11 if test -z "$TLS_ENABLED"; then
15 if test -z "$SHARE_BACKEND"; then
20 USERNAME=administrator
21 REALM=SAMBA.EXAMPLE.COM
22 DNSNAME="samba.example.com"
23 BASEDN="dc=samba,dc=example,dc=com"
25 AUTH="-U$USERNAME%$PASSWORD"
30 if test -z "$ROOT"; then
33 if test -z "$ROOT"; then
38 srcdir=`dirname $0`/../..
39 mkdir -p $PREFIX || exit $?
45 TEST_DATA_PREFIX=$PREFIX_ABS
46 export TEST_DATA_PREFIX
48 TMPDIR=$PREFIX_ABS/tmp
49 ETCDIR=$PREFIX_ABS/etc
50 PIDDIR=$PREFIX_ABS/pid
51 CONFFILE=$ETCDIR/smb.conf
52 KRB5_CONFIG=$ETCDIR/krb5.conf
53 PRIVATEDIR=$PREFIX_ABS/private
54 NCALRPCDIR=$PREFIX_ABS/ncalrpc
55 LOCKDIR=$PREFIX_ABS/lockdir
56 TLSDIR=$PRIVATEDIR/tls
57 DHFILE=$TLSDIR/dhparms.pem
59 CERTFILE=$TLSDIR/cert.pem
60 KEYFILE=$TLSDIR/key.pem
61 WINBINDD_SOCKET_DIR=$PREFIX_ABS/winbind_socket
62 CONFIGURATION="--configfile=$CONFFILE"
63 LDAPDIR=$PREFIX_ABS/ldap
64 SLAPD_CONF=$LDAPDIR/slapd.conf
74 mkdir -p $PRIVATEDIR $ETCDIR $PIDDIR $NCALRPCDIR $LOCKDIR $TMPDIR $TLSDIR $LDAPDIR/db $LDAPDIR/db/bdb-logs $LDAPDIR/db/tmp
76 if [ -z "$VALGRIND" ]; then
84 iconv:native = $nativeiconv
85 netbios name = $NETBIOSNAME
86 netbios aliases = $SERVER
89 private dir = $PRIVATEDIR
90 pid directory = $PIDDIR
91 ncalrpc dir = $NCALRPCDIR
93 share backend = $SHARE_BACKEND
94 setup directory = $SRCDIR/setup
95 js include = $SRCDIR/scripting/libjs
96 winbindd socket directory = $WINBINDD_SOCKET_DIR
97 name resolve order = bcast
98 interfaces = 127.0.0.1/8
99 tls enabled = $TLS_ENABLED
100 tls dh params file = $DHFILE
101 panic action = $SRCDIR/script/gdb_backtrace %PID% %PROG%
105 server max protocol = SMB2
106 notify:inotify = false
109 system:anonymous = true
114 ntvfs handler = posix
115 posix:sharedelay = 100000
116 posix:eadb = $LOCKDIR/eadb.tdb
121 cifs:server = $SERVER
122 cifs:user = $USERNAME
123 cifs:password = $PASSWORD
124 cifs:domain = $DOMAIN
130 ntvfs handler = simple
134 ntvfs handler = cifsposix
138 ## Override default srahes_config.ldb file
139 rm -f $PRIVATEDIR/share.ldb
140 cat >$PRIVATEDIR/share.ldif<<EOF
148 name: CASE_INSENSITIVE
150 objectClass: CASE_INSENSITIVE
154 objectClass: organizationalUnit
157 ### Default IPC$ Share
158 dn: CN=IPC$,CN=Shares
170 ntvfs-handler: default
172 ### Default ADMIN$ Share
173 dn: CN=ADMIN$,CN=Shares
180 comment: Remote Admin
185 ntvfs-handler: default
194 comment: Temp Dir for Tests
197 posix-sharedelay: 100000
198 posix-eadb: $LOCKDIR/eadb.tdb
200 dn: CN=cifs,CN=Shares
210 cifs-password: $PASSWORD
215 $srcdir/bin/ldbadd -H $PRIVATEDIR/share.ldb < $PRIVATEDIR/share.ldif >/dev/null || exit 1
217 cat >$KRB5_CONFIG<<EOF
219 default_realm = SAMBA.EXAMPLE.COM
220 dns_lookup_realm = false
221 dns_lookup_kdc = false
222 ticket_lifetime = 24h
226 SAMBA.EXAMPLE.COM = {
228 admin_server = 127.0.0.1:88
229 default_domain = samba.example.com
232 .samba.example.com = SAMBA.EXAMPLE.COM
237 -----BEGIN DH PARAMETERS-----
238 MGYCYQC/eWD2xkb7uELmqLi+ygPMKyVcpHUo2yCluwnbPutEueuxrG/Cys8j8wLO
239 svCN/jYNyR2NszOmg7ZWcOC/4z/4pWDVPUZr8qrkhj5MRKJc52MncfaDglvEdJrv
241 -----END DH PARAMETERS-----
246 -----BEGIN CERTIFICATE-----
247 MIICYTCCAcygAwIBAgIE5M7SRDALBgkqhkiG9w0BAQUwZTEdMBsGA1UEChMUU2Ft
248 YmEgQWRtaW5pc3RyYXRpb24xNDAyBgNVBAsTK1NhbWJhIC0gdGVtcG9yYXJ5IGF1
249 dG9nZW5lcmF0ZWQgY2VydGlmaWNhdGUxDjAMBgNVBAMTBVNhbWJhMB4XDTA2MDgw
250 NDA0MzY1MloXDTA4MDcwNDA0MzY1MlowZTEdMBsGA1UEChMUU2FtYmEgQWRtaW5p
251 c3RyYXRpb24xNDAyBgNVBAsTK1NhbWJhIC0gdGVtcG9yYXJ5IGF1dG9nZW5lcmF0
252 ZWQgY2VydGlmaWNhdGUxDjAMBgNVBAMTBVNhbWJhMIGcMAsGCSqGSIb3DQEBAQOB
253 jAAwgYgCgYC3WJ7DNQAVnqiJxhf6Tq4pqNyUIlioDFNnkJZ6ycElhblyDb3vaagO
254 9c+saw3cl/4KGWBZK46HtimRApE6ZriV7yHSB4afVjhnHZvlQVccAuTKJatBpIeb
255 kenOX0boUVXrWWj6VVnseab+5nA+uPZQQHinRLEVhUn72I14YdKJOQIDAQABoyUw
256 IzAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAsGCSqGSIb3DQEB
257 BQOBgQA5IVkBXU2S4i3dSSM9KmdKJinok1IOGNLZYQSyzduuie9vTmGXCQiQppWb
258 oSjZaf/Zn8La8THvm4QfmwruPkTEL956BRyN9hHYwHWZsebJr7DvSrF1Zugd0jFs
259 DZZFfDUSinYEqApdYzMka/GYTSk1Fa31G5TVD56mIdxmVAdC+A==
260 -----END CERTIFICATE-----
265 -----BEGIN CERTIFICATE-----
266 MIICYTCCAcygAwIBAgIE5M7SRDALBgkqhkiG9w0BAQUwZTEdMBsGA1UEChMUU2Ft
267 YmEgQWRtaW5pc3RyYXRpb24xNDAyBgNVBAsTK1NhbWJhIC0gdGVtcG9yYXJ5IGF1
268 dG9nZW5lcmF0ZWQgY2VydGlmaWNhdGUxDjAMBgNVBAMTBVNhbWJhMB4XDTA2MDgw
269 NDA0MzY1MloXDTA4MDcwNDA0MzY1MlowZTEdMBsGA1UEChMUU2FtYmEgQWRtaW5p
270 c3RyYXRpb24xNDAyBgNVBAsTK1NhbWJhIC0gdGVtcG9yYXJ5IGF1dG9nZW5lcmF0
271 ZWQgY2VydGlmaWNhdGUxDjAMBgNVBAMTBVNhbWJhMIGcMAsGCSqGSIb3DQEBAQOB
272 jAAwgYgCgYDKg6pAwCHUMA1DfHDmWhZfd+F0C+9Jxcqvpw9ii9En3E1uflpcol3+
273 S9/6I/uaTmJHZre+DF3dTzb/UOZo0Zem8N+IzzkgoGkFafjXuT3BL5UPY2/H6H+p
274 PqVIRLOmrWImai359YyoKhFyo37Y6HPeU8QcZ+u2rS9geapIWfeuowIDAQABoyUw
275 IzAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAsGCSqGSIb3DQEB
276 BQOBgQAmkN6XxvDnoMkGcWLCTwzxGfNNSVcYr7TtL2aJh285Xw9zaxcm/SAZBFyG
277 LYOChvh6hPU7joMdDwGfbiLrBnMag+BtGlmPLWwp/Kt1wNmrRhduyTQFhN3PP6fz
278 nBr9vVny2FewB2gHmelaPS//tXdxivSXKz3NFqqXLDJjq7P8wA==
279 -----END CERTIFICATE-----
284 -----BEGIN RSA PRIVATE KEY-----
285 MIICXQIBAAKBgQDKg6pAwCHUMA1DfHDmWhZfd+F0C+9Jxcqvpw9ii9En3E1uflpc
286 ol3+S9/6I/uaTmJHZre+DF3dTzb/UOZo0Zem8N+IzzkgoGkFafjXuT3BL5UPY2/H
287 6H+pPqVIRLOmrWImai359YyoKhFyo37Y6HPeU8QcZ+u2rS9geapIWfeuowIDAQAB
288 AoGAAqDLzFRR/BF1kpsiUfL4WFvTarCe9duhwj7ORc6fs785qAXuwUYAJ0Uvzmy6
289 HqoGv3t3RfmeHDmjcpPHsbOKnsOQn2MgmthidQlPBMWtQMff5zdoYNUFiPS0XQBq
290 szNW4PRjaA9KkLQVTwnzdXGkBSkn/nGxkaVu7OR3vJOBoo0CQQDO4upypesnbe6p
291 9/xqfZ2uim8IwV1fLlFClV7WlCaER8tsQF4lEi0XSzRdXGUD/dilpY88Nb+xok/X
292 8Z8OvgAXAkEA+pcLsx1gN7kxnARxv54jdzQjC31uesJgMKQXjJ0h75aUZwTNHmZQ
293 vPxi6u62YiObrN5oivkixwFNncT9MxTxVQJBAMaWUm2SjlLe10UX4Zdm1MEB6OsC
294 kVoX37CGKO7YbtBzCfTzJGt5Mwc1DSLA2cYnGJqIfSFShptALlwedot0HikCQAJu
295 jNKEKnbf+TdGY8Q0SKvTebOW2Aeg80YFkaTvsXCdyXrmdQcifw4WdO9KucJiDhSz
296 Y9hVapz7ykEJtFtWjLECQQDIlfc63I5ZpXfg4/nN4IJXUW6AmPVOYIA5215itgki
297 cSlMYli1H9MEXH0pQMGv5Qyd0OYIx2DDg96mZ+aFvqSG
298 -----END RSA PRIVATE KEY-----
302 cat >$SLAPD_CONF <<EOF
305 include $LDAPDIR/ad.schema
307 pidfile $PIDDIR/slapd.pid
308 argsfile $LDAPDIR/slapd.args
310 access to * by * write
315 uid=([^,]*),cn=$DNSNAME,cn=digest-md5,cn=auth
316 ldap:///$BASEDN??sub?(samAccountName=\$1)
319 uid=([^,]*),cn=([^,]*),cn=digest-md5,cn=auth
320 ldap:///$BASEDN??sub?(samAccountName=\$1)
322 include $LDAPDIR/modules.conf
324 defaultsearchbase "$BASEDN"
329 rootdn "cn=Manager,$BASEDN"
331 directory $LDAPDIR/db
333 index samAccountName eq
336 index objectCategory eq
343 index lDAPDisplayName eq
346 index nETBIOSName eq pres
349 syncprov-checkpoint 100 10
350 syncprov-sessionlog 100
354 cat > $LDAPDIR/db/DB_CONFIG <<EOF
356 # Set the database in memory cache size.
358 set_cachesize 0 524288 0
362 # Set database flags (this is a test environment, we don't need to fsync()).
364 set_flags DB_TXN_NOSYNC
369 set_lg_regionmax 104857
372 set_lg_dir $LDAPDIR/db/bdb-logs
376 # Set temporary file creation directory.
378 set_tmp_dir $LDAPDIR/db/tmp
381 PROVISION_OPTIONS="$CONFIGURATION --host-name=$NETBIOSNAME --host-ip=127.0.0.1"
382 PROVISION_OPTIONS="$PROVISION_OPTIONS --quiet --domain $DOMAIN --realm $REALM"
383 PROVISION_OPTIONS="$PROVISION_OPTIONS --adminpass $PASSWORD --root=$ROOT"
384 PROVISION_OPTIONS="$PROVISION_OPTIONS --simple-bind-dn=cn=Manager,$BASEDN --password=$PASSWORD --root=$ROOT"
385 $srcdir/bin/smbscript $srcdir/setup/provision $PROVISION_OPTIONS
387 LDAPI="ldapi://$LDAPDIR/ldapi"
388 LDAPI_ESCAPE="ldapi://"`echo $LDAPDIR/ldapi | sed 's|/|%2F|g'`
392 #This uses the provision we just did, to read out the schema
393 $srcdir/bin/ad2oLschema $CONFIGURATION -H $PRIVATEDIR/sam.ldb -I $srcdir/setup/schema-map-openldap-2.3 -O $LDAPDIR/ad.schema
394 #Now create an LDAP baseDN
395 $srcdir/bin/smbscript $srcdir/setup/provision $PROVISION_OPTIONS --ldap-base
398 PATH=/usr/local/sbin:/usr/sbin:/sbin:$PATH
401 MODCONF=$LDAPDIR/modules.conf
405 slaptest -u -f $SLAPD_CONF > /dev/null 2>&1 || {
406 echo "enabling slapd modules"
408 modulepath /usr/lib/ldap
413 if slaptest -u -f $SLAPD_CONF; then
414 slapadd -f $SLAPD_CONF < $PRIVATEDIR/$DNSNAME.ldif || {
415 echo "slapadd failed"
418 slaptest -f $SLAPD_CONF || {
419 echo "slaptest after database load failed"
427 cat >$PRIVATEDIR/wins_config.ldif<<EOF
428 dn: name=TORTURE_6,CN=PARTNERS
429 objectClass: wreplPartner
437 $srcdir/bin/ldbadd -H $PRIVATEDIR/wins_config.ldb < $PRIVATEDIR/wins_config.ldif >/dev/null || exit 1