diff options
Diffstat (limited to 'source4/lib')
-rw-r--r-- | source4/lib/ldb/Makefile.ldb | 6 | ||||
-rw-r--r-- | source4/lib/ldb/modules/schema.c | 65 | ||||
-rw-r--r-- | source4/lib/ldb/tests/schema-add-test.ldif | 66 | ||||
-rw-r--r-- | source4/lib/ldb/tests/schema-mod-test.ldif | 25 | ||||
-rw-r--r-- | source4/lib/ldb/tests/schema.ldif | 634 | ||||
-rwxr-xr-x | source4/lib/ldb/tests/test-schema.sh | 20 |
6 files changed, 764 insertions, 52 deletions
diff --git a/source4/lib/ldb/Makefile.ldb b/source4/lib/ldb/Makefile.ldb index 29d33007da..791a345f72 100644 --- a/source4/lib/ldb/Makefile.ldb +++ b/source4/lib/ldb/Makefile.ldb @@ -96,7 +96,11 @@ test-ldap: @echo "STARTING LDAP BACKEND TEST" tests/test-ldap.sh -test: test-tdb test-ldap +test-schema: + @echo "STARTING SCHEMA MODULE TEST" + tests/test-schema.sh + +test: test-tdb test-ldap test-schema gcov: gcov -po ldb_ldap ldb_ldap/*.c 2| tee ldb_ldap.report.gcov diff --git a/source4/lib/ldb/modules/schema.c b/source4/lib/ldb/modules/schema.c index 7a772d87aa..97cc26a0dd 100644 --- a/source4/lib/ldb/modules/schema.c +++ b/source4/lib/ldb/modules/schema.c @@ -32,6 +32,7 @@ * Author: Simo Sorce */ +#include <ctype.h> #include "includes.h" #include "ldb/include/ldb.h" #include "ldb/include/ldb_private.h" @@ -74,7 +75,6 @@ static struct attribute_syntax attrsyn[] = { struct private_data { - struct ldb_context *schema_db; const char *error_string; }; @@ -273,6 +273,7 @@ static int get_attr_list_recursive(struct ldb_module *module, struct ldb_context } if (!ok) { /* Schema Violation: Object Class Description Not Found */ + ldb_debug(module->ldb, LDB_DEBUG_ERROR, "Objectclass %s not found.\n", schema_struct->objectclass_list[i].name); data->error_string = "ObjectClass not found"; return -1; } @@ -280,11 +281,13 @@ static int get_attr_list_recursive(struct ldb_module *module, struct ldb_context } else { if (ret < 0) { /* Schema DB Error: Error occurred retrieving Object Class Description */ + ldb_debug(module->ldb, LDB_DEBUG_ERROR, "Error retrieving Objectclass %s.\n", schema_struct->objectclass_list[i].name); data->error_string = "Internal error. Error retrieving schema objectclass"; return -1; } if (ret > 1) { /* Schema DB Error: Too Many Records */ + ldb_debug(module->ldb, LDB_DEBUG_ERROR, "Too many records found retrieving Objectclass %s.\n", schema_struct->objectclass_list[i].name); data->error_string = "Internal error. Too many records searching for schema objectclass"; return -1; } @@ -393,7 +396,7 @@ static int schema_add_record(struct ldb_module *module, const struct ldb_message } /* find all other objectclasses recursively */ - ret = get_attr_list_recursive(module, data->schema_db, entry_structs); + ret = get_attr_list_recursive(module, module->ldb, entry_structs); if (ret != 0) { talloc_free(entry_structs); return ret; @@ -413,7 +416,8 @@ static int schema_add_record(struct ldb_module *module, const struct ldb_message } if ( ! found ) { - data->error_string = "Objectclass violation, a required attribute is mischema_structing"; + ldb_debug(module->ldb, LDB_DEBUG_ERROR, "The required attribute %s is missing.\n", entry_structs->must[i].name); + data->error_string = "Objectclass violation, a required attribute is missing"; talloc_free(entry_structs); return -1; } @@ -435,6 +439,7 @@ static int schema_add_record(struct ldb_module *module, const struct ldb_message } if ( ! found ) { + ldb_debug(module->ldb, LDB_DEBUG_ERROR, "The attribute %s is not referenced by any objectclass.\n", entry_structs->check_list[i].name); data->error_string = "Objectclass violation, an invalid attribute name was found"; talloc_free(entry_structs); return -1; @@ -487,7 +492,7 @@ static int schema_modify_record(struct ldb_module *module, const struct ldb_mess } /* find all modify objectclasses recursively if any objectclass is being added */ - ret = get_attr_list_recursive(module, data->schema_db, modify_structs); + ret = get_attr_list_recursive(module, module->ldb, modify_structs); if (ret != 0) { talloc_free(entry_structs); return ret; @@ -501,7 +506,7 @@ static int schema_modify_record(struct ldb_module *module, const struct ldb_mess } /* find all other objectclasses recursively */ - ret = get_attr_list_recursive(module, data->schema_db, entry_structs); + ret = get_attr_list_recursive(module, module->ldb, entry_structs); if (ret != 0) { talloc_free(entry_structs); return ret; @@ -517,6 +522,7 @@ static int schema_modify_record(struct ldb_module *module, const struct ldb_mess for (j = 0; j < entry_structs->must_num; j++) { if (schema_attr_cmp(entry_structs->must[j].name, modify_structs->check_list[i].name) == 0) { if ((modify_structs->check_list[i].flags & SCHEMA_FLAG_MOD_MASK) == SCHEMA_FLAG_MOD_DELETE) { + ldb_debug(module->ldb, LDB_DEBUG_ERROR, "Trying to delete the required attribute %s.\n", modify_structs->check_list[i].name); data->error_string = "Objectclass violation: trying to delete a required attribute"; talloc_free(entry_structs); return -1; @@ -544,6 +550,7 @@ static int schema_modify_record(struct ldb_module *module, const struct ldb_mess for (j = 0; j < modify_structs->check_list_num; j++) { if (schema_attr_cmp(modify_structs->must[i].name, modify_structs->check_list[j].name) == 0) { if ((modify_structs->check_list[i].flags & SCHEMA_FLAG_MOD_MASK) == SCHEMA_FLAG_MOD_DELETE) { + ldb_debug(module->ldb, LDB_DEBUG_ERROR, "Trying to delete the required attribute %s.\n", modify_structs->must[i].name); data->error_string = "Objectclass violation: trying to delete a required attribute"; talloc_free(entry_structs); return -1; @@ -555,6 +562,7 @@ static int schema_modify_record(struct ldb_module *module, const struct ldb_mess } if ( ! found ) { + ldb_debug(module->ldb, LDB_DEBUG_ERROR, "The required attribute %s is missing.\n", modify_structs->must[i].name); data->error_string = "Objectclass violation, a required attribute is missing"; talloc_free(entry_structs); return -1; @@ -578,6 +586,7 @@ static int schema_modify_record(struct ldb_module *module, const struct ldb_mess } if ( ! found ) { + ldb_debug(module->ldb, LDB_DEBUG_ERROR, "The attribute %s is not referenced by any objectclass.\n", modify_structs->check_list[i].name); data->error_string = "Objectclass violation, an invalid attribute name was found"; talloc_free(entry_structs); return -1; @@ -641,9 +650,6 @@ static const struct ldb_module_ops schema_ops = { schema_errstring, }; -#define SCHEMA_PREFIX "schema:" -#define SCHEMA_PREFIX_LEN 7 - #ifdef HAVE_DLOPEN_DISABLED struct ldb_module *init_module(struct ldb_context *ldb, const char *options[]) #else @@ -652,58 +658,15 @@ struct ldb_module *schema_module_init(struct ldb_context *ldb, const char *optio { struct ldb_module *ctx; struct private_data *data; - char *db_url = NULL; - int i; ctx = talloc(ldb, struct ldb_module); if (!ctx) { return NULL; } - if (options) { - for (i = 0; options[i] != NULL; i++) { - if (strncmp(options[i], SCHEMA_PREFIX, SCHEMA_PREFIX_LEN) == 0) { - db_url = talloc_strdup(ctx, &options[i][SCHEMA_PREFIX_LEN]); - SCHEMA_TALLOC_CHECK(ctx, db_url, NULL); - } - } - } - - if (!db_url) { /* search if it is defined in the calling ldb */ - int ret; - const char * attrs[] = { "@SCHEMADB", NULL }; - struct ldb_message **msgs; - - ret = ldb_search(ldb, "", LDB_SCOPE_BASE, "dn=@MODULES", (const char * const *)attrs, &msgs); - if (ret == 0) { - ldb_debug(ldb, LDB_DEBUG_TRACE, "Schema DB not found\n"); - ldb_search_free(ldb, msgs); - return NULL; - } else { - if (ret < 0) { - ldb_debug(ldb, LDB_DEBUG_FATAL, "ldb error (%s) occurred searching for schema db, bailing out!\n", ldb_errstring(ldb)); - ldb_search_free(ldb, msgs); - return NULL; - } - if (ret > 1) { - ldb_debug(ldb, LDB_DEBUG_FATAL, "Too many records found, bailing out\n"); - ldb_search_free(ldb, msgs); - return NULL; - } - - db_url = talloc_strndup(ctx, msgs[0]->elements[0].values[0].data, msgs[0]->elements[0].values[0].length); - SCHEMA_TALLOC_CHECK(ctx, db_url, NULL); - } - - ldb_search_free(ldb, msgs); - } - data = talloc(ctx, struct private_data); SCHEMA_TALLOC_CHECK(ctx, data, NULL); - data->schema_db = ldb_connect(db_url, 0, NULL); - SCHEMA_TALLOC_CHECK(ctx, data->schema_db, NULL); - data->error_string = NULL; ctx->private_data = data; ctx->ldb = ldb; diff --git a/source4/lib/ldb/tests/schema-add-test.ldif b/source4/lib/ldb/tests/schema-add-test.ldif new file mode 100644 index 0000000000..997b801d84 --- /dev/null +++ b/source4/lib/ldb/tests/schema-add-test.ldif @@ -0,0 +1,66 @@ +dn: CN=Users,DC=schema,DC=test +objectClass: top +objectClass: container +cn: Users +description: Default container for upgraded user accounts +instanceType: 4 +whenCreated: 20050116175504.0Z +whenChanged: 20050116175504.0Z +uSNCreated: 1 +uSNChanged: 1 +showInAdvancedViewOnly: FALSE +name: Users +objectGUID: b847056a-9934-d87b-8a1a-99fabe0863c8 +systemFlags: 0x8c000000 +objectCategory: CN=Container,CN=Schema,CN=Configuration,DC=schema,DC=test +isCriticalSystemObject: TRUE +nTSecurityDescriptor: foo + +dn: CN=Administrator,CN=Users,DC=schema,DC=test +objectClass: top +objectClass: person +objectClass: organizationalPerson +objectClass: user +cn: Administrator +description: Built-in account for administering the computer/domain +instanceType: 4 +whenCreated: 20050116175504.0Z +whenChanged: 20050116175504.0Z +uSNCreated: 1 +memberOf: CN=Group Policy Creator Owners,CN=Users,DC=schema,DC=test +memberOf: CN=Domain Admins,CN=Users,DC=schema,DC=test +memberOf: CN=Enterprise Admins,CN=Users,DC=schema,DC=test +memberOf: CN=Schema Admins,CN=Users,DC=schema,DC=test +memberOf: CN=Administrators,CN=Builtin,DC=schema,DC=test +uSNChanged: 1 +name: Administrator +objectGUID: 6c02f98c-46c6-aa38-5f13-a510cac04e6c +userAccountControl: 0x10200 +badPwdCount: 0 +codePage: 0 +countryCode: 0 +badPasswordTime: 0 +lastLogoff: 0 +lastLogon: 0 +pwdLastSet: 0 +primaryGroupID: 513 +objectSid: S-1-5-21-43662522-77495566-38969261-500 +adminCount: 1 +accountExpires: -1 +logonCount: 0 +sAMAccountName: Administrator +sAMAccountType: 0x30000000 +objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=schema,DC=test +isCriticalSystemObject: TRUE +unicodePwd: samba +nTSecurityDescriptor: foo + +dn: CN=Test,CN=Users,DC=schema,DC=test +objectClass: top +objectClass: test +cn: Test +description: This is a test +objectCategory: CN=Test,CN=Schema,CN=Configuration,DC=schema,DC=test +nTSecurityDescriptor: foo +instanceType: 4 + diff --git a/source4/lib/ldb/tests/schema-mod-test.ldif b/source4/lib/ldb/tests/schema-mod-test.ldif new file mode 100644 index 0000000000..8e36de7bf5 --- /dev/null +++ b/source4/lib/ldb/tests/schema-mod-test.ldif @@ -0,0 +1,25 @@ +dn: CN=Test,CN=Users,DC=schema,DC=test +changetype: modify +replace: description +description: this test must not fail + +dn: CN=Test,CN=Users,DC=schema,DC=test +changetype: modify +delete: description +# this test must not fail + +dn: CN=Test,CN=Users,DC=schema,DC=test +changetype: modify +add: description +description: this test must not fail + +dn: CN=Test,CN=Users,DC=schema,DC=test +changetype: modify +add: foo +foo: this test must fail + +dn: CN=Test,CN=Users,DC=schema,DC=test +changetype: modify +delete: nTSecurityDescriptor +# this test must fail + diff --git a/source4/lib/ldb/tests/schema.ldif b/source4/lib/ldb/tests/schema.ldif new file mode 100644 index 0000000000..2661ae30c5 --- /dev/null +++ b/source4/lib/ldb/tests/schema.ldif @@ -0,0 +1,634 @@ +dn: @INDEXLIST +@IDXATTR: name +@IDXATTR: sAMAccountName +@IDXATTR: objectSid +@IDXATTR: objectClass +@IDXATTR: member +@IDXATTR: unixID +@IDXATTR: unixName +@IDXATTR: privilege + +dn: @ATTRIBUTES +realm: CASE_INSENSITIVE +userPrincipalName: CASE_INSENSITIVE +servicePrincipalName: CASE_INSENSITIVE +name: CASE_INSENSITIVE WILDCARD +dn: CASE_INSENSITIVE WILDCARD +sAMAccountName: CASE_INSENSITIVE WILDCARD +objectClass: CASE_INSENSITIVE +unicodePwd: HIDDEN +ntPwdHash: HIDDEN +ntPwdHistory: HIDDEN +lmPwdHash: HIDDEN +lmPwdHistory: HIDDEN +createTimestamp: HIDDEN +modifyTimestamp: HIDDEN + +dn: @SUBCLASSES +top: domain +top: person +top: group +domain: domainDNS +domain: builtinDomain +person: organizationalPerson +organizationalPerson: user +user: computer +template: userTemplate +template: groupTemplate + +dn: @MODULES +@MODULE: timestamps +@MODULE: schema + +# Top, Schema, Configuration, schema, test +dn: CN=Top,CN=Schema,CN=Configuration,DC=schema,DC=test +objectClass: top +objectClass: classSchema +cn: Top +distinguishedName: CN=Top,CN=Schema,CN=Configuration,DC=schema,DC=test +instanceType: 4 +whenCreated: 20050116175509.0Z +whenChanged: 20050116175509.0Z +uSNCreated: 1437 +subClassOf: top +governsID: 2.5.6.0 +mayContain: msDS-ObjectReferenceBL +rDNAttID: cn +uSNChanged: 1437 +showInAdvancedViewOnly: TRUE +adminDisplayName: Top +adminDescription: Top +objectClassCategory: 2 +lDAPDisplayName: top +name: Top +objectGUID: 8b12f9c3-008f-2b4f-b32b-dddd2e396ea8 +schemaIDGUID: dafbc8ff-64e9-d2cb-4569-4ba91d60aa83 +systemOnly: TRUE +systemPossSuperiors: lostAndFound +systemMayContain: url +systemMayContain: wWWHomePage +systemMayContain: whenCreated +systemMayContain: whenChanged +systemMayContain: wellKnownObjects +systemMayContain: wbemPath +systemMayContain: uSNSource +systemMayContain: uSNLastObjRem +systemMayContain: USNIntersite +systemMayContain: uSNDSALastObjRemoved +systemMayContain: uSNCreated +systemMayContain: uSNChanged +systemMayContain: systemFlags +systemMayContain: subSchemaSubEntry +systemMayContain: subRefs +systemMayContain: structuralObjectClass +systemMayContain: siteObjectBL +systemMayContain: serverReferenceBL +systemMayContain: sDRightsEffective +systemMayContain: revision +systemMayContain: repsTo +systemMayContain: repsFrom +systemMayContain: directReports +systemMayContain: replUpToDateVector +systemMayContain: replPropertyMetaData +systemMayContain: name +systemMayContain: queryPolicyBL +systemMayContain: proxyAddresses +systemMayContain: proxiedObjectName +systemMayContain: possibleInferiors +systemMayContain: partialAttributeSet +systemMayContain: partialAttributeDeletionList +systemMayContain: otherWellKnownObjects +systemMayContain: objectVersion +systemMayContain: objectGUID +systemMayContain: distinguishedName +systemMayContain: nonSecurityMemberBL +systemMayContain: netbootSCPBL +systemMayContain: ownerBL +systemMayContain: msDS-ReplValueMetaData +systemMayContain: msDS-ReplAttributeMetaData +systemMayContain: msDS-NonMembersBL +systemMayContain: msDS-NCReplOutboundNeighbors +systemMayContain: msDS-NCReplInboundNeighbors +systemMayContain: msDS-NCReplCursors +systemMayContain: msDS-TasksForAzRoleBL +systemMayContain: msDS-TasksForAzTaskBL +systemMayContain: msDS-OperationsForAzRoleBL +systemMayContain: msDS-OperationsForAzTaskBL +systemMayContain: msDS-MembersForAzRoleBL +systemMayContain: msDs-masteredBy +systemMayContain: mS-DS-ConsistencyGuid +systemMayContain: mS-DS-ConsistencyChildCount +systemMayContain: msDS-Approx-Immed-Subordinates +systemMayContain: msCOM-PartitionSetLink +systemMayContain: msCOM-UserLink +systemMayContain: modifyTimeStamp +systemMayContain: masteredBy +systemMayContain: managedObjects +systemMayContain: lastKnownParent +systemMayContain: isPrivilegeHolder +systemMayContain: memberOf +systemMayContain: isDeleted +systemMayContain: isCriticalSystemObject +systemMayContain: showInAdvancedViewOnly +systemMayContain: fSMORoleOwner +systemMayContain: fRSMemberReferenceBL +systemMayContain: frsComputerReferenceBL +systemMayContain: fromEntry +systemMayContain: flags +systemMayContain: extensionName +systemMayContain: dSASignature +systemMayContain: dSCorePropagationData +systemMayContain: displayNamePrintable +systemMayContain: displayName +systemMayContain: description +systemMayContain: createTimeStamp +systemMayContain: cn +systemMayContain: canonicalName +systemMayContain: bridgeheadServerListBL +systemMayContain: allowedChildClassesEffective +systemMayContain: allowedChildClasses +systemMayContain: allowedAttributesEffective +systemMayContain: allowedAttributes +systemMayContain: adminDisplayName +systemMayContain: adminDescription +systemMustContain: objectClass +systemMustContain: objectCategory +systemMustContain: nTSecurityDescriptor +systemMustContain: instanceType +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +objectCategory: CN=Class-Schema,CN=Schema,CN=Configuration,${BASEDN} +defaultObjectCategory: CN=Top,CN=Schema,CN=Configuration,${BASEDN} + +# Container, Schema, Configuration, schema, test +dn: CN=Container,CN=Schema,CN=Configuration,DC=schema,DC=test +objectClass: top +objectClass: classSchema +cn: Container +distinguishedName: CN=Container,CN=Schema,CN=Configuration,DC=schema,DC=test +instanceType: 4 +whenCreated: 20050116175540.0Z +whenChanged: 20050116175540.0Z +uSNCreated: 1113 +subClassOf: top +governsID: 1.2.840.113556.1.3.23 +mayContain: msDS-ObjectReference +rDNAttID: cn +uSNChanged: 1114 +showInAdvancedViewOnly: TRUE +adminDisplayName: Container +adminDescription: Container +objectClassCategory: 1 +lDAPDisplayName: container +name: Container +objectGUID: 48a16bf7-0128-6605-ad1a-9f5ab97b0b62 +schemaIDGUID: 3f619f8c-f7d6-6b1b-8674-b4f91b0e3755 +systemOnly: FALSE +systemPossSuperiors: msDS-AzScope +systemPossSuperiors: msDS-AzApplication +systemPossSuperiors: msDS-AzAdminManager +systemPossSuperiors: subnet +systemPossSuperiors: server +systemPossSuperiors: nTDSService +systemPossSuperiors: domainDNS +systemPossSuperiors: organization +systemPossSuperiors: configuration +systemPossSuperiors: container +systemPossSuperiors: organizationalUnit +systemMayContain: schemaVersion +systemMayContain: defaultClassStore +systemMustContain: cn +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +objectCategory: CN=Class-Schema,CN=Schema,CN=Configuration,DC=schema,DC=test +defaultObjectCategory: CN=Container,CN=Schema,CN=Configuration,DC=schema,DC=test + +# Class-Schema, Schema, Configuration, schema, test +dn: CN=Class-Schema,CN=Schema,CN=Configuration,DC=schema,DC=test +objectClass: top +objectClass: classSchema +cn: Class-Schema +distinguishedName: CN=Class-Schema,CN=Schema,CN=Configuration,DC=schema,DC=test +instanceType: 4 +whenCreated: 20050116175530.0Z +whenChanged: 20050116175530.0Z +uSNCreated: 673 +subClassOf: top +governsID: 1.2.840.113556.1.3.13 +rDNAttID: cn +uSNChanged: 674 +showInAdvancedViewOnly: TRUE +adminDisplayName: Class-Schema +adminDescription: Class-Schema +objectClassCategory: 1 +lDAPDisplayName: classSchema +name: Class-Schema +objectGUID: 63151723-143e-98ab-2e14-f6df3e9c8458 +schemaIDGUID: 44cd522f-747f-e071-ff4b-b8beddfaae75 +systemOnly: FALSE +systemPossSuperiors: dMD +systemMayContain: systemPossSuperiors +systemMayContain: systemOnly +systemMayContain: systemMustContain +systemMayContain: systemMayContain +systemMayContain: systemAuxiliaryClass +systemMayContain: schemaFlagsEx +systemMayContain: rDNAttID +systemMayContain: possSuperiors +systemMayContain: mustContain +systemMayContain: msDs-Schema-Extensions +systemMayContain: msDS-IntId +systemMayContain: mayContain +systemMayContain: lDAPDisplayName +systemMayContain: isDefunct +systemMayContain: defaultSecurityDescriptor +systemMayContain: defaultHidingValue +systemMayContain: classDisplayName +systemMayContain: auxiliaryClass +systemMustContain: subClassOf +systemMustContain: schemaIDGUID +systemMustContain: objectClassCategory +systemMustContain: governsID +systemMustContain: defaultObjectCategory +systemMustContain: cn +defaultSecurityDescriptor: D:S: +systemFlags: 134217744 +defaultHidingValue: TRUE +objectCategory: CN=Class-Schema,CN=Schema,CN=Configuration,DC=schema,DC=test +defaultObjectCategory: CN=Class-Schema,CN=Schema,CN=Configuration,DC=schema,DC=test + +# Person, Schema, Configuration, schema, test +dn: CN=Person,CN=Schema,CN=Configuration,DC=schema,DC=test +objectClass: top +objectClass: classSchema +cn: Person +distinguishedName: CN=Person,CN=Schema,CN=Configuration,DC=schema,DC=test +instanceType: 4 +whenCreated: 20050116175540.0Z +whenChanged: 20050116175540.0Z +uSNCreated: 1093 +subClassOf: top +governsID: 2.5.6.6 +mayContain: attributeCertificateAttribute +rDNAttID: cn +uSNChanged: 1094 +showInAdvancedViewOnly: TRUE +adminDisplayName: Person +adminDescription: Person +objectClassCategory: 0 +lDAPDisplayName: person +name: Person +objectGUID: 7f021dc1-d7cb-e61f-1e11-53978e425b25 +schemaIDGUID: db7414bc-d145-b482-bf4a-6d0db78a483a +systemOnly: FALSE +systemPossSuperiors: organizationalUnit +systemPossSuperiors: container +systemMayContain: userPassword +systemMayContain: telephoneNumber +systemMayContain: sn +systemMayContain: serialNumber +systemMayContain: seeAlso +systemMustContain: cn +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +objectCategory: CN=Class-Schema,CN=Schema,CN=Configuration,DC=schema,DC=test +defaultObjectCategory: CN=Person,CN=Schema,CN=Configuration,DC=schema,DC=test + +# Organizational-Person, Schema, Configuration, schema, test +dn: CN=Organizational-Person,CN=Schema,CN=Configuration,DC=schema,DC=test +objectClass: top +objectClass: classSchema +cn: Organizational-Person +distinguishedName: CN=Organizational-Person,CN=Schema,CN=Configuration,DC=schema,DC=test +instanceType: 4 +whenCreated: 20050116175533.0Z +whenChanged: 20050116175533.0Z +uSNCreated: 795 +subClassOf: person +governsID: 2.5.6.7 +mayContain: houseIdentifier +mayContain: msExchHouseIdentifier +mayContain: homePostalAddress +rDNAttID: cn +uSNChanged: 796 +showInAdvancedViewOnly: TRUE +adminDisplayName: Organizational-Person +adminDescription: Organizational-Person +objectClassCategory: 0 +lDAPDisplayName: organizationalPerson +name: Organizational-Person +objectGUID: 91aaede0-136e-c1a0-9ac0-5ddd606a0cfc +schemaIDGUID: 6f71a564-de69-3971-c169-528d111a9f27 +systemOnly: FALSE +systemPossSuperiors: organizationalUnit +systemPossSuperiors: organization +systemPossSuperiors: container +systemMayContain: x121Address +systemMayContain: comment +systemMayContain: title +systemMayContain: co +systemMayContain: primaryTelexNumber +systemMayContain: telexNumber +systemMayContain: teletexTerminalIdentifier +systemMayContain: street +systemMayContain: st +systemMayContain: registeredAddress +systemMayContain: preferredDeliveryMethod +systemMayContain: postalCode +systemMayContain: postalAddress +systemMayContain: postOfficeBox +systemMayContain: thumbnailPhoto +systemMayContain: physicalDeliveryOfficeName +systemMayContain: pager +systemMayContain: otherPager +systemMayContain: otherTelephone +systemMayContain: mobile +systemMayContain: otherMobile +systemMayContain: primaryInternationalISDNNumber +systemMayContain: ipPhone +systemMayContain: otherIpPhone +systemMayContain: otherHomePhone +systemMayContain: homePhone +systemMayContain: otherFacsimileTelephoneNumber +systemMayContain: personalTitle +systemMayContain: middleName +systemMayContain: otherMailbox +systemMayContain: ou +systemMayContain: o +systemMayContain: mhsORAddress +systemMayContain: msDS-AllowedToDelegateTo +systemMayContain: manager +systemMayContain: thumbnailLogo +systemMayContain: l +systemMayContain: internationalISDNNumber +systemMayContain: initials +systemMayContain: givenName +systemMayContain: generationQualifier +systemMayContain: facsimileTelephoneNumber +systemMayContain: employeeID +systemMayContain: mail +systemMayContain: division +systemMayContain: destinationIndicator +systemMayContain: department +systemMayContain: c +systemMayContain: countryCode +systemMayContain: company +systemMayContain: assistant +systemMayContain: streetAddress +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +objectCategory: CN=Class-Schema,CN=Schema,CN=Configuration,DC=schema,DC=test +defaultObjectCategory: CN=Person,CN=Schema,CN=Configuration,DC=schema,DC=test + +# User, Schema, Configuration, schema, test +dn: CN=User,CN=Schema,CN=Configuration,DC=schema,DC=test +objectClass: top +objectClass: classSchema +cn: User +distinguishedName: CN=User,CN=Schema,CN=Configuration,DC=schema,DC=test +instanceType: 4 +whenCreated: 20050116175549.0Z +whenChanged: 20050116175549.0Z +uSNCreated: 1442 +subClassOf: organizationalPerson +governsID: 1.2.840.113556.1.5.9 +mayContain: x500uniqueIdentifier +mayContain: userSMIMECertificate +mayContain: userPKCS12 +mayContain: uid +mayContain: secretary +mayContain: roomNumber +mayContain: preferredLanguage +mayContain: photo +mayContain: labeledURI +mayContain: jpegPhoto +mayContain: homePostalAddress +mayContain: givenName +mayContain: employeeType +mayContain: employeeNumber +mayContain: displayName +mayContain: departmentNumber +mayContain: carLicense +mayContain: audio +rDNAttID: cn +uSNChanged: 1442 +showInAdvancedViewOnly: TRUE +adminDisplayName: User +adminDescription: User +objectClassCategory: 1 +lDAPDisplayName: user +name: User +objectGUID: 2cc46512-6733-eb01-ce05-213403264ea4 +schemaIDGUID: e8a42693-9d99-2091-5554-eef0548c0b65 +systemOnly: FALSE +systemPossSuperiors: builtinDomain +systemPossSuperiors: organizationalUnit +systemPossSuperiors: domainDNS +systemMayContain: pager +systemMayContain: o +systemMayContain: mobile +systemMayContain: manager +systemMayContain: mail +systemMayContain: initials +systemMayContain: homePhone +systemMayContain: businessCategory +systemMayContain: userCertificate +systemMayContain: userWorkstations +systemMayContain: userSharedFolderOther +systemMayContain: userSharedFolder +systemMayContain: userPrincipalName +systemMayContain: userParameters +systemMayContain: userAccountControl +systemMayContain: unicodePwd +systemMayContain: terminalServer +systemMayContain: servicePrincipalName +systemMayContain: scriptPath +systemMayContain: pwdLastSet +systemMayContain: profilePath +systemMayContain: primaryGroupID +systemMayContain: preferredOU +systemMayContain: otherLoginWorkstations +systemMayContain: operatorCount +systemMayContain: ntPwdHistory +systemMayContain: networkAddress +systemMayContain: msRASSavedFramedRoute +systemMayContain: msRASSavedFramedIPAddress +systemMayContain: msRASSavedCallbackNumber +systemMayContain: msRADIUSServiceType +systemMayContain: msRADIUSFramedRoute +systemMayContain: msRADIUSFramedIPAddress +systemMayContain: msRADIUSCallbackNumber +systemMayContain: msNPSavedCallingStationID +systemMayContain: msNPCallingStationID +systemMayContain: msNPAllowDialin +systemMayContain: mSMQSignCertificatesMig +systemMayContain: mSMQSignCertificates +systemMayContain: mSMQDigestsMig +systemMayContain: mSMQDigests +systemMayContain: msIIS-FTPRoot +systemMayContain: msIIS-FTPDir +systemMayContain: msDS-User-Account-Control-Computed +systemMayContain: msDS-Site-Affinity +systemMayContain: mS-DS-CreatorSID +systemMayContain: msDS-Cached-Membership-Time-Stamp +systemMayContain: msDS-Cached-Membership +systemMayContain: msDRM-IdentityCertificate +systemMayContain: msCOM-UserPartitionSetLink +systemMayContain: maxStorage +systemMayContain: logonWorkstation +systemMayContain: logonHours +systemMayContain: logonCount +systemMayContain: lockoutTime +systemMayContain: localeID +systemMayContain: lmPwdHistory +systemMayContain: lastLogonTimestamp +systemMayContain: lastLogon +systemMayContain: lastLogoff +systemMayContain: homeDrive +systemMayContain: homeDirectory +systemMayContain: groupsToIgnore +systemMayContain: groupPriority +systemMayContain: groupMembershipSAM +systemMayContain: dynamicLDAPServer +systemMayContain: desktopProfile +systemMayContain: defaultClassStore +systemMayContain: dBCSPwd +systemMayContain: controlAccessRights +systemMayContain: codePage +systemMayContain: badPwdCount +systemMayContain: badPasswordTime +systemMayContain: adminCount +systemMayContain: aCSPolicyName +systemMayContain: accountExpires +systemAuxiliaryClass: securityPrincipal +systemAuxiliaryClass: mailRecipient +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a54-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a56-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B2-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B3-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RP;037088f8-0ae1-11d2-b422-00a0c968f939;;RS)(OA;;RP;4c164200-20c0-11d0-a768-00aa006e0529;;RS)(OA;;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;;RS)(A;;RC;;;AU)(OA;;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;;AU)(OA;;RP;77B5B886-944A-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;E45795B3-9455-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;e48d0154-bcf8-11d1-8702-00c04fb96050;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD)(OA;;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;;RS)(OA;;RPWP;bf967a7f-0de6-11d0-a285-00aa003049e2;;CA)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560)(OA;;WPRP;6db69a1c-9422-11d1-aebd-0000f80367c1;;S-1-5-32-561) +systemFlags: 16 +defaultHidingValue: FALSE +objectCategory: CN=Class-Schema,CN=Schema,CN=Configuration,DC=schema,DC=test +defaultObjectCategory: CN=Person,CN=Schema,CN=Configuration,DC=schema,DC=test + +# Security-Principal, Schema, Configuration, schema, test +dn: CN=Security-Principal,CN=Schema,CN=Configuration,DC=schema,DC=test +objectClass: top +objectClass: classSchema +cn: Security-Principal +distinguishedName: CN=Security-Principal,CN=Schema,CN=Configuration,DC=schema,DC=test +instanceType: 4 +whenCreated: 20050116175546.0Z +whenChanged: 20050116175546.0Z +uSNCreated: 1406 +subClassOf: top +governsID: 1.2.840.113556.1.5.6 +rDNAttID: cn +uSNChanged: 1406 +showInAdvancedViewOnly: TRUE +adminDisplayName: Security-Principal +adminDescription: Security-Principal +objectClassCategory: 3 +lDAPDisplayName: securityPrincipal +name: Security-Principal +objectGUID: d1a6ae33-f6d5-197f-93d6-923d07d64c1a +schemaIDGUID: eb3adbfa-fb52-71a6-054f-b077e32c73f1 +systemOnly: FALSE +systemMayContain: supplementalCredentials +systemMayContain: sIDHistory +systemMayContain: securityIdentifier +systemMayContain: sAMAccountType +systemMayContain: rid +systemMayContain: tokenGroupsNoGCAcceptable +systemMayContain: tokenGroupsGlobalAndUniversal +systemMayContain: tokenGroups +systemMayContain: nTSecurityDescriptor +systemMayContain: msDS-KeyVersionNumber +systemMayContain: altSecurityIdentities +systemMayContain: accountNameHistory +systemMustContain: sAMAccountName +systemMustContain: objectSid +systemFlags: 16 +defaultHidingValue: TRUE +objectCategory: CN=Class-Schema,CN=Schema,CN=Configuration,DC=schema,DC=test +defaultObjectCategory: CN=Security-Principal,CN=Schema,CN=Configuration,DC=schema,DC=test + +# Mail-Recipient, Schema, Configuration, schema, test +dn: CN=Mail-Recipient,CN=Schema,CN=Configuration,DC=schema,DC=test +objectClass: top +objectClass: classSchema +cn: Mail-Recipient +distinguishedName: CN=Mail-Recipient,CN=Schema,CN=Configuration,DC=schema,DC=test +instanceType: 4 +whenCreated: 20050116175550.0Z +whenChanged: 20050116175550.0Z +uSNCreated: 1222 +subClassOf: top +governsID: 1.2.840.113556.1.3.46 +mayContain: userSMIMECertificate +mayContain: secretary +mayContain: msExchLabeledURI +mayContain: msExchAssistantName +mayContain: labeledURI +rDNAttID: cn +uSNChanged: 1222 +showInAdvancedViewOnly: TRUE +adminDisplayName: Mail-Recipient +adminDescription: Mail-Recipient +objectClassCategory: 3 +lDAPDisplayName: mailRecipient +name: Mail-Recipient +objectGUID: 79f6fa6e-c08d-5c1f-47ff-6b33be595f50 +schemaIDGUID: bcdded89-7f72-0166-da62-08647c98fcf9 +systemOnly: FALSE +systemPossSuperiors: container +systemMayContain: userCertificate +systemMayContain: userCert +systemMayContain: textEncodedORAddress +systemMayContain: telephoneNumber +systemMayContain: showInAddressBook +systemMayContain: legacyExchangeDN +systemMayContain: garbageCollPeriod +systemMayContain: info +systemMustContain: cn +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +objectCategory: CN=Class-Schema,CN=Schema,CN=Configuration,DC=schema,DC=test +defaultObjectCategory: CN=Mail-Recipient,CN=Schema,CN=Configuration,DC=schema,DC=test + +# Test, Schema, Configuration, schema, test +dn: CN=Test,CN=Schema,CN=Configuration,DC=schema,DC=test +objectClass: top +objectClass: classSchema +cn: Test +distinguishedName: CN=Test,CN=Schema,CN=Configuration,DC=schema,DC=test +instanceType: 4 +whenCreated: 20050116175540.0Z +whenChanged: 20050116175540.0Z +uSNCreated: 1093 +subClassOf: top +governsID: 2.5.6.6 +mayContain: test +rDNAttID: cn +uSNChanged: 1094 +showInAdvancedViewOnly: TRUE +adminDisplayName: Test +adminDescription: Test +objectClassCategory: 0 +lDAPDisplayName: test +name: Test +objectGUID: 7f021dc1-d7cb-e61f-1e11-53978e425b25 +schemaIDGUID: db7414bc-d145-b482-bf4a-6d0db78a483a +systemOnly: FALSE +systemPossSuperiors: organizationalUnit +systemPossSuperiors: container +systemMayContain: description +systemMustContain: cn +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +objectCategory: CN=Class-Schema,CN=Schema,CN=Configuration,DC=schema,DC=test +defaultObjectCategory: CN=Person,CN=Schema,CN=Configuration,DC=schema,DC=test + diff --git a/source4/lib/ldb/tests/test-schema.sh b/source4/lib/ldb/tests/test-schema.sh new file mode 100755 index 0000000000..5423c7eff9 --- /dev/null +++ b/source4/lib/ldb/tests/test-schema.sh @@ -0,0 +1,20 @@ +#!/bin/sh + +export LDB_URL="tdb://schema.ldb" + +rm -f schema.ldb + +echo "LDB_URL: $LDB_URL" + +echo "Adding schema" +$VALGRIND bin/ldbadd tests/schema.ldif || exit 1 + +echo "Adding few test elements (no failure expected here)" +$VALGRIND bin/ldbadd tests/schema-add-test.ldif || exit 1 + +echo "Modifying elements (2 failures expected here)" +$VALGRIND bin/ldbmodify tests/schema-mod-test.ldif + +echo "Showing modified record" +$VALGRIND bin/ldbsearch '(cn=Test)' || exit 1 + |