Test: Check case-insensitive while checking with group lookup for a overrideuser

src/tests/multihost/ipa/test_adtrust.py

@@ -856,3 +856,65 @@ def test_ldap_user_extra_attrs(multihost, create_aduser_group):
         assert check_id.returncode == 0, f'{aduser} id is not successful'
         assert f"{aduser}@{domain}" in check_id.stdout_text, "User name was not resolved."
         assert f"{adgroup}@{domain}" in check_id.stdout_text, "Group name was not resolved."
+
+    @staticmethod
+    def test_s2n_get_request(multihost):
+        """
+        :title: User lookup on IPA client fails with 's2n get_fqlist request failed'
+        :id: fae73dd7-5a18-4aa4-a39f-a20a2f66b1c9
+        :customerscenario: true
+        :bugzilla:
+            https://bugzilla.redhat.com/show_bug.cgi?id=2192708
+            https://bugzilla.redhat.com/show_bug.cgi?id=2196838
+            https://bugzilla.redhat.com/show_bug.cgi?id=2196816
+            https://bugzilla.redhat.com/show_bug.cgi?id=2196839
+        :description: When checking if the input group-name of an autogenerated
+            user-private-group is the original name from AD or an overwritten one the
+            comparison is currently done case sensitive.
+            Since AD handles names case-insensitive and hence SSSD should do this as
+            well to make sure that e.g. mixed-case names like Administrator can be
+            match reliable.
+        :setup:
+          1. Add an Administrator user override to the 'default trust view' with sshpubkey.
+        :steps:
+          1. Check group lookup for Administrator user using mixed chars upper/lower cases.
+        :expectedresults:
+          1. Successfully group lookup the administrator user using mixed chars cases.
+        """
+        domain = multihost.ad[0].domainname
+
+        ipa_client = sssdTools(multihost.client[0])
+        ipa_master = sssdTools(multihost.master[0])
+
+        ssh_key = f"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCiOfcg3WRL6z+6XWSAw4mT7q7aE7rj1KmhaM6U5" \
+                  f"fmbN5QnEfCAMp8qbSbBLsjY0F501ZNpcAgeefDv3oNYL62sfac8OzWf5eXZlKJQYYILi8dv8i8HoJ" \
+                  f"BT9+n81Y5w1UVbmRNX9n2lqqxdfhiL2iIsbzJ1KGmIw6JlmbeRtcgGRQzt0M+Ggftl6Kr97obEWo1" \
+                  f"l9E5QWvkliecPXWJVTBUpM+Gr2CWhqLtNf5VALjYilX3jfC2355hIR8R8UsnkbWbjNksj7nruUQP9" \
+                  f"goHcbJ6vbyzka3v/2aRC5eIa7b8NE8vwRbrtp5CV9QNbx/GiTY6T50CJE0lyEwmlLHKUmovt " \
+                  f"Administrator@{domain}"
+
+        # Add override user with ssh pub key
+        add_user_override = f"ipa idoverrideuser-add 'Default Trust View' Administrator@{domain} " \
+                            f"--sshpubkey='{ssh_key}'"
+        multihost.master[0].run_command(add_user_override, raiseonerr=False)
+
+        ipa_master.clear_sssd_cache()
+        ipa_client.clear_sssd_cache()
+        time.sleep(5)
+
+        # check lookup of group
+        group_lookup1 = f'getent group administrator@{domain}'
+        check_gr_lookup1 = multihost.client[0].run_command(group_lookup1, raiseonerr=False)
+
+        group_lookup2 = f'getent group adMiniStraTor@{domain}'
+        check_gr_lookup2 = multihost.client[0].run_command(group_lookup2, raiseonerr=False)
+
+        # Delete an Administrator User ID override
+        cmd_to_delete = f"ipa idoverrideuser-del 'default trust view' administrator@{domain}"
+        multihost.master[0].run_command(cmd_to_delete, raiseonerr=False)
+
+        # Test result Evaluations
+        assert check_gr_lookup1.returncode == 0 and check_gr_lookup2.returncode == 0, \
+            f"group lookup was not resolved."
+        assert f"administrator@{domain}" in check_gr_lookup1.stdout_text, "Group name was not resolved."
+        assert f"administrator@{domain}" in check_gr_lookup2.stdout_text, "Group name was not resolved."