From Fedora Project Wiki
No edit summary |
(Remove test cases that everyone can't run, add anaconda,) |
||
| Line 31: | Line 31: | ||
* If you don't want to use the LiveCD, you can use an updated [http://fedoraproject.org/get-prerelease Fedora 19 pre-release] | * If you don't want to use the LiveCD, you can use an updated [http://fedoraproject.org/get-prerelease Fedora 19 pre-release] | ||
** Make sure that the following components are installed: | ** Make sure that the following components are installed: | ||
*** '''adcli-0.7-1.fc19''' | |||
*** '''realmd-0.14.0-1.fc19''' | *** '''realmd-0.14.0-1.fc19''' | ||
*** '''sssd-1.10.0-4.fc19.beta1''' | *** '''sssd-1.10.0-4.fc19.beta1''' | ||
| Line 36: | Line 37: | ||
* A server to test against. Most test cases require an [https://fedoraproject.org/wiki/QA:Testcase_Active_Directory_Setup Active Directory domain], other tests require a [https://fedoraproject.org/wiki/QA:Testcase_freeipav3_installation FreeIPA server]. Don't worry if you don't have both, any involvement in the test day is much appreciated! | * A server to test against. Most test cases require an [https://fedoraproject.org/wiki/QA:Testcase_Active_Directory_Setup Active Directory domain], other tests require a [https://fedoraproject.org/wiki/QA:Testcase_freeipav3_installation FreeIPA server]. Don't worry if you don't have both, any involvement in the test day is much appreciated! | ||
* Domain user account or administrator account on the given Active Directory domain. See table below for which test cases require which privileges. | * Domain user account or administrator account on the given Active Directory domain. See table below for which test cases require which privileges. | ||
* If you are on Red Hat internal network you can test against our internal '''Test Bed''': [[Test Day:2013-05-09 Red Hat Test Bed]]. Please note that the Test Bad doesn't have all capabilities which are required to run all test cases. While all test cases which requires administrator privileges and posix users are supported, the test cases with privileges listed below can't be run against the Test Bad (please skip them). In some cases you might need to contact the Test Bed admins to perform some special configuration; please contact pkis or dspurek. | * If you are on Red Hat internal network you can test against our internal '''Test Bed''': [[Test Day:2013-05-09 Red Hat Test Bed]]. Please note that the Test Bad doesn't have all capabilities which are required to run all test cases. While all test cases which requires administrator privileges and posix users are supported, the test cases with privileges listed below can't be run against the Test Bad (please skip them). In some cases you might need to contact the Test Bed admins to perform some special configuration; please contact pkis or dspurek. | ||
== How to test == | == How to test == | ||
| Line 45: | Line 43: | ||
* realmd used together with Active Directory or FreeIPA | * realmd used together with Active Directory or FreeIPA | ||
* adcli used together with Active Directory | * adcli used together with Active Directory | ||
* latest Kerberos improvements | * latest Kerberos improvements | ||
* sssd used together with Active Directory or FreeIPA | * sssd used together with Active Directory or FreeIPA | ||
You can explore these, and their documentation. Or you can follow the test cases below. | You can explore these, and their documentation. Or you can follow the test cases below. | ||
== Test Cases - Active Directory == | == Test Cases - Active Directory == | ||
| Line 197: | Line 118: | ||
| Administrator | | Administrator | ||
| 10 minutes | | 10 minutes | ||
|- | |||
|- | |||
| [[QA:Testcase_realmd_join_kickstart|Use kickstart to join a domain]] | |||
| Use anaconda and kickstart to join a domain during installation. | |||
| Administrator | |||
| 40 minutes | |||
|- | |- | ||
|- | |- | ||
| Line 217: | Line 144: | ||
|- | |- | ||
|} | |} | ||
== Test Cases - adcli == | |||
{| class="wikitable sortable" style="width:100%" border="1" | |||
!style="width:20%"|Testcase | |||
!style="width:58%"|Description | |||
!style="width:12%"|Privileges | |||
!style="width:10%"|Approx. time required | |||
|- | |||
| [[QA:Testcase_adcli_setup|adcli setup]] | |||
| Set up the environment in order to perform the adcli tests | |||
| Any | |||
| 5 minutes | |||
|- | |||
|- | |||
| [[QA:Testcase_adcli_info|adcli info]] | |||
| This test case retrieves basic information about a domain. | |||
| Any | |||
| 5 minutes | |||
|- | |||
|- | |||
| [[QA:Testcase_adcli_info_server|adcli info server]] | |||
| This test case retrieves basic information about a domain controller and the domain it is a part of. | |||
| Any | |||
| 5 minutes | |||
|- | |||
|- | |||
| [[QA:Testcase_adcli_join_simple|adcli join simple]] | |||
| This test case verifies that adcli join works with basic options. | |||
| Administrator | |||
| 5 minutes | |||
|- | |||
|- | |||
| [[QA:Testcase_adcli_join_nodns|adcli join nodns]] | |||
| his test case verifies that adcli join can work without DNS. | |||
| Administrator | |||
| 5 minutes | |||
|- | |||
|- | |||
| [[QA:Testcase_adcli_preset_auto|adcli preset auto]] | |||
| This test case precreates accounts in the domain using adcli join, using the default automatic 'reset' computer account password. | |||
| Administrator | |||
| 5 minutes | |||
|- | |||
|- | |||
| [[QA:Testcase_adcli_preset_otp|adcli preset otp]] | |||
| This test case precreates accounts in the domain using adcli join. | |||
| Administrator | |||
| 5 minutes | |||
|- | |||
|} | |||
Further [[Category:Adcli_Test_Cases|test cases are available]] for using adcli with complex domains. | |||
== Test Cases - FreeIPA == | == Test Cases - FreeIPA == | ||
| Line 260: | Line 239: | ||
|- | |- | ||
|- | |- | ||
| [[QA: | | [[QA:Testcase_FreeIPA_realmd_leave|FreeIPA leave]] | ||
| Leave a FreeIPA domain by deconfiguring it locally. | | Leave a FreeIPA domain by deconfiguring it locally. | ||
| Any | | Any | ||
| Line 282: | Line 261: | ||
| [[QA:Testcase_FreeIPA_realmd_automount|FreeIPA automount]] | | [[QA:Testcase_FreeIPA_realmd_automount|FreeIPA automount]] | ||
| [[QA:Testcase_FreeIPA_control_center|FreeIPA control center]] | | [[QA:Testcase_FreeIPA_control_center|FreeIPA control center]] | ||
| [[QA: | | [[QA:Testcase_FreeIPA_realmd_leave|FreeIPA leave]] | ||
! References | ! References | ||
|- | |- | ||
Revision as of 10:54, 8 May 2013
| Fedora 19 Test Days | |
|---|---|
| |
| Enterprise accounts | |
| Date | 2013-05-09 |
| Time | all day |
| Website | realmd SSSD project, Feature page |
| IRC | #sssd (webirc, #fedora-test-day (webirc)) |
Can't make the date?
If you come to this page before or after the test day is completed, your testing is still valuable, and you can use the information on this page to test, file any bugs you find, and add your results to the results section.
If you come to this page before or after the test day is completed, your testing is still valuable, and you can use the information on this page to test, file any bugs you find, and add your results to the results section.
What to test?
Today's Test Day will be focused on new features related to using enterprise accounts (coming from either Active Directory or FreeIPA), in particular realmd and adcli to join a machine to a domain and sssd to handle authentication and other related tasks.
Who's available
- Development: Stef Walter (stefw, realmd/adcli dev), Jakub Hrozek (jhrozek, sssd dev)
- Quality Assurance: Patrik Kis (pkis), Davis Spurek (dspurek), Kaushik Banerjee (kaushik)
Prerequisite for Test Day
- You may download a non-destructive Fedora 19 live image for your architecture. Tips on using a live image are available at FedoraLiveCD.
| Architecture | SHA256SUM |
|---|---|
| x86_64 | 720f0cb153aac8ae2e55629ec4a50e1c3f53a5fbe4b2ce65f1d6792b15af94b0 |
| i686 | 29d7de49bd77760299924f90e9f732d60892766ff32318f5fac5dcbb4089073e |
- If you don't want to use the LiveCD, you can use an updated Fedora 19 pre-release
- Make sure that the following components are installed:
- adcli-0.7-1.fc19
- realmd-0.14.0-1.fc19
- sssd-1.10.0-4.fc19.beta1
- selinux-policy-3.12.1-42.fc19
- Make sure that the following components are installed:
- A server to test against. Most test cases require an Active Directory domain, other tests require a FreeIPA server. Don't worry if you don't have both, any involvement in the test day is much appreciated!
- Domain user account or administrator account on the given Active Directory domain. See table below for which test cases require which privileges.
- If you are on Red Hat internal network you can test against our internal Test Bed: Test Day:2013-05-09 Red Hat Test Bed. Please note that the Test Bad doesn't have all capabilities which are required to run all test cases. While all test cases which requires administrator privileges and posix users are supported, the test cases with privileges listed below can't be run against the Test Bad (please skip them). In some cases you might need to contact the Test Bed admins to perform some special configuration; please contact pkis or dspurek.
How to test
At a high level the following are being tested:
- realmd used together with Active Directory or FreeIPA
- adcli used together with Active Directory
- latest Kerberos improvements
- sssd used together with Active Directory or FreeIPA
You can explore these, and their documentation. Or you can follow the test cases below.
Test Cases - Active Directory
| Testcase | Description | Privileges | Approx. time required |
|---|---|---|---|
| AD no krb5.conf | Using Active Directory without krb5.conf | Any | 5 minutes |
| LessBrittleKerberos unsynced clocks | Kerberos client with unsynced clocks | Any | 5 minutes |
| Discover AD domain | Using realmd to discover information about an Active Directory domain | Any | 5 minutes |
| Discover AD server | Using realmd to discover information about an Active Directory server | Any | 5 minutes |
| Join AD using ccache | Join the current machine to an Active Directory domain using kerberos credentials already acquired before the join. | Administrator | 10 minutes |
| Join AD and set OS | Join the current machine to an Active Directory, and set the operating system name and version of the account. | Administrator | 10 minutes |
| Join AD and prevent installing requirements | Join the current machine to an Active Directory, and prevent automatic installation of packages. | Administrator | 10 minutes |
| Join AD without qualifying usernames | Join the current machine to an Active Directory, without using fully qualified user names. | Administrator | 10 minutes |
| Join AD using POSIX attributes | Join the current machine to an Active Directory, but use the POSIX attributes in the directory. | Administrator or user with posix attributes | 10 minutes |
| Join a specific AD server | Join the current machine to an Active Directory, manually specifying the domain server you want to join against. | Administrator | 10 minutes |
| Join AD while creating an UPN | Join the current machine to an Active Directory, while creating a userPrincipalName. | Administrator | 10 minutes |
| Use kickstart to join a domain | Use anaconda and kickstart to join a domain during installation. | Administrator | 40 minutes |
| DNS dynamic updates | Verifies an AD client is able to update its DNS record. | Requires a joined client | 20 minutes |
| DNS site discovery | Verifies an AD client is able to connect to a particular DNS site as defined on the AD server | Requires a joined client | 20 minutes |
| NetBIOS name discovery | This test case verifies an Active Directory client is able to discover the NetBIOS name automatically | Requires a joined client | 15 minutes |
Test Cases - adcli
| Testcase | Description | Privileges | Approx. time required |
|---|---|---|---|
| adcli setup | Set up the environment in order to perform the adcli tests | Any | 5 minutes |
| adcli info | This test case retrieves basic information about a domain. | Any | 5 minutes |
| adcli info server | This test case retrieves basic information about a domain controller and the domain it is a part of. | Any | 5 minutes |
| adcli join simple | This test case verifies that adcli join works with basic options. | Administrator | 5 minutes |
| adcli join nodns | his test case verifies that adcli join can work without DNS. | Administrator | 5 minutes |
| adcli preset auto | This test case precreates accounts in the domain using adcli join, using the default automatic 'reset' computer account password. | Administrator | 5 minutes |
| adcli preset otp | This test case precreates accounts in the domain using adcli join. | Administrator | 5 minutes |
Further for using adcli with complex domains.
Test Cases - FreeIPA
| Testcase | Description | Privileges | Approx. time required |
|---|---|---|---|
| FreeIPA join | Join a client machine to a domain | admin | 10 minutes |
| FreeIPA login | Log in using FreeIPA credentials, both online and offline | admin | 15 minutes |
| FreeIPA sudo | Test FreeIPA's sudo management capabilities | admin | 10 minutes |
| FreeIPA SSH | Verify FreeIPA's SSH public key management | admin | 20 minutes |
| FreeIPA automount | Test FreeIPA's automounter maps management | admin | 20 minutes |
| FreeIPA control center | Setup an FreeIPA domain account login via the GNOME Control Center. | admin | 10 minutes |
| FreeIPA leave | Leave a FreeIPA domain by deconfiguring it locally. | Any | 5 minutes |
Test Results - FreeIPA
Log issues and enhancements in one of these places:
| User | FreeIPA join | FreeIPA login | FreeIPA sudo | FreeIPA SSH | FreeIPA automount | FreeIPA control center | FreeIPA leave | References |
|---|---|---|---|---|---|---|---|---|
| Sample User |  |
 |
 |