2 # Test id mapping through idmap_rfc2307 module
4 echo Usage: $0 DOMAIN USERNAME UID USERNAME2 UID2 GROUPNAME GID GROUPNAME2 GID2 LDAPPREFIX DC_SERVER DC_USERNAME DC_PASSWORD
23 wbinfo="$VALGRIND $BINDIR/wbinfo"
26 if [ -x "$BINDIR/ldbadd" ]; then
27 ldbadd="$BINDIR/ldbadd"
31 if [ -x "$BINDIR/ldbdel" ]; then
32 ldbdel="$BINDIR/ldbdel"
37 . `dirname $0`/../../testprogs/blackbox/subunit.sh
40 $VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$USERNAME,$LDAPPREFIX"
41 $VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$USERNAME2,$LDAPPREFIX"
42 $VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$GROUPNAME,$LDAPPREFIX"
43 $VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$GROUPNAME2,$LDAPPREFIX"
44 $VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "$LDAPPREFIX"
46 # Add id mapping information to LDAP
48 testit "add ldap prefix" $VALGRIND $ldbadd -H ldap://$DC_SERVER \
49 -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD <<EOF
51 objectclass: organizationalUnit
54 testit "add ldap user mapping record" $VALGRIND $ldbadd -H ldap://$DC_SERVER \
55 -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD <<EOF
56 dn: cn=$USERNAME,$LDAPPREFIX
57 objectClass: organizationalPerson
58 objectClass: posixAccount
64 homeDirectory: /home/admin
67 testit "add second ldap user mapping record" $VALGRIND $ldbadd \
68 -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD <<EOF
69 dn: cn=$USERNAME2,$LDAPPREFIX
70 objectClass: organizationalPerson
71 objectClass: posixAccount
77 homeDirectory: /home/admin
80 testit "add ldap group mapping record" $VALGRIND $ldbadd \
81 -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD <<EOF
82 dn: cn=$GROUPNAME,$LDAPPREFIX
83 objectClass: posixGroup
84 objectClass: groupOfNames
87 member: cn=$USERNAME,$LDAPPREFIX
90 testit "add second ldap group mapping record" $VALGRIND $ldbadd \
91 -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD <<EOF
92 dn: cn=$GROUPNAME2,$LDAPPREFIX
93 objectClass: posixGroup
94 objectClass: groupOfNames
97 member: cn=$USERNAME,$LDAPPREFIX
100 testit "wbinfo --name-to-sid" $wbinfo --name-to-sid "$DOMAIN/$USERNAME" || failed=$(expr $failed + 1)
101 user_sid=$($wbinfo -n "$DOMAIN/$USERNAME" | cut -d " " -f1)
102 echo "$DOMAIN/$USERNAME resolved to $user_sid"
104 testit "wbinfo --sid-to-uid=$user_sid" $wbinfo --sid-to-uid=$user_sid || failed=$(expr $failed + 1)
105 user_uid=$($wbinfo --sid-to-uid=$user_sid | cut -d " " -f1)
106 echo "$DOMAIN/$USERNAME resolved to $user_uid"
108 testit "test $user_uid -eq $USERUID" test $user_uid -eq $USERUID || failed=$(expr $failed + 1)
110 # Not sure how to get group names with spaces to resolve through testit
111 #testit "wbinfo --name-to-sid" $wbinfo --name-to-sid="$DOMAIN/$GROUPNAME" || failed=$(expr $failed + 1)
112 group_sid=$($wbinfo --name-to-sid="$DOMAIN/$GROUPNAME" | cut -d " " -f1)
113 echo "$DOMAIN/$GROUPNAME resolved to $group_sid"
115 testit "wbinfo --sid-to-gid=$group_sid" $wbinfo --sid-to-gid=$group_sid || failed=$(expr $failed + 1)
116 group_gid=$($wbinfo --sid-to-gid=$group_sid | cut -d " " -f1)
117 echo "$DOMAIN/$GROUPNAME resolved to $group_gid"
119 testit "test $group_gid -eq $GROUPGID" test $group_gid -eq $GROUPGID || failed=$(expr $failed + 1)
121 # Use different user and group for reverse lookup to not read from cache
123 testit "$wbinfo --uid-to-sid=$USERUID2" $wbinfo --uid-to-sid=$USERUID2 || failed=$(expr $failed + 1)
124 user_sid2=$($wbinfo --uid-to-sid=$USERUID2 | cut -d " " -f1)
125 echo "UID $USERUID2 resolved to SID $user_sid2"
127 testit "$wbinfo --sid-to-name=$user_sid2" $wbinfo --sid-to-name=$user_sid2 || failed=$(expr $failed + 1)
128 user_name2=$($wbinfo --sid-to-name=$user_sid2 | cut -d " " -f1)
129 echo "SID $user_sid2 resolved to $user_name2"
131 testit "test $user_name2 = $DOMAIN/$USERNAME2" test "$(echo $user_name2 | tr A-Z a-z)" = "$(echo $DOMAIN/$USERNAME2 | tr A-Z a-z)" || failed=$(expr $failed + 1)
133 testit "$wbinfo --gid-to-sid=$GROUPGID2" $wbinfo --gid-to-sid=$GROUPGID2 || failed=$(expr $failed + 1)
134 group_sid2=$($wbinfo --gid-to-sid=$GROUPGID2 | cut -d " " -f1)
135 echo "GID $GROUPGID2 resolved to SID $group_sid2"
137 testit "$wbinfo --sid-to-name=$group_sid2" $wbinfo --sid-to-name=$group_sid2 || failed=$(expr $failed + 1)
138 group_name2=$($wbinfo --sid-to-name=$group_sid2 | cut -d " " -f1)
139 echo "SID $group_sid2 resolved to $group_name2"
141 testit "test $group_name2 = $DOMAIN/$GROUPNAME2" test "$(echo $group_name2 | tr A-Z a-z)" = "$(echo $DOMAIN/$GROUPNAME2 | tr A-Z a-z)" || failed=$(expr $failed + 1)
143 # Delete LDAP records
144 $VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$USERNAME,$LDAPPREFIX"
145 $VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$USERNAME2,$LDAPPREFIX"
146 $VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$GROUPNAME,$LDAPPREFIX"
147 $VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$GROUPNAME2,$LDAPPREFIX"
148 $VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "$LDAPPREFIX"