nsswitch/tests/test_idmap_ad.sh

   1 #!/bin/sh
   2 #
   3 # Basic testing of id mapping with idmap_ad
   4 #
   5
   6 if [ $# -ne 3 ]; then
   7         echo Usage: $0 DOMAIN DC_SERVER DC_PASSWORD
   8         exit 1
   9 fi
  10
  11 DOMAIN="$1"
  12 DC_SERVER="$2"
  13 DC_PASSWORD="$3"
  14
  15 wbinfo="$VALGRIND $BINDIR/wbinfo"
  16 ldbmodify="$VALGRIND $BINDIR/ldbmodify"
  17 ldbsearch="$VALGRIND $BINDIR/ldbsearch"
  18
  19 failed=0
  20
  21 . `dirname $0`/../../testprogs/blackbox/subunit.sh
  22
  23 DOMAIN_SID=$($wbinfo -n "$DOMAIN/" | cut -f 1 -d " ")
  24 if [ $? -ne 0 ] ; then
  25     echo "Could not find domain SID" | subunit_fail_test "test_idmap_ad"
  26     exit 1
  27 fi
  28
  29 BASE_DN=$($ldbsearch -H ldap://$DC_SERVER -b "" -s base defaultNamingContext | awk '/^defaultNamingContext/ {print $2}')
  30 if [ $? -ne 0 ] ; then
  31     echo "Could not find base DB" | subunit_fail_test "test_idmap_ad"
  32     exit 1
  33 fi
  34
  35 #
  36 # Add POSIX ids to AD
  37 #
  38 cat <<EOF | $ldbmodify -H ldap://$DC_SERVER -U "$DOMAIN\Administrator%$DC_PASSWORD"
  39 dn: CN=Administrator,CN=Users,$BASE_DN
  40 changetype: modify
  41 add: uidNumber
  42 uidNumber: 2000000
  43 EOF
  44
  45 cat <<EOF | $ldbmodify -H ldap://$DC_SERVER -U "$DOMAIN\Administrator%$DC_PASSWORD"
  46 dn: CN=Domain Users,CN=Users,$BASE_DN
  47 changetype: modify
  48 add: gidNumber
  49 gidNumber: 2000001
  50 EOF
  51
  52 #
  53 # Test 1: Test uid of Administrator, should be 2000000
  54 #
  55
  56 out="$($wbinfo -S $DOMAIN_SID-500)"
  57 echo "wbinfo returned: \"$out\", expecting \"2000000\""
  58 test "$out" = "2000000"
  59 ret=$?
  60 testit "Test uid of Administrator is 2000000" test $ret -eq 0 || failed=$(expr $failed + 1)
  61
  62 #
  63 # Test 2: Test gid of Domain Users, should be 2000001
  64 #
  65
  66 out="$($wbinfo -Y $DOMAIN_SID-513)"
  67 echo "wbinfo returned: \"$out\", expecting \"2000001\""
  68 test "$out" = "2000001"
  69 ret=$?
  70 testit "Test uid of Domain Users is 2000001" test $ret -eq 0 || failed=$(expr $failed + 1)
  71
  72 #
  73 # Test 3: Test get userinfo for Administrator works
  74 #
  75
  76 out="$($wbinfo -i $DOMAIN/Administrator)"
  77 echo "wbinfo returned: \"$out\", expecting \"$DOMAIN/administrator:*:2000000:2000001::/home/$DOMAIN/administrator:/bin/false\""
  78 test "$out" = "$DOMAIN/administrator:*:2000000:2000001::/home/$DOMAIN/administrator:/bin/false"
  79 ret=$?
  80 testit "Test get userinfo for Administrator works" test $ret -eq 0 || failed=$(expr $failed + 1)
  81
  82 #
  83 # Remove POSIX ids from AD
  84 #
  85 cat <<EOF | $ldbmodify -H ldap://$DC_SERVER -U "$DOMAIN\Administrator%$DC_PASSWORD"
  86 dn: CN=Administrator,CN=Users,$BASE_DN
  87 changetype: modify
  88 delete: uidNumber
  89 uidNumber: 2000000
  90 EOF
  91
  92 cat <<EOF | $ldbmodify -H ldap://$DC_SERVER -U "$DOMAIN\Administrator%$DC_PASSWORD"
  93 dn: CN=Domain Users,CN=Users,$BASE_DN
  94 changetype: modify
  95 delete: gidNumber
  96 gidNumber: 2000001
  97 EOF
  98
  99 exit $failed