netcmd: domain: add test for silo if policy is a dn

Signed-off-by: Rob van der Linde <rob@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>

diff --git a/python/samba/tests/samba_tool/domain_auth_silo.py b/python/samba/tests/samba_tool/domain_auth_silo.py
index 0970559a8df918676ec811ed36a9ed1de82ac053..96e617dfbe367ec1821adf21691689c20d0d6dac 100644 (file)
--- a/python/samba/tests/samba_tool/domain_auth_silo.py
+++ b/python/samba/tests/samba_tool/domain_auth_silo.py
@@ -118,6 +118,23 @@ class AuthSiloCmdTestCase(BaseAuthCmdTest):
         self.assertIn("Computer Policy", str(silo["msDS-ComputerAuthNPolicy"]))
         self.assertEqual(str(silo["msDS-AuthNPolicySiloEnforced"]), "TRUE")
 
+    def test_authentication_silo_create_policy_dn(self):
+        """Test creating a new authentication silo when policy is a dn."""
+        policy = self.get_authentication_policy("Single Policy")
+
+        result, out, err = self.runcmd("domain", "auth", "silo", "create",
+                                       "--name", "singlePolicyDN",
+                                       "--policy", policy["dn"])
+        self.assertIsNone(result, msg=err)
+
+        # Check silo that was created
+        silo = self.get_authentication_silo("singlePolicyDN")
+        self.assertEqual(str(silo["cn"]), "singlePolicyDN")
+        self.assertIn(str(policy["name"]), str(silo["msDS-UserAuthNPolicy"]))
+        self.assertIn(str(policy["name"]), str(silo["msDS-ServiceAuthNPolicy"]))
+        self.assertIn(str(policy["name"]), str(silo["msDS-ComputerAuthNPolicy"]))
+        self.assertEqual(str(silo["msDS-AuthNPolicySiloEnforced"]), "TRUE")
+
     def test_authentication_silo_create_already_exists(self):
         """Test creating a new authentication silo that already exists."""
         result, out, err = self.runcmd("domain", "auth", "silo", "create",