2 # This script generates a list of testsuites that should be run as part of
3 # the Samba 4 test suite.
5 # The output of this script is parsed by selftest.pl, which then decides
6 # which of the tests to actually run. It will, for example, skip all tests
7 # listed in selftest/skip or only run a subset during "make quicktest".
9 # The idea is that this script outputs all of the tests of Samba 4, not
10 # just those that are known to pass, and list those that should be skipped
11 # or are known to fail in selftest/skip or selftest/knownfail. This makes it
12 # very easy to see what functionality is still missing in Samba 4 and makes
13 # it possible to run the testsuite against other servers, such as Samba 3 or
14 # Windows that have a different set of features.
16 # The syntax for a testsuite is "-- TEST --" on a single line, followed
17 # by the name of the test, the environment it needs and the command to run, all
18 # three separated by newlines. All other lines in the output are considered
23 sys
.path
.insert(0, os
.path
.join(os
.path
.dirname(__file__
), "../../selftest"))
24 import selftesthelpers
25 from selftesthelpers
import bindir
, srcdir
, binpath
, python
26 from selftesthelpers
import configuration
, plantestsuite
27 from selftesthelpers
import planpythontestsuite
, planperltestsuite
28 from selftesthelpers
import plantestsuite_loadlist
29 from selftesthelpers
import skiptestsuite
, source4dir
, valgrindify
30 from selftesthelpers
import smbtorture4_options
, smbtorture4_testsuites
31 from selftesthelpers
import smbtorture4
, ntlm_auth3
, samba3srcdir
34 print("OPTIONS %s" % " ".join(smbtorture4_options
), file=sys
.stderr
)
37 def plansmbtorture4testsuite(name
, env
, options
, modname
=None):
38 return selftesthelpers
.plansmbtorture4testsuite(name
, env
, options
,
39 target
='samba4', modname
=modname
)
42 samba4srcdir
= source4dir()
43 DSDB_PYTEST_DIR
= os
.path
.join(samba4srcdir
, "dsdb/tests/python/")
45 samba4bindir
= bindir()
46 validate
= os
.getenv("VALIDATE", "")
48 validate_list
= [validate
]
52 nmblookup4
= binpath('nmblookup4')
53 smbclient4
= binpath('smbclient4')
54 smbclient3
= binpath('smbclient')
56 bbdir
= os
.path
.join(srcdir(), "testprogs/blackbox")
58 # alias to highlight what tests we want to run against a DC with SMBv1 disabled
59 smbv1_disabled_testenv
= "restoredc"
61 all_fl_envs
= ["fl2000dc", "fl2003dc", "fl2008dc", "fl2008r2dc"]
63 # Simple tests for LDAP and CLDAP
64 for auth_type
in ['', '-k no', '-k yes']:
65 for auth_level
in ['--option=clientldapsaslwrapping=plain', '--client-protection=sign', '--client-protection=encrypt']:
66 creds
= '-U"$USERNAME%$PASSWORD"'
67 options
= creds
+ ' ' + auth_type
+ ' ' + auth_level
68 plantestsuite("samba4.ldb.ldap with options %r(ad_dc_default)" % options
, "ad_dc_default", "%s/test_ldb.sh ldap $SERVER %s" % (bbdir
, options
))
70 # see if we support ADS on the Samba3 side
72 config_h
= os
.environ
["CONFIG_H"]
74 config_h
= os
.path
.join(samba4bindir
, "default/include/config.h")
76 # check available features
78 f
= open(config_h
, 'r')
81 config_hash
= dict((x
[0], ' '.join(x
[1:]))
82 for x
in map(lambda line
: line
.strip().split(' ')[1:],
83 list(filter(lambda line
: (line
[0:7] == '#define') and (len(line
.split(' ')) > 2), lines
))))
87 have_heimdal_support
= ("SAMBA4_USES_HEIMDAL" in config_hash
)
88 have_gnutls_fips_mode_support
= ("HAVE_GNUTLS_FIPS_MODE_SUPPORTED" in config_hash
)
90 for options
in ['-U"$USERNAME%$PASSWORD"']:
91 plantestsuite("samba4.ldb.ldaps with options %s(ad_dc_ntvfs)" % options
, "ad_dc_ntvfs",
92 "%s/test_ldb.sh ldaps $SERVER_IP %s" % (bbdir
, options
))
95 '--simple-bind-dn=$USERNAME@$REALM --password=$PASSWORD',
98 'SERVER_IP': '$SERVER_IP',
99 'SERVER_NAME': '$SERVER',
100 'SERVER.REALM': '$SERVER.$REALM',
102 tls_verify_options
= [
103 '--option="tlsverifypeer=no_check"',
104 '--option="tlsverifypeer=ca_only"',
105 '--option="tlsverifypeer=ca_and_name_if_available"',
106 '--option="tlsverifypeer=ca_and_name"',
107 '--option="tlsverifypeer=as_strict_as_possible"',
110 # we use :local for fl2008r2dc because of the self-signed certificate
111 for env
in ["ad_dc_ntvfs", "fl2008r2dc:local"]:
112 for peer_key
in peer_options
.keys():
113 peer_val
= peer_options
[peer_key
]
114 for creds
in creds_options
:
115 for tls_verify
in tls_verify_options
:
116 options
= creds
+ ' ' + tls_verify
117 plantestsuite("samba4.ldb.simple.ldaps with options %s %s(%s)" % (
118 peer_key
, options
, env
), env
,
119 "%s/test_ldb_simple.sh ldaps %s %s" % (bbdir
, peer_val
, options
))
121 # test all "ldap server require strong auth" combinations
122 for env
in ["ad_dc_ntvfs", "fl2008r2dc", "fl2003dc"]:
123 options
= '--simple-bind-dn="$USERNAME@$REALM" --password="$PASSWORD"'
124 plantestsuite("samba4.ldb.simple.ldap with SIMPLE-BIND %s(%s)" % (options
, env
),
125 env
, "%s/test_ldb_simple.sh ldap $SERVER %s" % (bbdir
, options
))
126 options
+= ' --option="tlsverifypeer=no_check"'
127 plantestsuite("samba4.ldb.simple.ldaps with SIMPLE-BIND %s(%s)" % (options
, env
),
128 env
, "%s/test_ldb_simple.sh ldaps $SERVER %s" % (bbdir
, options
))
131 '--option=clientldapsaslwrapping=plain',
132 '--client-protection=sign',
133 '--client-protection=encrypt',
134 '--use-kerberos=required --option=clientldapsaslwrapping=plain',
135 '--use-kerberos=required --client-protection=sign',
136 '--use-kerberos=required --client-protection=encrypt',
137 '--use-kerberos=disabled --option=clientldapsaslwrapping=plain',
138 '--use-kerberos=disabled --client-protection=sign --option=ntlmssp_client:ldap_style_send_seal=no',
139 '--use-kerberos=disabled --client-protection=sign',
140 '--use-kerberos=disabled --client-protection=encrypt',
143 for auth_option
in auth_options
:
144 options
= '-U"$USERNAME%$PASSWORD"' + ' ' + auth_option
145 plantestsuite("samba4.ldb.simple.ldap with SASL-BIND %s(%s)" % (options
, env
),
146 env
, "%s/test_ldb_simple.sh ldap $SERVER %s" % (bbdir
, options
))
147 options
= '-U"$USERNAME%$PASSWORD" --option="tlsverifypeer=no_check"'
148 plantestsuite("samba4.ldb.simple.ldaps with SASL-BIND %s(%s)" % (options
, env
),
149 env
, "%s/test_ldb_simple.sh ldaps $SERVER %s" % (bbdir
, options
))
151 for options
in ['-U"$USERNAME%$PASSWORD"']:
152 plantestsuite("samba4.ldb.ldapi with options %s(ad_dc_ntvfs:local)" % options
, "ad_dc_ntvfs:local",
153 "%s/test_ldb.sh ldapi $PREFIX_ABS/ad_dc_ntvfs/private/ldapi %s" % (bbdir
, options
))
155 for t
in smbtorture4_testsuites("ldap."):
156 if t
== "ldap.nested-search":
157 plansmbtorture4testsuite(t
, "ad_dc_default_smb1", '-U"$USERNAME%$PASSWORD" //$SERVER_IP/_none_')
158 elif t
== "ldap.session-expiry":
159 # This requires kerberos and thus the server name
160 plansmbtorture4testsuite(
161 t
, "ad_dc_default", '-U"$USERNAME%$PASSWORD" //$DC_SERVER/_none_')
163 plansmbtorture4testsuite(
166 '-U"$USERNAME%$PASSWORD" //$SERVER_IP/_none_ -D "$USERNAME"@"$REALM"##"$PASSWORD"')
168 for t
in smbtorture4_testsuites("dsdb."):
169 plansmbtorture4testsuite(t
, "ad_dc:local", "localhost")
171 ldbdir
= os
.path
.join(srcdir(), "lib/ldb")
172 # Don't run LDB tests when using system ldb, as we won't have ldbtest installed
173 if os
.path
.exists(os
.path
.join(samba4bindir
, "ldbtest")):
174 plantestsuite("ldb.base", "none", "%s/tests/test-tdb-subunit.sh %s" % (ldbdir
, samba4bindir
))
176 skiptestsuite("ldb.base", "Using system LDB, ldbtest not available")
178 plantestsuite_loadlist("samba4.tests.attr_from_server.python(ad_dc_ntvfs)",
180 [python
, os
.path
.join(DSDB_PYTEST_DIR
, "attr_from_server.py"),
181 '$PREFIX_ABS/ad_dc_ntvfs/private/sam.ldb', '$LOADLIST', '$LISTOPT'])
185 # add tests to this list as they start passing, so we test
186 # that they stay passing
187 ncacn_np_tests
= ["rpc.schannel", "rpc.join", "rpc.lsa", "rpc.dssetup", "rpc.altercontext", "rpc.netlogon", "rpc.netlogon.admin", "rpc.handles", "rpc.samsync", "rpc.samba3-sessionkey", "rpc.samba3-getusername", "rpc.samba3-lsa", "rpc.samba3-bind", "rpc.samba3-netlogon", "rpc.asyncbind", "rpc.lsalookup", "rpc.lsa-getuser", "rpc.schannel2", "rpc.authcontext"]
188 ncalrpc_tests
= ["rpc.schannel", "rpc.join", "rpc.lsa", "rpc.dssetup", "rpc.altercontext", "rpc.netlogon", "rpc.netlogon.admin", "rpc.netlogon.zerologon", "rpc.asyncbind", "rpc.lsalookup", "rpc.lsa-getuser", "rpc.schannel2", "rpc.authcontext"]
189 drs_rpc_tests
= smbtorture4_testsuites("drs.rpc")
190 ncacn_ip_tcp_tests
= ["rpc.schannel", "rpc.join", "rpc.lsa", "rpc.dssetup", "rpc.drsuapi", "rpc.drsuapi_w2k8", "rpc.netlogon", "rpc.netlogon.admin", "rpc.netlogon.zerologon", "rpc.asyncbind", "rpc.lsalookup", "rpc.lsa-getuser", "rpc.schannel2", "rpc.authcontext", "rpc.samr.passwords.validate"] + drs_rpc_tests
191 slow_ncacn_np_tests
= ["rpc.samlogon", "rpc.samr", "rpc.samr.users", "rpc.samr.large-dc", "rpc.samr.users.privileges", "rpc.samr.passwords", "rpc.samr.passwords.pwdlastset", "rpc.samr.passwords.lockout", "rpc.samr.passwords.badpwdcount"]
192 slow_ncacn_ip_tcp_tests
= ["rpc.cracknames"]
194 all_rpc_tests
= ncalrpc_tests
+ ncacn_np_tests
+ ncacn_ip_tcp_tests
+ slow_ncacn_np_tests
+ slow_ncacn_ip_tcp_tests
+ ["rpc.lsa.secrets", "rpc.pac", "rpc.samba3-sharesec", "rpc.countcalls"]
196 # Filter RPC tests that should not run against ad_dc_ntvfs
200 rpc_tests
= [x
for x
in smbtorture4_testsuites("rpc.") if x
not in rpc_s3only
]
201 auto_rpc_tests
= list(filter(lambda t
: t
not in all_rpc_tests
, rpc_tests
))
203 for bindoptions
in ["seal,padcheck"] + validate_list
+ ["bigendian"]:
204 for transport
in ["ncalrpc", "ncacn_np", "ncacn_ip_tcp"]:
205 env
= "ad_dc_default"
207 if transport
== "ncalrpc":
208 tests
= ncalrpc_tests
210 elif transport
== "ncacn_np":
211 tests
= ncacn_np_tests
212 elif transport
== "ncacn_ip_tcp":
213 tests
= ncacn_ip_tcp_tests
215 raise AssertionError("invalid transport %r" % transport
)
217 if t
== "rpc.netlogon":
219 elif t
== "rpc.join":
220 env
= "ad_dc_default_smb1"
221 plansmbtorture4testsuite(t
, env
+ local
, ["%s:$SERVER[%s]" % (transport
, bindoptions
), '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.%s on %s with %s" % (t
, transport
, bindoptions
))
222 plansmbtorture4testsuite('rpc.samba3-sharesec', env
+ local
, ["%s:$SERVER[%s]" % (transport
, bindoptions
), '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', '--option=torture:share=tmp'], "samba4.rpc.samba3.sharesec on %s with %s" % (transport
, bindoptions
))
224 # Plugin S4 DC tests (confirms named pipe auth forwarding). This can be expanded once kerberos is supported in the plugin DC
226 for bindoptions
in ["seal,padcheck"] + validate_list
+ ["bigendian"]:
227 for t
in ncacn_np_tests
:
229 transport
= "ncacn_np"
230 if t
in ["rpc.authcontext", "rpc.join"]:
232 plansmbtorture4testsuite(t
, env
, ["%s:$SERVER[%s]" % (transport
, bindoptions
), '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.%s with %s" % (t
, bindoptions
))
234 for bindoptions
in [""] + validate_list
+ ["bigendian"]:
235 for t
in auto_rpc_tests
:
236 env
= "ad_dc_default"
237 if t
in ["rpc.srvsvc", "rpc.mgmt"]:
239 elif t
== "rpc.join":
240 env
= "ad_dc_default_smb1"
241 plansmbtorture4testsuite(t
, env
, ["$SERVER[%s]" % bindoptions
, '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.%s with %s" % (t
, bindoptions
))
244 plansmbtorture4testsuite(t
, "ad_dc_default:local", ["$SERVER[%s]" % bindoptions
, '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], modname
="samba4.%s" % t
)
246 for transport
in ["ncacn_np", "ncacn_ip_tcp"]:
247 env
= "ad_dc_slowtests"
248 if transport
== "ncacn_np":
249 tests
= slow_ncacn_np_tests
250 elif transport
== "ncacn_ip_tcp":
251 tests
= slow_ncacn_ip_tcp_tests
253 raise AssertionError("Invalid transport %r" % transport
)
256 if t
== 'rpc.cracknames':
258 plansmbtorture4testsuite(t
, env
, ["%s:$SERVER[%s]" % (transport
, bindoptions
), '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.%s on %s with %s" % (t
, transport
, bindoptions
))
260 # Tests for the DFS referral calls implementation
261 for t
in smbtorture4_testsuites("dfs."):
262 plansmbtorture4testsuite(t
, "ad_dc_ntvfs", '//$SERVER/ipc\$ -U$USERNAME%$PASSWORD')
263 plansmbtorture4testsuite(t
, "ad_dc_smb1", '//$SERVER/ipc\$ -U$USERNAME%$PASSWORD')
265 # Tests for the NET API (net.api.become.dc tested below against all the roles)
266 net_tests
= list(filter(lambda x
: "net.api.become.dc" not in x
, smbtorture4_testsuites("net.")))
268 plansmbtorture4testsuite(t
, "ad_dc_default", '$SERVER[%s] -U$USERNAME%%$PASSWORD -W$DOMAIN' % validate
)
270 # Tests for session keys and encryption of RPC pipes
271 # FIXME: Integrate these into a single smbtorture test
273 transport
= "ncacn_np"
274 for env
in ["ad_dc_default", "nt4_dc"]:
276 "-k no --option=clientusespnego=yes",
277 "-k no --option=clientusespnego=yes --option=ntlmssp_client:128bit=no",
278 "-k no --option=clientusespnego=yes --option=ntlmssp_client:56bit=yes",
279 "-k no --option=clientusespnego=yes --option=ntlmssp_client:56bit=no",
280 "-k no --option=clientusespnego=yes --option=ntlmssp_client:128bit=no --option=ntlmssp_client:56bit=yes",
281 "-k no --option=clientusespnego=yes --option=ntlmssp_client:128bit=no --option=ntlmssp_client:56bit=no",
282 "-k no --option=clientusespnego=yes --option=clientntlmv2auth=yes",
283 "-k no --option=clientusespnego=yes --option=clientntlmv2auth=yes --option=ntlmssp_client:128bit=no",
284 "-k no --option=clientusespnego=yes --option=clientntlmv2auth=yes --option=ntlmssp_client:128bit=no --option=ntlmssp_client:56bit=yes",
285 "-k no --option=clientusespnego=no --option=clientntlmv2auth=yes",
286 "-k no --option=gensec:spnego=no --option=clientntlmv2auth=yes",
287 "-k no --option=clientusespnego=no"]:
288 name
= "rpc.lsa.secrets on %s with with %s" % (transport
, ntlmoptions
)
289 plansmbtorture4testsuite('rpc.lsa.secrets', env
, ["%s:$SERVER[]" % (transport
), ntlmoptions
, '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', '--option=gensec:target_hostname=$NETBIOSNAME'], "samba4.%s" % name
)
290 plantestsuite("samba.blackbox.pdbtest(%s)" % env
, "%s:local" % env
, [os
.path
.join(bbdir
, "test_pdbtest.sh"), '$SERVER', "$PREFIX", "pdbtest", smbclient3
, '$SMB_CONF_PATH', configuration
])
292 gpo
= smbtorture4_testsuites("gpo.")
294 plansmbtorture4testsuite(t
, 'ad_dc:local', ['//$SERVER/sysvol', '-U$USERNAME%$PASSWORD'])
296 transports
= ["ncacn_np", "ncacn_ip_tcp"]
298 # Kerberos varies between functional levels, so it is important to check this on all of them
299 for env
in all_fl_envs
:
300 transport
= "ncacn_np"
301 plansmbtorture4testsuite('rpc.pac', env
, ["%s:$SERVER[]" % (transport
, ), '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.rpc.pac on %s" % (transport
,))
302 plansmbtorture4testsuite('rpc.lsa.secrets', env
, ["%s:$SERVER[]" % (transport
, ), '-k', 'yes', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', '--option=gensec:target_hostname=$NETBIOSNAME', 'rpc.lsa.secrets'], "samba4.rpc.lsa.secrets on %s with Kerberos" % (transport
,))
303 plansmbtorture4testsuite('rpc.lsa.secrets', env
, ["%s:$SERVER[]" % (transport
, ), '-k', 'yes', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', "--option=clientusespnegoprincipal=yes", '--option=gensec:target_hostname=$NETBIOSNAME'], "samba4.rpc.lsa.secrets on %s with Kerberos - use target principal" % (transport
,))
304 plansmbtorture4testsuite('rpc.lsa.secrets', env
, ["%s:$SERVER[target_principal=dcom/$NETBIOSNAME]" % (transport
, ), '-k', 'yes', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.rpc.lsa.secrets on %s with Kerberos - netbios name principal dcom" % (transport
,))
305 plansmbtorture4testsuite('rpc.lsa.secrets', env
, ["%s:$SERVER[target_principal=$NETBIOSNAME\$]" % (transport
, ), '-k', 'yes', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.rpc.lsa.secrets on %s with Kerberos - netbios name principal dollar" % (transport
,))
306 plansmbtorture4testsuite('rpc.lsa.secrets', env
, ["%s:$SERVER[target_principal=$NETBIOSNAME]" % (transport
, ), '-k', 'yes', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.rpc.lsa.secrets on %s with Kerberos - netbios name principal" % (transport
,))
307 plansmbtorture4testsuite('rpc.lsa.secrets.none*', env
, ["%s:$SERVER" % transport
, '-k', 'yes', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', "--option=gensec:fake_gssapi_krb5=yes", '--option=gensec:gssapi_krb5=no', '--option=gensec:target_hostname=$NETBIOSNAME'], "samba4.rpc.lsa.secrets on %s with Kerberos - use Samba3 style login" % transport
)
308 plansmbtorture4testsuite('rpc.lsa.secrets.none*', env
, ["%s:$SERVER" % transport
, '-k', 'yes', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', "--option=gensec:fake_gssapi_krb5=yes", '--option=gensec:gssapi_krb5=no', '--option=gensec:target_hostname=$NETBIOSNAME', '--option=gensec_krb5:send_authenticator_checksum=false'], "samba4.rpc.lsa.secrets on %s with Kerberos - use raw-krb5-no-authenticator-checksum style login" % transport
)
309 plansmbtorture4testsuite('rpc.lsa.secrets.none*', env
, ["%s:$SERVER" % transport
, '-k', 'yes', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', "--option=clientusespnegoprincipal=yes", '--option=gensec:fake_gssapi_krb5=yes', '--option=gensec:gssapi_krb5=no', '--option=gensec:target_hostname=$NETBIOSNAME'], "samba4.rpc.lsa.secrets on %s with Kerberos - use Samba3 style login, use target principal" % transport
)
311 # Winreg tests test bulk Kerberos encryption of DCE/RPC
312 # We test rpc.winreg here too, because the winreg interface if
313 # handled by the source3/rpc_server code.
314 for bindoptions
in ["connect", "packet", "krb5", "krb5,packet", "krb5,sign", "krb5,seal", "spnego", "spnego,packet", "spnego,sign", "spnego,seal"]:
315 plansmbtorture4testsuite('rpc.winreg', env
, ["%s:$SERVER[%s]" % (transport
, bindoptions
), '-k', 'yes', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.rpc.winreg on %s with %s" % (transport
, bindoptions
))
317 for transport
in transports
:
318 plansmbtorture4testsuite('rpc.echo', env
, ["%s:$SERVER[]" % (transport
,), '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.rpc.echo on %s" % (transport
, ))
320 # Echo tests test bulk Kerberos encryption of DCE/RPC
321 for bindoptions
in ["connect", "krb5", "krb5,sign", "krb5,seal", "spnego", "spnego,sign", "spnego,seal"] + validate_list
+ ["padcheck", "bigendian", "bigendian,seal"]:
322 echooptions
= "--option=socket:testnonblock=True --option=torture:quick=yes -k yes"
323 plansmbtorture4testsuite('rpc.echo', env
, ["%s:$SERVER[%s]" % (transport
, bindoptions
), echooptions
, '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.rpc.echo on %s with %s and %s" % (transport
, bindoptions
, echooptions
))
325 for env
in ["fl2000dc", "fl2008r2dc"]:
326 plansmbtorture4testsuite("net.api.become.dc", env
, '$SERVER[%s] -U$USERNAME%%$PASSWORD -W$DOMAIN' % validate
)
328 for bindoptions
in ["sign", "seal"]:
329 plansmbtorture4testsuite('rpc.backupkey', "ad_dc_default", ["ncacn_np:$SERVER[%s]" % (bindoptions
), '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.rpc.backupkey with %s" % (bindoptions
))
331 for transport
in transports
:
332 for bindoptions
in ["sign", "seal"]:
334 "--option=ntlmssp_client:ntlm2=yes --option=torture:quick=yes",
335 "--option=ntlmssp_client:ntlm2=no --option=torture:quick=yes",
336 "--option=ntlmssp_client:ntlm2=yes --option=ntlmssp_client:128bit=no --option=torture:quick=yes",
337 "--option=ntlmssp_client:ntlm2=no --option=ntlmssp_client:128bit=no --option=torture:quick=yes",
338 "--option=ntlmssp_client:ntlm2=yes --option=ntlmssp_client:keyexchange=no --option=torture:quick=yes",
339 "--option=ntlmssp_client:ntlm2=no --option=ntlmssp_client:keyexchange=no --option=torture:quick=yes",
340 "--option=clientntlmv2auth=yes --option=ntlmssp_client:keyexchange=no --option=torture:quick=yes",
341 "--option=clientntlmv2auth=yes --option=ntlmssp_client:128bit=no --option=ntlmssp_client:keyexchange=yes --option=torture:quick=yes",
342 "--option=clientntlmv2auth=yes --option=ntlmssp_client:128bit=no --option=ntlmssp_client:keyexchange=no --option=torture:quick=yes"]:
343 if transport
== "ncalrpc":
344 env
= "ad_dc_default:local"
346 env
= "ad_dc_default"
347 plansmbtorture4testsuite('rpc.echo', env
, ["%s:$SERVER[%s]" % (transport
, bindoptions
), ntlmoptions
, '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.rpc.echo on %s with %s and %s" % (transport
, bindoptions
, ntlmoptions
))
349 plansmbtorture4testsuite('rpc.echo', "ad_dc_default", ['ncacn_np:$SERVER[smb2]', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.rpc.echo on ncacn_np over smb2")
350 for env
in ["ad_dc", "nt4_dc"]:
351 plansmbtorture4testsuite('rpc.echo', env
, ['60a15ec5-4de8-11d7-a637-005056a20182@ncacn_np:$SERVER[]', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', '--option=torture:quick=yes'], "samba4.rpc.echo on ncacn_np with object")
352 plansmbtorture4testsuite('rpc.echo', env
, ['60a15ec5-4de8-11d7-a637-005056a20182@ncacn_ip_tcp:$SERVER[]', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', '--option=torture:quick=yes'], "samba4.rpc.echo on ncacn_ip_tcp with object")
354 plansmbtorture4testsuite('ntp.signd', "ad_dc_default:local", ['ncacn_np:$SERVER', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], "samba4.ntp.signd")
356 nbt_tests
= smbtorture4_testsuites("nbt.")
358 plansmbtorture4testsuite(t
, "ad_dc_ntvfs", "//$SERVER/_none_ -U\"$USERNAME%$PASSWORD\"")
360 # Tests against the NTVFS POSIX backend
361 ntvfsargs
= ["--option=torture:sharedelay=100000", "--option=torture:oplocktimeout=3", "--option=torture:writetimeupdatedelay=500000"]
363 # Filter smb2 tests that should not run against ad_dc_ntvfs
365 "smb2.change_notify_disabled",
368 "smb2.kernel-oplocks",
369 "smb2.durable-v2-delay",
374 smb2
= [x
for x
in smbtorture4_testsuites("smb2.") if x
not in smb2_s3only
]
376 # The QFILEINFO-IPC test needs to be on ipc$
377 raw
= list(filter(lambda x
: "raw.qfileinfo.ipc" not in x
, smbtorture4_testsuites("raw.")))
378 base
= smbtorture4_testsuites("base.")
380 netapi
= smbtorture4_testsuites("netapi.")
382 for t
in base
+ raw
+ smb2
+ netapi
:
383 plansmbtorture4testsuite(t
, "ad_dc_ntvfs", ['//$SERVER/tmp', '-U$USERNAME%$PASSWORD'] + ntvfsargs
)
385 libsmbclient
= smbtorture4_testsuites("libsmbclient.")
386 protocols
= [ 'NT1', 'SMB3' ]
387 for t
in libsmbclient
:
388 url
= "smb://$USERNAME:$PASSWORD@$SERVER/tmp"
389 if t
== "libsmbclient.list_shares":
390 url
= "smb://$USERNAME:$PASSWORD@$SERVER"
391 if t
== "libsmbclient.utimes":
394 libsmbclient_testargs
= [
396 '-U$USERNAME%$PASSWORD',
397 "--option=torture:smburl=" + url
,
398 "--option=torture:replace_smbconf="
399 "%s/testdata/samba3/smb_new.conf" % srcdir()
402 for proto
in protocols
:
403 plansmbtorture4testsuite(
405 "nt4_dc" if proto
== "SMB3" else "nt4_dc_smb1_done",
406 libsmbclient_testargs
+
407 [ "--option=torture:clientprotocol=%s" % proto
],
408 "samba4.%s.%s" % (t
, proto
))
410 plansmbtorture4testsuite("raw.qfileinfo.ipc", "ad_dc_ntvfs", '//$SERVER/ipc\$ -U$USERNAME%$PASSWORD')
412 for t
in smbtorture4_testsuites("rap."):
413 plansmbtorture4testsuite(t
, "ad_dc_ntvfs", '//$SERVER/IPC\$ -U$USERNAME%$PASSWORD')
415 # Tests against the NTVFS CIFS backend
417 plansmbtorture4testsuite(t
, "ad_dc_ntvfs", ['//$NETBIOSNAME/cifs', '-U$USERNAME%$PASSWORD', '--kerberos=yes'] + ntvfsargs
, modname
="samba4.ntvfs.cifs.krb5.%s" % t
)
419 # Test NTVFS CIFS backend with S4U2Self and S4U2Proxy
421 plansmbtorture4testsuite(t
, "ad_dc_ntvfs", ['//$NETBIOSNAME/cifs', '-U$USERNAME%$PASSWORD', '--kerberos=no'] + ntvfsargs
, "samba4.ntvfs.cifs.ntlm.%s" % t
)
422 plansmbtorture4testsuite(t
, "rpc_proxy", ['//$NETBIOSNAME/cifs_to_dc', '-U$DC_USERNAME%$DC_PASSWORD', '--kerberos=yes'] + ntvfsargs
, "samba4.ntvfs.cifs.krb5.%s" % t
)
423 plansmbtorture4testsuite(t
, "rpc_proxy", ['//$NETBIOSNAME/cifs_to_dc', '-U$DC_USERNAME%$DC_PASSWORD', '--kerberos=no'] + ntvfsargs
, "samba4.ntvfs.cifs.ntlm.%s" % t
)
425 plansmbtorture4testsuite('echo.udp', 'ad_dc_ntvfs:local', '//$SERVER/whatever')
428 for t
in smbtorture4_testsuites("local."):
429 # The local.resolve test needs a name to look up using real system (not emulated) name routines
430 plansmbtorture4testsuite(t
, "none", "ncalrpc:localhost")
432 # Confirm these tests with the system iconv too
433 for t
in ["local.convert_string_handle", "local.convert_string", "local.ndr"]:
434 options
= "ncalrpc: --option='iconv:use_builtin_handlers=false'"
435 plansmbtorture4testsuite(t
, "none", options
,
436 modname
="samba4.%s.system.iconv" % t
)
438 tdbtorture4
= binpath("tdbtorture")
439 if os
.path
.exists(tdbtorture4
):
440 plantestsuite("tdb.stress", "none", valgrindify(tdbtorture4
))
442 skiptestsuite("tdb.stress", "Using system TDB, tdbtorture not available")
444 plansmbtorture4testsuite("drs.unit", "none", "ncalrpc:")
447 for f
in sorted(os
.listdir(os
.path
.join(samba4srcdir
, "../pidl/tests"))):
448 if f
.endswith(".pl"):
449 planperltestsuite("pidl.%s" % f
[:-3], os
.path
.normpath(os
.path
.join(samba4srcdir
, "../pidl/tests", f
)))
452 plantestsuite_loadlist("samba.tests.dns", "fl2003dc:local", [python
, os
.path
.join(srcdir(), "python/samba/tests/dns.py"), '$SERVER', '$SERVER_IP', '--machine-pass', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
453 plantestsuite_loadlist("samba.tests.dns", "rodc:local", [python
, os
.path
.join(srcdir(), "python/samba/tests/dns.py"), '$SERVER', '$SERVER_IP', '--machine-pass', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
454 plantestsuite_loadlist("samba.tests.dns", "vampire_dc:local", [python
, os
.path
.join(srcdir(), "python/samba/tests/dns.py"), '$SERVER', '$SERVER_IP', '--machine-pass', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
456 plantestsuite_loadlist("samba.tests.dns_aging", "fl2003dc:local",
458 f
"{srcdir()}/python/samba/tests/dns_aging.py",
462 '-U"$USERNAME%$PASSWORD"',
463 '--workgroup=$DOMAIN',
464 '$LOADLIST', '$LISTOPT'])
466 plantestsuite_loadlist("samba.tests.dns_forwarder", "fl2003dc:local", [python
, os
.path
.join(srcdir(), "python/samba/tests/dns_forwarder.py"), '$SERVER', '$SERVER_IP', '$DNS_FORWARDER1', '$DNS_FORWARDER2', '--machine-pass', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
468 plantestsuite_loadlist("samba.tests.dns_tkey", "fl2008r2dc", [python
, os
.path
.join(srcdir(), "python/samba/tests/dns_tkey.py"), '$SERVER', '$SERVER_IP', '--machine-pass', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
469 plantestsuite_loadlist("samba.tests.dns_wildcard", "ad_dc", [python
, os
.path
.join(srcdir(), "python/samba/tests/dns_wildcard.py"), '$SERVER', '$SERVER_IP', '--machine-pass', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
471 plantestsuite_loadlist("samba.tests.dns_invalid", "ad_dc", [python
, os
.path
.join(srcdir(), "python/samba/tests/dns_invalid.py"), '$SERVER_IP', '--machine-pass', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
473 plantestsuite_loadlist("samba.tests.dns_packet",
476 '-msamba.subunit.run',
479 "samba.tests.dns_packet"
482 plantestsuite_loadlist("samba.tests.sddl",
485 '-msamba.subunit.run',
491 for t
in smbtorture4_testsuites("dns_internal."):
492 plansmbtorture4testsuite(t
, "ad_dc_default:local", '//$SERVER/whavever')
495 for t
in smbtorture4_testsuites("dlz_bind9."):
496 # The dlz_bind9 tests needs to look at the DNS database
497 plansmbtorture4testsuite(t
, "chgdcpass:local", ["ncalrpc:$SERVER", '-U$USERNAME%$PASSWORD'])
499 planpythontestsuite("nt4_dc_smb1", "samba.tests.libsmb")
501 planpythontestsuite("ad_member", "samba.tests.smb-notify",
502 environ
={'USERNAME':'$DC_USERNAME',
503 'PASSWORD':'$DC_PASSWORD',
504 'USERNAME_UNPRIV':'alice',
505 'PASSWORD_UNPRIV':'Secret007',
506 'STRICT_CHECKING':'0',
507 'NOTIFY_SHARE':'notify_priv'})
510 # tests that interact directly with the command-line tools rather than using
511 # the API. These mainly test that the various command-line options of commands
514 # smbtorture --fullname parameter test
515 plantestsuite("samba4.blackbox.smbtorture_subunit_names", "none",
517 os
.path
.join(bbdir
, "test_smbtorture_test_names.sh"),
521 for env
in ["ad_member", "s4member", "ad_dc_ntvfs", "chgdcpass"]:
522 plantestsuite("samba4.blackbox.smbclient(%s:local)" % env
, "%s:local" % env
, [os
.path
.join(samba4srcdir
, "utils/tests/test_smbclient.sh"), '$SERVER', '$SERVER_IP', '$USERNAME', '$PASSWORD', '$DOMAIN', smbclient4
])
524 plantestsuite("samba4.blackbox.samba_tool(ad_dc_default:local)", "ad_dc_default:local", [os
.path
.join(samba4srcdir
, "utils/tests/test_samba_tool.sh"), '$SERVER', '$SERVER_IP', '$USERNAME', '$PASSWORD', '$DOMAIN', smbclient3
])
525 plantestsuite("samba4.blackbox.net_rpc_user(ad_dc)", "ad_dc", [os
.path
.join(bbdir
, "test_net_rpc_user.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$DOMAIN'])
527 plantestsuite("samba4.blackbox.test_primary_group", "ad_dc:local", [os
.path
.join(bbdir
, "test_primary_group.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$DOMAIN', '$PREFIX_ABS'])
529 plantestsuite("samba4.blackbox.test_old_enctypes", "fl2003dc:local", [os
.path
.join(bbdir
, "test_old_enctypes.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$NETBIOSNAME', '$PREFIX_ABS'])
531 if have_heimdal_support
:
532 for env
in ["ad_dc_ntvfs", "ad_dc"]:
533 plantestsuite("samba4.blackbox.pkinit", "%s:local" % env
, [os
.path
.join(bbdir
, "test_pkinit_heimdal.sh"), '$SERVER', 'pkinit', '$PASSWORD', '$REALM', '$DOMAIN', '$PREFIX/%s' % env
, "aes256-cts-hmac-sha1-96", smbclient3
, configuration
])
534 plantestsuite("samba4.blackbox.pkinit_pac", "%s:local" % env
, [os
.path
.join(bbdir
, "test_pkinit_pac_heimdal.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$PREFIX/%s' % env
, "aes256-cts-hmac-sha1-96", configuration
])
535 plantestsuite("samba4.blackbox.kinit", "ad_dc_ntvfs:local", [os
.path
.join(bbdir
, "test_kinit_heimdal.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$PREFIX', "aes256-cts-hmac-sha1-96", smbclient4
, configuration
])
536 plantestsuite("samba4.blackbox.kinit", "fl2000dc:local", [os
.path
.join(bbdir
, "test_kinit_heimdal.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$PREFIX', "arcfour-hmac-md5", smbclient3
, configuration
])
537 plantestsuite("samba4.blackbox.kinit", "fl2008r2dc:local", [os
.path
.join(bbdir
, "test_kinit_heimdal.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$PREFIX', "aes256-cts-hmac-sha1-96", smbclient3
, configuration
])
538 plantestsuite("samba4.blackbox.kinit_trust", "fl2008r2dc:local", [os
.path
.join(bbdir
, "test_kinit_trusts_heimdal.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_SERVER', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$PREFIX', "forest", "aes256-cts-hmac-sha1-96"])
539 plantestsuite("samba4.blackbox.kinit_trust", "fl2003dc:local", [os
.path
.join(bbdir
, "test_kinit_trusts_heimdal.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_SERVER', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$PREFIX', "external", "arcfour-hmac-md5"])
540 plantestsuite("samba4.blackbox.kinit_trust", "fl2000dc:local", [os
.path
.join(bbdir
, "test_kinit_trusts_heimdal.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_SERVER', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$PREFIX', "external", "arcfour-hmac-md5"])
541 plantestsuite("samba4.blackbox.export.keytab", "ad_dc_ntvfs:local", [os
.path
.join(bbdir
, "test_export_keytab_heimdal.sh"), '$SERVER', '$USERNAME', '$REALM', '$DOMAIN', "$PREFIX", smbclient4
])
542 plantestsuite("samba4.blackbox.kpasswd", "ad_dc_ntvfs:local", [os
.path
.join(bbdir
, "test_kpasswd_heimdal.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', "$PREFIX/ad_dc_ntvfs"])
543 plantestsuite("samba4.blackbox.krb5.s4u", "fl2008r2dc:local", [os
.path
.join(bbdir
, "test_s4u_heimdal.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_SERVER', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$PREFIX', configuration
])
545 plantestsuite("samba4.blackbox.kinit", "ad_dc_ntvfs:local", [os
.path
.join(bbdir
, "test_kinit_mit.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$PREFIX', smbclient4
, configuration
])
546 plantestsuite("samba4.blackbox.kinit", "fl2000dc:local", [os
.path
.join(bbdir
, "test_kinit_mit.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$PREFIX', smbclient3
, configuration
])
547 plantestsuite("samba4.blackbox.kinit", "fl2008r2dc:local", [os
.path
.join(bbdir
, "test_kinit_mit.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$PREFIX', smbclient3
, configuration
])
548 plantestsuite("samba4.blackbox.kinit_trust", "fl2008r2dc:local", [os
.path
.join(bbdir
, "test_kinit_trusts_mit.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_SERVER', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$PREFIX', "forest"])
549 plantestsuite("samba4.blackbox.kinit_trust", "fl2003dc:local", [os
.path
.join(bbdir
, "test_kinit_trusts_mit.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_SERVER', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$PREFIX', "external"])
550 plantestsuite("samba4.blackbox.kinit_trust", "fl2000dc:local", [os
.path
.join(bbdir
, "test_kinit_trusts_mit.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_SERVER', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$PREFIX', "external"])
551 plantestsuite("samba4.blackbox.export.keytab", "ad_dc_ntvfs:local", [os
.path
.join(bbdir
, "test_export_keytab_mit.sh"), '$SERVER', '$USERNAME', '$REALM', '$DOMAIN', "$PREFIX", smbclient4
])
552 plantestsuite("samba4.blackbox.kpasswd", "ad_dc_ntvfs:local", [os
.path
.join(bbdir
, "test_kpasswd_mit.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', "$PREFIX/ad_dc_ntvfs"])
554 plantestsuite("samba.blackbox.client_kerberos", "ad_dc", [os
.path
.join(bbdir
, "test_client_kerberos.sh"), '$DOMAIN', '$REALM', '$USERNAME', '$PASSWORD', '$SERVER', '$PREFIX_ABS', '$SMB_CONF_PATH'])
556 plantestsuite("samba4.blackbox.trust_ntlm", "fl2008r2dc:local", [os
.path
.join(bbdir
, "test_trust_ntlm.sh"), '$SERVER_IP', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', 'forest', 'auto', 'NT_STATUS_LOGON_FAILURE'])
557 plantestsuite("samba4.blackbox.trust_ntlm", "fl2003dc:local", [os
.path
.join(bbdir
, "test_trust_ntlm.sh"), '$SERVER_IP', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', 'external', 'auto', 'NT_STATUS_LOGON_FAILURE'])
558 plantestsuite("samba4.blackbox.trust_ntlm", "fl2000dc:local", [os
.path
.join(bbdir
, "test_trust_ntlm.sh"), '$SERVER_IP', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', 'external', 'auto', 'NT_STATUS_LOGON_FAILURE'])
559 plantestsuite("samba4.blackbox.trust_ntlm", "ad_member:local", [os
.path
.join(bbdir
, "test_trust_ntlm.sh"), '$SERVER_IP', '$USERNAME', '$PASSWORD', '$SERVER', '$SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$REALM', '$DOMAIN', 'member', 'auto', 'NT_STATUS_LOGON_FAILURE'])
560 plantestsuite("samba4.blackbox.trust_ntlm", "nt4_member:local", [os
.path
.join(bbdir
, "test_trust_ntlm.sh"), '$SERVER_IP', '$USERNAME', '$PASSWORD', '$SERVER', '$SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$DOMAIN', '$DOMAIN', 'member', 'auto', 'NT_STATUS_LOGON_FAILURE'])
562 plantestsuite("samba4.blackbox.trust_utils(fl2008r2dc:local)", "fl2008r2dc:local", [os
.path
.join(bbdir
, "test_trust_utils.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_SERVER', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$PREFIX', "forest"])
563 plantestsuite("samba4.blackbox.trust_utils(fl2003dc:local)", "fl2003dc:local", [os
.path
.join(bbdir
, "test_trust_utils.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_SERVER', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$PREFIX', "external"])
564 plantestsuite("samba4.blackbox.trust_utils(fl2000dc:local)", "fl2000dc:local", [os
.path
.join(bbdir
, "test_trust_utils.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$TRUST_SERVER', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$PREFIX', "external"])
565 plantestsuite("samba4.blackbox.trust_token", "fl2008r2dc", [os
.path
.join(bbdir
, "test_trust_token.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$DOMSID', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$TRUST_DOMSID', 'forest'])
566 plantestsuite("samba4.blackbox.trust_token", "fl2003dc", [os
.path
.join(bbdir
, "test_trust_token.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$DOMSID', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$TRUST_DOMSID', 'external'])
567 plantestsuite("samba4.blackbox.trust_token", "fl2000dc", [os
.path
.join(bbdir
, "test_trust_token.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', '$DOMSID', '$TRUST_USERNAME', '$TRUST_PASSWORD', '$TRUST_REALM', '$TRUST_DOMAIN', '$TRUST_DOMSID', 'external'])
568 plantestsuite("samba4.blackbox.ktpass(ad_dc_ntvfs)", "ad_dc_ntvfs", [os
.path
.join(bbdir
, "test_ktpass.sh"), '$PREFIX/ad_dc_ntvfs'])
569 plantestsuite("samba4.blackbox.password_settings(ad_dc_ntvfs:local)", "ad_dc_ntvfs:local", [os
.path
.join(bbdir
, "test_password_settings.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', "$PREFIX/ad_dc_ntvfs"])
570 plantestsuite("samba4.blackbox.trust_user_account", "fl2008r2dc:local", [os
.path
.join(bbdir
, "test_trust_user_account.sh"), '$PREFIX', '$REALM', '$DOMAIN', '$TRUST_REALM', '$TRUST_DOMAIN'])
571 plantestsuite("samba4.blackbox.cifsdd(ad_dc_ntvfs)", "ad_dc_ntvfs", [os
.path
.join(samba4srcdir
, "client/tests/test_cifsdd.sh"), '$SERVER', '$USERNAME', '$PASSWORD', "$DOMAIN"])
572 plantestsuite("samba4.blackbox.nmblookup(ad_dc_ntvfs)", "ad_dc_ntvfs", [os
.path
.join(samba4srcdir
, "utils/tests/test_nmblookup.sh"), '$NETBIOSNAME', '$NETBIOSALIAS', '$SERVER', '$SERVER_IP', nmblookup4
])
573 plantestsuite("samba4.blackbox.locktest(ad_dc_ntvfs)", "ad_dc_ntvfs", [os
.path
.join(samba4srcdir
, "torture/tests/test_locktest.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$DOMAIN', '$PREFIX'])
574 plantestsuite("samba4.blackbox.masktest", "ad_dc_ntvfs", [os
.path
.join(samba4srcdir
, "torture/tests/test_masktest.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$DOMAIN', '$PREFIX'])
575 plantestsuite("samba4.blackbox.gentest(ad_dc_ntvfs)", "ad_dc_ntvfs", [os
.path
.join(samba4srcdir
, "torture/tests/test_gentest.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$DOMAIN', "$PREFIX"])
576 plantestsuite("samba4.blackbox.rfc2307_mapping(ad_dc_ntvfs:local)", "ad_dc_ntvfs:local", [os
.path
.join(samba4srcdir
, "../nsswitch/tests/test_rfc2307_mapping.sh"), '$DOMAIN', '$USERNAME', '$PASSWORD', "$SERVER", "$UID_RFC2307TEST", "$GID_RFC2307TEST", configuration
])
577 plantestsuite("samba4.blackbox.chgdcpass", "chgdcpass", [os
.path
.join(bbdir
, "test_chgdcpass.sh"), '$SERVER', "CHGDCPASS\$", '$REALM', '$DOMAIN', '$PREFIX/chgdcpass', "aes256-cts-hmac-sha1-96", '$PREFIX/chgdcpass', smbclient3
])
578 plantestsuite("samba4.blackbox.samba_upgradedns(chgdcpass:local)", "chgdcpass:local", [os
.path
.join(bbdir
, "test_samba_upgradedns.sh"), '$SERVER', '$REALM', '$PREFIX', '$SELFTEST_PREFIX/chgdcpass'])
579 plantestsuite("samba4.blackbox.net_ads", "ad_dc:client", [os
.path
.join(bbdir
, "test_net_ads.sh"), '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$PREFIX_ABS'])
580 plantestsuite("samba4.blackbox.net_offlinejoin", "ad_dc:client", [os
.path
.join(bbdir
, "test_net_offline.sh"), '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$PREFIX_ABS'])
581 plantestsuite("samba4.blackbox.client_etypes_all(ad_dc:client)", "ad_dc:client", [os
.path
.join(bbdir
, "test_client_etypes.sh"), '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$PREFIX_ABS', 'all', '17_18_23'])
582 plantestsuite("samba4.blackbox.client_etypes_legacy(ad_dc:client)", "ad_dc:client", [os
.path
.join(bbdir
, "test_client_etypes.sh"), '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$PREFIX_ABS', 'legacy', '23'])
583 plantestsuite("samba4.blackbox.client_etypes_strong(ad_dc:client)", "ad_dc:client", [os
.path
.join(bbdir
, "test_client_etypes.sh"), '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$PREFIX_ABS', 'strong', '17_18'])
584 plantestsuite("samba4.blackbox.net_ads_dns(ad_member:local)", "ad_member:local", [os
.path
.join(bbdir
, "test_net_ads_dns.sh"), '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$REALM', '$USERNAME', '$PASSWORD'])
585 plantestsuite("samba4.blackbox.net_ads_dns_async(ad_member:local)",
588 "test_net_ads_dns_async.sh"),
591 plantestsuite("samba4.blackbox.samba-tool_ntacl(ad_member:local)", "ad_member:local", [os
.path
.join(bbdir
, "test_samba-tool_ntacl.sh"), '$PREFIX', '$DOMSID'])
593 if have_gnutls_fips_mode_support
:
594 plantestsuite("samba4.blackbox.weak_crypto.client", "ad_dc", [os
.path
.join(bbdir
, "test_weak_crypto.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', "$PREFIX/ad_dc"])
596 for env
in ["ad_dc_fips", "ad_member_fips"]:
597 plantestsuite("samba4.blackbox.weak_crypto.server", env
, [os
.path
.join(bbdir
, "test_weak_crypto_server.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$REALM', '$DOMAIN', "$PREFIX/ad_dc_fips", configuration
])
598 plantestsuite("samba4.blackbox.net_ads_fips", "ad_dc_fips:client", [os
.path
.join(bbdir
, "test_net_ads_fips.sh"), '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$PREFIX_ABS'])
600 t
= "--krb5auth=$DOMAIN/$DC_USERNAME%$DC_PASSWORD"
601 plantestsuite("samba3.wbinfo_simple.fips.%s" % t
, "ad_member_fips:local", [os
.path
.join(srcdir(), "nsswitch/tests/test_wbinfo_simple.sh"), t
])
602 plantestsuite("samba4.wbinfo_name_lookup.fips", "ad_member_fips", [os
.path
.join(srcdir(), "nsswitch/tests/test_wbinfo_name_lookup.sh"), '$DOMAIN', '$REALM', '$DC_USERNAME'])
604 plansmbtorture4testsuite('rpc.echo', "ad_dc_ntvfs", ['ncacn_np:$NETBIOSALIAS', '-U$DOMAIN/$USERNAME%$PASSWORD'], "samba4.rpc.echo against NetBIOS alias")
606 # Test wbinfo trust auth
607 for env
in ["ad_member_oneway:local", "fl2000dc:local", "fl2003dc:local", "fl2008r2dc:local"]:
608 for t
in ["--krb5auth=$TRUST_REALM/$TRUST_USERNAME%$TRUST_PASSWORD",
609 "--krb5auth=$TRUST_DOMAIN/$TRUST_USERNAME%$TRUST_PASSWORD",
610 "--authenticate=$TRUST_REALM/$TRUST_USERNAME%$TRUST_PASSWORD",
611 "--authenticate=$TRUST_DOMAIN/$TRUST_USERNAME%$TRUST_PASSWORD"]:
612 plantestsuite("samba3.wbinfo_simple.trust:%s" % t
, env
, [os
.path
.join(srcdir(), "nsswitch/tests/test_wbinfo_simple.sh"), t
])
614 # json tests hook into ``chgdcpass'' to make them run in contributor CI on
616 planpythontestsuite("chgdcpass", "samba.tests.blackbox.netads_json")
618 # Tests using the "Simple" NTVFS backend
619 for t
in ["base.rw1"]:
620 plansmbtorture4testsuite(t
, "ad_dc_ntvfs", ["//$SERVER/simple", '-U$USERNAME%$PASSWORD'], modname
="samba4.ntvfs.simple.%s" % t
)
622 # Domain S4member Tests
623 plansmbtorture4testsuite('rpc.echo', "s4member", ['ncacn_np:$NETBIOSNAME', '-U$NETBIOSNAME/$USERNAME%$PASSWORD'], "samba4.rpc.echo against s4member server with local creds")
624 plansmbtorture4testsuite('rpc.echo', "s4member", ['ncacn_np:$NETBIOSNAME', '-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'], "samba4.rpc.echo against s4member server with domain creds")
625 plansmbtorture4testsuite('rpc.samr', "s4member", ['ncacn_np:$NETBIOSNAME', '-U$NETBIOSNAME/$USERNAME%$PASSWORD'], "samba4.rpc.samr against s4member server with local creds")
626 plansmbtorture4testsuite('rpc.samr.users', "s4member", ['ncacn_np:$NETBIOSNAME', '-U$NETBIOSNAME/$USERNAME%$PASSWORD'], "samba4.rpc.samr.users against s4member server with local creds",)
627 plansmbtorture4testsuite('rpc.samr.passwords', "s4member", ['ncacn_np:$NETBIOSNAME', '-U$NETBIOSNAME/$USERNAME%$PASSWORD'], "samba4.rpc.samr.passwords against s4member server with local creds")
628 plantestsuite("samba4.blackbox.smbclient against s4member server with local creds", "s4member", [os
.path
.join(samba4srcdir
, "client/tests/test_smbclient.sh"), '$NETBIOSNAME', '$USERNAME', '$PASSWORD', '$NETBIOSNAME', '$PREFIX', smbclient4
])
631 plansmbtorture4testsuite("rpc.echo", "rpc_proxy", ['ncacn_ip_tcp:$NETBIOSNAME', '-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'], modname
="samba4.rpc.echo against rpc proxy with domain creds")
636 "-k no --option=clientusespnego=no",
637 "-k no --option=gensec:spengo=no",
639 "-k yes --option=gensec:fake_gssapi_krb5=yes --option=gensec:gssapi_krb5=no"]:
640 for signing
in ["--option=clientsigning=desired", "--option=clientsigning=required"]:
641 signoptions
= "%s %s" % (mech
, signing
)
642 name
= "smb.signing on with %s" % signoptions
643 plansmbtorture4testsuite('base.xcopy', "ad_dc_ntvfs", ['//$NETBIOSNAME/xcopy_share', signoptions
, '-U$USERNAME%$PASSWORD'], modname
="samba4.%s" % name
)
647 "-k no --option=clientusespnego=no",
648 "-k no --option=gensec:spengo=no",
650 signoptions
= "%s --client-protection=off" % mech
651 name
= "smb.signing disabled on with %s" % signoptions
652 plansmbtorture4testsuite('base.xcopy', "s4member", ['//$NETBIOSNAME/xcopy_share', signoptions
, '-U$DC_USERNAME%$DC_PASSWORD'], "samba4.%s domain-creds" % name
)
653 plansmbtorture4testsuite('base.xcopy', "ad_member", ['//$NETBIOSNAME/xcopy_share', signoptions
, '-U$DC_USERNAME%$DC_PASSWORD'], "samba4.%s domain-creds" % name
)
654 plansmbtorture4testsuite('base.xcopy', "ad_dc", ['//$NETBIOSNAME/xcopy_share', signoptions
, '-U$USERNAME%$PASSWORD'], "samba4.%s" % name
)
655 plansmbtorture4testsuite('base.xcopy', "ad_dc",
656 ['//$NETBIOSNAME/xcopy_share', signoptions
, '-U$DC_USERNAME%$DC_PASSWORD'], "samba4.%s administrator" % name
)
658 plantestsuite("samba4.blackbox.bogusdomain", "ad_member", ["testprogs/blackbox/bogus.sh", "$NETBIOSNAME", "xcopy_share", '$USERNAME', '$PASSWORD', '$DC_USERNAME', '$DC_PASSWORD', smbclient3
])
661 "-k no --option=clientusespnego=no",
662 "-k no --option=gensec:spengo=no"]:
663 signoptions
= "%s --client-protection=off" % mech
664 plansmbtorture4testsuite('base.xcopy', "s4member", ['//$NETBIOSNAME/xcopy_share', signoptions
, '-U$NETBIOSNAME/$USERNAME%$PASSWORD'], modname
="samba4.smb.signing on with %s local-creds" % signoptions
)
666 plansmbtorture4testsuite('base.xcopy', "ad_dc_ntvfs", ['//$NETBIOSNAME/xcopy_share', '-k', 'no', '--option=clientsigning=desired', '-U%'], modname
="samba4.smb.signing --option=clientsigning=desired anon")
667 plansmbtorture4testsuite('base.xcopy', "ad_dc_ntvfs", ['//$NETBIOSNAME/xcopy_share', '-k', 'no', '--option=clientsigning=required', '-U%'], modname
="samba4.smb.signing --option=clientsigning=required anon")
668 plansmbtorture4testsuite('base.xcopy', "s4member", ['//$NETBIOSNAME/xcopy_share', '-k', 'no', '--option=clientsigning=disabled', '-U%'], modname
="samba4.smb.signing --option=clientsigning=disabled anon")
670 # Test SPNEGO without issuing an optimistic token
671 opt
='--option=spnego:client_no_optimistic=yes'
672 plansmbtorture4testsuite('base.xcopy', "ad_dc_smb1", ['//$NETBIOSNAME/xcopy_share', '-U$USERNAME%$PASSWORD', opt
, '-k', 'no'], modname
="samba4.smb.spnego.ntlmssp.no_optimistic")
673 plansmbtorture4testsuite('base.xcopy', "ad_dc_smb1", ['//$NETBIOSNAME/xcopy_share', '-U$USERNAME%$PASSWORD', opt
, '-k', 'yes'], modname
="samba4.smb.spnego.krb5.no_optimistic")
675 wb_opts_default
= ["--option=\"torture:strict mode=no\"", "--option=\"torture:timelimit=1\"", "--option=\"torture:winbindd_separator=/\"", "--option=\"torture:winbindd_netbios_name=$SERVER\"", "--option=\"torture:winbindd_netbios_domain=$DOMAIN\""]
677 winbind_ad_client_tests
= smbtorture4_testsuites("winbind.struct") + smbtorture4_testsuites("winbind.pac")
678 winbind_wbclient_tests
= smbtorture4_testsuites("winbind.wbclient")
679 for env
in ["ad_dc", "s4member", "ad_member", "nt4_member"]:
680 wb_opts
= wb_opts_default
[:]
681 if env
in ["ad_member"]:
682 wb_opts
+= ["--option=\"torture:winbindd_domain_without_prefix=$DOMAIN\""]
683 for t
in winbind_ad_client_tests
:
684 plansmbtorture4testsuite(t
, "%s:local" % env
, wb_opts
+ ['//$SERVER/tmp', '--realm=$REALM', '--machine-pass', '--option=torture:addc=$DC_SERVER'])
686 for env
in ["nt4_dc", "fl2003dc"]:
687 for t
in winbind_wbclient_tests
:
688 plansmbtorture4testsuite(t
, "%s:local" % env
, '//$SERVER/tmp -U$DC_USERNAME%$DC_PASSWORD')
690 for env
in ["nt4_dc", "nt4_member", "ad_dc", "ad_member", "s4member", "chgdcpass", "rodc"]:
691 tests
= ["--ping", "--separator",
695 "--domain-info=BUILTIN",
696 "--domain-info=$DOMAIN",
698 "--online-status --domain=BUILTIN",
699 "--online-status --domain=$DOMAIN",
700 "--check-secret --domain=$DOMAIN",
701 "--change-secret --domain=$DOMAIN",
702 "--check-secret --domain=$DOMAIN",
703 "--online-status --domain=$DOMAIN",
706 "--name-to-sid=$DC_USERNAME",
707 "--name-to-sid=$DOMAIN/$DC_USERNAME",
708 "--user-info=$DOMAIN/$DC_USERNAME",
709 "--user-groups=$DOMAIN/$DC_USERNAME",
710 "--authenticate=$DOMAIN/$DC_USERNAME%$DC_PASSWORD",
715 plantestsuite("samba.wbinfo_simple.%s" % (t
.replace(" --", ".").replace("--", "")), "%s:local" % env
, [os
.path
.join(srcdir(), "nsswitch/tests/test_wbinfo_simple.sh"), t
])
718 "samba.wbinfo_sids2xids.(%s:local)" % env
, "%s:local" % env
,
719 [os
.path
.join(samba3srcdir
, "script/tests/test_wbinfo_sids2xids.sh")])
721 planpythontestsuite(env
+ ":local", "samba.tests.ntlm_auth")
723 for env
in ["ktest"]:
724 planpythontestsuite(env
+ ":local", "samba.tests.ntlm_auth_krb5")
726 for env
in ["s4member_dflt_domain", "s4member"]:
727 for cmd
in ["id", "getent"]:
728 users
= ["$DC_USERNAME", "$DC_USERNAME@$REALM"]
729 if env
== "s4member":
730 users
= ["$DOMAIN/$DC_USERNAME", "$DC_USERNAME@$REALM"]
732 plantestsuite("samba4.winbind.dom_name_parse.cmd", env
, "%s/dom_parse.sh %s %s" % (bbdir
, cmd
, usr
))
734 nsstest4
= binpath("nsstest")
735 for env
in ["ad_dc:local", "s4member:local", "nt4_dc:local", "ad_member:local", "nt4_member:local"]:
736 if os
.path
.exists(nsstest4
):
737 plantestsuite("samba.nss.test using winbind(%s)" % env
, env
, [os
.path
.join(bbdir
, "nsstest.sh"), nsstest4
, os
.path
.join(samba4bindir
, "shared/libnss_wrapper_winbind.so.2")])
739 skiptestsuite("samba.nss.test using winbind(%s)" % env
, "nsstest not available")
741 subunitrun
= valgrindify(python
) + " " + os
.path
.join(samba4srcdir
, "scripting/bin/subunitrun")
744 def planoldpythontestsuite(env
, module
, name
=None, extra_path
=[], environ
={}, extra_args
=[]):
745 environ
= dict(environ
)
746 py_path
= list(extra_path
)
748 environ
["PYTHONPATH"] = ":".join(["$PYTHONPATH"] + py_path
)
749 args
= ["%s=%s" % item
for item
in environ
.items()]
750 args
+= [subunitrun
, "$LISTOPT", "$LOADLIST", module
]
754 plantestsuite_loadlist(name
, env
, args
)
756 if have_gnutls_fips_mode_support
:
757 planoldpythontestsuite("ad_dc", "samba.tests.dcerpc.createtrustrelax", environ
={'GNUTLS_FORCE_FIPS_MODE':'1'})
758 planoldpythontestsuite("ad_dc_fips", "samba.tests.dcerpc.createtrustrelax", environ
={'GNUTLS_FORCE_FIPS_MODE':'1'})
760 # Run complex search expressions test once for each database backend.
761 # Right now ad_dc has mdb and ad_dc_ntvfs has tdb
762 mdb_testenv
= "ad_dc"
763 tdb_testenv
= "ad_dc_ntvfs"
764 for testenv
in [mdb_testenv
, tdb_testenv
]:
765 planoldpythontestsuite(testenv
, "samba.tests.complex_expressions", extra_args
=['-U"$USERNAME%$PASSWORD"'])
767 planoldpythontestsuite("ad_dc_default:local", "samba.tests.gensec", extra_args
=['-U"$USERNAME%$PASSWORD"'])
768 planoldpythontestsuite("none", "simple", extra_path
=["%s/lib/tdb/python/tests" % srcdir()], name
="tdb.python")
769 planpythontestsuite("ad_dc_default:local", "samba.tests.dcerpc.sam")
770 planpythontestsuite("ad_dc_default:local", "samba.tests.dsdb")
771 planpythontestsuite("none", "samba.tests.dsdb_lock")
772 planpythontestsuite("ad_dc_default:local", "samba.tests.dcerpc.bare")
773 planpythontestsuite("ad_dc_default:local", "samba.tests.dcerpc.lsa")
774 planpythontestsuite("ad_dc_default:local", "samba.tests.dcerpc.unix")
775 planpythontestsuite("ad_dc_ntvfs:local", "samba.tests.dcerpc.srvsvc")
776 planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.timecmd")
777 planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.join")
778 planpythontestsuite("ad_dc_default",
779 "samba.tests.samba_tool.join_lmdb_size")
780 planpythontestsuite("ad_dc_default",
781 "samba.tests.samba_tool.drs_clone_dc_data_lmdb_size")
782 planpythontestsuite("ad_dc_default",
783 "samba.tests.samba_tool.promote_dc_lmdb_size")
785 planpythontestsuite("none", "samba.tests.samba_tool.visualize")
789 for env
in all_fl_envs
:
790 planpythontestsuite(env
+ ":local", "samba.tests.samba_tool.fsmo")
792 # test samba-tool user, group, contact and computer edit command
793 for env
in all_fl_envs
:
795 plantestsuite("samba.tests.samba_tool.user_edit", env
, [os
.path
.join(srcdir(), "python/samba/tests/samba_tool/user_edit.sh"), '$SERVER', '$USERNAME', '$PASSWORD'])
796 plantestsuite("samba.tests.samba_tool.group_edit", env
, [os
.path
.join(srcdir(), "python/samba/tests/samba_tool/group_edit.sh"), '$SERVER', '$USERNAME', '$PASSWORD'])
797 plantestsuite("samba.tests.samba_tool.contact_edit", env
, [os
.path
.join(srcdir(), "python/samba/tests/samba_tool/contact_edit.sh"), '$SERVER', '$USERNAME', '$PASSWORD'])
798 plantestsuite("samba.tests.samba_tool.computer_edit", env
, [os
.path
.join(srcdir(), "python/samba/tests/samba_tool/computer_edit.sh"), '$SERVER', '$USERNAME', '$PASSWORD'])
800 # We run this test against both AD DC implementations because it is
801 # the only test we have of GPO get/set behaviour, and this involves
802 # the file server as well as the LDAP server.
803 # It's also a good sanity-check that sysvol backup worked correctly.
804 for env
in ["ad_dc_ntvfs", "ad_dc", "offlinebackupdc", "renamedc",
805 smbv1_disabled_testenv
]:
806 planpythontestsuite(env
+ ":local", "samba.tests.samba_tool.gpo")
807 for env
in ["ad_dc_ntvfs", "ad_dc"]:
808 planpythontestsuite(env
+ ":local", "samba.tests.samba_tool.gpo_exts")
810 planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.processes")
811 planpythontestsuite("ad_dc_ntvfs:local", "samba.tests.samba_tool.user")
812 planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.user_wdigest")
813 planpythontestsuite("ad_dc:local", "samba.tests.samba_tool.user")
814 planpythontestsuite("ad_dc:local", "samba.tests.samba_tool.user_virtualCryptSHA_userPassword")
815 planpythontestsuite("ad_dc:local", "samba.tests.samba_tool.user_virtualCryptSHA_gpg")
816 planpythontestsuite("chgdcpass:local", "samba.tests.samba_tool.user_check_password_script")
817 planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.group")
818 planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.ou")
819 planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.computer")
820 planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.contact")
821 planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.forest")
822 planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.schema")
823 planpythontestsuite("schema_dc:local", "samba.tests.samba_tool.schema")
824 planpythontestsuite("ad_dc:local", "samba.tests.samba_tool.ntacl")
825 planpythontestsuite("none", "samba.tests.samba_tool.provision_password_check")
826 planpythontestsuite("none", "samba.tests.samba_tool.provision_lmdb_size")
827 planpythontestsuite("none", "samba.tests.samba_tool.provision_userPassword_crypt")
828 planpythontestsuite("none", "samba.tests.samba_tool.help")
829 # Make sure samba-tool can execute without import failures when run
830 # without the ad-dc built. The fileserver test environment runs against
831 # the samba-h5l-build autobuild. This build was chosen because it's
832 # configured with --without-ad-dc and does not disable ads, which is
833 # required to run some samba-tool commands.
834 planpythontestsuite("fileserver", "samba.tests.samba_tool.help")
836 planpythontestsuite("ad_dc_default:local", "samba.tests.samba_tool.passwordsettings")
837 planpythontestsuite("ad_dc:local", "samba.tests.samba_tool.dsacl")
839 planpythontestsuite("none", "samba.tests.samba_upgradedns_lmdb")
841 # Run these against chgdcpass to share the runtime load
842 planpythontestsuite("chgdcpass:local", "samba.tests.samba_tool.sites")
843 planpythontestsuite("chgdcpass:local", "samba.tests.samba_tool.dnscmd")
845 # Run this against chgdcpass to ensure at least one python3 test
846 # against this autobuild target (samba-ad-dc-2)
847 planpythontestsuite("chgdcpass:local", "samba.tests.dcerpc.rpcecho")
849 planoldpythontestsuite("nt4_dc", "samba.tests.netbios", extra_args
=['-U"$USERNAME%$PASSWORD"'])
850 planoldpythontestsuite("ad_dc:local", "samba.tests.gpo", extra_args
=['-U"$USERNAME%$PASSWORD"'])
851 planoldpythontestsuite("ad_member", "samba.tests.gpo_member", extra_args
=['-U"$USERNAME%$PASSWORD"'])
852 planoldpythontestsuite("ad_dc:local", "samba.tests.dckeytab", extra_args
=['-U"$USERNAME%$PASSWORD"'])
854 # Run the import test in environments that may not have the ad-dc built
855 for env
in ['fileserver_smb1', 'nt4_member', 'clusteredmember', 'ktest', 'nt4_dc', 'nt4_dc_smb1_done', 'nt4_dc_smb1', 'simpleserver', 'fileserver_smb1_done', 'fileserver', 'maptoguest', 'nt4_dc_schannel']:
856 planoldpythontestsuite(env
, "samba.tests.imports")
858 have_fast_support
= int('SAMBA_USES_MITKDC' in config_hash
)
859 tkt_sig_support
= int('SAMBA4_USES_HEIMDAL' in config_hash
)
860 planoldpythontestsuite("none", "samba.tests.krb5.kcrypto")
861 planoldpythontestsuite("ad_dc_default", "samba.tests.krb5.simple_tests",
862 environ
={'SERVICE_USERNAME':'$SERVER',
863 'FAST_SUPPORT': have_fast_support
,
864 'TKT_SIG_SUPPORT': tkt_sig_support
})
865 planoldpythontestsuite("ad_dc_default:local", "samba.tests.krb5.s4u_tests",
866 environ
={'ADMIN_USERNAME':'$USERNAME',
867 'ADMIN_PASSWORD':'$PASSWORD',
868 'FOR_USER':'$USERNAME',
869 'STRICT_CHECKING':'0',
870 'FAST_SUPPORT': have_fast_support
,
871 'TKT_SIG_SUPPORT': tkt_sig_support
})
872 planoldpythontestsuite("rodc:local", "samba.tests.krb5.rodc_tests",
873 environ
={'ADMIN_USERNAME':'$USERNAME',
874 'ADMIN_PASSWORD':'$PASSWORD',
875 'STRICT_CHECKING':'0',
876 'FAST_SUPPORT': have_fast_support
,
877 'TKT_SIG_SUPPORT': tkt_sig_support
})
879 planoldpythontestsuite("ad_dc_default", "samba.tests.dsdb_dns")
881 planoldpythontestsuite("fl2008r2dc:local", "samba.tests.krb5.xrealm_tests",
882 environ
={'FAST_SUPPORT': have_fast_support
,
883 'TKT_SIG_SUPPORT': tkt_sig_support
})
885 planoldpythontestsuite("ad_dc_default", "samba.tests.krb5.test_ccache",
887 'ADMIN_USERNAME': '$USERNAME',
888 'ADMIN_PASSWORD': '$PASSWORD',
889 'STRICT_CHECKING': '0',
890 'FAST_SUPPORT': have_fast_support
,
891 'TKT_SIG_SUPPORT': tkt_sig_support
893 planoldpythontestsuite("ad_dc_default", "samba.tests.krb5.test_ldap",
895 'ADMIN_USERNAME': '$USERNAME',
896 'ADMIN_PASSWORD': '$PASSWORD',
897 'STRICT_CHECKING': '0',
898 'FAST_SUPPORT': have_fast_support
,
899 'TKT_SIG_SUPPORT': tkt_sig_support
901 planoldpythontestsuite("ad_dc_default", "samba.tests.krb5.test_rpc",
903 'ADMIN_USERNAME': '$USERNAME',
904 'ADMIN_PASSWORD': '$PASSWORD',
905 'STRICT_CHECKING': '0',
906 'FAST_SUPPORT': have_fast_support
,
907 'TKT_SIG_SUPPORT': tkt_sig_support
909 planoldpythontestsuite("ad_dc_smb1", "samba.tests.krb5.test_smb",
911 'ADMIN_USERNAME': '$USERNAME',
912 'ADMIN_PASSWORD': '$PASSWORD',
913 'STRICT_CHECKING': '0',
914 'FAST_SUPPORT': have_fast_support
,
915 'TKT_SIG_SUPPORT': tkt_sig_support
918 for env
in ["ad_dc", smbv1_disabled_testenv
]:
919 planoldpythontestsuite(env
, "samba.tests.smb", extra_args
=['-U"$USERNAME%$PASSWORD"'])
920 planoldpythontestsuite(env
+ ":local", "samba.tests.ntacls_backup",
921 extra_args
=['-U"$USERNAME%$PASSWORD"'])
923 planoldpythontestsuite(
924 "ad_dc_ntvfs:local", "samba.tests.dcerpc.registry",
925 extra_args
=['-U"$USERNAME%$PASSWORD"'])
927 planoldpythontestsuite("ad_dc_ntvfs", "samba.tests.dcerpc.dnsserver", extra_args
=['-U"$USERNAME%$PASSWORD"'])
928 planoldpythontestsuite("ad_dc", "samba.tests.dcerpc.dnsserver", extra_args
=['-U"$USERNAME%$PASSWORD"'])
930 for env
in ["chgdcpass", "ad_member"]:
931 planoldpythontestsuite(env
, "samba.tests.dcerpc.raw_protocol",
932 environ
={"MAX_NUM_AUTH": "8",
933 "USERNAME": "$DC_USERNAME",
934 "PASSWORD": "$DC_PASSWORD"})
936 if have_heimdal_support
:
937 planoldpythontestsuite("ad_dc_smb1:local", "samba.tests.auth_log", extra_args
=['-U"$USERNAME%$PASSWORD"'],
938 environ
={'CLIENT_IP': '10.53.57.11',
939 'SOCKET_WRAPPER_DEFAULT_IFACE': 11})
940 planoldpythontestsuite("ad_dc_ntvfs:local", "samba.tests.auth_log", extra_args
=['-U"$USERNAME%$PASSWORD"'],
941 environ
={'CLIENT_IP': '10.53.57.11',
942 'SOCKET_WRAPPER_DEFAULT_IFACE': 11})
943 planoldpythontestsuite("ad_dc_smb1", "samba.tests.auth_log_pass_change",
944 extra_args
=['-U"$USERNAME%$PASSWORD"'])
945 planoldpythontestsuite("ad_dc_ntvfs", "samba.tests.auth_log_pass_change",
946 extra_args
=['-U"$USERNAME%$PASSWORD"'])
948 # these tests use a NCA local RPC connection, so always run on the
949 # :local testenv, and so don't need to fake a client connection
950 for env
in ["ad_dc_ntvfs:local", "ad_dc:local"]:
951 planoldpythontestsuite(env
, "samba.tests.auth_log_ncalrpc", extra_args
=['-U"$USERNAME%$PASSWORD"'])
952 planoldpythontestsuite(env
, "samba.tests.auth_log_samlogon",
953 extra_args
=['-U"$USERNAME%$PASSWORD"'])
954 planoldpythontestsuite(env
, "samba.tests.auth_log_netlogon",
955 extra_args
=['-U"$USERNAME%$PASSWORD"'])
956 planoldpythontestsuite(env
, "samba.tests.auth_log_netlogon_bad_creds",
957 extra_args
=['-U"$USERNAME%$PASSWORD"'])
959 planoldpythontestsuite("ad_member:local",
960 "samba.tests.auth_log_winbind",
961 extra_args
=['-U"$DC_USERNAME%$DC_PASSWORD"'])
962 planoldpythontestsuite("ad_dc", "samba.tests.audit_log_pass_change",
963 extra_args
=['-U"$USERNAME%$PASSWORD"'])
964 planoldpythontestsuite("ad_dc", "samba.tests.audit_log_dsdb",
965 extra_args
=['-U"$USERNAME%$PASSWORD"'])
966 planoldpythontestsuite("ad_dc", "samba.tests.group_audit",
967 extra_args
=['-U"$USERNAME%$PASSWORD"'])
969 planoldpythontestsuite("fl2008r2dc:local",
970 "samba.tests.getdcname",
971 extra_args
=['-U"$USERNAME%$PASSWORD"'])
973 planoldpythontestsuite("ad_dc_smb1",
974 "samba.tests.net_join_no_spnego",
975 extra_args
=['-U"$USERNAME%$PASSWORD"'])
976 planoldpythontestsuite("ad_dc",
977 "samba.tests.net_join",
978 extra_args
=['-U"$USERNAME%$PASSWORD"'])
979 planoldpythontestsuite("ad_dc",
980 "samba.tests.s3_net_join",
981 extra_args
=['-U"$USERNAME%$PASSWORD"'])
982 planoldpythontestsuite("ad_dc",
983 "samba.tests.segfault",
984 extra_args
=['-U"$USERNAME%$PASSWORD"'])
985 # Need to test the password hashing in multiple environments to ensure that
986 # all the possible options are covered
988 # ad_dc:local functional_level >= 2008, gpg keys available
989 planoldpythontestsuite("ad_dc:local",
990 "samba.tests.password_hash_gpgme",
991 extra_args
=['-U"$USERNAME%$PASSWORD"'])
992 # ad_dc_ntvfs:local functional level >= 2008, gpg keys not available
993 planoldpythontestsuite("ad_dc_ntvfs:local",
994 "samba.tests.password_hash_fl2008",
995 extra_args
=['-U"$USERNAME%$PASSWORD"'])
996 # fl2003dc:local functional level < 2008, gpg keys not available
997 planoldpythontestsuite("fl2003dc:local",
998 "samba.tests.password_hash_fl2003",
999 extra_args
=['-U"$USERNAME%$PASSWORD"'])
1000 # ad_dc: wDigest values over ldap
1001 planoldpythontestsuite("ad_dc",
1002 "samba.tests.password_hash_ldap",
1003 extra_args
=['-U"$USERNAME%$PASSWORD"'])
1005 for env
in ["ad_dc_backup", smbv1_disabled_testenv
]:
1006 planoldpythontestsuite(env
+ ":local", "samba.tests.domain_backup",
1007 extra_args
=['-U"$USERNAME%$PASSWORD"'])
1009 planoldpythontestsuite("ad_dc",
1010 "samba.tests.domain_backup_offline")
1012 # ensure default provision (ad_dc) and join (vampire_dc)
1013 # encrypt secret values on disk.
1014 planoldpythontestsuite("ad_dc:local",
1015 "samba.tests.encrypted_secrets",
1016 extra_args
=['-U"$USERNAME%$PASSWORD"'])
1017 planoldpythontestsuite("vampire_dc:local",
1018 "samba.tests.encrypted_secrets",
1019 extra_args
=['-U"$USERNAME%$PASSWORD"'])
1020 # The fl2000dc environment is provisioned with the --plaintext_secrets option
1021 # so this test will fail, which proves the secrets are not being encrypted.
1022 # There is an entry in known_fail.d.
1023 planoldpythontestsuite("fl2000dc:local",
1024 "samba.tests.encrypted_secrets",
1025 extra_args
=['-U"$USERNAME%$PASSWORD"'])
1027 planpythontestsuite("none",
1028 "samba.tests.lsa_string")
1030 planoldpythontestsuite("ad_dc_ntvfs",
1031 "samba.tests.krb5_credentials",
1032 extra_args
=['-U"$USERNAME%$PASSWORD"'])
1034 for env
in ["ad_dc_ntvfs", "vampire_dc", "promoted_dc"]:
1035 planoldpythontestsuite(env
,
1036 "samba.tests.py_credentials",
1037 extra_args
=['-U"$USERNAME%$PASSWORD"'])
1038 planoldpythontestsuite("ad_dc_ntvfs",
1039 "samba.tests.emulate.traffic",
1040 extra_args
=['-U"$USERNAME%$PASSWORD"'])
1041 planoldpythontestsuite("ad_dc_ntvfs",
1042 "samba.tests.emulate.traffic_packet",
1043 extra_args
=['-U"$USERNAME%$PASSWORD"'])
1044 planoldpythontestsuite("ad_dc_ntvfs",
1045 "samba.tests.blackbox.traffic_replay",
1046 extra_args
=['-U"$USERNAME%$PASSWORD"'])
1047 planoldpythontestsuite("ad_dc_ntvfs",
1048 "samba.tests.blackbox.traffic_learner",
1049 extra_args
=['-U"$USERNAME%$PASSWORD"'])
1050 planoldpythontestsuite("ad_dc_ntvfs",
1051 "samba.tests.blackbox.traffic_summary",
1052 extra_args
=['-U"$USERNAME%$PASSWORD"'])
1053 planoldpythontestsuite("none", "samba.tests.loadparm")
1054 planoldpythontestsuite("fileserver",
1055 "samba.tests.blackbox.mdsearch",
1056 extra_args
=['-U"$USERNAME%$PASSWORD"'])
1057 planoldpythontestsuite("fileserver",
1058 "samba.tests.blackbox.smbcacls_basic")
1059 planoldpythontestsuite("fileserver",
1060 "samba.tests.blackbox.smbcacls_basic",
1061 "samba.tests.blackbox.smbcacls_basic(DFS)",
1062 environ
={'SHARE': 'msdfs-share',
1063 'TESTDIR': 'smbcacls_sharedir_dfs'})
1064 # Run smbcacls_propagate_inhertance tests on non msdfs root share
1065 planoldpythontestsuite("fileserver",
1066 "samba.tests.blackbox.smbcacls_propagate_inhertance")
1068 # A) Run the smbcacls_propagate_inhertance tests on a msdfs root share
1069 # *without* any nested dfs links
1070 # B) Run the smbcacls_propagate_inhertance tests on a msdfs root share
1071 # *with* a nested dfs link
1073 planoldpythontestsuite("fileserver",
1074 "samba.tests.blackbox.smbcacls_dfs_propagate_inherit",
1075 "samba.tests.blackbox.smbcacls_dfs_propagate_inherit(DFS-msdfs-root)",
1076 environ
={'SHARE': 'smbcacls_share'})
1078 # Want a selection of environments across the process models
1080 for env
in ["ad_dc_ntvfs:local", "ad_dc:local",
1081 "fl2003dc:local", "fl2008r2dc:local",
1082 "promoted_dc:local"]:
1083 planoldpythontestsuite(env
, "samba.tests.blackbox.smbcontrol")
1085 planoldpythontestsuite("none", "samba.tests.blackbox.downgradedatabase")
1087 plantestsuite_loadlist("samba4.ldap.python(ad_dc_default)", "ad_dc_default", [python
, os
.path
.join(DSDB_PYTEST_DIR
, "ldap.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
1089 plantestsuite_loadlist("samba4.ldap_modify_order.python(ad_dc_default)",
1091 [python
, os
.path
.join(samba4srcdir
,
1092 "dsdb/tests/python/"
1093 "ldap_modify_order.py"),
1094 # add "-v" here to diagnose
1096 '-U"$USERNAME%$PASSWORD"',
1097 '--workgroup=$DOMAIN',
1101 plantestsuite_loadlist("samba4.ldap_modify_order.normal_user.python(ad_dc_default)",
1103 [python
, os
.path
.join(samba4srcdir
,
1104 "dsdb/tests/python/"
1105 "ldap_modify_order.py"),
1107 # add "-v" here to diagnose
1109 '-U"$USERNAME%$PASSWORD"',
1110 '--workgroup=$DOMAIN',
1114 planoldpythontestsuite("ad_dc",
1115 "samba.tests.ldap_raw",
1116 extra_args
=['-U"$USERNAME%$PASSWORD"'],
1117 environ
={'TEST_ENV': 'ad_dc'})
1119 plantestsuite_loadlist("samba4.tokengroups.krb5.python(ad_dc_default)", "ad_dc_default:local", [python
, os
.path
.join(DSDB_PYTEST_DIR
, "token_group.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '-k', 'yes', '$LOADLIST', '$LISTOPT'])
1120 plantestsuite_loadlist("samba4.tokengroups.ntlm.python(ad_dc_default)", "ad_dc_default:local", [python
, os
.path
.join(DSDB_PYTEST_DIR
, "token_group.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '-k', 'no', '$LOADLIST', '$LISTOPT'])
1121 plantestsuite("samba4.sam.python(fl2008r2dc)", "fl2008r2dc", [python
, os
.path
.join(DSDB_PYTEST_DIR
, "sam.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN'])
1122 plantestsuite("samba4.sam.python(ad_dc_default)", "ad_dc_default", [python
, os
.path
.join(DSDB_PYTEST_DIR
, "sam.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN'])
1123 plantestsuite("samba4.asq.python(ad_dc_default)", "ad_dc_default", [python
, os
.path
.join(DSDB_PYTEST_DIR
, "asq.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN'])
1124 plantestsuite("samba4.user_account_control.python(ad_dc_default)", "ad_dc_default", [python
, os
.path
.join(DSDB_PYTEST_DIR
, "user_account_control.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN'])
1125 plantestsuite("samba4.priv_attrs.python(ad_dc_default)", "ad_dc_default", ["STRICT_CHECKING=0", python
, os
.path
.join(DSDB_PYTEST_DIR
, "priv_attrs.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN'])
1126 plantestsuite("samba4.priv_attrs.strict.python(ad_dc_default)", "ad_dc_default", [python
, os
.path
.join(DSDB_PYTEST_DIR
, "priv_attrs.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN'])
1128 for env
in ['ad_dc_default:local', 'schema_dc:local']:
1129 planoldpythontestsuite(env
, "dsdb_schema_info",
1130 extra_path
=[os
.path
.join(samba4srcdir
, 'dsdb/tests/python')],
1131 name
="samba4.schemaInfo.python(%s)" % (env
),
1132 extra_args
=['-U"$DOMAIN/$DC_USERNAME%$DC_PASSWORD"'])
1134 planpythontestsuite(env
, "samba.tests.dsdb_schema_attributes")
1136 plantestsuite_loadlist("samba4.urgent_replication.python(ad_dc_ntvfs)", "ad_dc_ntvfs:local", [python
, os
.path
.join(DSDB_PYTEST_DIR
, "urgent_replication.py"), '$PREFIX_ABS/ad_dc_ntvfs/private/sam.ldb', '$LOADLIST', '$LISTOPT'])
1137 plantestsuite_loadlist("samba4.ldap.dirsync.python(ad_dc_ntvfs)", "ad_dc_ntvfs", [python
, os
.path
.join(DSDB_PYTEST_DIR
, "dirsync.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
1138 plantestsuite_loadlist("samba4.ldap.match_rules.python", "ad_dc_ntvfs", [python
, os
.path
.join(srcdir(), "lib/ldb-samba/tests/match_rules.py"), '$PREFIX_ABS/ad_dc_ntvfs/private/sam.ldb', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
1139 plantestsuite("samba4.ldap.index.python", "none", [python
, os
.path
.join(srcdir(), "lib/ldb-samba/tests/index.py")])
1140 plantestsuite_loadlist("samba4.ldap.notification.python(ad_dc_ntvfs)", "ad_dc_ntvfs", [python
, os
.path
.join(DSDB_PYTEST_DIR
, "notification.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
1141 plantestsuite_loadlist("samba4.ldap.sites.python(ad_dc_default)", "ad_dc_default", [python
, os
.path
.join(DSDB_PYTEST_DIR
, "sites.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
1144 # Test with LMDB (GSSAPI/SASL bind)
1145 plantestsuite_loadlist("samba4.ldap.large_ldap.gssapi.python(%s)" % env
, env
, [python
, os
.path
.join(DSDB_PYTEST_DIR
, "large_ldap.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--kerberos=yes', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
1147 env
= 'ad_dc_default'
1148 # Test with TDB (NTLMSSP bind)
1149 plantestsuite_loadlist("samba4.ldap.large_ldap.ntlmssp.python(%s)" % env
, env
, [python
, os
.path
.join(DSDB_PYTEST_DIR
, "large_ldap.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--kerberos=no', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
1152 # Test with ldaps://
1153 plantestsuite_loadlist("samba4.ldap.large_ldap.ldaps.python(%s)" % env
, env
, [python
, os
.path
.join(DSDB_PYTEST_DIR
, "large_ldap.py"), 'ldaps://$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
1156 # Test with straight ldap
1157 plantestsuite_loadlist("samba4.ldap.large_ldap.straight_ldap.python(%s)" % env
, env
, [python
, os
.path
.join(DSDB_PYTEST_DIR
, "large_ldap.py"), 'ldap://$SERVER', '--simple-bind-dn=$USERNAME@$REALM', '--password=$PASSWORD', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
1159 planoldpythontestsuite("ad_dc_default", "sort", environ
={'SERVER' : '$SERVER', 'DATA_DIR' : os
.path
.join(samba4srcdir
, 'dsdb/tests/python/testdata/')}, name
="samba4.ldap.sort.python", extra_path
=[os
.path
.join(samba4srcdir
, 'dsdb/tests/python')], extra_args
=['-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN'])
1161 plantestsuite_loadlist("samba4.ldap.linked_attributes.python(ad_dc_ntvfs)", "ad_dc_ntvfs:local", [python
, os
.path
.join(DSDB_PYTEST_DIR
, "linked_attributes.py"), '$PREFIX_ABS/ad_dc_ntvfs/private/sam.ldb', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
1163 plantestsuite_loadlist("samba4.ldap.subtree_rename.python(ad_dc_ntvfs)",
1164 "ad_dc_ntvfs:local",
1165 [python
, os
.path
.join(samba4srcdir
,
1166 "dsdb/tests/python/subtree_rename.py"),
1167 '$PREFIX_ABS/ad_dc_ntvfs/private/sam.ldb',
1168 '-U"$USERNAME%$PASSWORD"',
1169 '--workgroup=$DOMAIN',
1173 planoldpythontestsuite(
1175 "samba.tests.ldap_referrals",
1177 'SERVER': '$SERVER',
1179 name
="samba.ldap.referrals",
1180 extra_args
=['-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN'])
1182 # These should be the first tests run against testenvs created by backup/restore
1183 for env
in ['offlinebackupdc', 'restoredc', 'renamedc', 'labdc']:
1184 # check that a restored DC matches the original DC (backupfromdc)
1185 plantestsuite("samba4.blackbox.ldapcmp_restore", env
,
1186 ["PYTHON=%s" % python
,
1187 os
.path
.join(bbdir
, "ldapcmp_restoredc.sh"),
1188 '$PREFIX_ABS/backupfromdc', '$PREFIX_ABS/%s' % env
])
1190 # we also test joining backupfromdc here, as it's a bit special in that it
1191 # doesn't have Default-First-Site-Name
1192 for env
in ['backupfromdc', 'offlinebackupdc', 'restoredc', 'renamedc',
1194 # basic test that we can join the testenv DC
1195 plantestsuite("samba4.blackbox.join_ldapcmp", env
,
1196 ["PYTHON=%s" % python
, os
.path
.join(bbdir
, "join_ldapcmp.sh")])
1198 env
= 'backupfromdc'
1199 planoldpythontestsuite("%s:local" % env
, "samba_tool_drs_no_dns",
1200 extra_path
=[os
.path
.join(samba4srcdir
, 'torture/drs/python')],
1201 name
="samba4.drs.samba_tool_drs_no_dns.python(%s)" % env
,
1202 environ
={'DC1': '$DC_SERVER', 'DC2': '$DC_SERVER'},
1203 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1205 plantestsuite_loadlist("samba4.ldap.rodc.python(rodc)", "rodc",
1207 os
.path
.join(DSDB_PYTEST_DIR
, "rodc.py"),
1208 '$SERVER', '-U"$USERNAME%$PASSWORD"',
1209 '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
1211 plantestsuite_loadlist("samba4.ldap.rodc_rwdc.python(rodc)", "rodc:local",
1213 os
.path
.join(samba4srcdir
,
1214 "dsdb/tests/python/rodc_rwdc.py"),
1215 '$SERVER', '$DC_SERVER', '-U"$USERNAME%$PASSWORD"',
1216 '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
1218 planoldpythontestsuite("rodc:local", "replica_sync_rodc",
1219 extra_path
=[os
.path
.join(samba4srcdir
, 'torture/drs/python')],
1220 name
="samba4.drs.replica_sync_rodc.python(rodc)",
1221 environ
={'DC1': '$DC_SERVER', 'DC2': '$SERVER'},
1222 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1224 planoldpythontestsuite("ad_dc_default_smb1", "password_settings",
1225 extra_path
=[os
.path
.join(samba4srcdir
, 'dsdb/tests/python')],
1226 name
="samba4.ldap.passwordsettings.python",
1227 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1229 for env
in all_fl_envs
+ ["schema_dc"]:
1230 plantestsuite_loadlist("samba4.ldap_schema.python(%s)" % env
, env
, [python
, os
.path
.join(DSDB_PYTEST_DIR
, "ldap_schema.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
1231 plantestsuite("samba4.ldap.possibleInferiors.python(%s)" % env
, env
, [python
, os
.path
.join(samba4srcdir
, "dsdb/samdb/ldb_modules/tests/possibleinferiors.py"), "ldap://$SERVER", '-U"$USERNAME%$PASSWORD"', "-W$DOMAIN"])
1232 plantestsuite_loadlist("samba4.ldap.secdesc.python(%s)" % env
, env
, [python
, os
.path
.join(DSDB_PYTEST_DIR
, "sec_descriptor.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
1233 plantestsuite_loadlist("samba4.ldap.acl.python(%s)" % env
, env
, ["STRICT_CHECKING=0", python
, os
.path
.join(DSDB_PYTEST_DIR
, "acl.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
1234 if env
!= "fl2000dc":
1235 # This test makes excessive use of the "userPassword" attribute which
1236 # isn't available on DCs with Windows 2000 domain function level -
1237 # therefore skip it in that configuration
1238 plantestsuite_loadlist("samba4.ldap.passwords.python(%s)" % env
, env
, [python
, os
.path
.join(DSDB_PYTEST_DIR
, "passwords.py"), "$SERVER", '-U"$USERNAME%$PASSWORD"', "-W$DOMAIN", '$LOADLIST', '$LISTOPT'])
1240 for env
in ["ad_dc_slowtests"]:
1241 # This test takes a lot of time, so we run it against a minimum of
1242 # environments, please only add new ones if there's really a
1243 # difference we need to test
1244 plantestsuite_loadlist("samba4.ldap.vlv.python(%s)" % env
, env
, [python
, os
.path
.join(DSDB_PYTEST_DIR
, "vlv.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
1245 plantestsuite_loadlist("samba4.ldap.confidential_attr.python(%s)" % env
, env
, [python
, os
.path
.join(DSDB_PYTEST_DIR
, "confidential_attr.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
1246 plantestsuite_loadlist("samba4.ldap.password_lockout.python(%s)" % env
, env
, [python
, os
.path
.join(DSDB_PYTEST_DIR
, "password_lockout.py"), "$SERVER", '-U"$USERNAME%$PASSWORD"', "-W$DOMAIN", "--realm=$REALM", '$LOADLIST', '$LISTOPT'])
1247 planoldpythontestsuite(env
, "tombstone_reanimation",
1248 name
="samba4.tombstone_reanimation.python",
1249 environ
={'TEST_SERVER': '$SERVER', 'TEST_USERNAME': '$USERNAME', 'TEST_PASSWORD': '$PASSWORD'},
1250 extra_path
=[os
.path
.join(samba4srcdir
, 'dsdb/tests/python')]
1252 planoldpythontestsuite(env
, "samba.tests.join",
1253 name
="samba.tests.join.python(%s)" % env
,
1254 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1256 # this is a basic sanity-check of Kerberos/NTLM user login
1257 for env
in ["offlinebackupdc", "restoredc", "renamedc", "labdc"]:
1258 plantestsuite_loadlist("samba4.ldap.login_basics.python(%s)" % env
, env
,
1259 [python
, os
.path
.join(DSDB_PYTEST_DIR
, "login_basics.py"),
1260 "$SERVER", '-U"$USERNAME%$PASSWORD"', "-W$DOMAIN", "--realm=$REALM",
1261 '$LOADLIST', '$LISTOPT'])
1263 planpythontestsuite("ad_dc_ntvfs:local", "samba.tests.upgradeprovisionneeddc")
1264 planpythontestsuite("ad_dc:local", "samba.tests.posixacl")
1265 planpythontestsuite("ad_dc_no_nss:local", "samba.tests.posixacl")
1266 plantestsuite_loadlist("samba4.deletetest.python(ad_dc_default)", "ad_dc_default", [python
, os
.path
.join(DSDB_PYTEST_DIR
, "deletetest.py"),
1267 '$SERVER', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
1268 plantestsuite("samba4.blackbox.samba3dump", "none", [os
.path
.join(samba4srcdir
, "selftest/test_samba3dump.sh")])
1269 plantestsuite("samba4.blackbox.upgrade", "none", ["PYTHON=%s" % python
, os
.path
.join(samba4srcdir
, "setup/tests/blackbox_s3upgrade.sh"), '$PREFIX/provision'])
1270 plantestsuite("samba4.blackbox.provision.py", "none", ["PYTHON=%s" % python
, os
.path
.join(samba4srcdir
, "setup/tests/blackbox_provision.sh"), '$PREFIX/provision'])
1271 plantestsuite("samba4.blackbox.provision_fileperms", "none", ["PYTHON=%s" % python
, os
.path
.join(samba4srcdir
, "setup/tests/provision_fileperms.sh"), '$PREFIX/provision'])
1272 plantestsuite("samba4.blackbox.supported_features", "none",
1273 ["PYTHON=%s" % python
,
1274 os
.path
.join(samba4srcdir
,
1275 "setup/tests/blackbox_supported_features.sh"),
1276 '$PREFIX/provision'])
1277 plantestsuite("samba4.blackbox.start_backup", "none",
1278 ["PYTHON=%s" % python
,
1279 os
.path
.join(samba4srcdir
,
1280 "setup/tests/blackbox_start_backup.sh"),
1281 '$PREFIX/provision'])
1282 plantestsuite("samba4.blackbox.upgradeprovision.current", "none", ["PYTHON=%s" % python
, os
.path
.join(samba4srcdir
, "setup/tests/blackbox_upgradeprovision.sh"), '$PREFIX/provision'])
1283 plantestsuite("samba4.blackbox.setpassword.py", "none", ["PYTHON=%s" % python
, os
.path
.join(samba4srcdir
, "setup/tests/blackbox_setpassword.sh"), '$PREFIX/provision'])
1284 plantestsuite("samba4.blackbox.newuser.py", "none", ["PYTHON=%s" % python
, os
.path
.join(samba4srcdir
, "setup/tests/blackbox_newuser.sh"), '$PREFIX/provision'])
1285 plantestsuite("samba4.blackbox.group.py", "none", ["PYTHON=%s" % python
, os
.path
.join(samba4srcdir
, "setup/tests/blackbox_group.sh"), '$PREFIX/provision'])
1286 plantestsuite("samba4.blackbox.spn.py(ad_dc_ntvfs:local)", "ad_dc_ntvfs:local", ["PYTHON=%s" % python
, os
.path
.join(samba4srcdir
, "setup/tests/blackbox_spn.sh"), '$PREFIX/ad_dc_ntvfs'])
1287 plantestsuite_loadlist("samba4.ldap.bind(fl2008r2dc)", "fl2008r2dc", [python
, os
.path
.join(srcdir(), "auth/credentials/tests/bind.py"), '$SERVER', '-U"$USERNAME%$PASSWORD"', '$LOADLIST', '$LISTOPT'])
1289 # This makes sure we test the rid allocation code
1290 t
= "rpc.samr.large-dc"
1291 plansmbtorture4testsuite(t
, "vampire_dc", ['$SERVER', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], modname
=("samba4.%s.one" % t
))
1292 plansmbtorture4testsuite(t
, "vampire_dc", ['$SERVER', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], modname
="samba4.%s.two" % t
)
1294 # RPC smoke-tests for testenvs of interest (RODC, etc)
1295 for env
in ['rodc', 'offlinebackupdc', 'restoredc', 'renamedc', 'labdc']:
1296 plansmbtorture4testsuite('rpc.echo', env
, ['ncacn_np:$SERVER', "-k", "yes", '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], modname
="samba4.rpc.echo")
1297 plansmbtorture4testsuite('rpc.echo', "%s:local" % env
, ['ncacn_np:$SERVER', "-k", "yes", '-P', '--workgroup=$DOMAIN'], modname
="samba4.rpc.echo")
1298 plansmbtorture4testsuite('rpc.echo', "%s:local" % env
, ['ncacn_np:$SERVER', "-k", "no", '-Utestallowed\ account%$DC_PASSWORD', '--workgroup=$DOMAIN'], modname
="samba4.rpc.echo.testallowed")
1299 plansmbtorture4testsuite('rpc.echo', "%s:local" % env
, ['ncacn_np:$SERVER', "-k", "no", '-Utestdenied%$DC_PASSWORD', '--workgroup=$DOMAIN'], modname
="samba4.rpc.echo.testdenied")
1300 plantestsuite("samba4.blackbox.smbclient(%s:local)" % env
, "%s:local" % env
, [os
.path
.join(samba4srcdir
, "utils/tests/test_smbclient.sh"), '$SERVER', '$SERVER_IP', '$USERNAME', '$PASSWORD', '$DOMAIN', binpath('smbclient')])
1302 planpythontestsuite("rodc:local", "samba.tests.samba_tool.rodc")
1304 plantestsuite("samba.blackbox.rpcclient_samlogon", "rodc:local", [os
.path
.join(samba3srcdir
, "script/tests/test_rpcclient_samlogon.sh"),
1305 "$DC_USERNAME", "$DC_PASSWORD", "ncacn_np:$SERVER", configuration
])
1307 plantestsuite("samba.blackbox.rpcclient_samlogon_testallowed", "rodc:local", [os
.path
.join(samba3srcdir
, "script/tests/test_rpcclient_samlogon.sh"),
1308 "testallowed\ account", "$DC_PASSWORD", "ncacn_np:$SERVER", configuration
])
1310 plantestsuite("samba.blackbox.rpcclient_samlogon_testdenied", "rodc:local", [os
.path
.join(samba3srcdir
, "script/tests/test_rpcclient_samlogon.sh"),
1311 "testdenied", "$DC_PASSWORD", "ncacn_np:$SERVER", configuration
])
1314 # Test renaming the DC
1315 plantestsuite("samba4.blackbox.renamedc.sh", "none", ["PYTHON=%s" % python
, os
.path
.join(bbdir
, "renamedc.sh"), '$PREFIX/provision'])
1318 # Note that $DC_SERVER is the PDC (e.g. ad_dc_ntvfs) and $SERVER is
1319 # the 2nd DC (e.g. vampire_dc).
1322 planoldpythontestsuite(env
, "ridalloc_exop",
1323 extra_path
=[os
.path
.join(samba4srcdir
, 'torture/drs/python')],
1324 name
="samba4.drs.ridalloc_exop.python(%s)" % env
,
1325 environ
={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
1326 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1328 # This test can pollute the environment a little by creating and
1329 # deleting DCs which can get into the replication state for a while.
1331 # The setting of DC1 to $DC_SERVER means that it will join towards and
1332 # operate on schema_dc. This matters most when running
1333 # test_samba_tool_replicate_local as this sets up a full temp DC and
1334 # does new replication to it, which can show up in the replication
1337 # That is why this test is run on the isolated environment and not on
1338 # those connected with ad_dc (vampiredc/promoteddc)
1340 env
= 'schema_pair_dc'
1341 planoldpythontestsuite("%s:local" % env
, "samba_tool_drs",
1342 extra_path
=[os
.path
.join(samba4srcdir
, 'torture/drs/python')],
1343 name
="samba4.drs.samba_tool_drs.python(%s)" % env
,
1344 environ
={'DC1': '$DC_SERVER', 'DC2': '$SERVER'},
1345 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1346 planoldpythontestsuite(env
, "getnc_schema",
1347 extra_path
=[os
.path
.join(samba4srcdir
, 'torture/drs/python')],
1348 name
="samba4.drs.getnc_schema.python(%s)" % env
,
1349 environ
={'DC1': "$DC_SERVER", 'DC2': '$SERVER',
1350 "PLEASE_BREAK_MY_WINDOWS": "1"},
1351 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1353 # This test can be sensitive to the DC joins and replications don in
1354 # "samba_tool_drs" so run this is run against scheam_pair_dc/schema_dc
1355 # not the set of environments connected with ad_dc.
1357 # This will show the replication state of ad_dc
1358 planoldpythontestsuite("promoted_dc:local", "samba_tool_drs_showrepl",
1359 extra_path
=[os
.path
.join(samba4srcdir
, 'torture/drs/python')],
1360 name
="samba4.drs.samba_tool_drs_showrepl.python(%s)" % env
,
1361 environ
={'DC1': '$DC_SERVER', 'DC2': '$SERVER'},
1362 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1364 for env
in ['vampire_dc', 'promoted_dc']:
1365 planoldpythontestsuite("%s:local" % env
, "replica_sync",
1366 extra_path
=[os
.path
.join(samba4srcdir
, 'torture/drs/python')],
1367 name
="samba4.drs.replica_sync.python(%s)" % env
,
1368 environ
={'DC1': '$DC_SERVER', 'DC2': '$SERVER'},
1369 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1370 planoldpythontestsuite(env
, "delete_object",
1371 extra_path
=[os
.path
.join(samba4srcdir
, 'torture/drs/python')],
1372 name
="samba4.drs.delete_object.python(%s)" % env
,
1373 environ
={'DC1': '$DC_SERVER', 'DC2': '$SERVER'},
1374 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1375 planoldpythontestsuite(env
, "fsmo",
1376 name
="samba4.drs.fsmo.python(%s)" % env
,
1377 extra_path
=[os
.path
.join(samba4srcdir
, 'torture/drs/python')],
1378 environ
={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
1379 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1380 planoldpythontestsuite(env
, "repl_secdesc",
1381 name
="samba4.drs.repl_secdesc.python(%s)" % env
,
1382 extra_path
=[os
.path
.join(samba4srcdir
, 'torture/drs/python')],
1383 environ
={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
1384 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1385 planoldpythontestsuite(env
, "repl_move",
1386 extra_path
=[os
.path
.join(samba4srcdir
, 'torture/drs/python')],
1387 name
="samba4.drs.repl_move.python(%s)" % env
,
1388 environ
={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
1389 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1390 planoldpythontestsuite(env
, "getnc_exop",
1391 extra_path
=[os
.path
.join(samba4srcdir
, 'torture/drs/python')],
1392 name
="samba4.drs.getnc_exop.python(%s)" % env
,
1393 environ
={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
1394 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1395 planoldpythontestsuite(env
, "getnc_unpriv",
1396 extra_path
=[os
.path
.join(samba4srcdir
, 'torture/drs/python')],
1397 name
="samba4.drs.getnc_unpriv.python(%s)" % env
,
1398 environ
={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
1399 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1400 planoldpythontestsuite(env
, "linked_attributes_drs",
1401 extra_path
=[os
.path
.join(samba4srcdir
, 'torture/drs/python')],
1402 name
="samba4.drs.linked_attributes_drs.python(%s)" % env
,
1403 environ
={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
1404 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1405 planoldpythontestsuite(env
, "link_conflicts",
1406 extra_path
=[os
.path
.join(samba4srcdir
, 'torture/drs/python')],
1407 name
="samba4.drs.link_conflicts.python(%s)" % env
,
1408 environ
={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
1409 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1411 for env
in ['vampire_dc', 'promoted_dc', 'vampire_2000_dc']:
1412 planoldpythontestsuite(env
, "repl_schema",
1413 extra_path
=[os
.path
.join(samba4srcdir
, 'torture/drs/python')],
1414 name
="samba4.drs.repl_schema.python(%s)" % env
,
1415 environ
={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
1416 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1418 # A side-effect of the getncchanges tests is that they will create hundreds of
1419 # tombstone objects, so run them last to avoid interferring with (and slowing
1420 # down) the other DRS tests
1421 for env
in ['vampire_dc', 'promoted_dc']:
1422 planoldpythontestsuite(env
, "getncchanges",
1423 extra_path
=[os
.path
.join(samba4srcdir
, 'torture/drs/python')],
1424 name
="samba4.drs.getncchanges.python(%s)" % env
,
1425 environ
={'DC1': "$DC_SERVER", 'DC2': '$SERVER'},
1426 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1428 for env
in ['ad_dc_ntvfs']:
1429 planoldpythontestsuite(env
, "repl_rodc",
1430 extra_path
=[os
.path
.join(samba4srcdir
, 'torture/drs/python')],
1431 name
="samba4.drs.repl_rodc.python(%s)" % env
,
1432 environ
={'DC1': "$DC_SERVER", 'DC2': '$DC_SERVER'},
1433 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1434 planoldpythontestsuite(env
, "cracknames",
1435 extra_path
=[os
.path
.join(samba4srcdir
, 'torture/drs/python')],
1436 name
="samba4.drs.cracknames.python(%s)" % env
,
1437 environ
={'DC1': "$DC_SERVER", 'DC2': '$DC_SERVER'},
1438 extra_args
=['-U$DOMAIN/$DC_USERNAME%$DC_PASSWORD'])
1440 planoldpythontestsuite("chgdcpass:local", "samba.tests.blackbox.samba_dnsupdate",
1441 environ
={'DNS_SERVER_IP': '$SERVER_IP'})
1443 for env
in ["ad_dc_ntvfs", "s4member", "rodc", "promoted_dc", "ad_dc", "ad_member"]:
1444 plantestsuite("samba.blackbox.wbinfo(%s:local)" % env
, "%s:local" % env
, [os
.path
.join(samba4srcdir
, "../nsswitch/tests/test_wbinfo.sh"), '$DOMAIN', '$DC_USERNAME', '$DC_PASSWORD', env
])
1446 # Offline logon (ad_member)
1447 plantestsuite("samba.blackbox.offline_logon",
1448 "ad_member_offlogon",
1449 [os
.path
.join(bbdir
, "test_offline_logon.sh"),
1451 'alice', 'Secret007',
1453 'jane', 'Secret007',
1454 'joe', 'Secret007'])
1460 # This test is for users cached at the RODC
1461 plansmbtorture4testsuite('krb5.kdc', "rodc", ['ncacn_np:$SERVER_IP', "-k", "yes", '-Utestdenied%$PASSWORD',
1462 '--workgroup=$DOMAIN', '--realm=$REALM',
1463 '--option=torture:krb5-upn=testdenied_upn@$REALM.upn',
1464 '--option=torture:expect_rodc=true'],
1465 "samba4.krb5.kdc with account DENIED permission to replicate to an RODC")
1466 plansmbtorture4testsuite('krb5.kdc', "rodc", ['ncacn_np:$SERVER_IP', "-k", "yes", '-Utestallowed\ account%$PASSWORD',
1467 '--workgroup=$DOMAIN', '--realm=$REALM',
1468 '--option=torture:expect_machine_account=true',
1469 '--option=torture:krb5-upn=testallowed\ upn@$REALM',
1470 '--option=torture:krb5-hostname=testallowed',
1471 '--option=torture:expect_rodc=true',
1472 '--option=torture:expect_cached_at_rodc=true'],
1473 "samba4.krb5.kdc with account ALLOWED permission to replicate to an RODC")
1475 # This ensures we have correct behaviour on a server that is not not the PDC emulator
1477 plansmbtorture4testsuite('krb5.kdc', env
, ['ncacn_np:$SERVER_IP', "-k", "yes", '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', '--realm=$REALM'],
1478 "samba4.krb5.kdc with specified account")
1479 plansmbtorture4testsuite('krb5.kdc', env
, ['ncacn_np:$SERVER_IP', "-k", "yes", '-Utestupnspn%$PASSWORD', '--workgroup=$DOMAIN', '--realm=$REALM',
1480 '--option=torture:expect_machine_account=true',
1481 '--option=torture:krb5-upn=http/testupnspn.$DNSNAME@$REALM',
1482 '--option=torture:krb5-hostname=testupnspn.$DNSNAME',
1483 '--option=torture:krb5-service=http'],
1484 "samba4.krb5.kdc with account having identical UPN and SPN")
1485 for env
in ["fl2008r2dc", "fl2003dc"]:
1486 planoldpythontestsuite(env
, "samba.tests.krb5.as_req_tests",
1488 'ADMIN_USERNAME': '$USERNAME',
1489 'ADMIN_PASSWORD': '$PASSWORD',
1490 'STRICT_CHECKING': '0',
1491 'FAST_SUPPORT': have_fast_support
,
1492 'TKT_SIG_SUPPORT': tkt_sig_support
1495 planoldpythontestsuite('fl2008r2dc', 'samba.tests.krb5.salt_tests',
1497 'ADMIN_USERNAME': '$USERNAME',
1498 'ADMIN_PASSWORD': '$PASSWORD',
1499 'STRICT_CHECKING': '0',
1500 'FAST_SUPPORT': have_fast_support
,
1501 'TKT_SIG_SUPPORT': tkt_sig_support
1504 for env
in ["rodc", "promoted_dc", "fl2000dc", "fl2008r2dc"]:
1506 # The machine account is cached at the RODC, as it is the local account
1507 extra_options
= ['--option=torture:expect_rodc=true', '--option=torture:expect_cached_at_rodc=true']
1511 plansmbtorture4testsuite('krb5.kdc', "%s:local" % env
, ['ncacn_np:$SERVER_IP', "-k", "yes", '-P',
1512 '--workgroup=$DOMAIN', '--realm=$REALM',
1513 '--option=torture:krb5-hostname=$SERVER',
1514 '--option=torture:run_removedollar_test=true',
1515 '--option=torture:expect_machine_account=true'] + extra_options
,
1516 "samba4.krb5.kdc with machine account")
1518 planpythontestsuite("ad_dc", "samba.tests.krb5.as_canonicalization_tests",
1520 'ADMIN_USERNAME': '$USERNAME',
1521 'ADMIN_PASSWORD': '$PASSWORD',
1522 'FAST_SUPPORT': have_fast_support
,
1523 'TKT_SIG_SUPPORT': tkt_sig_support
1525 planpythontestsuite("ad_dc", "samba.tests.krb5.compatability_tests",
1527 'ADMIN_USERNAME': '$USERNAME',
1528 'ADMIN_PASSWORD': '$PASSWORD',
1529 'STRICT_CHECKING': '0',
1530 'FAST_SUPPORT': have_fast_support
,
1531 'TKT_SIG_SUPPORT': tkt_sig_support
1533 planpythontestsuite("ad_dc", "samba.tests.krb5.kdc_tests",
1534 environ
={'FAST_SUPPORT': have_fast_support
,
1535 'TKT_SIG_SUPPORT': tkt_sig_support
})
1536 planpythontestsuite(
1538 "samba.tests.krb5.kdc_tgs_tests",
1540 'ADMIN_USERNAME': '$USERNAME',
1541 'ADMIN_PASSWORD': '$PASSWORD',
1542 'STRICT_CHECKING': '0',
1543 'FAST_SUPPORT': have_fast_support
,
1544 'TKT_SIG_SUPPORT': tkt_sig_support
1546 planpythontestsuite(
1548 "samba.tests.krb5.fast_tests",
1550 'ADMIN_USERNAME': '$USERNAME',
1551 'ADMIN_PASSWORD': '$PASSWORD',
1552 'STRICT_CHECKING': '0',
1553 'FAST_SUPPORT': have_fast_support
,
1554 'TKT_SIG_SUPPORT': tkt_sig_support
1556 planpythontestsuite(
1558 "samba.tests.krb5.ms_kile_client_principal_lookup_tests",
1560 'ADMIN_USERNAME': '$USERNAME',
1561 'ADMIN_PASSWORD': '$PASSWORD',
1562 'STRICT_CHECKING': '0',
1563 'FAST_SUPPORT': have_fast_support
,
1564 'TKT_SIG_SUPPORT': tkt_sig_support
1566 planpythontestsuite(
1568 "samba.tests.krb5.spn_tests",
1570 'ADMIN_USERNAME': '$USERNAME',
1571 'ADMIN_PASSWORD': '$PASSWORD',
1572 'STRICT_CHECKING': '0',
1573 'FAST_SUPPORT': have_fast_support
,
1574 'TKT_SIG_SUPPORT': tkt_sig_support
1576 planpythontestsuite(
1578 "samba.tests.krb5.alias_tests",
1580 'ADMIN_USERNAME': '$USERNAME',
1581 'ADMIN_PASSWORD': '$PASSWORD',
1582 'STRICT_CHECKING': '0',
1583 'FAST_SUPPORT': have_fast_support
,
1584 'TKT_SIG_SUPPORT': tkt_sig_support
1590 planoldpythontestsuite(env
, "samba.tests.kcc",
1591 name
="samba.tests.kcc",
1592 environ
={'TEST_SERVER': '$SERVER', 'TEST_USERNAME': '$USERNAME',
1593 'TEST_PASSWORD': '$PASSWORD',
1596 extra_path
=[os
.path
.join(srcdir(), "samba/python"), ])
1597 planpythontestsuite(env
, "samba.tests.samba_tool.visualize_drs")
1599 planpythontestsuite("ad_dc_default:local", "samba.tests.kcc.kcc_utils")
1601 for env
in ["simpleserver", "fileserver", "nt4_dc", "ad_dc", "ad_dc_ntvfs",
1602 "ad_member", "offlinebackupdc", "restoredc", "renamedc", "labdc", 'schema_pair_dc']:
1603 planoldpythontestsuite(env
, "netlogonsvc",
1604 extra_path
=[os
.path
.join(srcdir(), 'python/samba/tests')],
1605 name
="samba.tests.netlogonsvc.python(%s)" % env
)
1607 for env
in ["ktest", "ad_member", "ad_dc_no_ntlm"]:
1608 planoldpythontestsuite(env
, "ntlmdisabled",
1609 extra_path
=[os
.path
.join(srcdir(), 'python/samba/tests')],
1610 name
="samba.tests.ntlmdisabled.python(%s)" % env
)
1612 # Demote the vampire DC, it must be the last test each DC, before the dbcheck
1613 for env
in ['vampire_dc', 'promoted_dc', 'rodc']:
1614 planoldpythontestsuite(env
, "samba.tests.samba_tool.demote",
1615 name
="samba.tests.samba_tool.demote",
1617 'CONFIGFILE': '$PREFIX/%s/etc/smb.conf' % env
1619 extra_args
=['-U"$USERNAME%$PASSWORD"'],
1620 extra_path
=[os
.path
.join(srcdir(), "samba/python")]
1622 # TODO: Verifying the databases really should be a part of the
1623 # environment teardown.
1624 # check the databases are all OK. PLEASE LEAVE THIS AS THE LAST TEST
1625 for env
in ["ad_dc_ntvfs", "ad_dc", "fl2000dc", "fl2003dc", "fl2008r2dc",
1626 'vampire_dc', 'promoted_dc', 'backupfromdc', 'restoredc',
1627 'renamedc', 'offlinebackupdc', 'labdc']:
1628 plantestsuite("samba4.blackbox.dbcheck(%s)" % env
, env
+ ":local", ["PYTHON=%s" % python
, os
.path
.join(bbdir
, "dbcheck.sh"), '$PREFIX/provision', configuration
])
1631 # Tests to verify bug 13653 https://bugzilla.samba.org/show_bug.cgi?id=13653
1632 # ad_dc has an lmdb backend, ad_dc_ntvfs has a tdb backend.
1634 planoldpythontestsuite("ad_dc_ntvfs:local",
1635 "samba.tests.blackbox.bug13653",
1636 extra_args
=['-U"$USERNAME%$PASSWORD"'],
1637 environ
={'TEST_ENV': 'ad_dc_ntvfs'})
1638 planoldpythontestsuite("ad_dc:local",
1639 "samba.tests.blackbox.bug13653",
1640 extra_args
=['-U"$USERNAME%$PASSWORD"'],
1641 environ
={'TEST_ENV': 'ad_dc'})
1642 # cmocka tests not requiring a specific environment
1644 plantestsuite("samba4.dsdb.samdb.ldb_modules.unique_object_sids", "none",
1645 [os
.path
.join(bindir(), "test_unique_object_sids")])
1646 plantestsuite("samba4.dsdb.samdb.ldb_modules.encrypted_secrets.tdb", "none",
1647 [os
.path
.join(bindir(), "test_encrypted_secrets_tdb")])
1648 plantestsuite("samba4.dsdb.samdb.ldb_modules.encrypted_secrets.mdb", "none",
1649 [os
.path
.join(bindir(), "test_encrypted_secrets_mdb")])
1650 plantestsuite("lib.audit_logging.audit_logging", "none",
1651 [os
.path
.join(bindir(), "audit_logging_test")])
1652 plantestsuite("lib.audit_logging.audit_logging.errors", "none",
1653 [os
.path
.join(bindir(), "audit_logging_error_test")])
1654 plantestsuite("samba4.dsdb.samdb.ldb_modules.audit_util", "none",
1655 [os
.path
.join(bindir(), "test_audit_util")])
1656 plantestsuite("samba4.dsdb.samdb.ldb_modules.audit_log", "none",
1657 [os
.path
.join(bindir(), "test_audit_log")])
1658 plantestsuite("samba4.dsdb.samdb.ldb_modules.audit_log.errors", "none",
1659 [os
.path
.join(bindir(), "test_audit_log_errors")])
1660 plantestsuite("samba4.dsdb.samdb.ldb_modules.group_audit", "none",
1661 [os
.path
.join(bindir(), "test_group_audit")])
1662 plantestsuite("samba4.dsdb.samdb.ldb_modules.group_audit.errors", "none",
1663 [os
.path
.join(bindir(), "test_group_audit_errors")])
1664 plantestsuite("samba4.dcerpc.dnsserver.dnsutils", "none",
1665 [os
.path
.join(bindir(), "test_rpc_dns_server_dnsutils")])
1666 plantestsuite("libcli.drsuapi.repl_decrypt", "none",
1667 [os
.path
.join(bindir(), "test_repl_decrypt")])
1668 plantestsuite("librpc.ndr.ndr_string", "none",
1669 [os
.path
.join(bindir(), "test_ndr_string")])
1670 plantestsuite("librpc.ndr.ndr", "none",
1671 [os
.path
.join(bindir(), "test_ndr")])
1672 plantestsuite("librpc.ndr.ndr_macros", "none",
1673 [os
.path
.join(bindir(), "test_ndr_macros")])
1674 plantestsuite("librpc.ndr.ndr_dns_nbt", "none",
1675 [os
.path
.join(bindir(), "test_ndr_dns_nbt")])
1676 plantestsuite("libcli.ldap.ldap_message", "none",
1677 [os
.path
.join(bindir(), "test_ldap_message")])
1679 # process restart and limit tests, these break the environment so need to run
1680 # in their own specific environment
1681 planoldpythontestsuite("preforkrestartdc:local",
1682 "samba.tests.prefork_restart",
1684 os
.path
.join(srcdir(), 'python/samba/tests')],
1685 extra_args
=['-U"$USERNAME%$PASSWORD"'],
1686 name
="samba.tests.prefork_restart")
1687 planoldpythontestsuite("preforkrestartdc:local",
1688 "samba.tests.blackbox.smbcontrol_process",
1690 os
.path
.join(srcdir(), 'python/samba/tests')],
1691 extra_args
=['-U"$USERNAME%$PASSWORD"'],
1692 name
="samba.tests.blackbox.smbcontrol_process")
1693 planoldpythontestsuite("proclimitdc",
1694 "samba.tests.process_limits",
1696 os
.path
.join(srcdir(), 'python/samba/tests')],
1697 extra_args
=['-U"$USERNAME%$PASSWORD"'],
1698 name
="samba.tests.process_limits")
1700 planoldpythontestsuite("none", "samba.tests.usage")
1701 planpythontestsuite("fileserver", "samba.tests.dcerpc.mdssvc")