$count++;
} while ($ret != 0 && $count < 20);
if ($count == 20) {
- warn("nbt not reachable after 20 retries\n");
teardown_env($self, $testenv_vars);
- return 0;
+ warn("nbt not reachable after 20 retries\n");
+ return -1;
}
# Ensure we have the first RID Set before we start tests. This makes the tests more reliable.
while (system("$cmd >/dev/null") != 0) {
$count++;
if ($count > $max_wait) {
+ teardown_env($self, $testenv_vars);
warn("Timed out ($max_wait sec) waiting for working LDAP and a RID Set to be allocated by $testenv_vars->{NETBIOSNAME} PID $testenv_vars->{SAMBA_PID}");
- $ret = -1;
- last;
+ return -1;
}
+ print "Waiting for working LDAP...\n";
sleep(1);
}
}
$count++;
} while ($ret != 0 && $count < 20);
if ($count == 20) {
- warn("winbind not reachable after 20 retries\n");
teardown_env($self, $testenv_vars);
- return 0;
+ warn("winbind not reachable after 20 retries\n");
+ return -1;
+ }
+
+ # Ensure we registered all our names
+ if ($testenv_vars->{SERVER_ROLE} eq "domain controller") {
+ my $max_wait = 60;
+ print "Waiting for dns_update_cache to be created.\n";
+ $count = 0;
+ while (not -e "$testenv_vars->{PRIVATEDIR}/dns_update_cache") {
+ $count++;
+ if ($count > $max_wait) {
+ teardown_env($self, $testenv_vars);
+ warn("Timed out ($max_wait sec) waiting for dns_update_cache PID $testenv_vars->{SAMBA_PID}");
+ return -1;
+ }
+ print "Waiting for dns_update_cache to be created...\n";
+ sleep(1);
+ }
+ print "Waiting for dns_update_cache to be filled.\n";
+ $count = 0;
+ while ((-s "$testenv_vars->{PRIVATEDIR}/dns_update_cache") == 0) {
+ $count++;
+ if ($count > $max_wait) {
+ teardown_env($self, $testenv_vars);
+ warn("Timed out ($max_wait sec) waiting for dns_update_cache PID $testenv_vars->{SAMBA_PID}");
+ return -1;
+ }
+ print "Waiting for dns_update_cache to be filled...\n";
+ sleep(1);
+ }
}
print $self->getlog_env($testenv_vars);
- return $ret
+ print "READY ($testenv_vars->{SAMBA_PID})\n";
+
+ return 0
}
sub write_ldb_file($$$)
return undef;
}
+# Returns the environmental variables that we pass to samba-tool commands
+sub get_cmd_env_vars
+{
+ my ($self, $localenv) = @_;
+
+ my $cmd_env = "NSS_WRAPPER_HOSTS='$localenv->{NSS_WRAPPER_HOSTS}' ";
+ $cmd_env .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$localenv->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
+ if (defined($localenv->{RESOLV_WRAPPER_CONF})) {
+ $cmd_env .= "RESOLV_WRAPPER_CONF=\"$localenv->{RESOLV_WRAPPER_CONF}\" ";
+ } else {
+ $cmd_env .= "RESOLV_WRAPPER_HOSTS=\"$localenv->{RESOLV_WRAPPER_HOSTS}\" ";
+ }
+ $cmd_env .= " KRB5_CONFIG=\"$localenv->{KRB5_CONFIG}\" ";
+ $cmd_env .= "KRB5CCNAME=\"$localenv->{KRB5_CCACHE}\" ";
+ $cmd_env .= "RESOLV_CONF=\"$localenv->{RESOLV_CONF}\" ";
+
+ return $cmd_env;
+}
+
sub setup_namespaces($$:$$)
{
my ($self, $localenv, $upn_array, $spn_array) = @_;
my $samba_tool = Samba::bindir_path($self, "samba-tool");
- my $cmd_env = "NSS_WRAPPER_HOSTS='$localenv->{NSS_WRAPPER_HOSTS}' ";
- $cmd_env .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$localenv->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
- if (defined($localenv->{RESOLV_WRAPPER_CONF})) {
- $cmd_env .= "RESOLV_WRAPPER_CONF=\"$localenv->{RESOLV_WRAPPER_CONF}\" ";
- } else {
- $cmd_env .= "RESOLV_WRAPPER_HOSTS=\"$localenv->{RESOLV_WRAPPER_HOSTS}\" ";
- }
- $cmd_env .= " KRB5_CONFIG=\"$localenv->{KRB5_CONFIG}\" ";
- $cmd_env .= "KRB5CCNAME=\"$localenv->{KRB5_CCACHE}\" ";
- $cmd_env .= "RESOLV_CONF=\"$localenv->{RESOLV_CONF}\" ";
+ my $cmd_env = $self->get_cmd_env_vars($localenv);
my $cmd_config = " $localenv->{CONFIGURATION}";
my ($self, $localenv, $remoteenv, $type, $extra_args) = @_;
$localenv->{TRUST_SERVER} = $remoteenv->{SERVER};
- $localenv->{TRUST_SERVER_IP} = $remoteenv->{SERVER_IP};
- $localenv->{TRUST_SERVER_IPV6} = $remoteenv->{SERVER_IPV6};
- $localenv->{TRUST_NETBIOSNAME} = $remoteenv->{NETBIOSNAME};
+
$localenv->{TRUST_USERNAME} = $remoteenv->{USERNAME};
$localenv->{TRUST_PASSWORD} = $remoteenv->{PASSWORD};
$localenv->{TRUST_DOMAIN} = $remoteenv->{DOMAIN};
my $samba_tool = Samba::bindir_path($self, "samba-tool");
# setup the trust
- my $cmd_env = "NSS_WRAPPER_HOSTS='$localenv->{NSS_WRAPPER_HOSTS}' ";
- $cmd_env .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$localenv->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
- if (defined($localenv->{RESOLV_WRAPPER_CONF})) {
- $cmd_env .= "RESOLV_WRAPPER_CONF=\"$localenv->{RESOLV_WRAPPER_CONF}\" ";
- } else {
- $cmd_env .= "RESOLV_WRAPPER_HOSTS=\"$localenv->{RESOLV_WRAPPER_HOSTS}\" ";
- }
- $cmd_env .= " KRB5_CONFIG=\"$localenv->{KRB5_CONFIG}\" ";
- $cmd_env .= "KRB5CCNAME=\"$localenv->{KRB5_CCACHE}\" ";
- $cmd_env .= "RESOLV_CONF=\"$localenv->{RESOLV_CONF}\" ";
+ my $cmd_env = $self->get_cmd_env_vars($localenv);
my $cmd_config = " $localenv->{CONFIGURATION}";
my $cmd_creds = $cmd_config;
dreplsrv:periodic_startup_interval = 0
dsdb:schema update allowed = yes
- prefork children = 4
-
vfs objects = dfs_samba4 acl_xattr fake_acls xattr_tdb streams_depot
idmap_ldb:use rfc2307=yes
return undef;
}
+ # Return the environment variables for the new testenv DC.
+ # Note that we have SERVER_X and DC_SERVER_X variables (which have the same
+ # value initially). In a 2 DC setup, $DC_SERVER_X will always be the PDC.
my $ret = {
KRB5_CONFIG => $ctx->{krb5_conf},
KRB5_CCACHE => $ctx->{krb5_ccache},
MITKDC_CONFIG => $ctx->{mitkdc_conf},
PIDDIR => $ctx->{piddir},
SERVER => $ctx->{hostname},
+ DC_SERVER => $ctx->{hostname},
SERVER_IP => $ctx->{ipv4},
+ DC_SERVER_IP => $ctx->{ipv4},
SERVER_IPV6 => $ctx->{ipv6},
+ DC_SERVER_IPV6 => $ctx->{ipv6},
NETBIOSNAME => $ctx->{netbiosname},
+ DC_NETBIOSNAME => $ctx->{netbiosname},
DOMAIN => $ctx->{domain},
USERNAME => $ctx->{username},
+ DC_USERNAME => $ctx->{username},
REALM => $ctx->{realm},
DNSNAME => $ctx->{dnsname},
SAMSID => $ctx->{samsid},
PASSWORD => $ctx->{password},
+ DC_PASSWORD => $ctx->{password},
LDAPDIR => $ctx->{ldapdir},
LDAP_INSTANCE => $ctx->{ldap_instance},
SELFTEST_WINBINDD_SOCKET_DIR => $ctx->{winbindd_socket_dir},
return $self->provision_raw_step2($ctx, $ret);
}
+# For multi-DC testenvs, we want $DC_SERVER to always be the PDC (i.e. the
+# original DC) in the testenv. $SERVER is always the joined DC that we are
+# actually running the test against
+sub set_pdc_env_vars
+{
+ my ($self, $env, $dcvars) = @_;
+
+ $env->{DC_SERVER} = $dcvars->{DC_SERVER};
+ $env->{DC_SERVER_IP} = $dcvars->{DC_SERVER_IP};
+ $env->{DC_SERVER_IPV6} = $dcvars->{DC_SERVER_IPV6};
+ $env->{DC_SERVERCONFFILE} = $dcvars->{SERVERCONFFILE};
+ $env->{DC_NETBIOSNAME} = $dcvars->{DC_NETBIOSNAME};
+ $env->{DC_USERNAME} = $dcvars->{DC_USERNAME};
+ $env->{DC_PASSWORD} = $dcvars->{DC_PASSWORD};
+}
+
sub provision_s4member($$$$$)
{
my ($self, $prefix, $dcvars, $hostname, $more_conf) = @_;
}
my $samba_tool = Samba::bindir_path($self, "samba-tool");
- my $cmd = "NSS_WRAPPER_HOSTS='$ret->{NSS_WRAPPER_HOSTS}' ";
- $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
- if (defined($ret->{RESOLV_WRAPPER_CONF})) {
- $cmd .= "RESOLV_WRAPPER_CONF=\"$ret->{RESOLV_WRAPPER_CONF}\" ";
- } else {
- $cmd .= "RESOLV_WRAPPER_HOSTS=\"$ret->{RESOLV_WRAPPER_HOSTS}\" ";
- }
- $cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
- $cmd .= "KRB5CCNAME=\"$ret->{KRB5_CCACHE}\" ";
- $cmd .= "RESOLV_CONF=\"$ret->{RESOLV_CONF}\" ";
+ my $cmd = $self->get_cmd_env_vars($ret);
$cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $dcvars->{REALM} member";
$cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}";
$cmd .= " --machinepass=machine$ret->{PASSWORD}";
return undef;
}
- $ret->{MEMBER_SERVER} = $ret->{SERVER};
- $ret->{MEMBER_SERVER_IP} = $ret->{SERVER_IP};
- $ret->{MEMBER_SERVER_IPV6} = $ret->{SERVER_IPV6};
- $ret->{MEMBER_NETBIOSNAME} = $ret->{NETBIOSNAME};
- $ret->{MEMBER_USERNAME} = $ret->{USERNAME};
- $ret->{MEMBER_PASSWORD} = $ret->{PASSWORD};
-
$ret->{DOMSID} = $dcvars->{DOMSID};
- $ret->{DC_SERVER} = $dcvars->{DC_SERVER};
- $ret->{DC_SERVER_IP} = $dcvars->{DC_SERVER_IP};
- $ret->{DC_SERVER_IPV6} = $dcvars->{DC_SERVER_IPV6};
- $ret->{DC_NETBIOSNAME} = $dcvars->{DC_NETBIOSNAME};
- $ret->{DC_USERNAME} = $dcvars->{DC_USERNAME};
- $ret->{DC_PASSWORD} = $dcvars->{DC_PASSWORD};
+ $self->set_pdc_env_vars($ret, $dcvars);
return $ret;
}
my $samba_tool = Samba::bindir_path($self, "samba-tool");
# The joind runs in the context of the rpc_proxy/member for now
- my $cmd = "NSS_WRAPPER_HOSTS='$ret->{NSS_WRAPPER_HOSTS}' ";
- $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
- if (defined($ret->{RESOLV_WRAPPER_CONF})) {
- $cmd .= "RESOLV_WRAPPER_CONF=\"$ret->{RESOLV_WRAPPER_CONF}\" ";
- } else {
- $cmd .= "RESOLV_WRAPPER_HOSTS=\"$ret->{RESOLV_WRAPPER_HOSTS}\" ";
- }
- $cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
- $cmd .= "KRB5CCNAME=\"$ret->{KRB5_CCACHE}\" ";
- $cmd .= "RESOLV_CONF=\"$ret->{RESOLV_CONF}\" ";
+ my $cmd = $self->get_cmd_env_vars($ret);
$cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $dcvars->{REALM} member";
$cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}";
$cmd .= " --machinepass=machine$ret->{PASSWORD}";
return undef;
}
- $ret->{RPC_PROXY_SERVER} = $ret->{SERVER};
- $ret->{RPC_PROXY_SERVER_IP} = $ret->{SERVER_IP};
- $ret->{RPC_PROXY_SERVER_IPV6} = $ret->{SERVER_IPV6};
- $ret->{RPC_PROXY_NETBIOSNAME} = $ret->{NETBIOSNAME};
- $ret->{RPC_PROXY_USERNAME} = $ret->{USERNAME};
- $ret->{RPC_PROXY_PASSWORD} = $ret->{PASSWORD};
-
$ret->{DOMSID} = $dcvars->{DOMSID};
- $ret->{DC_SERVER} = $dcvars->{DC_SERVER};
- $ret->{DC_SERVER_IP} = $dcvars->{DC_SERVER_IP};
- $ret->{DC_SERVER_IPV6} = $dcvars->{DC_SERVER_IPV6};
- $ret->{DC_NETBIOSNAME} = $dcvars->{DC_NETBIOSNAME};
- $ret->{DC_USERNAME} = $dcvars->{DC_USERNAME};
- $ret->{DC_PASSWORD} = $dcvars->{DC_PASSWORD};
+ $self->set_pdc_env_vars($ret, $dcvars);
return $ret;
}
}
my $samba_tool = Samba::bindir_path($self, "samba-tool");
- my $cmd = "NSS_WRAPPER_HOSTS='$ret->{NSS_WRAPPER_HOSTS}' ";
- $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
- if (defined($ret->{RESOLV_WRAPPER_CONF})) {
- $cmd .= "RESOLV_WRAPPER_CONF=\"$ret->{RESOLV_WRAPPER_CONF}\" ";
- } else {
- $cmd .= "RESOLV_WRAPPER_HOSTS=\"$ret->{RESOLV_WRAPPER_HOSTS}\" ";
- }
- $cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
- $cmd .= "KRB5CCNAME=\"$ret->{KRB5_CCACHE}\" ";
- $cmd .= "RESOLV_CONF=\"$ret->{RESOLV_CONF}\" ";
+ my $cmd = $self->get_cmd_env_vars($ret);
$cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $dcvars->{REALM} MEMBER --realm=$dcvars->{REALM}";
$cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}";
$cmd .= " --machinepass=machine$ret->{PASSWORD}";
}
my $samba_tool = Samba::bindir_path($self, "samba-tool");
- my $cmd = "NSS_WRAPPER_HOSTS='$ret->{NSS_WRAPPER_HOSTS}' ";
- $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
- if (defined($ret->{RESOLV_WRAPPER_CONF})) {
- $cmd .= "RESOLV_WRAPPER_CONF=\"$ret->{RESOLV_WRAPPER_CONF}\" ";
- } else {
- $cmd .= "RESOLV_WRAPPER_HOSTS=\"$ret->{RESOLV_WRAPPER_HOSTS}\" ";
- }
- $cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
- $cmd .= "KRB5CCNAME=\"$ret->{KRB5_CCACHE}\" ";
- $cmd .= "RESOLV_CONF=\"$ret->{RESOLV_CONF}\" ";
+ my $cmd = $self->get_cmd_env_vars($ret);
$cmd .= "$samba_tool domain dcpromo $ret->{CONFIGURATION} $dcvars->{REALM} DC --realm=$dcvars->{REALM}";
$cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}";
$cmd .= " --machinepass=machine$ret->{PASSWORD} --use-ntvfs --dns-backend=BIND9_DLZ";
return undef;
}
- $ret->{PROMOTED_DC_SERVER} = $ret->{SERVER};
- $ret->{PROMOTED_DC_SERVER_IP} = $ret->{SERVER_IP};
- $ret->{PROMOTED_DC_SERVER_IPV6} = $ret->{SERVER_IPV6};
- $ret->{PROMOTED_DC_NETBIOSNAME} = $ret->{NETBIOSNAME};
-
- $ret->{DC_SERVER} = $dcvars->{DC_SERVER};
- $ret->{DC_SERVER_IP} = $dcvars->{DC_SERVER_IP};
- $ret->{DC_SERVER_IPV6} = $dcvars->{DC_SERVER_IPV6};
- $ret->{DC_NETBIOSNAME} = $dcvars->{DC_NETBIOSNAME};
- $ret->{DC_USERNAME} = $dcvars->{DC_USERNAME};
- $ret->{DC_PASSWORD} = $dcvars->{DC_PASSWORD};
+ $self->set_pdc_env_vars($ret, $dcvars);
return $ret;
}
}
my $samba_tool = Samba::bindir_path($self, "samba-tool");
- my $cmd = "NSS_WRAPPER_HOSTS='$ret->{NSS_WRAPPER_HOSTS}' ";
- $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
- if (defined($ret->{RESOLV_WRAPPER_CONF})) {
- $cmd .= "RESOLV_WRAPPER_CONF=\"$ret->{RESOLV_WRAPPER_CONF}\" ";
- } else {
- $cmd .= "RESOLV_WRAPPER_HOSTS=\"$ret->{RESOLV_WRAPPER_HOSTS}\" ";
- }
- $cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
- $cmd .= "KRB5CCNAME=\"$ret->{KRB5_CCACHE}\" ";
- $cmd .= "RESOLV_CONF=\"$ret->{RESOLV_CONF}\" ";
+ my $cmd = $self->get_cmd_env_vars($ret);
$cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $dcvars->{REALM} DC --realm=$dcvars->{REALM}";
$cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD} --domain-critical-only";
$cmd .= " --machinepass=machine$ret->{PASSWORD} --use-ntvfs";
return undef;
}
- if ($fl == "2000") {
- $ret->{VAMPIRE_2000_DC_SERVER} = $ret->{SERVER};
- $ret->{VAMPIRE_2000_DC_SERVER_IP} = $ret->{SERVER_IP};
- $ret->{VAMPIRE_2000_DC_SERVER_IPV6} = $ret->{SERVER_IPV6};
- $ret->{VAMPIRE_2000_DC_NETBIOSNAME} = $ret->{NETBIOSNAME};
- } else {
- $ret->{VAMPIRE_DC_SERVER} = $ret->{SERVER};
- $ret->{VAMPIRE_DC_SERVER_IP} = $ret->{SERVER_IP};
- $ret->{VAMPIRE_DC_SERVER_IPV6} = $ret->{SERVER_IPV6};
- $ret->{VAMPIRE_DC_NETBIOSNAME} = $ret->{NETBIOSNAME};
- }
- $ret->{DC_SERVER} = $dcvars->{DC_SERVER};
- $ret->{DC_SERVER_IP} = $dcvars->{DC_SERVER_IP};
- $ret->{DC_SERVER_IPV6} = $dcvars->{DC_SERVER_IPV6};
- $ret->{DC_NETBIOSNAME} = $dcvars->{DC_NETBIOSNAME};
- $ret->{DC_USERNAME} = $dcvars->{DC_USERNAME};
- $ret->{DC_PASSWORD} = $dcvars->{DC_PASSWORD};
+ $self->set_pdc_env_vars($ret, $dcvars);
$ret->{DC_REALM} = $dcvars->{DC_REALM};
return $ret;
Samba::mk_mitkdc_conf($ctx, abs_path(Samba::bindir_path($self, "shared")));
my $samba_tool = Samba::bindir_path($self, "samba-tool");
- my $cmd = "NSS_WRAPPER_HOSTS='$ret->{NSS_WRAPPER_HOSTS}' ";
- $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
- if (defined($ret->{RESOLV_WRAPPER_CONF})) {
- $cmd .= "RESOLV_WRAPPER_CONF=\"$ret->{RESOLV_WRAPPER_CONF}\" ";
- } else {
- $cmd .= "RESOLV_WRAPPER_HOSTS=\"$ret->{RESOLV_WRAPPER_HOSTS}\" ";
- }
- $cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
- $cmd .= "KRB5CCNAME=\"$ret->{KRB5_CCACHE}\" ";
- $cmd .= "RESOLV_CONF=\"$ret->{RESOLV_CONF}\" ";
+ my $cmd = $self->get_cmd_env_vars($ret);
$cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $ctx->{dnsname} subdomain ";
$cmd .= "--parent-domain=$dcvars->{REALM} -U$dcvars->{DC_USERNAME}\@$dcvars->{REALM}\%$dcvars->{DC_PASSWORD}";
$cmd .= " --machinepass=machine$ret->{PASSWORD} --use-ntvfs";
}
$ret->{SUBDOM_DC_SERVER} = $ret->{SERVER};
- $ret->{SUBDOM_DC_SERVER_IP} = $ret->{SERVER_IP};
- $ret->{SUBDOM_DC_SERVER_IPV6} = $ret->{SERVER_IPV6};
- $ret->{SUBDOM_DC_NETBIOSNAME} = $ret->{NETBIOSNAME};
- $ret->{DC_SERVER} = $dcvars->{DC_SERVER};
- $ret->{DC_SERVER_IP} = $dcvars->{DC_SERVER_IP};
- $ret->{DC_SERVER_IPV6} = $dcvars->{DC_SERVER_IPV6};
- $ret->{DC_NETBIOSNAME} = $dcvars->{DC_NETBIOSNAME};
- $ret->{DC_USERNAME} = $dcvars->{DC_USERNAME};
- $ret->{DC_PASSWORD} = $dcvars->{DC_PASSWORD};
+ $self->set_pdc_env_vars($ret, $dcvars);
return $ret;
}
return undef;
}
$ret->{NETBIOSALIAS} = "localdc1-a";
- $ret->{DC_SERVER} = $ret->{SERVER};
- $ret->{DC_SERVER_IP} = $ret->{SERVER_IP};
- $ret->{DC_SERVER_IPV6} = $ret->{SERVER_IPV6};
- $ret->{DC_NETBIOSNAME} = $ret->{NETBIOSNAME};
- $ret->{DC_USERNAME} = $ret->{USERNAME};
- $ret->{DC_PASSWORD} = $ret->{PASSWORD};
$ret->{DC_REALM} = $ret->{REALM};
return $ret;
my $extra_conf_options = "
spnego:simulate_w2k=yes
ntlmssp_server:force_old_spnego=yes
+ server max protocol = NT1
";
my $extra_provision_options = ["--use-ntvfs"];
# This environment uses plain text secrets
warn("Unable to add wins configuration");
return undef;
}
- $ret->{DC_SERVER} = $ret->{SERVER};
- $ret->{DC_SERVER_IP} = $ret->{SERVER_IP};
- $ret->{DC_SERVER_IPV6} = $ret->{SERVER_IPV6};
- $ret->{DC_NETBIOSNAME} = $ret->{NETBIOSNAME};
- $ret->{DC_USERNAME} = $ret->{USERNAME};
- $ret->{DC_PASSWORD} = $ret->{PASSWORD};
$ret->{DC_REALM} = $ret->{REALM};
return $ret;
my $extra_conf_options = "allow dns updates = nonsecure and secure
dcesrv:header signing = no
dcesrv:max auth states = 0
- dns forwarder = 127.0.0.$swiface1 127.0.0.$swiface2";
+ dns forwarder = 127.0.0.$swiface1 127.0.0.$swiface2
+ server max protocol = SMB2_02
+ ";
my $extra_provision_options = ["--use-ntvfs"];
my $ret = $self->provision($prefix,
"domain controller",
return undef;
}
- $ret->{DC_SERVER} = $ret->{SERVER};
- $ret->{DC_SERVER_IP} = $ret->{SERVER_IP};
- $ret->{DC_SERVER_IPV6} = $ret->{SERVER_IPV6};
- $ret->{DC_NETBIOSNAME} = $ret->{NETBIOSNAME};
- $ret->{DC_USERNAME} = $ret->{USERNAME};
- $ret->{DC_PASSWORD} = $ret->{PASSWORD};
$ret->{DNS_FORWARDER1} = "127.0.0.$swiface1";
$ret->{DNS_FORWARDER2} = "127.0.0.$swiface2";
my ($self, $prefix, $dcvars) = @_;
print "PROVISIONING DC WITH FOREST LEVEL 2008r2...\n";
- my $extra_conf_options = "ldap server require strong auth = no";
+ my $extra_conf_options = "
+ ldap server require strong auth = no
+ server max protocol = SMB2_10
+ ";
my $extra_provision_options = ["--use-ntvfs"];
my $ret = $self->provision($prefix,
"domain controller",
warn("Unable to add wins configuration");
return undef;
}
- $ret->{DC_SERVER} = $ret->{SERVER};
- $ret->{DC_SERVER_IP} = $ret->{SERVER_IP};
- $ret->{DC_SERVER_IPV6} = $ret->{SERVER_IPV6};
- $ret->{DC_NETBIOSNAME} = $ret->{NETBIOSNAME};
- $ret->{DC_USERNAME} = $ret->{USERNAME};
- $ret->{DC_PASSWORD} = $ret->{PASSWORD};
$ret->{DC_REALM} = $ret->{REALM};
return $ret;
}
my $samba_tool = Samba::bindir_path($self, "samba-tool");
- my $cmd = "NSS_WRAPPER_HOSTS='$ret->{NSS_WRAPPER_HOSTS}' ";
- $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
- if (defined($ret->{RESOLV_WRAPPER_CONF})) {
- $cmd .= "RESOLV_WRAPPER_CONF=\"$ret->{RESOLV_WRAPPER_CONF}\" ";
- } else {
- $cmd .= "RESOLV_WRAPPER_HOSTS=\"$ret->{RESOLV_WRAPPER_HOSTS}\" ";
- }
- $cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
- $cmd .= "KRB5CCNAME=\"$ret->{KRB5_CCACHE}\" ";
- $cmd .= "RESOLV_CONF=\"$ret->{RESOLV_CONF}\" ";
+ my $cmd = $self->get_cmd_env_vars($ret);
$cmd .= "$samba_tool domain join $ret->{CONFIGURATION} $dcvars->{REALM} RODC";
$cmd .= " -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}";
$cmd .= " --server=$dcvars->{DC_SERVER} --use-ntvfs";
Samba::mk_krb5_conf($ctx);
Samba::mk_mitkdc_conf($ctx, abs_path(Samba::bindir_path($self, "shared")));
- $ret->{RODC_DC_SERVER} = $ret->{SERVER};
- $ret->{RODC_DC_SERVER_IP} = $ret->{SERVER_IP};
- $ret->{RODC_DC_SERVER_IPV6} = $ret->{SERVER_IPV6};
- $ret->{RODC_DC_NETBIOSNAME} = $ret->{NETBIOSNAME};
-
- $ret->{DC_SERVER} = $dcvars->{DC_SERVER};
- $ret->{DC_SERVER_IP} = $dcvars->{DC_SERVER_IP};
- $ret->{DC_SERVER_IPV6} = $dcvars->{DC_SERVER_IPV6};
- $ret->{DC_NETBIOSNAME} = $dcvars->{DC_NETBIOSNAME};
- $ret->{DC_USERNAME} = $dcvars->{DC_USERNAME};
- $ret->{DC_PASSWORD} = $dcvars->{DC_PASSWORD};
+ $self->set_pdc_env_vars($ret, $dcvars);
return $ret;
}
return undef;
}
- $ret->{DC_SERVER} = $ret->{SERVER};
- $ret->{DC_SERVER_IP} = $ret->{SERVER_IP};
- $ret->{DC_SERVER_IPV6} = $ret->{SERVER_IPV6};
- $ret->{DC_NETBIOSNAME} = $ret->{NETBIOSNAME};
- $ret->{DC_USERNAME} = $ret->{USERNAME};
- $ret->{DC_PASSWORD} = $ret->{PASSWORD};
-
return $ret;
}
warn("Unable to remove $ret->{PRIVATEDIR}/secrets.tdb added during provision");
return undef;
}
-
- $ret->{DC_SERVER} = $ret->{SERVER};
- $ret->{DC_SERVER_IP} = $ret->{SERVER_IP};
- $ret->{DC_SERVER_IPV6} = $ret->{SERVER_IPV6};
- $ret->{DC_NETBIOSNAME} = $ret->{NETBIOSNAME};
- $ret->{DC_USERNAME} = $ret->{USERNAME};
- $ret->{DC_PASSWORD} = $ret->{PASSWORD};
+
$ret->{UNACCEPTABLE_PASSWORD} = $unacceptable_password;
return $ret;
# as 'vampired' dc may add data in its local replica
# we need to synchronize data between DCs
my $base_dn = "DC=".join(",DC=", split(/\./, $dc_vars->{REALM}));
- my $cmd = "NSS_WRAPPER_HOSTS='$env->{NSS_WRAPPER_HOSTS}' ";
- $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$env->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
- if (defined($env->{RESOLV_WRAPPER_CONF})) {
- $cmd .= "RESOLV_WRAPPER_CONF=\"$env->{RESOLV_WRAPPER_CONF}\" ";
- } else {
- $cmd .= "RESOLV_WRAPPER_HOSTS=\"$env->{RESOLV_WRAPPER_HOSTS}\" ";
- }
- $cmd .= " KRB5_CONFIG=\"$env->{KRB5_CONFIG}\"";
- $cmd .= "KRB5CCNAME=\"$env->{KRB5_CCACHE}\" ";
- $cmd .= "RESOLV_CONF=\"$env->{RESOLV_CONF}\" ";
+ my $cmd = $self->get_cmd_env_vars($env);
$cmd .= " $samba_tool drs replicate $env->{DC_SERVER} $env->{SERVER}";
$cmd .= " $dc_vars->{CONFIGURATION}";
$cmd .= " -U$dc_vars->{DC_USERNAME}\%$dc_vars->{DC_PASSWORD}";
# Pull in a full set of changes from the main DC
my $base_dn = "DC=".join(",DC=", split(/\./, $dc_vars->{REALM}));
- $cmd = "NSS_WRAPPER_HOSTS='$env->{NSS_WRAPPER_HOSTS}' ";
- $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$env->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
- if (defined($env->{RESOLV_WRAPPER_CONF})) {
- $cmd .= "RESOLV_WRAPPER_CONF=\"$env->{RESOLV_WRAPPER_CONF}\" ";
- } else {
- $cmd .= "RESOLV_WRAPPER_HOSTS=\"$env->{RESOLV_WRAPPER_HOSTS}\" ";
- }
- $cmd .= " KRB5_CONFIG=\"$env->{KRB5_CONFIG}\"";
- $cmd .= "KRB5CCNAME=\"$env->{KRB5_CCACHE}\" ";
- $cmd .= "RESOLV_CONF=\"$env->{RESOLV_CONF}\" ";
+ $cmd = $self->get_cmd_env_vars($env);
$cmd .= " $samba_tool drs replicate $env->{SERVER} $env->{DC_SERVER}";
$cmd .= " $dc_vars->{CONFIGURATION}";
$cmd .= " -U$dc_vars->{DC_USERNAME}\%$dc_vars->{DC_PASSWORD}";
my $env = $self->provision_raw_step1($ctx);
- $env->{DC_SERVER} = $env->{SERVER};
- $env->{DC_SERVER_IP} = $env->{SERVER_IP};
- $env->{DC_SERVER_IPV6} = $env->{SERVER_IPV6};
- $env->{DC_NETBIOSNAME} = $env->{NETBIOSNAME};
- $env->{DC_USERNAME} = $env->{USERNAME};
- $env->{DC_PASSWORD} = $env->{PASSWORD};
-
return ($env, $ctx);
}
# we arbitrarily designate the restored DC as having SMBv1 disabled
my $extra_conf = "
server min protocol = SMB2
- client min protocol = SMB2";
+ client min protocol = SMB2
+ prefork children = 1";
my ($env, $ctx) = $self->prepare_dc_testenv($prefix, "restoredc",
$dcvars->{DOMAIN},
# note: dcvars contains the env info for the dependent testenv ('backupfromdc')
my ($self, $prefix, $dcvars) = @_;
print "Preparing RENAME DC...\n";
+ my $extra_conf = "prefork children = 1";
my $realm = "renamedom.samba.example.com";
my ($env, $ctx) = $self->prepare_dc_testenv($prefix, "renamedc",
"RENAMEDOMAIN", $realm,
- $dcvars->{PASSWORD}, "");
+ $dcvars->{PASSWORD}, $extra_conf);
# create a backup of the 'backupfromdc' which renames the domain
my $backupdir = File::Temp->newdir();
# note: dcvars contains the env info for the dependent testenv ('backupfromdc')
my ($self, $prefix, $dcvars) = @_;
print "Preparing OFFLINE BACKUP DC...\n";
+ my $extra_conf = "prefork children = 1";
my ($env, $ctx) = $self->prepare_dc_testenv($prefix, "offlinebackupdc",
$dcvars->{DOMAIN},
$dcvars->{REALM},
- $dcvars->{PASSWORD}, "");
+ $dcvars->{PASSWORD}, $extra_conf);
# create an offline backup of the 'backupfromdc' target
my $backupdir = File::Temp->newdir();
# note: dcvars contains the env info for the dependent testenv ('backupfromdc')
my ($self, $prefix, $dcvars) = @_;
print "Preparing LAB-DOMAIN DC...\n";
+ my $extra_conf = "prefork children = 1";
my ($env, $ctx) = $self->prepare_dc_testenv($prefix, "labdc",
"LABDOMAIN",
"labdom.samba.example.com",
- $dcvars->{PASSWORD}, "");
+ $dcvars->{PASSWORD}, $extra_conf);
# create a backup of the 'backupfromdc' which renames the domain and uses
# the --no-secrets option to scrub any sensitive info
git.samba.org / metze / samba / wip.git / blobdiff