From 1052062a846caff7ff384073aa4225c33fd2fb5c Mon Sep 17 00:00:00 2001 From: shridhargadekar Date: Thu, 9 Jan 2025 14:48:40 +0530 Subject: [PATCH] Adcli: adding class and methods for adcli Adding adcli class, and methods including info, discovery, join --- sssd_test_framework/utils/adcli.py | 198 +++++++++++++++++++++++++++++ 1 file changed, 198 insertions(+) create mode 100644 sssd_test_framework/utils/adcli.py diff --git a/sssd_test_framework/utils/adcli.py b/sssd_test_framework/utils/adcli.py new file mode 100644 index 0000000..c3590f4 --- /dev/null +++ b/sssd_test_framework/utils/adcli.py @@ -0,0 +1,198 @@ +"""Perform actions on Active Directory.""" + +from __future__ import annotations + +from pytest_mh import MultihostHost, MultihostUtility +from pytest_mh.cli import CLIBuilder, CLIBuilderArgs +from pytest_mh.conn import ProcessResult +from pytest_mh.utils.fs import LinuxFileSystem + +__all__ = [ + "ADCLIUtils", +] + + +class ADCLI(MultihostUtility[MultihostHost]): + """ + Call commands from adcli + """ + + def __init__(self, host: MultihostHost, fs: LinuxFileSystem) -> None: + super().__init__(host) + + self.cli: CLIBuilder = self.host.cli + """Command line builder.""" + + self.fs: LinuxFileSystem = fs + """Filesystem utils.""" + + def _info( + self, + *, + domain: str | None = None, + domain_controller: str | None, + ) -> str: + """ + Call ``adcli info `` with given arguments. + + :param domain: Displays discovered information about an Active Directory domain, defaults to None + :type domain: str | None, + :param domain_controller: Domain controller to connect, defaults to None + :type domain_controller: str | None, optional + """ + args: CLIBuilderArgs = { + "domain": (self.cli.option.VALUE, domain), + "domain_controller": (self.cli.option.VALUE, domain_controller), + } + + self.host.conn.exec(["adcli", "info"] + self.cli.args(args)) + + def _testjoin( + self, + *, + domain: str| None = None, + domain_controller: str| None = None, + host_keytab: str| None = None, + ) -> str: + """ + call ``adcli testjoin `` with given arguments. + + :param domain: Target Active Directory domain, defaults to None + :type domain: str | None, optional + :param domain_controller: Domain controller to connect + :type domain_controller: str | None, optional + """ + args: CLIBuilderArgs = { + "domain": (self.cli.option.VALUE, domain), + "domain_controller": (self.cli.option.VALUE, domain_controller), + "host_keytab": (self.cli.option.VALUE, host_keytab), + } + self.host.conn.exec(["adcli", "testjoin"] + self.cli.args(args)) + + def _join( + self, + *, + domain: str| None = None, + domain_controller: str| None = None, + domain_realm: str| None = None, + host_fqdn: str| None = None, + host_keytab: str| None = None, + computer_name: str| None = None, + login_ccache: str| None = None, + login_user: str| None = None, + login_type: str| None = None, + domain_ou: str| None = None, + service_name: str| None = None, + os_name: str| None = None, + os_version: str| None = None, + os_service_pack: str| None = None, + user_principal: str| None = None, + trusted_for_delegation: str| None = None, + dont_expire_password: str| None = None, + add_service_principal: str| None = None, + description: str| None = None, + setattrs: str| None = None, + no_password: str| None = None, + promp_password: str| None = None, + stdin_password: str| None = None, + one_time_password: str| None = None, + show_password: str| None = None, + show_details: str| None = None, + add_samba_data: str| None = None, + samba_data_tool: str| None = None, + ldap_passwd: str| None = None, + ) -> str: + """ + call ``adcli join`` with given arguments. + + :param domain: Target Active Directory domain, defaults to None + :type domain: str | None, optional + :param domain_controller: Domain controller to connect + :type domain_controller: str | None, optional + :param domain_realm: kerberos realm for domain + :type domain_realm: str | None, optional + :param host_fqdn: override FQDN of local machine + :type host_fqdn: str | None, optional + :param host_keytab: filename for the host kerberos keytab + :type host_keytab: str | None, optional + :param computer_name: override the netbios short name of the local machine + :type computer_name: str | None, optional + :param login_ccache: kerberos credential cache file containing ticket to used to coneect to domain + :type login_ccache: str | None, optional + :param login_user: user (usually administrative) login name of the account to log into the domain as + :type login_user: str | None, optional + :param login_type: restrict type of login allowed when connecting to the domain, either 'computer' or 'user' + :type login_type: str | None, optional + :param domain_ou: a LDAP DN representing an organizational unit in whichthe computer account should be placed + :type domain_ou: str| None = None, optional + :param service_name: additional service name for a kerberos service principal to be created on the account + :type service_name: str| None = None, optional + :param os_name: the computer operating system name + :type os_name: str| None = None, optional + :param os_version: the computer operating system version + :type os_version: str| None = None, optional + :param os_service_pack: the computer operating system service pack + :type os_service_pack: str| None = None, optional + :param user_principal: add an authentication principal to the account + :type user_principal: str| None = None, optional + :param trusted_for_delegation: set/unset the TRUSTED_FOR_DELEGATION flag in the userAccountControl attribute + :type trusted_for_delegation: str| None = None, optional + :param dont_expire_password: set/unset the DONT_EXPIRE_PASSWORD flag in the userAccountControl attribute + :type dont_expire_password: str| None = None, optional + :param add_service_principal: add the given service principal to the account + :type add_service_principal: str| None = None, optional + :param description: add a description to the account + :type description: str| None = None, optional + :param setattrs: add an attribute with a value + :type setattrs: str| None = None, optional + :param no_password: don't prompt for or read a password + :type no_password: str| None = None, optional + :param promp_password: prompt for a password if necessary + :type promp_password: str| None = None, optional + :param stdin_password: read a password from stdin (until EOF) if necessary + :type stdin_password: str| None = None, optional + :param one_time_password: password to use for the preset computer account + :type one_time_password: str| None = None, optional + :param show_password: show computer account password after a successful join + :type show_password: str| None = None, optional + :param show_details: show information about joining the domain after a successful join + :type show_details: str| None = None, optional + :param add_samba_data: add domain SID and computer account password to the Samba specific configuration database + :type add_samba_data: str| None = None, optional + :param samba_data_tool: Absolute path to the tool used for add-samba-data + :type samba_data_tool: str| None = None, optional + :param ldap-password: Use LDAP add/mod operations to set/change password, defaults to None + :type ldap-password: str | None, optional + """ + args: CLIBuilderArgs = { + "domain": (self.cli.option.VALUE, domain), + "domain-controller": (self.cli.option.VALUE, domain_controller), + "host-keytab": (self.cli.option.VALUE, host_keytab), + "host-fqdn": (self.cli.option.VALUE, host_fqdn), + "computer-name": (self.cli.option.VALUE, computer_name), + "login-ccache": (self.cli.option.VALUE, login_ccache), + "login-user": (self.cli.option.VALUE, login_user), + "login-type": (self.cli.option.VALUE, login_type), + "domain-ou": (self.cli.option.VALUE, domain_ou), + "service-name": (self.cli.option.VALUE, service_name), + "os-name": (self.cli.option.VALUE, os_name), + "os-version": (self.cli.option.VALUE, os_version), + "os-service-pack": (self.cli.option.VALUE, os_service_pack), + "user-principal": (self.cli.option.VALUE, user_principal), + "trusted-for-delegation": (self.cli.option.VALUE, trusted_for_delegation), + "dont-expire-password": (self.cli.option.VALUE, dont_expire_password), + "add-service-principal": (self.cli.option.VALUE, add_service_principal), + "description": (self.cli.option.VALUE, description), + "setattrs": (self.cli.option.VALUE, setattrs), + "no-password": (self.cli.option.VALUE, no_password), + "prompt-password": (self.cli.option.VALUE, promp_password), + "stdin-password": (self.cli.option.VALUE, stdin_password), + "one-time-password": (self.cli.option.VALUE, one_time_password), + "show-password": (self.cli.option.VALUE, show_password), + "show-details": (self.cli.option.VALUE, show_details), + "add-samba-data": (self.cli.option.VALUE, add_samba_data), + "samba-data-tool": (self.cli.option.VALUE, samba_data_tool), + "ldap-passwd": (self.cli.option.VALUE, ldap_passwd), + } + self.host.conn.exec(["adcli", "join"] + self.cli.args(args)) +