selftest/expectedfail.d/samba4.ldb.simple.ldap-tls

   1 #
   2 ## We assert all "ldap server require strong auth" combinations
   3 #
   4 ^samba4.ldb.simple.ldap with SIMPLE-BIND.*ad_dc_ntvfs # ldap server require strong auth = allow_sasl_without_tls_channel_bindings
   5 ^samba4.ldb.simple.ldap with SIMPLE-BIND.*fl2003dc    # ldap server require strong auth = yes
   6 # fl2003dc has ldap server require strong auth = yes
   7 # and correct channel bindings are required for TLS
   8 ^samba4.ldb.simple.ldaps.*SASL-BIND.*ldap_testing:tls_channel_bindings=no.*fl2003dc
   9 # ad_dc_ntvfs and fl2008r2dc have
  10 # ldap server require strong auth = allow_sasl_without_tls_channel_bindings
  11 # it means correct channel bindings are required, if the client indicated
  12 # explicit (even null) channel bindings are provided
  13 #
  14 # The following are in expectedfail_heimdal for now, as MIT
  15 # behaves differently:
  16 #^samba4.ldb.simple.ldaps.with.SASL-BIND.*use-kerberos=required.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*ad_dc_ntvfs
  17 #^samba4.ldb.simple.ldaps.with.SASL-BIND.*use-kerberos=required.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*fl2008r2dc
  18 ^samba4.ldb.simple.ldaps.with.SASL-BIND.*ldap_testing:channel_bound=yes.*ldap_testing:forced_channel_binding=wRoNg
  19 ^samba4.ldb.simple.ldaps.with.SASL-BIND.*ldap_testing:channel_bound=no.*ldap_testing:forced_channel_binding=wRoNg
  20 ^samba4.ldb.simple.ldaps.with.SASL-BIND.*use-kerberos=disabled.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*ad_dc_ntvfs
  21 ^samba4.ldb.simple.ldaps.with.SASL-BIND.*use-kerberos=disabled.*ldap_testing:channel_bound=yes.*ldap_testing:tls_channel_bindings=no.*fl2008r2dc