mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 16:10:02 -06:00
ipatests: test that adding Active Directory user to a role makes it an administrator
Fixes: https://pagure.io/freeipa/issue/8357 Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com>
This commit is contained in:
parent
0ba64b1ac3
commit
9248d23ae8
@ -149,6 +149,32 @@ class TestTrust(BaseTestTrust):
|
||||
tasks.kdestroy_all(self.master)
|
||||
tasks.kinit_admin(self.master)
|
||||
|
||||
def test_ipa_management_run_as_aduser(self):
|
||||
"""Test if adding AD user to a role makes it an administrator"""
|
||||
ipauser = u'tuser'
|
||||
ad_admin = 'Administrator@%s' % self.ad_domain
|
||||
|
||||
tasks.kdestroy_all(self.master)
|
||||
tasks.kinit_admin(self.master)
|
||||
self.master.run_command(['ipa', 'idoverrideuser-add',
|
||||
'Default Trust View', ad_admin])
|
||||
|
||||
self.master.run_command(['ipa', 'role-add-member',
|
||||
'User Administrator',
|
||||
'--idoverrideusers', ad_admin])
|
||||
tasks.kdestroy_all(self.master)
|
||||
tasks.kinit_as_user(self.master, ad_admin,
|
||||
self.master.config.ad_admin_password)
|
||||
# Create a user in IPA as Active Directory administrator
|
||||
self.test_ipauser_authentication_with_nonposix_trust()
|
||||
|
||||
tasks.kdestroy_all(self.master)
|
||||
tasks.kinit_as_user(self.master, ad_admin,
|
||||
self.master.config.ad_admin_password)
|
||||
self.master.run_command(['ipa', 'user-del', ipauser], raiseonerr=False)
|
||||
tasks.kdestroy_all(self.master)
|
||||
tasks.kinit_admin(self.master)
|
||||
|
||||
def test_ipauser_authentication_with_nonposix_trust(self):
|
||||
ipauser = u'tuser'
|
||||
original_passwd = 'Secret123'
|
||||
|
Loading…
Reference in New Issue
Block a user