Client's credentials have been revoked trying to use an account I added during a self test
Richard Sharpe
realrichardsharpe at gmail.com
Wed Jun 29 02:08:08 UTC 2016
Hi folks,
I am trying to add this code to the net ads dns tests:
UNPRIVUSER=unprivuser
UNPRIVPASS=UnPrivPass1
...
# This should be an expect_failure test ...
testit "Adding an unprivileged user" $VALGRIND $net_tool user add
$UNPRIVUSER $UNPRIVPASS -U$DC_USERNAME%$DC_PASSWORD || failed=`expr
$failed + 1`
testit "unprivileged users should not be able to add a DNS entry"
$VALGRIND $net_tool ads dns register funnyname2.$REALM 10.1.4.112
-U$UNPRIVUSER%$UNPRIVPASS && failed=`expr $failed + 1`
The command to add the user succeeds, but the command to try to add
the dns NAM fails with this error:
--------------------------
UNEXPECTED(failure):
samba4.blackbox.net_ads_dns(ad_member:local).unprivileged users should
not be able to add a DNS entry(ad_member:local)
REASON: Exception: Exception: kerberos_kinit_password
unprivuser at SAMBA.EXAMPLE.COM failed: Clients credentials have been
revoked
-------------------------
Why does that happen in the self test environment?
--
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)
More information about the samba-technical
mailing list