From 163a39334c3ae79b4c26140b5334aa929634f868 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 12 Mar 2025 15:42:58 +0100 Subject: [PATCH] python:tests/krb5: allow set_pac_sids() to take upn_dns_sid Signed-off-by: Stefan Metzmacher Reviewed-by: Ralph Boehme --- python/samba/tests/krb5/kdc_base_test.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/python/samba/tests/krb5/kdc_base_test.py b/python/samba/tests/krb5/kdc_base_test.py index fac9dedbe07..2022d9bfe8f 100644 --- a/python/samba/tests/krb5/kdc_base_test.py +++ b/python/samba/tests/krb5/kdc_base_test.py @@ -2022,6 +2022,7 @@ class KDCBaseTest(TestCaseInTempDir, RawKerberosTest): new_sids, domain_sid=None, user_rid=None, + upn_dns_sid=None, requester_sid=None, set_user_flags=0, reset_user_flags=0): @@ -2146,10 +2147,13 @@ class KDCBaseTest(TestCaseInTempDir, RawKerberosTest): elif pac_buffer.type == krb5pac.PAC_TYPE_UPN_DNS_INFO: upn_dns_info_ex = pac_buffer.info.ex - if user_rid is not None: - upn_dns_info_ex.objectsid = security.dom_sid( + if upn_dns_sid is None and user_rid is not None: + upn_dns_sid = security.dom_sid( f'{domain_sid}-{user_rid}') + if upn_dns_sid is not None: + upn_dns_info_ex.objectsid = upn_dns_sid + elif pac_buffer.type == krb5pac.PAC_TYPE_REQUESTER_SID: if requester_sid is not None: pac_buffer.info.sid = requester_sid -- 2.47.3