5 Usage: test_trust_user_account.sh PREFIX OUR_REALM OUR_FLAT REMOTE_REALM REMOTE_FLAT
17 . `dirname $0`/subunit.sh
20 samba_tool="$BINDIR/samba-tool"
21 samba4bindir="$BINDIR"
22 samba4srcdir="$SRCDIR/source4"
23 samba4kinit="kinit -k"
24 if test -x $BINDIR/samba4kinit; then
25 samba4kinit="$BINDIR/samba4kinit --use-keytab"
28 KEYTAB="$PREFIX/tmptda.keytab"
30 KRB5_TRACE=/dev/stderr
33 testit "retrieve keytab for TDA of $REMOTE_REALM" $samba_tool domain exportkeytab $KEYTAB $CONFIGURATION --principal "$REMOTE_FLAT\$@$OUR_REALM" || failed=`expr $failed + 1`
35 KRB5CCNAME="$PREFIX/tmptda.ccache"
40 EXPECTED_SALT="${OUR_REALM}krbtgt${REMOTE_FLAT}"
42 # Note the \$ is for the end of line in grep
44 # There must be no trailing '$' in the SALT string itself,
45 # it's removed from the sAMAccountName value (which includes the trailing '$')
46 # before construting the salt!
48 # Otherwise this would be:
49 # "^virtualKerberosSalt: ${EXPECTED_SALT}\\\$\$"
51 EXPECTED_GREP="^virtualKerberosSalt: ${EXPECTED_SALT}\$"
52 testit_grep "get virtualKerberosSalt for TDA of $REMOTE_FLAT\$" "$EXPECTED_GREP" $samba_tool user getpassword "$REMOTE_FLAT\$" $CONFIGURATION --attributes=virtualKerberosSalt || failed=`expr $failed + 1`
54 testit "kinit with keytab for TDA of $REMOTE_REALM" $samba4kinit -t $KEYTAB "$REMOTE_FLAT\$@$OUR_REALM" || failed=`expr $failed + 1`
56 rm -f $KRB5CCNAME $KEYTAB