out = get_string(self.check_output("wbinfo -n %s" % self.username))
self.group_sid = out.split(" ")[0]
self.assertTrue(self.group_sid.startswith("S-1-5-21-"))
+ self.bad_group_sid = self.group_sid[:-2]
def test_specified_domain(self):
""" ntlm_auth with specified domain """
server_use_winbind=True)
self.assertTrue(ret)
+ ret = self.run_helper(client_username=self.username,
+ client_password=self.password,
+ client_domain=self.domain,
+ require_membership=self.bad_group_sid,
+ server_use_winbind=True)
+ self.assertFalse(ret)
+
def test_require_membership_gss_spnego(self):
""" ntlm_auth with NTLMSSP gss-spnego-client and gss-spnego server
against winbind with require-membership-of """
}
# This should work even with NTLMv2
-testit_expect_failure "ntlm_auth against winbindd with failed require-membership-of" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH --client-username=$USERNAME --client-domain=$DOMAIN --client-password=$PASSWORD --server-use-winbindd $ADDARGS --require-membership-of=$BADSID && failed=`expr $failed + 1`
testit_expect_failure "ntlm_auth with NTLMSSP gss-spnego-client and gss-spnego server against winbind with failed require-membership-of" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH --client-username=$USERNAME --client-domain=$DOMAIN --client-password=$PASSWORD --server-use-winbindd --client-helper=gss-spnego-client --server-helper=gss-spnego $ADDARGS --require-membership-of=$BADSID && failed=`expr $failed + 1`
testit "ntlm_auth plaintext authentication with require-membership-of" test_plaintext_check_output_stdout || failed=`expr $failed + 1`