[PATCH] Implement machinepass= in 'net ads join'
Jeremy Allison
jra at samba.org
Mon Mar 4 17:15:29 MST 2013
On Sat, Mar 02, 2013 at 12:11:03PM +1100, Andrew Bartlett wrote:
> On Fri, 2013-03-01 at 13:07 -0800, Jeremy Allison wrote:
> > On Thu, Feb 28, 2013 at 11:31:17PM +1100, Andrew Bartlett wrote:
> > > G'day,
> > >
> > > These patches add (and add tests for) a new machinepass= option for 'net
> > > ads join'.
> > >
> > > This makes this match 'samba-tool domain join'. For master and 4.0,
> > > this is not strictly required, as a workaround is to call 'samba-tool
> > > domain join'. However, I've been asked to backport this to 3.6, for
> > > Univention at least, and I think having the capability is a reasonable
> > > addition in any case.
> > >
> > > The only thing is that in all these tools, we don't try and wipe the
> > > password from the command line, but I'm not worried by this.
> > >
> > > The first patch is needed because the included tests showed that we in
> > > fact did not correct set the machine password in the testsuite's calls
> > > to 'samba-tool', so adding tests here has already been a worthwhile
> > > exercise.
> > >
> > > Please review/push/comment.
> >
> > Having said "LGTM" and looked at the code it looks really
> > obvious, but I can't push as the new test file :
> >
> > script/tests/test_smbclient_specified_machine_auth.sh
> >
> > isn't in the patchset (so my make test failed :-).
> >
> > Can you add it and re-submit ?
>
> Sorry about that.
Ok, this causes make test to fail on the "s4member" samba3.wbinfo_s3.(s4member:local)
test. Reproduce by doing:
make test TESTS=samba3.wbinfo_s3
It only seems to be starting the s4 server as a member server, not as a DC
to authenticate against, so I think this part of the patch should change from:
+# this test simply confirms that forcing the machine account password in the join command works
+for env in ["s3member", "s4member"]:
+ plantestsuite("samba3.blackbox.smbclient_specified_machine_auth.plain (%s)" % env, env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_specified_machine_auth.sh"), '$DC_SERVER', '$SERVER\$', 'machine$PASSWORD', smbclient3, configuration])
+
to:
+# this test simply confirms that forcing the machine account password in the join command works
+for env in ["s3member"]:
+ plantestsuite("samba3.blackbox.smbclient_specified_machine_auth.plain (%s)" % env, env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_specified_machine_auth.sh"), '$DC_SERVER', '$SERVER\$', 'machine$PASSWORD', smbclient3, configuration])
+
Can you confirm (or fix what I don't understand about the breakage :-)
and re-submit ?
Jeremy.
More information about the samba-technical
mailing list