QA:Testcase kerberos without krb5 conf

This page was last edited on 16 October 2012, at 12:27.

From Fedora Project Wiki

Revision as of 12:27, 16 October 2012 by Stefw (talk | contribs) (Initial test case)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Description

Work has been done to make krb5 configurationless, and unbreak the default /etc/krb5.conf that was distributed with Fedora 17 and earlier.

Setup

Make sure you have an Active Directory to access. We'll use AD.EXAMPLE.COM
First run the test below with the config. Move /etc/krb5.conf away if it exists:
```
$ sudo mv /etc/krb5.conf /etc/krb5.conf.bak
```
Now run the test below with a default /etc/krb5.conf file. Copy the attached config file into place.
```
$ sudo vi /etc/krb5.conf
```

How to test

Do a kinit against your Active Directory domain. Yes it's vital that you use the fully capitalized form of the domain name.
```
$ kinit Administrator@AD.EXAMPLE.COM
```
You should be prompted for a password, and no error message should be printed.

Expected Results

The kinit should complete successfully

Look at the ticket that kinit retrieved. It should look something like:

$ klist -e
Ticket cache: DIR::/run/user/1000/krb5cc_...
Default principal: Administrator@AD.EXAMPLE.COM

Valid starting     Expires            Service principal
10/15/12 00:52:34  10/15/12 10:52:34  krbtgt/AD.EXAMPLE.COM@AD.EXAMPLE.COM
        renew until 10/16/12 00:52:39, Etype (skey, tkt): aes256-cts-hmac-sha1-96, aes256-cts-hmac-sha1-96

Retrieved from "https://fedoraproject.org/w/index.php?title=QA:Testcase_kerberos_without_krb5_conf&oldid=307138"

Active Directory Test Cases

Copyright © 2024 Red Hat, Inc. and others. All Rights Reserved. For comments or queries, please contact us.

The Fedora Project is maintained and driven by the community and sponsored by Red Hat. This is a community maintained site. Red Hat is not responsible for content.