From Fedora Project Wiki

Description

Configuring and testing the list of domains associated with IPA realm.

Setup

  1. Setup IPA Server per QA:Testcase_freeipav3_installation

How to test

1. Authenticate as admin

user@server$ kinit admin
Password for admin@IPA.EXAMPLE.ORG: 

2. List the current realm domains. After the installation, only the domain of the IPA server should be listed:

user@server$ ipa realmdomains-show
 Domain: ipa.example.org

3. Add a new domain to the list:

user@server$ ipa realmdomains-mod --add-domain=example.com
 Domain: ipa.example.org, example.com

4. Delete a domain from the list:

user@server$ ipa realmdomains-mod --del-domain=example.com
 Domain: ipa.example.org

5. Replace the list with a new list. The new list must contain the IPA domain:

user@server$ ipa realmdomains-mod --domain={ipa.example.org,example1.com,example2.com}
 Domain: ipa.example.org, example2.com, example1.com

6. Deleting the IPA domain from the list is not allowed:

user@server$ ipa realmdomains-mod --del-domain=ipa.example.org
ipa: ERROR: invalid 'del_domain': cannot delete domain of IPA server
   
user@server$ ipa realmdomains-mod --domain={example1.com,example2.com}
ipa: ERROR: invalid 'domain': cannot delete domain of IPA server

7. Let's reset the list of realmdomains:

user@server$ ipa realmdomains-mod --domain=ipa.example.org
 Domain: ipa.example.org

8. And try to add a non-existent domain. It is not allowed by default:

user@server$ ipa realmdomains-mod --add-domain=nosuchdomain.test
ipa: ERROR: invalid 'add_domain': no SOA or NS records found for domain nosuchdomain.test

9. But we can force the addition:

user@server$ ipa realmdomains-mod --add-domain=nosuchdomain.test --force
 Domain: ipa.example.org, nosuchdomain.test

Expected Results

All the test steps should end with the above specified results.