search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s4:kdc: Implement KDC plugin hardware authentication policy
[Samba.git] / selftest / expectedfail.d / samba4.ldb.simple.ldap-tls
blob49f90c9d04e6b0e426646146adc0cf81bf847795
1 #
2 ## We assert all "ldap server require strong auth" combinations
3 #
4 ^samba4.ldb.simple.ldap with SIMPLE-BIND.*ad_dc_ntvfs # ldap server require strong auth = allow_sasl_without_tls_channel_bindings
5 ^samba4.ldb.simple.ldap with SIMPLE-BIND.*fl2003dc    # ldap server require strong auth = yes
6 # fl2003dc has ldap server require strong auth = yes
7 # and correct channel bindings are required for TLS
8 ^samba4.ldb.simple.ldaps.*SASL-BIND.*ldap_testing:tls_channel_bindings=no.*fl2003dc
9 ^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*ldap_testing:tls_channel_bindings=no.*fl2003dc
10 # ad_dc_ntvfs and fl2008r2dc have
11 # ldap server require strong auth = allow_sasl_without_tls_channel_bindings
12 # it means correct channel bindings are required, if the client indicated
13 # explicit (even null) channel bindings are provided
14 #
15 # The following are in expectedfail_heimdal for now, as MIT
16 # behaves differently:
17 #^samba4.ldb.simple.ldaps.with.SASL-BIND.*use-kerberos=required.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*ad_dc_ntvfs
18 #^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*use-kerberos=required.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*ad_dc_ntvfs
19 #^samba4.ldb.simple.ldaps.with.SASL-BIND.*use-kerberos=required.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*fl2008r2dc
20 #^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*use-kerberos=required.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*fl2008r2dc
21 ^samba4.ldb.simple.ldaps.with.SASL-BIND.*ldap_testing:channel_bound=yes.*ldap_testing:forced_channel_binding=wRoNg
22 ^samba4.ldb.simple.ldaps.with.SASL-BIND.*ldap_testing:channel_bound=no.*ldap_testing:forced_channel_binding=wRoNg
23 ^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*ldap_testing:channel_bound=yes.*ldap_testing:forced_channel_binding=wRoNg
24 ^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*ldap_testing:channel_bound=no.*ldap_testing:forced_channel_binding=wRoNg
25 ^samba4.ldb.simple.ldaps.with.SASL-BIND.*use-kerberos=disabled.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*ad_dc_ntvfs
26 ^samba4.ldb.simple.ldaps.with.SASL-BIND.*use-kerberos=disabled.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*fl2008r2dc
27 ^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*use-kerberos=disabled.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*ad_dc_ntvfs
28 ^samba4.ldb.simple.ldap.starttls.*SASL-BIND.*use-kerberos=disabled.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*fl2008r2dc
Samba GIT mirror