def install(cls, mh): if cls.domain_level is not None: domain_level = cls.domain_level else: domain_level = cls.master.config.domain_level tasks.install_topo(cls.topology, cls.master, cls.replicas, cls.clients, domain_level, clients_extra_args=('--mkhomedir',)) cls.ad = cls.ads[0] cls.smbserver = cls.clients[0] cls.smbclient = cls.clients[1] cls.ad_user = '******'.format(cls.ad_user_login, cls.ad.domain.name) tasks.config_host_resolvconf_with_master_data(cls.master, cls.smbclient) tasks.install_adtrust(cls.master) tasks.configure_dns_for_trust(cls.master, cls.ad) tasks.configure_windows_dns_for_trust(cls.ad, cls.master) tasks.establish_trust_with_ad(cls.master, cls.ad.domain.name, extra_args=['--two-way=true']) tasks.create_active_user(cls.master, cls.ipa_user1, password=cls.ipa_user1_password) tasks.create_active_user(cls.master, cls.ipa_user2, password=cls.ipa_user2_password) # Trigger creation of home directories on the SMB server for user in [cls.ipa_user1, cls.ipa_user2, cls.ad_user]: tasks.run_command_as_user(cls.smbserver, user, ['stat', '.'])
def test_establish_external_trust_with_shared_secret(self): tasks.configure_dns_for_trust(self.master, self.ad) tasks.configure_windows_dns_for_trust(self.ad, self.master) # create windows side of trust using netdom.exe utility self.ad.run_command( ['netdom.exe', 'trust', self.master.domain.name, '/d:' + self.ad.domain.name, '/passwordt:' + self.shared_secret, '/add', '/oneside:TRUSTED']) # create ipa side of trust tasks.establish_trust_with_ad( self.master, self.ad_domain, shared_secret=self.shared_secret, extra_args=['--range-type', 'ipa-ad-trust', '--external=True'])
def test_establish_forest_trust_with_shared_secret(self): tasks.configure_dns_for_trust(self.master, self.ad) tasks.configure_windows_dns_for_trust(self.ad, self.master) # this is a workaround for # https://bugzilla.redhat.com/show_bug.cgi?id=1711958 self.master.run_command([ 'ipa', 'dnsrecord-add', self.master.domain.name, self.srv_gc_record_name, '--srv-rec', self.srv_gc_record_value ]) # create windows side of trust using powershell bindings # to .Net functions ps_cmd = ('[System.DirectoryServices.ActiveDirectory.Forest]' '::getCurrentForest()' '.CreateLocalSideOfTrustRelationship("{}", 1, "{}")'.format( self.master.domain.name, self.shared_secret)) self.ad.run_command(['powershell', '-c', ps_cmd]) # create ipa side of trust tasks.establish_trust_with_ad(self.master, self.ad_domain, shared_secret=self.shared_secret)