5 Usage: test_trust_user_account.sh PREFIX OUR_REALM OUR_FLAT REMOTE_REALM REMOTE_FLAT
17 .
`dirname $0`/subunit.sh
20 samba_tool
="$BINDIR/samba-tool"
21 samba4bindir
="$BINDIR"
22 samba4srcdir
="$SRCDIR/source4"
23 samba4kinit
="kinit -k"
24 if test -x $BINDIR/samba4kinit
; then
25 samba4kinit
="$BINDIR/samba4kinit --use-keytab"
28 KEYTAB
="$PREFIX/tmptda.keytab"
30 KRB5_TRACE
=/dev
/stderr
33 testit
"retrieve keytab for TDA of $REMOTE_REALM" $PYTHON $samba_tool domain exportkeytab
$KEYTAB $CONFIGURATION --principal "$REMOTE_FLAT\$@$OUR_REALM" || failed
=`expr $failed + 1`
35 KRB5CCNAME
="$PREFIX/tmptda.ccache"
40 EXPECTED_SALT
="${OUR_REALM}krbtgt${REMOTE_FLAT}"
42 # Note the \$ is for the end of line in grep
44 # There must be no trailing '$' in the SALT string itself,
45 # it's removed from the sAMAccountName value (which includes the trailing '$')
46 # before construting the salt!
48 # Otherwise this would be:
49 # "^virtualKerberosSalt: ${EXPECTED_SALT}\\\$\$"
51 EXPECTED_GREP
="^virtualKerberosSalt: ${EXPECTED_SALT}\$"
52 testit_grep
"get virtualKerberosSalt for TDA of $REMOTE_FLAT\$" "$EXPECTED_GREP" $PYTHON $samba_tool user getpassword
"$REMOTE_FLAT\$" $CONFIGURATION --attributes=virtualKerberosSalt || failed
=`expr $failed + 1`
54 testit
"kinit with keytab for TDA of $REMOTE_REALM" $samba4kinit -t $KEYTAB "$REMOTE_FLAT\$@$OUR_REALM" || failed
=`expr $failed + 1`
56 rm -f $KRB5CCNAME $KEYTAB