QA:Testcase realmd join qualify

From FedoraProject

(Difference between revisions)
Jump to: navigation, search
 
(2 intermediate revisions by 2 users not shown)
Line 2: Line 2:
 
|description=Join the current machine to an Active Directory, without using fully qualified user names.
 
|description=Join the current machine to an Active Directory, without using fully qualified user names.
 
|setup=
 
|setup=
# Fulfill the [[QA:Testcase_realmd_prerequisites|prerequisites and make sure your Active Directory domain access works]]. realmd 0.14.0+ and adcli 0.6+ are required.
+
# Make sure you have other required software:
 +
#* realmd 0.14.0 or later
 +
#* adcli 0.7 or later
 +
# Verify that your [[QA:Testcase_Active_Directory_Setup|Active Directory domain access works, or set a domain up]].
 
# You need a domain account as an administrator.
 
# You need a domain account as an administrator.
 
# Leave realm(s) you are currently joined to.
 
# Leave realm(s) you are currently joined to.
Line 11: Line 14:
 
fully-qualified-names = no
 
fully-qualified-names = no
 
</pre>
 
</pre>
Realmd service should be restarted after this change, so run
+
Make sure realmd is restarted:
 
<pre>
 
<pre>
service realmd restart
+
$ sudo killall realmd
 
</pre>
 
</pre>
  
Line 26: Line 29:
 
#: <pre>$ realm list</pre>
 
#: <pre>$ realm list</pre>
 
#: Make sure the domain is listed.
 
#: Make sure the domain is listed.
#: Make sure that the <code>login-formats</code> is <code>%U</code>
 
 
# Check that you can resolve domain accounts on the local computer without qualifying them with a domain name
 
# Check that you can resolve domain accounts on the local computer without qualifying them with a domain name
 
#: <pre>$ getent passwd User</pre>
 
#: <pre>$ getent passwd User</pre>

Latest revision as of 14:08, 9 May 2013

Contents

Description

Join the current machine to an Active Directory, without using fully qualified user names.

Setup

  1. Make sure you have other required software:
    • realmd 0.14.0 or later
    • adcli 0.7 or later
  2. Verify that your Active Directory domain access works, or set a domain up.
  3. You need a domain account as an administrator.
  4. Leave realm(s) you are currently joined to.
  5. Configure realmd not to use qualified user names for your test domain:
    Add this to /etc/realmd.conf
[ad.example.com]
fully-qualified-names = no

Make sure realmd is restarted:

$ sudo killall realmd

How to test

  1. Join the domain specifying a user principal name
    $ realm join --user=Administrator ad.example.com
    Use your domain admin password when prompted. Specify a user other than Administrator if you have another domain administrative account.
    On a successful join there will be no output.

Expected Results

  1. Check that the domain is now configured.
    $ realm list
    Make sure the domain is listed.
  2. Check that you can resolve domain accounts on the local computer without qualifying them with a domain name
    $ getent passwd User
    You should see an output line that looks like passwd(5) output.
    The first field should be the user name, also not qualified by a domain.
  3. Go to GDM by logging out, or by Switch User from the user menu.
    On a Live CD if you get automatically logged in again, go to User Accounts and turn off Auto Login for the live cd user.
  4. Choose the Not Listed? option.
  5. Type User in the box.
    The case of the user should not matter.
  6. Type the user's domain password, and press enter.



More: Test with winbind

Test the above again with winbind, change the join command as follows:

$ realm join --client-software=winbind --user=Administrator ad.example.com

Troubleshooting

Use the --verbose argument to see details of what's being done during a join. Include verbose output in any bug reports.

$ realm join --verbose ad.example.com