Univention Bugzilla – Attachment 6031 Details for
Bug 35095
UCS in Active Directory domain - univention-samba
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
check_user_against_winbind_ad_and_ldap.sh
check_user_against_winbind_ad_and_ldap.sh (text/plain), 3.03 KB, created by
Arvid Requate
on 2014-07-31 13:02:27 CEST
(
hide
)
Description:
check_user_against_winbind_ad_and_ldap.sh
Filename:
MIME Type:
Creator:
Arvid Requate
Created:
2014-07-31 13:02:27 CEST
Size:
3.03 KB
patch
obsolete
>#!/bin/bash > >test_username=user1 >test_password=Univention.99 >admin_name=Administrator >admin_pw=Univention.99 > >echo "Creating a test user $test_username" >adds_fqdn=$(net ads lookup | sed -n 's/^Domain Controller:\t*//p') >net ads user add "$test_username" "$test_password" -U"$admin_name"%"$admin_pw" >(univention-adsearch samaccountname="$test_username" dn | sed -n 's/^DN: /dn: /p' ; echo -e "changetype: modify\nreplace: userAccountControl\nuserAccountControl: 512") | ldapmodify -h "$adds_fqdn" -U"$admin_name"%"$admin_pw" > /dev/null 2>&1 >test_output=$(univention-adsearch samaccountname="$test_username" userAccountControl | sed -n 's/^userAccountControl: //p') >if ! [ "$test_output" = "512" ]; then > echo "FAIL: Activation of user account failed" > exit 1 >fi > > >echo "Checking username to SID resolution via winbind" >wbinfo_sid=$(wbinfo -n "$test_username" | awk '{print $1}') >if [ -z "$wbinfo_sid" ]; then > echo "FAIL: wbinfo -n $test_username" > exit 1 >fi > >echo "Checking if returned SID is in AD and matches same name" >adsearch_username=$(univention-adsearch objectSID="$wbinfo_sid" sAMAccountName | sed -n 's/^sAMAccountName: //p') >if [ "$adsearch_username" != "$test_username" ]; then > echo "FAIL: adsearch returned '$adsearch_username' != '$test_username'" > exit 1 >fi > >echo "Checking SID to username resolution via winbind" >test_output=$(wbinfo --sid-to-name="$wbinfo_sid" | awk '{print $1}') >if ! [ $? -eq 0 ]; then > echo "$test_output" > echo "FAIL: wbinfo --sid-to-name=$wbinfo_sid" > exit 1 >fi > >echo "Checking wbinfo -i on name just returned by winbind" >wbinfo_name=$(echo "$test_output" | awk '{print $1}') >wbinfo_info=$(wbinfo -i "$wbinfo_name" 2>&1) >if [ -z "$wbinfo_info" ]; then > echo "$wbinfo_info" > echo "FAIL: wbinfo -i $wbinfo_name" > exit 1 >else > echo "wbinfo -i returned: $wbinfo_info" >fi > > >echo "Checking SID to uidNumber resolution via winbind" >wbinfo_uid=$(wbinfo --sid-to-uid="$wbinfo_sid" 2>&1) >if ! [ $? -eq 0 ]; then > echo "$wbinfo_uid" > echo "FAIL: wbinfo --sid-to-uid=$wbinfo_sid" > exit 1 >fi > >echo "Checking uidNumber returned by winbind against local LDAP" >test_output=$(univention-ldapsearch uidNumber="$wbinfo_uid" uid 2>&1) >if ! [ $? -eq 0 ]; then > echo "$test_output" > echo "FAIL: univention-ldapsearch uidNumber="$wbinfo_uid" uid" > exit 1 >fi > >ldapsearch_username=$(echo "$test_output" | sed -n 's/^uid: //p') >if [ "$ldapsearch_username" != "$test_username" ]; then > echo "FAIL: ldapsearch returned '$ldapsearch_username' != '$test_username'" > exit 1 >fi > >echo "Checking uidNumber to SID resolution via winbind" >wbinfo_sid=$(wbinfo --uid-to-sid="$wbinfo_uid" 2>&1) >if ! [ $? -eq 0 ]; then > echo "$wbinfo_sid" > echo "FAIL: wbinfo --uid-to-sid=$wbinfo_uid" > exit 1 >fi > >echo "Checking for dynamic IDMAP allocation object (should not be generated by winbind)" >test_output=$(univention-ldapsearch "(&(objectClass=sambaIdmapEntry)(sambaSID=$wbinfo_sid))") >ldapsearch_IdmapEntrySID=$(echo "$test_output" | sed -n 's/^sambaSID: //p') >if [ -n "$ldapsearch_IdmapEntrySID" ]; then > echo "FAIL: Found sambaIdmapEntry for sambaSID=$wbinfo_sid in local LDAP" > exit 1 >fi > >echo SUCCESS
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=6031">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 35095
:
6030
|
6031
|
6035
|
6036