testprogs/blackbox/test_net_ads_search_server.sh

   1 #!/bin/sh
   2
   3 if [ $# -lt 2 ]; then
   4 cat <<EOF
   5 Usage: $0 SERVER REALM
   6 EOF
   7 exit 1;
   8 fi
   9
  10 SERVER=$1
  11 REALM=$2
  12 shift 2
  13
  14 failed=0
  15 . `dirname $0`/subunit.sh
  16
  17 samba_net="$BINDIR/net"
  18
  19 DN=$(echo "${REALM}" | tr '[:upper:]' '[:lower:]' | sed -e 's!^!DC=!' -e 's!\.!,DC=!g')
  20 testit_grep_count \
  21         "net_ads_search.ntlmssp" \
  22         "distinguishedName: ${DN}" \
  23         1 \
  24         $samba_net ads search --use-kerberos=off -P \
  25         --server "${SERVER}.${REALM}" \
  26         '(objectClass=domain)' distinguishedName || \
  27         failed=$((failed + 1))
  28 testit_grep_count \
  29         "net_ads_search.krb5" \
  30         "distinguishedName: ${DN}" \
  31         1 \
  32         $samba_net ads search --use-kerberos=required -P \
  33         --server "${SERVER}.${REALM}" \
  34         '(objectClass=domain)' distinguishedName || \
  35         failed=$((failed + 1))
  36
  37 testit_grep_count \
  38         "net_ads_search.ntlmssp.ldaps" \
  39         "distinguishedName: ${DN}" \
  40         1 \
  41         $samba_net ads search --use-kerberos=off -P \
  42         --option="tlsverifypeer=no_check" \
  43         --option="clientldapsaslwrapping=ldaps" \
  44         --server "${SERVER}.${REALM}" \
  45         '(objectClass=domain)' distinguishedName || \
  46         failed=$((failed + 1))
  47 testit_grep_count \
  48         "net_ads_search.krb5.ldaps" \
  49         "distinguishedName: ${DN}" \
  50         1 \
  51         $samba_net ads search --use-kerberos=required -P \
  52         --option="tlsverifypeer=no_check" \
  53         --option="clientldapsaslwrapping=ldaps" \
  54         --server "${SERVER}.${REALM}" \
  55         '(objectClass=domain)' distinguishedName || \
  56         failed=$((failed + 1))
  57
  58 testit_grep_count \
  59         "net_ads_search.ntlmssp.starttls" \
  60         "distinguishedName: ${DN}" \
  61         1 \
  62         $samba_net ads search --use-kerberos=off -P \
  63         --option="tlsverifypeer=no_check" \
  64         --option="clientldapsaslwrapping=starttls" \
  65         --server "${SERVER}.${REALM}" \
  66         '(objectClass=domain)' distinguishedName || \
  67         failed=$((failed + 1))
  68 testit_grep_count \
  69         "net_ads_search.krb5.starttls" \
  70         "distinguishedName: ${DN}" \
  71         1 \
  72         $samba_net ads search --use-kerberos=required -P \
  73         --option="tlsverifypeer=no_check" \
  74         --option="clientldapsaslwrapping=starttls" \
  75         --server "${SERVER}.${REALM}" \
  76         '(objectClass=domain)' distinguishedName || \
  77         failed=$((failed + 1))
  78
  79 exit $failed