s3: check that a user in a bogus domain name is mapped to the localnetbios name of...

This means that if we authentify for BOGUS\administrator in AD domain
FOREST with samba being domain member with the netbiosname MEMBER then
BOGUS\administrator will be mapped to MEMBER\administrator if the
password match.

diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
index 82f0ae987238545bd7c0e00ff6fbdecbeb68f382..ccc899bd1e10d1e1c663948fd336b46c62253f45 100755 (executable)
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -367,6 +367,7 @@ for mech in [
         plansmbtorturetestsuite('base.xcopy', "plugin_s4_dc",
                                ['//$NETBIOSNAME/xcopy_share', signoptions, '-U$DC_USERNAME%$DC_PASSWORD'], "samba4.%s administrator" % name)
 
+plantestsuite("samba4.blackbox.bogusdomain", "s3member", ["testprogs/blackbox/bogus.sh", "$NETBIOSNAME", "xcopy_share", '$DC_USERNAME', '$DC_PASSWORD'], allow_empty_output=True)
 for mech in [
     "-k no",
     "-k no --option=usespnego=no",

diff --git a/testprogs/blackbox/bogus.sh b/testprogs/blackbox/bogus.sh
new file mode 100755 (executable)
index 0000000..019957b
--- /dev/null
+++ b/testprogs/blackbox/bogus.sh
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+if [ $# -lt 1 ]; then
+cat <<EOF
+Usage: blackbox_newuser.sh PREFIX
+EOF
+exit 1;
+fi
+
+. `dirname $0`/subunit.sh
+
+SERVER=$1
+SHARE=$2
+USER=$3
+PWD=$4
+smbclient="$BINDIR/smbclient"
+testit_expect_failure "smbclient" $smbclient "//$SERVER/$SHARE" -W POUET -U$USER%$PWD -c "dir"&& failed=`expr $failed + 1`
+./bin/net rpc user add $USER $PWD -W $SERVER -U$USER%$PWD -S $SERVER
+testit "smbclient" $smbclient "//$SERVER/$SHARE" -W POUET -U$USER%$PWD -c "dir"|| failed=`expr $failed + 1`
+exit $failed