USERNAME" || failed=`expr $failed + 1`
diff --git a/selftest/knownfail b/selftest/knownfail
index 35dba20..6d46f5a 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -115,7 +115,6 @@
^samba4.smb2.oplock.doc
^samba4.smb2.compound.related3
^samba4.smb2.compound.compound-break
-^samba4.winbind.struct.*.show_sequence # Not yet working in winbind
^samba4.*base.delaywrite.*update of write time and SMBwrite truncate\(.*\)$
^samba4.*base.delaywrite.*update of write time and SMBwrite truncate expand\(.*\)$
^samba4.*base.delaywrite.*delayed update of write time 3a\(.*\)$
@@ -242,16 +241,106 @@
#
# The Samba4 winbind does not cover the full winbind protocol, so these are expected
#
-^samba3.winbind.struct.info\(plugin_s4_dc\)
-^samba3.winbind.struct.show_sequence\(plugin_s4_dc\)
-^samba3.winbind.wbclient.wbcPingDc\(plugin_s4_dc\)
-^samba3.winbind.wbclient.wbcPingDc2\(plugin_s4_dc\)
-^samba3.winbind.wbclient.wbcListTrusts\(plugin_s4_dc\)
-^samba3.winbind.wbclient.wbcLookupDomainController\(plugin_s4_dc\)
-^samba3.winbind.wbclient.wbcLookupDomainControllerEx\(plugin_s4_dc\)
-^samba3.winbind.wbclient.wbcResolveWinsByName\(plugin_s4_dc\)
-^samba3.winbind.wbclient.wbcResolveWinsByIP\(plugin_s4_dc\)
-^samba3.winbind.wbclient.wbcLookupRids\(plugin_s4_dc\)
-^samba3.winbind.wbclient.wbcGetSidAliases\(plugin_s4_dc\)
-^samba3.winbind.wbclient.wbcLogonUser\(plugin_s4_dc\)
-^samba3.winbind.wbclient.wbcChangeUserPassword\(plugin_s4_dc\)
+^samba4.winbind.struct.show_sequence\(plugin_s4_dc\)
+^samba.blackbox.wbinfo\(dc:local\).wbinfo -N against dc
+^samba.blackbox.wbinfo\(dc:local\).wbinfo -I against dc
+^samba.blackbox.wbinfo\(dc:local\).wbinfo --trusted-domains against dc
+^samba.blackbox.wbinfo\(dc:local\).wbinfo --all-domains against dc
+^samba.blackbox.wbinfo\(plugin_s4_dc:local\).wbinfo -N against plugin_s4_dc
+^samba.blackbox.wbinfo\(plugin_s4_dc:local\).wbinfo -I against plugin_s4_dc
+^samba.blackbox.wbinfo\(plugin_s4_dc:local\).wbinfo --trusted-domains against plugin_s4_dc
+^samba.blackbox.wbinfo\(plugin_s4_dc:local\).wbinfo --all-domains against plugin_s4_dc
+^samba.blackbox.wbinfo\(s4member:local\).wbinfo -N against s4member
+^samba.blackbox.wbinfo\(s4member:local\).wbinfo -I against s4member
+^samba.blackbox.wbinfo\(s4member:local\).wbinfo --trusted-domains against s4member
+^samba.blackbox.wbinfo\(s4member:local\).wbinfo --all-domains against s4member
+^samba.blackbox.wbinfo\(rodc:local\).wbinfo -N against rodc
+^samba.blackbox.wbinfo\(rodc:local\).wbinfo -I against rodc
+^samba.blackbox.wbinfo\(rodc:local\).wbinfo --trusted-domains against rodc
+^samba.blackbox.wbinfo\(rodc:local\).wbinfo --all-domains against rodc
+^samba.blackbox.wbinfo\(promoted_dc:local\).wbinfo -N against promoted_dc
+^samba.blackbox.wbinfo\(promoted_dc:local\).wbinfo -I against promoted_dc
+^samba.blackbox.wbinfo\(promoted_dc:local\).wbinfo --trusted-domains against promoted_dc
+^samba.blackbox.wbinfo\(promoted_dc:local\).wbinfo --all-domains against promoted_dc
+#
+# This makes less sense when not running against an AD DC
+#
+^samba.blackbox.wbinfo\(s3member:local\).wbinfo -U against s3member
+^samba.blackbox.wbinfo\(s3member:local\).wbinfo -G against s3member
+^samba.blackbox.wbinfo\(s3member:local\).wbinfo -U check for sane mapping
+^samba.blackbox.wbinfo\(s3member:local\).wbinfo -G check for sane mapping
+^samba4.winbind.struct.show_sequence\(dc\)
+^samba.wbinfo_simple.\(dc:local\).--allocate-uid
+^samba.wbinfo_simple.\(dc:local\).--allocate-gid
+^samba.wbinfo_simple.\(s4member:local\).--allocate-uid
+^samba.wbinfo_simple.\(s4member:local\).--allocate-gid
+^samba.wbinfo_simple.\(plugin_s4_dc:local\).--allocate-uid
+^samba.wbinfo_simple.\(plugin_s4_dc:local\).--allocate-gid
+#
+# These do not work against winbindd in member mode for unknown reasons
+#
+^samba.wbinfo_simple.\(member:local\).--user-info
+^samba.wbinfo_simple.\(s3member:local\).--user-info
+#
+# These just happen to fail for some reason (probably because they run against the s4 winbind)
+#
+^samba4.winbind.pac.pac\(plugin_s4_dc:local\)
+^samba4.winbind.pac.pac\(s4member:local\)
+^samba4.winbind.struct.show_sequence\(s4member:local\)
+^samba4.winbind.struct.show_sequence\(plugin_s4_dc:local\)
+^samba4.winbind.struct.getdcname\(s3member:local\)
+^samba4.winbind.struct.lookup_name_sid\(s3member:local\)
+^samba4.winbind.wbclient.wbcPingDc\(fl2003dc:local\)
+^samba4.winbind.wbclient.wbcPingDc2\(fl2003dc:local\)
+^samba4.winbind.wbclient.wbcListTrusts\(fl2003dc:local\)
+^samba4.winbind.wbclient.wbcLookupDomainController\(fl2003dc:local\)
+^samba4.winbind.wbclient.wbcLookupDomainControllerEx\(fl2003dc:local\)
+^samba4.winbind.wbclient.wbcResolveWinsByName\(fl2003dc:local\)
+^samba4.winbind.wbclient.wbcResolveWinsByIP\(fl2003dc:local\)
+^samba4.winbind.wbclient.wbcLookupRids\(fl2003dc:local\)
+^samba4.winbind.wbclient.wbcGetSidAliases\(fl2003dc:local\)
+^samba4.winbind.wbclient.wbcLogonUser\(fl2003dc:local\)
+^samba4.winbind.wbclient.wbcChangeUserPassword\(fl2003dc:local\)
+^samba.wbinfo_simple.\(plugin_s4_dc:local\).--all-domains.wbinfo\(plugin_s4_dc:local\)
+^samba.wbinfo_simple.\(plugin_s4_dc:local\).--trusted-domains.wbinfo\(plugin_s4_dc:local\)
+^samba.wbinfo_simple.\(plugin_s4_dc:local\).--online-status.wbinfo\(plugin_s4_dc:local\)
+^samba.wbinfo_simple.\(plugin_s4_dc:local\).--online-status --domain=BUILTIN.wbinfo\(plugin_s4_dc:local\)
+^samba.wbinfo_simple.\(plugin_s4_dc:local\).--online-status --domain=PLUGINDOMAIN.wbinfo\(plugin_s4_dc:local\)
+^samba.wbinfo_simple.\(plugin_s4_dc:local\).--change-secret --domain=PLUGINDOMAIN.wbinfo\(plugin_s4_dc:local\)
+^samba.wbinfo_simple.\(dc:local\).--all-domains.wbinfo\(dc:local\)
+^samba.wbinfo_simple.\(dc:local\).--trusted-domains.wbinfo\(dc:local\)
+^samba.wbinfo_simple.\(dc:local\).--online-status.wbinfo\(dc:local\)
+^samba.wbinfo_simple.\(dc:local\).--online-status --domain=BUILTIN.wbinfo\(dc:local\)
+^samba.wbinfo_simple.\(dc:local\).--online-status --domain=SAMBADOMAIN.wbinfo\(dc:local\)
+^samba.wbinfo_simple.\(dc:local\).--change-secret --domain=SAMBADOMAIN.wbinfo\(dc:local\)
+^samba.wbinfo_simple.\(dc:local\).--online-status --domain=SAMBADOMAIN.wbinfo\(dc:local\)
+^samba.wbinfo_simple.\(s4member:local\).--all-domains.wbinfo\(s4member:local\)
+^samba.wbinfo_simple.\(s4member:local\).--trusted-domains.wbinfo\(s4member:local\)
+^samba.wbinfo_simple.\(s4member:local\).--online-status.wbinfo\(s4member:local\)
+^samba.wbinfo_simple.\(s4member:local\).--online-status --domain=BUILTIN.wbinfo\(s4member:local\)
+^samba.wbinfo_simple.\(s4member:local\).--online-status --domain=SAMBADOMAIN.wbinfo\(s4member:local\)
+^samba.wbinfo_simple.\(s4member:local\).--change-secret --domain=SAMBADOMAIN.wbinfo\(s4member:local\)
+^samba.blackbox.wbinfo\(dc:local\).wbinfo -N against dc\(dc:local\)
+^samba.blackbox.wbinfo\(dc:local\).wbinfo -I against dc\(dc:local\)
+^samba.blackbox.wbinfo\(dc:local\).wbinfo --trusted-domains against dc\(dc:local\)
+^samba.blackbox.wbinfo\(dc:local\).wbinfo --all-domains against dc\(dc:local\)
+^samba.blackbox.wbinfo\(s4member:local\).wbinfo -N against s4member\(s4member:local\)
+^samba.blackbox.wbinfo\(s4member:local\).wbinfo -I against s4member\(s4member:local\)
+^samba.blackbox.wbinfo\(s4member:local\).wbinfo --trusted-domains against s4member\(s4member:local\)
+^samba.blackbox.wbinfo\(s4member:local\).wbinfo --all-domains against s4member\(s4member:local\)
+^samba.blackbox.wbinfo\(rodc:local\).wbinfo -N against rodc\(rodc:local\)
+^samba.blackbox.wbinfo\(rodc:local\).wbinfo -I against rodc\(rodc:local\)
+^samba.blackbox.wbinfo\(rodc:local\).wbinfo --trusted-domains against rodc\(rodc:local\)
+^samba.blackbox.wbinfo\(rodc:local\).wbinfo --all-domains against rodc\(rodc:local\)
+^samba.blackbox.wbinfo\(promoted_dc:local\).wbinfo -N against promoted_dc\(promoted_dc:local\)
+^samba.blackbox.wbinfo\(promoted_dc:local\).wbinfo -I against promoted_dc\(promoted_dc:local\)
+^samba.blackbox.wbinfo\(promoted_dc:local\).wbinfo --trusted-domains against promoted_dc\(promoted_dc:local\)
+^samba.blackbox.wbinfo\(promoted_dc:local\).wbinfo --all-domains against promoted_dc\(promoted_dc:local\)
+^samba.blackbox.wbinfo\(plugin_s4_dc:local\).wbinfo -N against plugin_s4_dc\(plugin_s4_dc:local\)
+^samba.blackbox.wbinfo\(plugin_s4_dc:local\).wbinfo -I against plugin_s4_dc\(plugin_s4_dc:local\)
+^samba.blackbox.wbinfo\(plugin_s4_dc:local\).wbinfo --trusted-domains against plugin_s4_dc\(plugin_s4_dc:local\)
+^samba.blackbox.wbinfo\(plugin_s4_dc:local\).wbinfo --all-domains against plugin_s4_dc\(plugin_s4_dc:local\)
+^samba.blackbox.wbinfo\(s3member:local\).wbinfo -U against s3member\(s3member:local\)
+^samba.blackbox.wbinfo\(s3member:local\).wbinfo -U check for sane mapping\(s3member:local\)
+^samba.blackbox.wbinfo\(s3member:local\).wbinfo -G against s3member\(s3member:local\)
+^samba.blackbox.wbinfo\(s3member:local\).wbinfo -G check for sane mapping\(s3member:local\)
diff --git a/selftest/selftest.pl b/selftest/selftest.pl
index 97b24ed..831ebd9 100755
--- a/selftest/selftest.pl
+++ b/selftest/selftest.pl
@@ -545,6 +545,7 @@ sub write_clientconf($$$)
resolv:host file = $prefix_abs/dns_host_file
#We don't want to run 'speed' tests for very long
torture:timelimit = 1
+ winbind separator = /
";
close(CF);
}
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index f502783..a6d85cc 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -1020,6 +1020,7 @@ sub provision($$$$$$)
idmap config * : range = 100000-200000
winbind enum users = yes
winbind enum groups = yes
+ winbind separator = /
# min receivefile size = 4000
@@ -1301,7 +1302,7 @@ sub wait_for_start($$$$$)
print "checking for winbindd\n";
my $count = 0;
do {
- $ret = system("SELFTEST_WINBINDD_SOCKET_DIR=" . $envvars->{SELFTEST_WINBINDD_SOCKET_DIR} . " " . Samba::bindir_path($self, "wbinfo") . " -p");
+ $ret = system("SELFTEST_WINBINDD_SOCKET_DIR=" . $envvars->{SELFTEST_WINBINDD_SOCKET_DIR} . " " . Samba::bindir_path($self, "wbinfo") . " --ping-dc");
if ($ret != 0) {
sleep(2);
}
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index c4e8f31..7bdd396 100755
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -654,6 +654,8 @@ sub provision_raw_step1($$)
server signing = on
idmap_ldb:use rfc2307=yes
+ winbind enum users = yes
+ winbind enum groups = yes
";
print CONFFILE "
@@ -916,7 +918,7 @@ $extra_smbconf_shares
return $self->provision_raw_step2($ctx, $ret);
}
-sub provision_member($$$)
+sub provision_s4member($$$)
{
my ($self, $prefix, $dcvars) = @_;
print "PROVISIONING MEMBER...";
@@ -929,7 +931,7 @@ sub provision_member($$$)
"2008",
"locMEMpass3",
$dcvars->{SERVER_IP},
- "", "", undef);
+ "passdb backend = samba_dsdb", "", undef);
unless ($ret) {
return undef;
}
@@ -968,6 +970,7 @@ sub provision_rpc_proxy($$$)
print "PROVISIONING RPC PROXY...";
my $extra_smbconf_options = "
+ passdb backend = samba_dsdb
# rpc_proxy
dcerpc_remote:binding = ncacn_ip_tcp:$dcvars->{SERVER}
@@ -1321,6 +1324,34 @@ sub provision_fl2003dc($$)
"locDCpass6",
undef, "allow dns updates = nonsecure and secure", "", undef);
+ unless (defined $ret) {
+ return undef;
+ }
+
+ $ret->{DC_SERVER} = $ret->{SERVER};
+ $ret->{DC_SERVER_IP} = $ret->{SERVER_IP};
+ $ret->{DC_NETBIOSNAME} = $ret->{NETBIOSNAME};
+ $ret->{DC_USERNAME} = $ret->{USERNAME};
+ $ret->{DC_PASSWORD} = $ret->{PASSWORD};
+
+ my @samba_tool_options;
+ push (@samba_tool_options, Samba::bindir_path($self, "samba-tool"));
+ push (@samba_tool_options, "domain");
+ push (@samba_tool_options, "passwordsettings");
+ push (@samba_tool_options, "set");
+ push (@samba_tool_options, "--configfile=$ret->{SERVERCONFFILE}");
+ push (@samba_tool_options, "--min-pwd-age=0");
+ push (@samba_tool_options, "--history-length=1");
+
+ my $samba_tool_cmd = join(" ", @samba_tool_options);
+
+ unless (system($samba_tool_cmd) == 0) {
+ warn("Unable to set min password age to 0: \n$samba_tool_cmd\n");
+ return undef;
+ }
+
+ return $ret;
+
unless($self->add_wins_config("$prefix/private")) {
warn("Unable to add wins configuration");
return undef;
@@ -1703,7 +1734,7 @@ sub setup_env($$$)
if (not defined($self->{vars}->{dc})) {
$self->setup_dc("$path/dc");
}
- return $self->setup_member("$path/s4member", $self->{vars}->{dc});
+ return $self->setup_s4member("$path/s4member", $self->{vars}->{dc});
} elsif ($envname eq "rodc") {
if (not defined($self->{vars}->{dc})) {
$self->setup_dc("$path/dc");
@@ -1729,18 +1760,18 @@ sub setup_env($$$)
}
}
-sub setup_member($$$)
+sub setup_s4member($$$)
{
my ($self, $path, $dc_vars) = @_;
- my $env = $self->provision_member($path, $dc_vars);
+ my $env = $self->provision_s4member($path, $dc_vars);
if (defined $env) {
$self->check_or_start($env, "single");
$self->wait_for_start($env);
- $self->{vars}->{member} = $env;
+ $self->{vars}->{s4member} = $env;
}
return $env;
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 356bf91..d401dfb 100644
--
Samba Shared Repository
More information about the samba-cvs
mailing list