tests: Make sure that idmap_ad retrieves unix nss attributes

Make sure that unix_primary_group and unix_nss_info idmap_ad options
work. We have two domains here and test wbinfo -i for both domains, so
we also run the test without those options for the trusted domain.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep  2 10:35:53 UTC 2020 on sn-devel-184

diff --git a/nsswitch/tests/test_idmap_ad.sh b/nsswitch/tests/test_idmap_ad.sh
index 46c637f764922509abeb45e7a53193d8a36d7171..d634b82ba149149aef369a73154f944937cdd45b 100755 (executable)
--- a/nsswitch/tests/test_idmap_ad.sh
+++ b/nsswitch/tests/test_idmap_ad.sh
@@ -55,6 +55,14 @@ dn: CN=Administrator,CN=Users,$BASE_DN
 changetype: modify
 add: uidNumber
 uidNumber: 2000000
+add: gidNumber
+gidNumber: 2000100
+add: unixHomeDirectory
+unixHomeDirectory: /home/admin
+add: loginShell
+loginShell: /bin/tcsh
+add: gecos
+gecos: Administrator Full Name
 EOF
 
 cat <<EOF | $ldbmodify -H ldap://$DC_SERVER -U "$DOMAIN\Administrator%$DC_PASSWORD"
@@ -123,8 +131,8 @@ testit "Test uid of Domain Users is 2000001" test $ret -eq 0 || failed=$(expr $f
 #
 
 out="$($wbinfo -i $DOMAIN/Administrator)"
-echo "wbinfo returned: \"$out\", expecting \"$DOMAIN/administrator:*:2000000:2000001::/home/$DOMAIN/administrator:/bin/false\""
-test "$out" = "$DOMAIN/administrator:*:2000000:2000001::/home/$DOMAIN/administrator:/bin/false"
+echo "wbinfo returned: \"$out\", expecting \"$DOMAIN/administrator:*:2000000:2000100:Administrator Full Name:/home/admin:/bin/tcsh\""
+test "$out" = "$DOMAIN/administrator:*:2000000:2000100:Administrator Full Name:/home/admin:/bin/tcsh"
 ret=$?
 testit "Test get userinfo for Administrator works" test $ret -eq 0 || failed=$(expr $failed + 1)
 
@@ -186,6 +194,14 @@ dn: CN=Administrator,CN=Users,$BASE_DN
 changetype: modify
 delete: uidNumber
 uidNumber: 2000000
+delete: gidNumber
+gidNumber: 2000100
+delete: unixHomeDirectory
+unixHomeDirectory: /home/admin
+delete: loginShell
+loginShell: /bin/tcsh
+delete: gecos
+gecos: Administrator Full Name
 EOF
 
 cat <<EOF | $ldbmodify -H ldap://$DC_SERVER -U "$DOMAIN\Administrator%$DC_PASSWORD"

diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 444c837d816c4846f46c95308c02e354a5b2f633..f4fe6c473b3edcef93194ff2c59e76609efe13ec 100755 (executable)
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -1059,6 +1059,8 @@ sub setup_ad_member_idmap_ad
        idmap config * : range = 1000000-1999999
        idmap config $dcvars->{DOMAIN} : backend = ad
        idmap config $dcvars->{DOMAIN} : range = 2000000-2999999
+       idmap config $dcvars->{DOMAIN} : unix_primary_group = yes
+       idmap config $dcvars->{DOMAIN} : unix_nss_info = yes
        idmap config $dcvars->{TRUST_DOMAIN} : backend = ad
        idmap config $dcvars->{TRUST_DOMAIN} : range = 2000000-2999999
        gensec_gssapi:requested_life_time = 5