def test_establish_trust(self): """Tests establishing trust with Active Directory""" tasks.establish_trust_with_ad( self.master, self.ad_domain, extra_args=['--range-type', 'ipa-ad-trust'])
def test_establish_trust(self): """Tests establishing trust with Active Directory""" tasks.establish_trust_with_ad(self.master, self.ad_domain, extra_args=['--range-type', 'ipa-ad-trust'])
def test_establish_trust_with_posix_attributes(self): tasks.establish_trust_with_ad(self.master, self.ad_domain, extra_args=['--range-type', 'ipa-ad-trust-posix'])
def test_establish_trust(self): # Not specifying the --range-type directly, it should be detected tasks.establish_trust_with_ad(self.master, self.ad_domain)
def install(cls, mh): super(TestCertsInIDOverrides, cls).install(mh) cls.ad = config.ad_domains[0].ads[0] cls.ad_domain = cls.ad.domain.name cls.aduser = "******" % cls.ad_domain master = cls.master # A setup for test_dbus_user_lookup master.run_command(['dnf', 'install', '-y', 'sssd-dbus'], raiseonerr=False) # The tasks.modify_sssd_conf way did not work because # sssd_domain.set_option knows nothing about 'services' parameter of # the sssd config file. Therefore I am using sed approach master.run_command("sed -i '/^services/ s/$/, ifp/' %s" % paths.SSSD_CONF) master.run_command("sed -i 's/= 7/= 0xFFF0/' %s" % paths.SSSD_CONF, raiseonerr=False) master.run_command(['systemctl', 'restart', 'sssd.service']) # End of setup for test_dbus_user_lookup # AD-related stuff tasks.install_adtrust(master) tasks.sync_time(master, cls.ad) tasks.establish_trust_with_ad( cls.master, cls.ad_domain, extra_args=['--range-type', 'ipa-ad-trust']) cls.reqdir = os.path.join(master.config.test_dir, "certs") cls.reqfile1 = os.path.join(cls.reqdir, "test1.csr") cls.reqfile2 = os.path.join(cls.reqdir, "test2.csr") cls.pwname = os.path.join(cls.reqdir, "pwd") # Create a NSS database folder master.run_command(['mkdir', cls.reqdir], raiseonerr=False) # Create an empty password file master.run_command(["touch", cls.pwname], raiseonerr=False) # Initialize NSS database tasks.run_certutil(master, ["-N", "-f", cls.pwname], cls.reqdir) # Now generate self-signed certs for a windows user stdin_text = string.digits + string.ascii_letters[2:] + '\n' tasks.run_certutil(master, [ '-S', '-s', "cn=%s,dc=ad,dc=test" % cls.adcert1, '-n', cls.adcert1, '-x', '-t', 'CT,C,C', '-v', '120', '-m', '1234' ], cls.reqdir, stdin=stdin_text) tasks.run_certutil(master, [ '-S', '-s', "cn=%s,dc=ad,dc=test" % cls.adcert2, '-n', cls.adcert2, '-x', '-t', 'CT,C,C', '-v', '120', '-m', '1234' ], cls.reqdir, stdin=stdin_text) # Export the previously generated cert tasks.run_certutil( master, ['-L', '-n', cls.adcert1, '-a', '>', cls.adcert1_file], cls.reqdir) tasks.run_certutil( master, ['-L', '-n', cls.adcert2, '-a', '>', cls.adcert2_file], cls.reqdir) cls.cert1_base64 = cls.master.run_command( "openssl x509 -outform der -in %s | base64 -w 0" % cls.adcert1_file).stdout_text cls.cert2_base64 = cls.master.run_command( "openssl x509 -outform der -in %s | base64 -w 0" % cls.adcert2_file).stdout_text cls.cert1_pem = cls.master.run_command( "openssl x509 -in %s -outform pem" % cls.adcert1_file).stdout_text cls.cert2_pem = cls.master.run_command( "openssl x509 -in %s -outform pem" % cls.adcert2_file).stdout_text
def install(cls, mh): super(TestCertsInIDOverrides, cls).install(mh) cls.ad = config.ad_domains[0].ads[0] cls.ad_domain = cls.ad.domain.name cls.aduser = "******" % cls.ad_domain master = cls.master # A setup for test_dbus_user_lookup master.run_command(['dnf', 'install', '-y', 'sssd-dbus'], raiseonerr=False) # The tasks.modify_sssd_conf way did not work because # sssd_domain.set_option knows nothing about 'services' parameter of # the sssd config file. Therefore I am using sed approach master.run_command( "sed -i '/^services/ s/$/, ifp/' %s" % paths.SSSD_CONF) master.run_command( "sed -i 's/= 7/= 0xFFF0/' %s" % paths.SSSD_CONF, raiseonerr=False) master.run_command(['systemctl', 'restart', 'sssd.service']) # End of setup for test_dbus_user_lookup # AD-related stuff tasks.install_adtrust(master) tasks.sync_time(master, cls.ad) tasks.establish_trust_with_ad(cls.master, cls.ad_domain, extra_args=['--range-type', 'ipa-ad-trust']) cls.reqdir = os.path.join(master.config.test_dir, "certs") cls.reqfile1 = os.path.join(cls.reqdir, "test1.csr") cls.reqfile2 = os.path.join(cls.reqdir, "test2.csr") cls.pwname = os.path.join(cls.reqdir, "pwd") # Create a NSS database folder master.run_command(['mkdir', cls.reqdir], raiseonerr=False) # Create an empty password file master.run_command(["touch", cls.pwname], raiseonerr=False) # Initialize NSS database tasks.run_certutil(master, ["-N", "-f", cls.pwname], cls.reqdir) # Now generate self-signed certs for a windows user stdin_text = string.digits+string.ascii_letters[2:] + '\n' tasks.run_certutil(master, ['-S', '-s', "cn=%s,dc=ad,dc=test" % cls.adcert1, '-n', cls.adcert1, '-x', '-t', 'CT,C,C', '-v', '120', '-m', '1234'], cls.reqdir, stdin=stdin_text) tasks.run_certutil(master, ['-S', '-s', "cn=%s,dc=ad,dc=test" % cls.adcert2, '-n', cls.adcert2, '-x', '-t', 'CT,C,C', '-v', '120', '-m', '1234'], cls.reqdir, stdin=stdin_text) # Export the previously generated cert tasks.run_certutil(master, ['-L', '-n', cls.adcert1, '-a', '>', cls.adcert1_file], cls.reqdir) tasks.run_certutil(master, ['-L', '-n', cls.adcert2, '-a', '>', cls.adcert2_file], cls.reqdir) cls.cert1_base64 = cls.master.run_command( "openssl x509 -outform der -in %s | base64 -w 0" % cls.adcert1_file ).stdout_text cls.cert2_base64 = cls.master.run_command( "openssl x509 -outform der -in %s | base64 -w 0" % cls.adcert2_file ).stdout_text cls.cert1_pem = cls.master.run_command( "openssl x509 -in %s -outform pem" % cls.adcert1_file ).stdout_text cls.cert2_pem = cls.master.run_command( "openssl x509 -in %s -outform pem" % cls.adcert2_file ).stdout_text
def test_establish_trust_with_posix_attributes(self): # Not specifying the --range-type directly, it should be detected tasks.establish_trust_with_ad(self.master, self.ad)