diff options
author | Nadezhda Ivanova <nivanova@samba.org> | 2010-07-08 15:38:16 +0300 |
---|---|---|
committer | Nadezhda Ivanova <nivanova@samba.org> | 2010-07-08 15:38:16 +0300 |
commit | 10c60f237223f805566a66293418bd1cf04a8f5e (patch) | |
tree | a31c361a873402ce422f2ba558e292e54bfdb109 /source4/dsdb | |
parent | 328f3ca103e8cd8d73e591dccce6d4dd0fc30b48 (diff) | |
download | samba-10c60f237223f805566a66293418bd1cf04a8f5e.tar.gz samba-10c60f237223f805566a66293418bd1cf04a8f5e.tar.bz2 samba-10c60f237223f805566a66293418bd1cf04a8f5e.zip |
Added a test to prove by default users can change each other's pass if the old is known
Diffstat (limited to 'source4/dsdb')
-rwxr-xr-x | source4/dsdb/tests/python/acl.py | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/source4/dsdb/tests/python/acl.py b/source4/dsdb/tests/python/acl.py index 31bcd31ae2..471335f342 100755 --- a/source4/dsdb/tests/python/acl.py +++ b/source4/dsdb/tests/python/acl.py @@ -1165,6 +1165,31 @@ userPassword: thatsAcomplPASS2 else: self.fail() + def test_change_password7(self): + """Try a password change operation without any CARs given""" + #users have change password by default - remove for negative testing + desc = self.read_desc(self.get_user_dn(self.user_with_wp)) + sddl = desc.as_sddl(self.domain_sid) + self.modify_desc(self.get_user_dn(self.user_with_wp), sddl) + #first change our own password + self.ldb_user2.modify_ldif(""" +dn: """ + self.get_user_dn(self.user_with_pc) + """ +changetype: modify +delete: unicodePwd +unicodePwd:: """ + base64.b64encode("\"samba123@\"".encode('utf-16-le')) + """ +add: unicodePwd +unicodePwd:: """ + base64.b64encode("\"thatsAcomplPASS1\"".encode('utf-16-le')) + """ +""") + #then someone else's + self.ldb_user2.modify_ldif(""" +dn: """ + self.get_user_dn(self.user_with_wp) + """ +changetype: modify +delete: unicodePwd +unicodePwd:: """ + base64.b64encode("\"samba123@\"".encode('utf-16-le')) + """ +add: unicodePwd +unicodePwd:: """ + base64.b64encode("\"thatsAcomplPASS2\"".encode('utf-16-le')) + """ +""") + def test_reset_password1(self): """Try a user password reset operation (unicodePwd) before and after granting CAR""" try: |