#!/bin/bash -e eval "$(ucr shell)" old_connector_s4_mapping_sid="$connector_s4_mapping_sid" old_connector_s4_mapping_sid_to_s4="$connector_s4_mapping_sid_to_s4" old_connector_s4_mapping_sid_to_ucs="$connector_s4_mapping_sid_to_ucs" _lowerletters="abcdefghijklmnopqrstuvwxyz" _upperletters="ABCDEFGHIJKLMNOPQRSTUVWXYZ" _ciphers="0123456789" random_chars () { # [length [characters]] local stringlength=${1:-$STRINGLENGTH} local charset=${2:-${_lowerletters}} local string= while ((${#string} < $stringlength)) do local pos=$((RANDOM % ${#charset})) string+=${charset:$pos:1} done echo -n "$string" } random_username () { # Generates a random lowercase character (a-z0-9) random_chars 10 "${_lowerletters}${_ciphers}" } test_sid() { sid_to_s4="$1" sid_to_ucs="$2" ucr set connector/s4/mapping/sid=true connector/s4/mapping/sid_to_s4=$sid_to_s4 connector/s4/mapping/sid_to_ucs=$sid_to_ucs >/dev/null ucr search --brief connector/s4/mapping/sid /etc/init.d/univention-s4-connector restart >/dev/null echo "I: Create S4 user" /etc/init.d/univention-s4-connector stop >/dev/null S4=$(random_username) samba-tool user add "$S4" univention old_s4_sid="$(univention-s4search cn="$S4" objectSid | sed -ne 's|objectSid: ||p')" /etc/init.d/univention-s4-connector start >/dev/null sleep 10 ucs_sid="$(univention-ldapsearch uid="$S4" sambaSID | sed -ne 's|sambaSID: ||p')" s4_sid="$(univention-s4search cn="$S4" objectSid | sed -ne 's|objectSid: ||p')" if [ -z "$ucs_sid" ]; then echo "E: failed (ucs_sid is empty)" exit 1 fi # At the end, every sid should be equal if [ "$ucs_sid" != "$s4_sid" ]; then echo "E: failed (ucs_sid is not equal to s4_sid)" exit 1 fi if [ "$sid_to_ucs" = "true" -a "$sid_to_s4" != "true" ]; then # The user was created on S4 and the SID should be synced to UCS if [ "$s4_sid" != "$old_s4_sid" ]; then echo "E: failed (old_s4_sid is not equal to s4_sid)" exit 1 fi elif [ "$sid_to_s4" = "true" -a "$sid_to_ucs" != "true" ]; then # The user was created on S4 and the SID should be synced to S4 if [ "$s4_sid" = "$old_s4_sid" ]; then echo "E: failed (old_s4_sid is equal to s4_sid)" exit 1 fi elif [ "$sid_to_s4" = "true" -a "$sid_to_ucs" = "true" ]; then if [ "$s4_sid" != "$old_s4_sid" ]; then echo "E: failed (old_s4_sid is not equal to s4_sid)" exit 1 fi fi samba-tool user delete "$S4" sleep 5 /etc/init.d/univention-s4-connector stop >/dev/null echo "I: OK" echo "I: Create UCS user" UCS_USER=$(random_username) udm users/user create --position cn=users,$ldap_base --set username="$UCS_USER" --set lastname="$UCS_USER" --set password=univention old_ucs_sid="$(univention-ldapsearch uid="$UCS_USER" sambaSID | sed -ne 's|sambaSID: ||p')" /etc/init.d/univention-s4-connector start >/dev/null sleep 15 ucs_sid="$(univention-ldapsearch uid="$UCS_USER" sambaSID | sed -ne 's|sambaSID: ||p')" s4_sid="$(univention-s4search cn="$UCS_USER" objectSid | sed -ne 's|objectSid: ||p')" if [ -z "$s4_sid" ]; then echo "E: failed (ucs_sid is empty)" exit 1 fi if [ "$ucs_sid" != "$s4_sid" ]; then echo "E: failed (ucs_sid is not equal s4_sid)" exit 1 fi # At the end, every sid should be equal if [ "$ucs_sid" != "$s4_sid" ]; then echo "E: failed (ucs_sid is equal ucs_sid)" exit 1 fi if [ "$sid_to_ucs" = "true" -a "$sid_to_s4" != "true" ]; then # The user was created on UCS and the SID should be synced to UCS. # So the old and the new sid must not be equal if [ "$ucs_sid" = "$old_ucs_sid" ]; then echo "E: failed (old_ucs_sid is not equal to ucs_sid)" exit 1 fi elif [ "$sid_to_s4" = "true" -a "$sid_to_ucs" != "true" ]; then # The user was created on UCS and the SID should be synced to S4. # So the old and the new sid must be equal if [ "$ucs_sid" != "$old_ucs_sid" ]; then echo "E: failed (old_ucs_sid is equal to ucs_sid)" exit 1 fi elif [ "$sid_to_s4" = "true" -a "$sid_to_ucs" = "true" ]; then # The user was created on UCS and the SID should be synced to S4. # So the old and the new sid must be equal if [ "$ucs_sid" != "$old_ucs_sid" ]; then echo "E: failed (old_ucs_sid is equal to ucs_sid)" exit 1 fi fi samba-tool user delete "$UCS_USER" sleep 5 echo "I: OK" } test_univentionSamba4SID() { ucr set connector/s4/mapping/sid=false connector/s4/mapping/sid_to_s4=false connector/s4/mapping/sid_to_ucs=true >/dev/null ucr search --brief connector/s4/mapping/sid echo "I: Create S4 user" /etc/init.d/univention-s4-connector stop >/dev/null S4=$(random_username) samba-tool user add "$S4" univention old_s4_sid="$(univention-s4search cn="$S4" objectSid | sed -ne 's|objectSid: ||p')" /etc/init.d/univention-s4-connector start >/dev/null sleep 10 ucs_sid="$(univention-ldapsearch uid="$S4" sambaSID | sed -ne 's|sambaSID: ||p')" ucs_sid4="$(univention-ldapsearch uid="$S4" univentionSamba4SID | sed -ne 's|univentionSamba4SID: ||p')" s4_sid="$(univention-s4search cn="$S4" objectSid | sed -ne 's|objectSid: ||p')" if [ -z "$ucs_sid" ]; then echo "E: failed (ucs_sid is empty)" exit 1 fi if [ -z "$ucs_sid4" ]; then echo "E: failed (ucs_sid4 is empty)" exit 1 fi # At the end, every sid should be equal if [ "$ucs_sid4" != "$s4_sid" ]; then echo "E: failed (ucs_sid4 is not equal to s4_sid)" exit 1 fi if [ "$ucs_sid" = "$s4_sid" ]; then echo "E: failed (ucs_sid is equal to s4_sid)" exit 1 fi samba-tool user delete "$S4" sleep 5 /etc/init.d/univention-s4-connector stop >/dev/null echo "I: OK" echo "I: Create UCS user" UCS_USER=$(random_username) udm users/user create --position cn=users,$ldap_base --set username="$UCS_USER" --set lastname="$UCS_USER" --set password=univention old_ucs_sid="$(univention-ldapsearch uid="$UCS_USER" sambaSID | sed -ne 's|sambaSID: ||p')" /etc/init.d/univention-s4-connector start >/dev/null sleep 15 ucs_sid="$(univention-ldapsearch uid="$UCS_USER" sambaSID | sed -ne 's|sambaSID: ||p')" ucs_sid4="$(univention-ldapsearch uid="$UCS_USER" univentionSamba4SID | sed -ne 's|univentionSamba4SID: ||p')" s4_sid="$(univention-s4search cn="$UCS_USER" objectSid | sed -ne 's|objectSid: ||p')" if [ -z "$s4_sid" ]; then echo "E: failed (ucs_sid is empty)" exit 1 fi if [ -z "$ucs_sid4" ]; then echo "E: failed (ucs_sid4 is empty)" exit 1 fi if [ "$ucs_sid4" != "$s4_sid" ]; then echo "E: failed (ucs_sid4 is not equal s4_sid)" exit 1 fi if [ "$ucs_sid" = "$s4_sid" ]; then echo "E: failed (ucs_sid is equal ucs_sid)" exit 1 fi samba-tool user delete "$UCS_USER" sleep 5 echo "I: OK" } # Test case #1 # Let S4 create the SIDs echo -e "\n\nI: Test Case #1. SIDs created by Samba 4" test_sid false true # Test case #2 # Let UCS create the SIDs echo -e "\n\nI: Test Case #2. SIDs created by UCS" test_sid true false # Test case #3 # Sync the SIDs echo -e "\n\nI: Test Case #3. Synchronize SIDs" test_sid true true # Test case #4 # Write SID to additional attribute echo -e "\n\nI: Test Case #4. Write sid to univentionSamba4SID" test_univentionSamba4SID # Cleanup ucr set connector/s4/mapping/sid="$old_connector_s4_mapping_sid" \ connector/s4/mapping/sid_to_s4="$old_connector_s4_mapping_sid_to_s4" \ connector/s4/mapping/sid_to_ucs="$old_connector_s4_mapping_sid_to_ucs" /etc/init.d/univention-s4-connector restart >/dev/null