2 # Copyright (C) 2017 Stefan Metzmacher <metze@samba.org>
6 Usage: $# test_trust_ntlm.sh SERVER USERNAME PASSWORD REALM DOMAIN TRUST_USERNAME TRUST_PASSWORD TRUST_REALM TRUST_DOMAIN TYPE UNTRUSTED TRUST_ERROR
28 samba4bindir
="$BINDIR"
30 rpcclient
="$samba4bindir/rpcclient"
31 smbclient
="$samba4bindir/smbclient"
32 wbinfo
="$samba4bindir/wbinfo"
36 .
`dirname $0`/subunit.sh
37 .
`dirname $0`/common_test_fns.inc
39 CREDS
="$DOMAIN\\$USERNAME%$PASSWORD"
40 WBCREDS
="$DOMAIN/$USERNAME%$PASSWORD"
41 EXPCREDS
="Account Name: $USERNAME, Authority Name: $DOMAIN"
42 test_rpcclient_grep
"Test01 rpcclient getusername with $CREDS" getusername
"$SERVER" "$EXPCREDS" -U$CREDS || failed
=`expr $failed + 1`
43 test_smbclient
"Test01 smbclient with $CREDS" 'ls' "$unc" -U$CREDS || failed
=`expr $failed + 1`
44 testit
"Test01 wbinfo -a with $WBCREDS" $VALGRIND $wbinfo -a $WBCREDS || failed
=`expr $failed + 1`
46 CREDS
="$REALM\\$USERNAME%$PASSWORD"
47 WBCREDS
="$REALM/$USERNAME%$PASSWORD"
48 EXPCREDS
="Account Name: $USERNAME, Authority Name: $DOMAIN"
49 test_rpcclient_grep
"Test02 rpcclient getusername with $CREDS" getusername
"$SERVER" "$EXPCREDS" -U$CREDS || failed
=`expr $failed + 1`
50 test_smbclient
"Test02 smbclient with $CREDS" 'ls' "$unc" -U$CREDS || failed
=`expr $failed + 1`
51 testit
"Test02 wbinfo -a with $WBCREDS" $VALGRIND $wbinfo -a $WBCREDS || failed
=`expr $failed + 1`
53 CREDS
="$USERNAME@$DOMAIN%$PASSWORD"
54 WBCREDS
="$USERNAME@$DOMAIN%$PASSWORD"
55 if [ x
"$TYPE" = x
"member" ]; then
56 EXPFAIL
="NT_STATUS_LOGON_FAILURE"
57 # rpcclient doesn't handle -Uuser@domain yet
58 #test_rpcclient_expect_failure_grep "Fail03 rpcclient getusername with $CREDS" getusername "$SERVER" "$EXPFAIL" -U$CREDS && failed=`expr $failed + 1`
59 test_smbclient_expect_failure
"Fail03 smbclient with $CREDS" 'ls' "$unc" -U$CREDS && failed
=`expr $failed + 1`
60 # winbindd doesn't handle user@domain yet
61 #testit_expect_failure "Fail03 wbinfo -a with $WBCREDS" $VALGRIND $wbinfo -a $WBCREDS && failed=`expr $failed + 1`
63 EXPCREDS
="Account Name: $USERNAME, Authority Name: $DOMAIN"
64 # rpcclient doesn't handle -Uuser@domain yet
65 #test_rpcclient_grep "Test03 rpcclient getusername with $CREDS" getusername "$SERVER" "$EXPCREDS" -U$CREDS || failed=`expr $failed + 1`
66 test_smbclient
"Test03 smbclient with $CREDS" 'ls' "$unc" -U$CREDS || failed
=`expr $failed + 1`
67 # winbindd doesn't handle user@domain yet
68 #testit "Test03 wbinfo -a with $WBCREDS" $VALGRIND $wbinfo -a $WBCREDS || failed=`expr $failed + 1`
71 CREDS
="$USERNAME@$REALM%$PASSWORD"
72 WBCREDS
="$USERNAME@$REALM%$PASSWORD"
73 if [ x
"$TYPE" = x
"member" ]; then
74 EXPFAIL
="NT_STATUS_LOGON_FAILURE"
75 # rpcclient doesn't handle -Uuser@domain yet
76 #test_rpcclient_expect_failure_grep "Fail04 rpcclient getusername with $CREDS" getusername "$SERVER" "$EXPFAIL" -U$CREDS && failed=`expr $failed + 1`
77 test_smbclient_expect_failure
"Fail04 smbclient with $CREDS" 'ls' "$unc" -U$CREDS && failed
=`expr $failed + 1`
78 # winbindd doesn't handle user@domain yet
79 #testit_expect_failure "Fail04 wbinfo -a with $WBCREDS" $VALGRIND $wbinfo -a $WBCREDS && failed=`expr $failed + 1`
81 EXPCREDS
="Account Name: $USERNAME, Authority Name: $DOMAIN"
82 # rpcclient doesn't handle -Uuser@domain yet
83 #test_rpcclient_grep "Test04 rpcclient getusername with $CREDS" getusername "$SERVER" "$EXPCREDS" -U$CREDS || failed=`expr $failed + 1`
84 test_smbclient
"Test04 smbclient with $CREDS" 'ls' "$unc" -U$CREDS || failed
=`expr $failed + 1`
85 # winbindd doesn't handle user@domain yet
86 #testit "Test04 wbinfo -a with $WBCREDS" $VALGRIND $wbinfo -a $WBCREDS || failed=`expr $failed + 1`
89 CREDS
="UNKNOWNDOMAIN\\$USERNAME%$PASSWORD"
90 WBCREDS
="UNKNOWNDOMAIN/$USERNAME%$PASSWORD"
91 EXPCREDS
="Account Name: $USERNAME, Authority Name: $DOMAIN"
92 test_rpcclient_grep
"Test05 rpcclient getusername with $CREDS" getusername
"$SERVER" "$EXPCREDS" -U$CREDS || failed
=`expr $failed + 1`
93 test_smbclient
"Test05 smbclient with $CREDS" 'ls' "$unc" -U$CREDS || failed
=`expr $failed + 1`
94 testit_expect_failure
"Fail05 wbinfo -a with $WBCREDS" $VALGRIND $wbinfo -a $WBCREDS || failed
=`expr $failed + 1`
96 CREDS
="$TRUST_DOMAIN\\$USERNAME%$PASSWORD"
97 WBCREDS
="$TRUST_DOMAIN/$USERNAME%$PASSWORD"
98 EXPFAIL
="$TRUST_ERROR"
99 test_rpcclient_expect_failure_grep
"Fail06 rpcclient getusername with $CREDS" getusername
"$SERVER" "$EXPFAIL" -U$CREDS && failed
=`expr $failed + 1`
100 test_smbclient_expect_failure
"Fail06 smbclient with $CREDS" 'ls' "$unc" -U$CREDS && failed
=`expr $failed + 1`
101 testit_expect_failure
"Fail06 wbinfo -a with $WBCREDS" $VALGRIND $wbinfo -a $WBCREDS && failed
=`expr $failed + 1`
103 CREDS
="$TRUST_DOMAIN\\$TRUST_USERNAME%$TRUST_PASSWORD"
104 WBCREDS
="$TRUST_DOMAIN/$TRUST_USERNAME%$TRUST_PASSWORD"
105 EXPCREDS
="Account Name: $TRUST_USERNAME, Authority Name: $TRUST_DOMAIN"
106 test_rpcclient_grep
"Test07 rpcclient getusername with $CREDS" getusername
"$SERVER" "$EXPCREDS" -U$CREDS || failed
=`expr $failed + 1`
107 test_smbclient
"Test07 smbclient with $CREDS" 'ls' "$unc" -U$CREDS || failed
=`expr $failed + 1`
108 testit
"Test07 wbinfo -a with $WBCREDS" $VALGRIND $wbinfo -a $WBCREDS || failed
=`expr $failed + 1`
110 CREDS
="$TRUST_REALM\\$TRUST_USERNAME%$TRUST_PASSWORD"
111 WBCREDS
="$TRUST_REALM/$TRUST_USERNAME%$TRUST_PASSWORD"
112 EXPCREDS
="Account Name: $TRUST_USERNAME, Authority Name: $TRUST_DOMAIN"
113 test_rpcclient_grep
"Test08 rpcclient getusername with $CREDS" getusername
"$SERVER" "$EXPCREDS" -U$CREDS || failed
=`expr $failed + 1`
114 test_smbclient
"Test08 smbclient with $CREDS" 'ls' "$unc" -U$CREDS || failed
=`expr $failed + 1`
115 testit
"Test08 wbinfo -a with $WBCREDS" $VALGRIND $wbinfo -a $WBCREDS || failed
=`expr $failed + 1`
117 CREDS
="$TRUST_USERNAME@$TRUST_DOMAIN%$TRUST_PASSWORD"
118 WBCREDS
="$TRUST_USERNAME@$TRUST_DOMAIN%$TRUST_PASSWORD"
119 if [ x
"$TRUST_REALM" = x
"$TRUST_DOMAIN" ]; then
121 EXPFAIL
="NT_STATUS_LOGON_FAILURE"
122 # rpcclient doesn't handle -Uuser@domain yet
123 #test_rpcclient_expect_failure_grep "Fail09 rpcclient getusername with $CREDS" getusername "$SERVER" "$EXPFAIL" -U$CREDS && failed=`expr $failed + 1`
124 test_smbclient_expect_failure
"Fail09 smbclient with $CREDS" 'ls' "$unc" -U$CREDS && failed
=`expr $failed + 1`
125 # winbindd doesn't handle user@domain yet
126 #testit_expect_failure "Fail09 wbinfo -a with $WBCREDS" $VALGRIND $wbinfo -a $WBCREDS && failed=`expr $failed + 1`
128 EXPCREDS
="Account Name: $TRUST_USERNAME, Authority Name: $TRUST_DOMAIN"
129 # rpcclient doesn't handle -Uuser@domain yet
130 #test_rpcclient_grep "Test09 rpcclient getusername with $CREDS" getusername "$SERVER" "$EXPCREDS" -U$CREDS || failed=`expr $failed + 1`
131 test_smbclient
"Test09 smbclient with $CREDS" 'ls' "$unc" -U$CREDS || failed
=`expr $failed + 1`
132 # winbindd doesn't handle user@domain yet
133 #testit "Test09 wbinfo -a with $WBCREDS" $VALGRIND $wbinfo -a $WBCREDS || failed=`expr $failed + 1`
136 CREDS
="$TRUST_USERNAME@$TRUST_REALM%$TRUST_PASSWORD"
137 WBCREDS
="$TRUST_USERNAME@$TRUST_REALM%$TRUST_PASSWORD"
138 if [ x
"$TRUST_REALM" = x
"$TRUST_DOMAIN" ]; then
140 EXPFAIL
="NT_STATUS_LOGON_FAILURE"
141 # rpcclient doesn't handle -Uuser@domain yet
142 #test_rpcclient_expect_failure_grep "Fail10 rpcclient getusername with $CREDS" getusername "$SERVER" "$EXPFAIL" -U$CREDS && failed=`expr $failed + 1`
143 test_smbclient_expect_failure
"Fail10 smbclient with $CREDS" 'ls' "$unc" -U$CREDS && failed
=`expr $failed + 1`
144 # winbindd doesn't handle user@domain yet
145 #testit_expect_failure "Fail10 wbinfo -a with $WBCREDS" $VALGRIND $wbinfo -a $WBCREDS && failed=`expr $failed + 1`
147 EXPCREDS
="Account Name: $TRUST_USERNAME, Authority Name: $TRUST_DOMAIN"
148 # rpcclient doesn't handle -Uuser@domain yet, maybe smbclient for now?
149 #test_rpcclient_grep "Test10 rpcclient getusername with $CREDS" getusername "$SERVER" "$EXPCREDS" -U$CREDS || failed=`expr $failed + 1`
150 test_smbclient
"Test10 smbclient with $CREDS" 'ls' "$unc" -U$CREDS || failed
=`expr $failed + 1`
151 # winbindd doesn't handle user@domain yet
152 #testit "Test10 wbinfo -a with $WBCREDS" $VALGRIND $wbinfo -a $WBCREDS || failed=`expr $failed + 1`
155 lowerrealm
=$
(echo $TRUST_REALM |
tr '[A-Z]' '[a-z]')
157 if test x
$TYPE = x
"forest"; then
161 if test x
$UNTRUSTED = x
"yes"; then