2 # Blackbox tests rpcclient with schannel
3 # Copyright (c) 2021 Andreas Schneider <asn@samba.org>
7 Usage: test_rpcclient_schannel.sh DOMAIN REALM USERNAME PASSWORD SERVER PREFIX CONFIGURATION TESTENV
24 samba_subunit_dir
=$
(dirname "$0")
25 .
"${samba_subunit_dir}/subunit.sh"
26 .
"${samba_subunit_dir}/common_test_fns.inc"
28 samba_bindir
="${BINDIR}"
29 samba_rpcclient
="${samba_bindir}/rpcclient"
31 test_rpc_getusername
()
33 cmd
="$samba_rpcclient ncacn_np:${SERVER}[schannel] --machine-pass --configfile=${CONFIGURATION} -c getusername 2>&1"
36 if [ $ret -ne 0 ]; then
37 echo "Failed to connect! Error: $ret"
42 echo "$out" |
grep -q "Account Name: ANONYMOUS LOGON, Authority Name: NT AUTHORITY"
44 if [ $ret -ne 0 ]; then
45 echo "Incorrect account/authority name! Error: $ret"
55 cmd
="$samba_rpcclient ncacn_ip_tcp:${SERVER}[schannel] --machine-pass --configfile=${CONFIGURATION} -c 'lookupsids3 S-1-1-0' 2>&1"
58 if [ $ret -ne 0 ]; then
59 echo "Failed to connect! Error: $ret"
64 echo "$out" |
grep -q "S-1-1-0 Everyone"
66 if [ $ret -ne 0 ]; then
67 echo "Incorrect account/authority name! Error: $ret"
75 testit
"ncacn_np.getusername" \
76 test_rpc_getusername ||
77 failed
=$
((failed
+ 1))
79 if [[ "$TESTENV" == "ad_member_fips"* ]]; then
80 unset GNUTLS_FORCE_FIPS_MODE
82 testit
"ncacn_np.getusername.fips" \
83 test_rpc_getusername ||
84 failed
=$
((failed
+ 1))
86 GNUTLS_FORCE_FIPS_MODE
=1
87 export GNUTLS_FORCE_FIPS_MODE
90 testit
"ncacn_ip_tcp.lookupsids" \
91 test_rpc_lookupsids ||
92 failed
=$
((failed
+ 1))