git.samba.org - samba.git/commit

author	Tim Beale <timbeale@catalyst.net.nz>
	Mon, 7 May 2018 05:33:51 +0000 (17:33 +1200)
committer	Garming Sam <garming@samba.org>
	Fri, 11 May 2018 04:01:24 +0000 (06:01 +0200)
commit	823dec9d166b3fbe2caacdb699173601603c1101
tree	0ed94e9581e3bf19dafea3ba0a94a36dbb57dfff	tree
parent	17d8d475e5376a3c1a313c99cd988b0d1180c5e2	commit \| diff

tests: Add a test case for msDS-PasswordReversibleEncryptionEnabled

Add a test for the 'msDS-PasswordReversibleEncryptionEnabled' attribute
on the PSO. The Effective-PasswordReversibleEncryptionEnabled is
based on the PSO setting (if one applies) or else the
DOMAIN_PASSWORD_STORE_CLEARTEXT bit for the domain's pwdProperties.
This indicates whether the user's cleartext password is to be stored
in the supplementalCredentials attribute (as 'Primary:CLEARTEXT').

The password_hash tests already text the cleartext behaviour, so I've
added an additional test case for PSOs. Note that supplementary-
credential information is not returned over LDAP (the password_hash
test uses a local LDB connection), so it made more sense to extend
the password_hash tests than to check this behaviour as part of the
PSO tests (i.e. rather than in password_settings.py).

Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>

python/samba/tests/password_hash.py		diff \| blob \| history
python/samba/tests/password_hash_gpgme.py		diff \| blob \| history
selftest/knownfail.d/password_hash_gpgme	[new file with mode: 0644]	blob