Validating basic authentication and password policy operations

Before you begin testing organization-specific scenarios, such as the integration of migration scripts or customized access control policies, you should verify basic operations are handled as expected. At a minimum, you should perform some of the following tests to verify basic operations:

  • Verify a UNIX profile exists for the Active Directory users and groups to be used in testing.
  • Verify the UNIX computer has successfully joined an Active Directory domain and the computer account has been created correctly.
  • Verify an Active Directory user assigned the UNIX Login role is authenticated and can access computers in the zone used for testing.
  • Verify migrated users assigned the UNIX Login role can log on using their UNIX or Active Directory user name and Active Directory password.
  • Verify an Active Directory user assigned the Listed role has a valid UNIX profile, but cannot log on to computers in the zone used for testing.
  • Verify that workstation authorization or account lockout policies defined in Active Directory are enforced.
  • Verify that password management policies defined in Active Directory are properly enforced.
  • Verify that a previously authenticated user is authenticated successfully when the UNIX lab computer is offline.
  • Verify that common lookup commands and commands that require user and group information work as expected.

You can verify authentication, authorization, and password policy operations by setting options in Active Directory and attempting to log on and log off the computers in the pilot deployment.