selftest: Run the krb5.kdc test on a more selective basis

The previous tests would take 20mins, the new set of tests take around 7 mins and still cover
the important combinations, given that it is the same KDC code in each environment

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
index 4866cd72ee72dce7102d077a0e45daebeed97e6c..5be840dec624a4672a846f8933479e229d505e13 100755 (executable)
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -662,19 +662,34 @@ for env in ['vampire_dc', 'promoted_dc']:
 for env in ["ad_dc_ntvfs", "s4member", "rodc", "promoted_dc", "ad_dc", "ad_member"]:
     plantestsuite("samba.blackbox.wbinfo(%s:local)" % env, "%s:local" % env, [os.path.join(samba4srcdir, "../nsswitch/tests/test_wbinfo.sh"), '$DOMAIN', '$DC_USERNAME', '$DC_PASSWORD', env])
 
-for env in ["ad_dc_ntvfs", "rodc", "promoted_dc", "ad_dc", "fl2000dc", "fl2003dc", "fl2008r2dc"]:
-    if env == "rodc":
-        extra_options = ['--option=torture:expect_rodc=true']
-    else:
-        extra_options = []
-
-    plansmbtorture4testsuite('krb5.kdc', env, ['ncacn_np:$SERVER_IP', "-k", "yes", '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', '--realm=$REALM'] + extra_options,
-                             "samba4.krb5.kdc with specified account")
-    plansmbtorture4testsuite('krb5.kdc', env, ['ncacn_np:$SERVER_IP', "-k", "yes", '-Utestdenied%$PASSWORD', '--workgroup=$DOMAIN', '--realm=$REALM', '--option=torture:krb5-upn=testdenied_upn@$REALM.upn'] + extra_options,
-                             "samba4.krb5.kdc with account DENIED permission to replicate to an RODC")
-
-    # These last two tests are for users cached at the RODC
+#
+# KDC Tests
+#
+    
+# This test is for users cached at the RODC
+plansmbtorture4testsuite('krb5.kdc', "rodc", ['ncacn_np:$SERVER_IP', "-k", "yes", '-Utestdenied%$PASSWORD',
+                                              '--workgroup=$DOMAIN', '--realm=$REALM',
+                                              '--option=torture:krb5-upn=testdenied_upn@$REALM.upn',
+                                              '--option=torture:expect_rodc=true'],
+                         "samba4.krb5.kdc with account DENIED permission to replicate to an RODC")
+plansmbtorture4testsuite('krb5.kdc', "rodc", ['ncacn_np:$SERVER_IP', "-k", "yes", '-Utestallowed\ account%$PASSWORD',
+                                              '--workgroup=$DOMAIN', '--realm=$REALM',
+                                              '--option=torture:expect_machine_account=true',
+                                              '--option=torture:krb5-upn=testallowed\ upn@$REALM',
+                                              '--option=torture:krb5-hostname=testallowed',
+                                              '--option=torture:expect_rodc=true',
+                                              '--option=torture:expect_cached_at_rodc=true'],
+                         "samba4.krb5.kdc with account ALLOWED permission to replicate to an RODC")
+
+# This ensures we have correct behaviour on a server that is not not the PDC emulator
+env="promoted_dc"
+plansmbtorture4testsuite('krb5.kdc', env, ['ncacn_np:$SERVER_IP', "-k", "yes", '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN', '--realm=$REALM'],
+                         "samba4.krb5.kdc with specified account")
+
+
+for env in ["rodc", "promoted_dc", "ad_dc", "fl2000dc", "fl2008r2dc"]:
     if env == "rodc":
+        # The machine account is cached at the RODC, as it is the local account
         extra_options = ['--option=torture:expect_rodc=true', '--option=torture:expect_cached_at_rodc=true']
     else:
         extra_options = []
@@ -685,12 +700,6 @@ for env in ["ad_dc_ntvfs", "rodc", "promoted_dc", "ad_dc", "fl2000dc", "fl2003dc
                                             '--option=torture:run_removedollar_test=true',
                                             '--option=torture:expect_machine_account=true'] + extra_options,
                              "samba4.krb5.kdc with machine account")
-    plansmbtorture4testsuite('krb5.kdc', env, ['ncacn_np:$SERVER_IP', "-k", "yes", '-Utestallowed\ account%$PASSWORD',
-                                               '--workgroup=$DOMAIN', '--realm=$REALM',
-                                               '--option=torture:expect_machine_account=true',
-                                               '--option=torture:krb5-upn=testallowed\ upn@$REALM',
-                                               '--option=torture:krb5-hostname=testallowed'] + extra_options,
-                             "samba4.krb5.kdc with account ALLOWED permission to replicate to an RODC")
 
 
 for env in [