Test Day:2013-07-25 AD trusts with POSIX attributes in AD and support for old clients
|Fedora Test Days|
|Provide users from trusted Active directory domain to legacy clients|
|Mail • Subscribe • Archives|
What to test?
Today's instalment of Fedora Test Day will focus on making the support for users coming from a trusted Active Directory domain available to legacy (non-SSSD) clients as well as providing support for using POSIX attributes from AD.
- Development: Alexander Bokovoy (ab), Jakub Hrozek
- Quality Assurance - Tester1 (irc_nick3), Tester2 (irc_nick4), Tester3 (irc_nick5)
We need your feedback!
- Talk to us on #freeipa on Freenode
- Send as an e-mail.
- Log issues and enhancements in FreeIPA Trac or Bugzilla.
Prerequisite for Test Day
- An instance of Microsoft Active Directory 2008 R2 or newer
- A live image. Tips on using a live image are available at FedoraLiveCD.
- An up-to-date Fedora 19 instance along with a custom repository containing the required packages
- TODO - Add links to a repository at repos.fedorapeople.org
- An updated Rawhide (tips on installing Rawhide below), or a nightly live image
How to test?
This test day focuses on making users and groups from a trusted AD domain available to a wide range of clients. Even if your flavor of Linux or UNIX client is not described in the steps below, you are still welcome to join the test day! In general, the testing would include:
- Establish a trust between an IPA server and an Active Directory instance following the steps below
- Set up the LDAP client software (such as nss_ldap or pam_ldap) on your client to point to the IPA server
- Retrieve identity information about users coming from the trusted AD domain
- Authenticate as a user coming from the trusted AD domain
Please report any issues you find using the channels described above or simply start a thread on the freeipa-users mailing list.
- 1. IPA server and client installation.
- After finishing this test case, you would have a working IPA server and a client
- 2. Establish trust with an AD server.
- When this test case is completed, the trust relationship between an IPA server and an AD server would be established
- 3. Use nss-pam-ldapd to give access to trusted domain users
- This is actual test for old clients using nss-pam-ldapd (http://arthurdejong.org/git/nss-pam-ldapd). We are interested in test on RHEL 4/5, FreeBSD, and Solaris/AIX
Construct a table or list to allow testers to post results. Each column should be a test case or configuration, and each row should consist of test results. Include some instructions on how to report bugs, and any special instructions. Here's an example, from a Palimpsest test day:
If you have problems with any of the tests, report a bug to Bugzilla usually for the component udisks, or gnome-disk-utility for bugs in the Palimpsest graphical front end itself. If you are unsure about exactly how to file the report or what other information to include, just ask on IRC and we will help you. Once you have completed the tests, add your results to the Results table below, following the example results from the first line as a template. The first column should be your name with a link to your User page in the Wiki if you have one. For each test case, use the result template to enter your result, as shown in the example result line.
|User||Sample test 1||Sample test 2||Sample test 3||Sample test 4||References|