From Fedora Project Wiki

Line 111: Line 111:
| {{result|pass}}
| {{result|pass}}
| {{result|pass}}
| {{result|pass}}
| {{result|none}}  
| {{result|RHEL5 pass}}  
| {{result|none}}  
| {{result|none}}  
| {{result|none}}
| {{result|none}}

Revision as of 12:34, 25 July 2013

Fedora Test Days
Echo-testing-48px.png
Provide users from trusted Active directory domain to legacy clients

Date 2013-07-25
Time all day

Website QA/Fedora_19_test_days
IRC #fedora-test-day (webirc)
Mailing list test


Note.png
Can't make the date?
If you come to this page before or after the test day is completed, your testing is still valuable, and you can use the information on this page to test, file any bugs you find at Bugzilla, and add your results to the results section. If this page is more than a month old when you arrive here, please check the current schedule and see if a similar but more recent Test Day is planned or has already happened.

What to test?

Today's instalment of Fedora Test Day will focus on making the support for users coming from a trusted Active Directory domain available to legacy (non-SSSD) clients as well as providing support for using POSIX attributes from AD.

Who's available

Feedback

We need your feedback!

Prerequisite for Test Day

# wget http://repos.fedorapeople.org/repos/jhrozek/freeipa-test-day/fedora-freeipa-test-day.repo \
       -O /etc/yum.repos.d/fedora-freeipa-test-day.repo

How to test?

This test day focuses on making users and groups from a trusted AD domain available to a wide range of clients. Even if your flavor of Linux or UNIX client is not described in the steps below, you are still welcome to join the test day! In general, the testing would include:

  • Establish a trust between an IPA server and an Active Directory instance following the steps below
    • Install/Setup test cases 1 and 2, Serving legacy clients for trusts test case 1.
  • Set up the LDAP client software (such as nss_ldap or pam_ldap) on your client to point to the IPA server
  • Retrieve identity information about users coming from the trusted AD domain
  • Authenticate as a user coming from the trusted AD domain

Please report any issues you find using the channels described above or simply start a thread on the freeipa-users mailing list.

You can also use our public Etherpad http://openetherpad.org/p/Fedora-19-IPA-33-Test-Day to share bugs, workarounds or any other useful info.

Test Cases

Install/Setup Tests

Using POSIX attributes defined in AD

Serving legacy clients for trusts

Test Results

If you have problems with any of the tests, report a bug to Trac or Bugzilla usually for the component freeipa

Note.png
Filing a bug
If you are unsure about exactly how to file the report or what other information to include, just ask us on IRC and we will help you.

Once you have completed the tests, add your results to the appropriate Results table below, following the example results from the first line as a template. The first column should be your name with a link to your User page in the Wiki if you have one. For each test case, use the result template to enter your result, as shown in the example result line.

Note.png
Active Directory version
Even with sucessful tests, please report the version of Active Directory you worked with.
User IPA Installation Trust preparation POSIX in AD Trust creation Generic legacy client Legacy clients with nss-pam-ldapd Legacy client with SSSD Active Directory version References
Sample User
none
Pass pass
none
none
Warning warn
[1]
Fail fail
[2]
Pass pass
AD 2012
  1. Test pass, but also encountered RHBZ #54321
  2. RHBZ #12345
mrniranjan
Pass pass
Pass pass
Pass pass
Pass pass
RHEL5 pass
none
none
AD 2008 R2
Tomas Babej
Pass pass
Pass pass
Pass pass
[1]
Pass pass
[2]
none
none
none
AD 2012
Jakub Hrozek
Pass pass
Pass pass
none
Pass pass
none
Warning warn
[1]
Warning warn
[2]
AD 2012
  1. (IPA native users don't auth)
  2. (IPA native users don't auth)