summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNadezhda Ivanova <nivanova@samba.org>2010-04-15 18:21:55 +0300
committerNadezhda Ivanova <nivanova@samba.org>2010-04-15 18:21:55 +0300
commitcec0e86ec84a1347a330430337c6b8a643381001 (patch)
tree38ec6e30ec485b891d8f237603a2a80c51c0b19f
parent205c8266112d85543c3667854ac58e41c02fed17 (diff)
downloadsamba-cec0e86ec84a1347a330430337c6b8a643381001.tar.gz
samba-cec0e86ec84a1347a330430337c6b8a643381001.tar.bz2
samba-cec0e86ec84a1347a330430337c6b8a643381001.zip
s4:Added a test to make sure we ignore ACEs with ID flag set.
Diffstat
-rwxr-xr-xsource4/lib/ldb/tests/python/sec_descriptor.py13
1 files changed, 13 insertions, 0 deletions
diff --git a/source4/lib/ldb/tests/python/sec_descriptor.py b/source4/lib/ldb/tests/python/sec_descriptor.py
index 30f82e6a87..4a683f1b2e 100755
--- a/source4/lib/ldb/tests/python/sec_descriptor.py
+++ b/source4/lib/ldb/tests/python/sec_descriptor.py
@@ -1699,6 +1699,19 @@ class DaclDescriptorTests(DescriptorTests):
self.assertTrue("(D;ID;WP;;;DA)" in desc_sddl)
self.assertTrue("(D;CIIOID;WP;;;CO)" in desc_sddl)
+ def test_210(self):
+ """ OU with protected flag, provide ACEs with ID flag raised. Should be ignored.
+ """
+ ou_dn = "OU=test_inherit_ou," + self.base_dn
+ group_dn = "CN=test_inherit_group," + ou_dn
+ self.create_clean_ou(ou_dn)
+ # Add some custom ACE
+ mod = "D:(D;CIIO;WP;;;CO)(A;ID;WP;;;AU)"
+ self.create_domain_group(self.ldb_admin, group_dn, mod)
+ # Make sure created group object does not contain the ID ace
+ desc_sddl = self.get_desc_sddl(group_dn)
+ self.assertFalse("(A;ID;WP;;;AU)" in desc_sddl)
+
########################################################################################
generated by cgit (git 2.34.1) at 2024-07-11 15:00:33 +0000