diff options
Diffstat (limited to 'source4')
-rwxr-xr-x | source4/lib/ldb/tests/python/ldap.py | 1474 |
1 files changed, 721 insertions, 753 deletions
diff --git a/source4/lib/ldb/tests/python/ldap.py b/source4/lib/ldb/tests/python/ldap.py index 02e07c6975..00bf5d4b38 100755 --- a/source4/lib/ldb/tests/python/ldap.py +++ b/source4/lib/ldb/tests/python/ldap.py @@ -12,9 +12,11 @@ from auth import system_session from ldb import (SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE, LdbError, LDB_ERR_NO_SUCH_OBJECT, LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS, LDB_ERR_ENTRY_ALREADY_EXISTS, LDB_ERR_UNWILLING_TO_PERFORM, - LDB_ERR_NOT_ALLOWED_ON_NON_LEAF) + LDB_ERR_NOT_ALLOWED_ON_NON_LEAF, LDB_ERR_OTHER) from samba import Ldb +from subunit import SubunitTestRunner import param +import unittest parser = optparse.OptionParser("ldap [options] <host>") sambaopts = options.SambaOptions(parser) @@ -34,122 +36,123 @@ host = args[0] lp = sambaopts.get_loadparm() -def delete_force(ldb, dn): - try: - ldb.delete(dn) - except LdbError, (num, _): - if num != LDB_ERR_NO_SUCH_OBJECT: - assert False - -def assertEquals(a1, a2): - assert a1 == a2, "Expected %r == %r" % (a1, a2) +class BasicTests(unittest.TestCase): + def delete_force(self, ldb, dn): + try: + ldb.delete(dn) + except LdbError, (num, _): + self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT) + + def find_basedn(self, ldb): + res = ldb.search(base="", expression="", scope=SCOPE_BASE, + attrs=["defaultNamingContext"]) + self.assertEquals(len(res), 1) + return res[0]["defaultNamingContext"][0] + + def find_configurationdn(self, ldb): + res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["configurationNamingContext"]) + self.assertEquals(len(res), 1) + return res[0]["configurationNamingContext"][0] + + def find_schemadn(self, ldb): + res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["schemaNamingContext"]) + self.assertEquals(len(res), 1) + return res[0]["schemaNamingContext"][0] + + def setUp(self): + self.ldb = ldb + self.gc_ldb = gc_ldb + self.base_dn = self.find_basedn(ldb) + self.configuration_dn = self.find_configurationdn(ldb) + self.schema_dn = self.find_schemadn(ldb) + + print "baseDN: %s\n" % self.base_dn + + self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn) + self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn) + + def test_group_add_invalid_member(self): + """Testing group add with invalid member""" + try: + self.ldb.add({ + "dn": "cn=ldaptestgroup,cn=uSers," + self.base_dn, + "objectclass": "group", + "member": "cn=ldaptestuser,cn=useRs," + self.base_dn}) + except LdbError, (num, _): + self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT) + else: + self.fail() -def basic_tests(ldb, gc_ldb, base_dn, configuration_dn, schema_dn): - print "Running basic tests" + def test_all(self): + """Basic tests""" - delete_force(ldb, "cn=ldaptestuser,cn=users," + base_dn) - delete_force(ldb, "cn=ldaptestgroup,cn=users," + base_dn) + self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn) - print "Testing group add with invalid member" - try: - ldb.add({ - "dn": "cn=ldaptestgroup,cn=uSers," + base_dn, - "objectclass": "group", - "member": "cn=ldaptestuser,cn=useRs," + base_dn}) - except LdbError, (num, _): - if num != LDB_ERR_NO_SUCH_OBJECT: - assert False - else: - assert False - - print "Testing user add" - try: + print "Testing user add" ldb.add({ - "dn": "cn=ldaptestuser,cn=uSers," + base_dn, + "dn": "cn=ldaptestuser,cn=uSers," + self.base_dn, "objectclass": ["user", "person"], "cN": "LDAPtestUSER", "givenname": "ldap", "sn": "testy"}) - except LdbError: - ldb.delete("cn=ldaptestuser,cn=users," + base_dn) - ldb.add({ - "dn": "cn=ldaptestuser,cn=uSers," + base_dn, - "objectclass": ["user", "person"], - "cN": "LDAPtestUSER", - "givenname": "ldap", - "sn": "testy"}) - - ldb.add({ - "dn": "cn=ldaptestgroup,cn=uSers," + base_dn, - "objectclass": "group", - "member": "cn=ldaptestuser,cn=useRs," + base_dn}) - - try: - ldb.add({ - "dn": "cn=ldaptestcomputer,cn=computers," + base_dn, - "objectclass": "computer", - "cN": "LDAPtestCOMPUTER"}) - except LdbError: - ldb.delete("cn=ldaptestcomputer,cn=computers," + base_dn) + ldb.add({ - "dn": "cn=ldaptestcomputer,cn=computers," + base_dn, - "objectClass": "computer", - "cn": "LDAPtestCOMPUTER"}) - - try: - ldb.add({"dn": "cn=ldaptest2computer,cn=computers," + base_dn, - "objectClass": "computer", - "cn": "LDAPtest2COMPUTER", - "userAccountControl": "4096", - "displayname": "ldap testy"}) - except LdbError: - ldb.delete("cn=ldaptest2computer,cn=computers," + base_dn) + "dn": "cn=ldaptestgroup,cn=uSers," + self.base_dn, + "objectclass": "group", + "member": "cn=ldaptestuser,cn=useRs," + self.base_dn}) + + self.delete_force(ldb, "cn=ldaptestcomputer,cn=computers," + self.base_dn) ldb.add({ - "dn": "cn=ldaptest2computer,cn=computers," + base_dn, + "dn": "cn=ldaptestcomputer,cn=computers," + self.base_dn, + "objectclass": "computer", + "cN": "LDAPtestCOMPUTER"}) + + self.delete_force(self.ldb, "cn=ldaptest2computer,cn=computers," + self.base_dn) + ldb.add({"dn": "cn=ldaptest2computer,cn=computers," + self.base_dn, "objectClass": "computer", "cn": "LDAPtest2COMPUTER", "userAccountControl": "4096", "displayname": "ldap testy"}) - print "Testing attribute or value exists behaviour" - try: - ldb.modify_ldif(""" -dn: cn=ldaptest2computer,cn=computers,""" + base_dn + """ + print "Testing attribute or value exists behaviour" + try: + ldb.modify_ldif(""" +dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """ changetype: modify replace: servicePrincipalName servicePrincipalName: host/ldaptest2computer servicePrincipalName: host/ldaptest2computer servicePrincipalName: cifs/ldaptest2computer """) - except LdbError, (num, msg): - assert num == LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS + except LdbError, (num, msg): + self.assertEquals(num, LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS) - ldb.modify_ldif(""" -dn: cn=ldaptest2computer,cn=computers,""" + base_dn + """ + ldb.modify_ldif(""" +dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """ changetype: modify replace: servicePrincipalName servicePrincipalName: host/ldaptest2computer servicePrincipalName: cifs/ldaptest2computer """) - try: - ldb.modify_ldif(""" -dn: cn=ldaptest2computer,cn=computers,""" + base_dn + """ + try: + ldb.modify_ldif(""" +dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """ changetype: modify add: servicePrincipalName servicePrincipalName: host/ldaptest2computer """) - except LdbError, (num, msg): - assert num == LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS - - print "Testing ranged results" - ldb.modify_ldif(""" -dn: cn=ldaptest2computer,cn=computers,""" + base_dn + """ + except LdbError, (num, msg): + self.assertEquals(num, LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS) + + print "Testing ranged results" + ldb.modify_ldif(""" +dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """ changetype: modify replace: servicePrincipalName """) - - ldb.modify_ldif(""" -dn: cn=ldaptest2computer,cn=computers,""" + base_dn + """ + + ldb.modify_ldif(""" +dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """ changetype: modify add: servicePrincipalName servicePrincipalName: host/ldaptest2computer0 @@ -184,730 +187,695 @@ servicePrincipalName: host/ldaptest2computer28 servicePrincipalName: host/ldaptest2computer29 """) - res = ldb.search(base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, - attrs=["servicePrincipalName;range=0-*"]) - assert len(res) == 1, "Could not find (cn=ldaptest2computer)" - #print len(res[0]["servicePrincipalName;range=0-*"]) - assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30) - - res = ldb.search(base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-19"]) - assert len(res) == 1, "Could not find (cn=ldaptest2computer)" -# print res[0]["servicePrincipalName;range=0-19"].length - assertEquals(len(res[0]["servicePrincipalName;range=0-19"]), 20) - - - res = ldb.search(base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-30"]) - assert len(res) == 1, "Could not find (cn=ldaptest2computer)" - assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30) - - res = ldb.search(base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-40"]) - assert len(res) == 1, "Could not find (cn=ldaptest2computer)" - assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30) - - res = ldb.search(base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=30-40"]) - assert len(res) == 1, "Could not find (cn=ldaptest2computer)" - assertEquals(len(res[0]["servicePrincipalName;range=30-*"]), 0) - - - res = ldb.search(base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=10-40"]) - assert len(res) == 1, "Could not find (cn=ldaptest2computer)" - assertEquals(len(res[0]["servicePrincipalName;range=10-*"]), 20) -# pos_11 = res[0]["servicePrincipalName;range=10-*"][18] - - res = ldb.search(base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=11-40"]) - assert len(res) == 1, "Could not find (cn=ldaptest2computer)" - assertEquals(len(res[0]["servicePrincipalName;range=11-*"]), 19) -# print res[0]["servicePrincipalName;range=11-*"][18] -# print pos_11 -# assertEquals((res[0]["servicePrincipalName;range=11-*"][18]), pos_11) - - res = ldb.search(base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=11-15"]) - assert len(res) == 1, "Could not find (cn=ldaptest2computer)" - assertEquals(len(res[0]["servicePrincipalName;range=11-15"]), 5) -# assertEquals(res[0]["servicePrincipalName;range=11-15"][4], pos_11) - - res = ldb.search(base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName"]) - assert len(res) == 1, "Could not find (cn=ldaptest2computer)" -# print res[0]["servicePrincipalName"][18] -# print pos_11 - assertEquals(len(res[0]["servicePrincipalName"]), 30) -# assertEquals(res[0]["servicePrincipalName"][18], pos_11) - - try: + res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, + attrs=["servicePrincipalName;range=0-*"]) + self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)") + #print len(res[0]["servicePrincipalName;range=0-*"]) + self.assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30) + + res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-19"]) + self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)") + # print res[0]["servicePrincipalName;range=0-19"].length + self.assertEquals(len(res[0]["servicePrincipalName;range=0-19"]), 20) + + + res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-30"]) + self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)") + self.assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30) + + res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-40"]) + self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)") + self.assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30) + + res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=30-40"]) + self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)") + self.assertEquals(len(res[0]["servicePrincipalName;range=30-*"]), 0) + + + res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=10-40"]) + self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)") + self.assertEquals(len(res[0]["servicePrincipalName;range=10-*"]), 20) + # pos_11 = res[0]["servicePrincipalName;range=10-*"][18] + + res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=11-40"]) + self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)") + self.assertEquals(len(res[0]["servicePrincipalName;range=11-*"]), 19) + # print res[0]["servicePrincipalName;range=11-*"][18] + # print pos_11 + # self.assertEquals((res[0]["servicePrincipalName;range=11-*"][18]), pos_11) + + res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=11-15"]) + self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)") + self.assertEquals(len(res[0]["servicePrincipalName;range=11-15"]), 5) + # self.assertEquals(res[0]["servicePrincipalName;range=11-15"][4], pos_11) + + res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName"]) + self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)") + # print res[0]["servicePrincipalName"][18] + # print pos_11 + self.assertEquals(len(res[0]["servicePrincipalName"]), 30) + # self.assertEquals(res[0]["servicePrincipalName"][18], pos_11) + + self.delete_force(self.ldb, "cn=ldaptestuser2,cn=users," + self.base_dn) ldb.add({ - "dn": "cn=ldaptestuser2,cn=useRs," + base_dn, - "objectClass": ["person", "user"], - "cn": "LDAPtestUSER2", - "givenname": "testy", - "sn": "ldap user2"}) - except LdbError: - ldb.delete("cn=ldaptestuser2,cn=users," + base_dn) - ldb.add({ - "dn": "cn=ldaptestuser2,cn=useRs," + base_dn, - "objectClass": ["person", "user"], - "cn": "LDAPtestUSER2", - "givenname": "testy", - "sn": "ldap user2"}) - - print "Testing Ambigious Name Resolution" -# Testing ldb.search for (&(anr=ldap testy)(objectClass=user)) - res = ldb.search(expression="(&(anr=ldap testy)(objectClass=user))") - assert len(res) == 3, "Could not find (&(anr=ldap testy)(objectClass=user))" - -# Testing ldb.search for (&(anr=testy ldap)(objectClass=user)) - res = ldb.search(expression="(&(anr=testy ldap)(objectClass=user))") - assert len(res) == 2, "Found only %d for (&(anr=testy ldap)(objectClass=user))" % len(res) - -# Testing ldb.search for (&(anr=ldap)(objectClass=user)) - res = ldb.search(expression="(&(anr=ldap)(objectClass=user))") - assert len(res) == 4, "Found only %d for (&(anr=ldap)(objectClass=user))" % len(res) - -# Testing ldb.search for (&(anr==ldap)(objectClass=user)) - res = ldb.search(expression="(&(anr==ldap)(objectClass=user))") - assert len(res) == 1, "Could not find (&(anr==ldap)(objectClass=user)). Found only %d for (&(anr=ldap)(objectClass=user))" % len(res) - - assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + base_dn)) - assertEquals(res[0]["cn"][0], "ldaptestuser") - assertEquals(res[0]["name"], "ldaptestuser") - -# Testing ldb.search for (&(anr=testy)(objectClass=user)) - res = ldb.search(expression="(&(anr=testy)(objectClass=user))") - assert len(res) == 2, "Found only %d for (&(anr=testy)(objectClass=user))" % len(res) - -# Testing ldb.search for (&(anr=ldap testy)(objectClass=user)) - res = ldb.search(expression="(&(anr=testy ldap)(objectClass=user))") - assert len(res) == 2, "Found only %d for (&(anr=ldap testy)(objectClass=user))" % len(res) - -# Testing ldb.search for (&(anr==ldap testy)(objectClass=user)) - res = ldb.search(expression="(&(anr==testy ldap)(objectClass=user))") - assert len(res) == 1, "Found only %d for (&(anr==ldap testy)(objectClass=user))" % len(res) - - assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + base_dn)) - assertEquals(res[0]["cn"][0], "ldaptestuser") - assertEquals(res[0]["name"][0], "ldaptestuser") - -# Testing ldb.search for (&(anr==testy ldap)(objectClass=user)) - res = ldb.search(expression="(&(anr==testy ldap)(objectClass=user))") - assert len(res) == 1, "Could not find (&(anr==testy ldap)(objectClass=user))" - - assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + base_dn)) - assertEquals(res[0]["cn"][0], "ldaptestuser") - assertEquals(res[0]["name"][0], "ldaptestuser") - - # Testing ldb.search for (&(anr=testy ldap user)(objectClass=user)) - res = ldb.search(expression="(&(anr=testy ldap user)(objectClass=user))") - assert len(res) == 1, "Could not find (&(anr=testy ldap user)(objectClass=user))" - - assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + base_dn)) - assertEquals(res[0]["cn"], "ldaptestuser2") - assertEquals(res[0]["name"], "ldaptestuser2") - - # Testing ldb.search for (&(anr==testy ldap user2)(objectClass=user)) - res = ldb.search(expression="(&(anr==testy ldap user2)(objectClass=user))") - assert len(res) == 1, "Could not find (&(anr==testy ldap user2)(objectClass=user))" - - assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + base_dn)) - assertEquals(res[0]["cn"], "ldaptestuser2") - assertEquals(res[0]["name"], "ldaptestuser2") - - # Testing ldb.search for (&(anr==ldap user2)(objectClass=user)) - res = ldb.search(expression="(&(anr==ldap user2)(objectClass=user))") - assert len(res) == 1, "Could not find (&(anr==ldap user2)(objectClass=user))" - - assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + base_dn)) - assertEquals(res[0]["cn"], "ldaptestuser2") - assertEquals(res[0]["name"], "ldaptestuser2") - - # Testing ldb.search for (&(anr==not ldap user2)(objectClass=user)) - res = ldb.search(expression="(&(anr==not ldap user2)(objectClass=user))") - assert len(res) == 0, "Must not find (&(anr==not ldap user2)(objectClass=user))" - - # Testing ldb.search for (&(anr=not ldap user2)(objectClass=user)) - res = ldb.search(expression="(&(anr=not ldap user2)(objectClass=user))") - assert len(res) == 0, "Must not find (&(anr=not ldap user2)(objectClass=user))" - - print "Testing Group Modifies" - ldb.modify_ldif(""" -dn: cn=ldaptestgroup,cn=users,""" + base_dn + """ + "dn": "cn=ldaptestuser2,cn=useRs," + self.base_dn, + "objectClass": ["person", "user"], + "cn": "LDAPtestUSER2", + "givenname": "testy", + "sn": "ldap user2"}) + + print "Testing Ambigious Name Resolution" + # Testing ldb.search for (&(anr=ldap testy)(objectClass=user)) + res = ldb.search(expression="(&(anr=ldap testy)(objectClass=user))") + self.assertEquals(len(res), 3, "Could not find (&(anr=ldap testy)(objectClass=user))") + + # Testing ldb.search for (&(anr=testy ldap)(objectClass=user)) + res = ldb.search(expression="(&(anr=testy ldap)(objectClass=user))") + self.assertEquals(len(res), 2, "Found only %d for (&(anr=testy ldap)(objectClass=user))" % len(res)) + + # Testing ldb.search for (&(anr=ldap)(objectClass=user)) + res = ldb.search(expression="(&(anr=ldap)(objectClass=user))") + self.assertEquals(len(res), 4, "Found only %d for (&(anr=ldap)(objectClass=user))" % len(res)) + + # Testing ldb.search for (&(anr==ldap)(objectClass=user)) + res = ldb.search(expression="(&(anr==ldap)(objectClass=user))") + self.assertEquals(len(res), 1, "Could not find (&(anr==ldap)(objectClass=user)). Found only %d for (&(anr=ldap)(objectClass=user))" % len(res)) + + self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn)) + self.assertEquals(res[0]["cn"][0], "ldaptestuser") + self.assertEquals(res[0]["name"], "ldaptestuser") + + # Testing ldb.search for (&(anr=testy)(objectClass=user)) + res = ldb.search(expression="(&(anr=testy)(objectClass=user))") + self.assertEquals(len(res), 2, "Found only %d for (&(anr=testy)(objectClass=user))" % len(res)) + + # Testing ldb.search for (&(anr=ldap testy)(objectClass=user)) + res = ldb.search(expression="(&(anr=testy ldap)(objectClass=user))") + self.assertEquals(len(res), 2, "Found only %d for (&(anr=ldap testy)(objectClass=user))" % len(res)) + + # Testing ldb.search for (&(anr==ldap testy)(objectClass=user)) + res = ldb.search(expression="(&(anr==testy ldap)(objectClass=user))") + self.assertEquals(len(res), 1, "Found only %d for (&(anr==ldap testy)(objectClass=user))" % len(res)) + + self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn)) + self.assertEquals(res[0]["cn"][0], "ldaptestuser") + self.assertEquals(res[0]["name"][0], "ldaptestuser") + + # Testing ldb.search for (&(anr==testy ldap)(objectClass=user)) + res = ldb.search(expression="(&(anr==testy ldap)(objectClass=user))") + self.assertEquals(len(res), 1, "Could not find (&(anr==testy ldap)(objectClass=user))") + + self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn)) + self.assertEquals(res[0]["cn"][0], "ldaptestuser") + self.assertEquals(res[0]["name"][0], "ldaptestuser") + + # Testing ldb.search for (&(anr=testy ldap user)(objectClass=user)) + res = ldb.search(expression="(&(anr=testy ldap user)(objectClass=user))") + self.assertEquals(len(res), 1, "Could not find (&(anr=testy ldap user)(objectClass=user))") + + self.assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + self.base_dn)) + self.assertEquals(res[0]["cn"], "ldaptestuser2") + self.assertEquals(res[0]["name"], "ldaptestuser2") + + # Testing ldb.search for (&(anr==testy ldap user2)(objectClass=user)) + res = ldb.search(expression="(&(anr==testy ldap user2)(objectClass=user))") + self.assertEquals(len(res), 1, "Could not find (&(anr==testy ldap user2)(objectClass=user))") + + self.assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + self.base_dn)) + self.assertEquals(res[0]["cn"], "ldaptestuser2") + self.assertEquals(res[0]["name"], "ldaptestuser2") + + # Testing ldb.search for (&(anr==ldap user2)(objectClass=user)) + res = ldb.search(expression="(&(anr==ldap user2)(objectClass=user))") + self.assertEquals(len(res), 1, "Could not find (&(anr==ldap user2)(objectClass=user))") + + self.assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + self.base_dn)) + self.assertEquals(res[0]["cn"], "ldaptestuser2") + self.assertEquals(res[0]["name"], "ldaptestuser2") + + # Testing ldb.search for (&(anr==not ldap user2)(objectClass=user)) + res = ldb.search(expression="(&(anr==not ldap user2)(objectClass=user))") + self.assertEquals(len(res), 0, "Must not find (&(anr==not ldap user2)(objectClass=user))") + + # Testing ldb.search for (&(anr=not ldap user2)(objectClass=user)) + res = ldb.search(expression="(&(anr=not ldap user2)(objectClass=user))") + self.assertEquals(len(res), 0, "Must not find (&(anr=not ldap user2)(objectClass=user))") + + print "Testing Group Modifies" + ldb.modify_ldif(""" +dn: cn=ldaptestgroup,cn=users,""" + self.base_dn + """ changetype: modify add: member -member: cn=ldaptestuser2,cn=users,""" + base_dn + """ -member: cn=ldaptestcomputer,cn=computers,""" + base_dn + """ +member: cn=ldaptestuser2,cn=users,""" + self.base_dn + """ +member: cn=ldaptestcomputer,cn=computers,""" + self.base_dn + """ """) - delete_force(ldb, "cn=ldaptestuser3,cn=users," + base_dn) + self.delete_force(ldb, "cn=ldaptestuser3,cn=users," + self.base_dn) - print "Testing adding non-existent user to a group" - try: - ldb.modify_ldif(""" -dn: cn=ldaptestgroup,cn=users,""" + base_dn + """ + print "Testing adding non-existent user to a group" + try: + ldb.modify_ldif(""" +dn: cn=ldaptestgroup,cn=users,""" + self.base_dn + """ changetype: modify add: member -member: cn=ldaptestuser3,cn=users,""" + base_dn + """ +member: cn=ldaptestuser3,cn=users,""" + self.base_dn + """ """) - except LdbError, (num, _): - assert num == LDB_ERR_NO_SUCH_OBJECT - else: - assert False - - print "Testing Renames" - - ldb.rename("cn=ldaptestuser2,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn) - - ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn) - - ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestUSER3,cn=users," + base_dn) - - print "Testing ldb.search for (&(cn=ldaptestuser3)(objectClass=user))" - res = ldb.search(expression="(&(cn=ldaptestuser3)(objectClass=user))") - assert len(res) == 1, "Could not find (&(cn=ldaptestuser3)(objectClass=user))" - - assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + base_dn)) - assertEquals(res[0]["cn"], "ldaptestUSER3") - assertEquals(res[0]["name"], "ldaptestUSER3") - -# This is a Samba special, and does not exist in real AD -# print "Testing ldb.search for (dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")" -# res = ldb.search("(dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")") -# if (res.error != 0 || len(res) != 1) { -# print "Could not find (dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")" -# assertEquals(len(res), 1) -# } -# assertEquals(res[0].dn, ("CN=ldaptestUSER3,CN=Users," + base_dn)) -# assertEquals(res[0].cn, "ldaptestUSER3") -# assertEquals(res[0].name, "ldaptestUSER3") - - print "Testing ldb.search for (distinguishedName=CN=ldaptestUSER3,CN=Users," + base_dn + ")" - res = ldb.search(expression="(distinguishedName=CN=ldaptestUSER3,CN=Users," + base_dn + ")") - assert len(res) == 1, "Could not find (dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")" - assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + base_dn)) - assertEquals(res[0]["cn"], "ldaptestUSER3") - assertEquals(res[0]["name"], "ldaptestUSER3") - - # ensure we cannot add it again - try: - ldb.add({"dn": "cn=ldaptestuser3,cn=userS," + base_dn, - "objectClass": ["person", "user"], - "cn": "LDAPtestUSER3"}) - except LdbError, (num, _): - assert num == LDB_ERR_ENTRY_ALREADY_EXISTS - else: - assert False - - # rename back - ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser2,cn=users," + base_dn) - - # ensure we cannnot rename it twice - try: - ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser2,cn=users," + base_dn) - except LdbError, (num, _): - assert num == LDB_ERR_NO_SUCH_OBJECT - else: - assert False - - # ensure can now use that name - ldb.add({"dn": "cn=ldaptestuser3,cn=users," + base_dn, - "objectClass": ["person", "user"], - "cn": "LDAPtestUSER3"}) - - # ensure we now cannnot rename - try: - ldb.rename("cn=ldaptestuser2,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn) - except LdbError, (num, _): - assert num == LDB_ERR_ENTRY_ALREADY_EXISTS - else: - assert False - try: - ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser3,cn=configuration," + base_dn) - except LdbError, (num, _): - assert num in (71, 64) - else: - assert False - - ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser5,cn=users," + base_dn) - - ldb.delete("cn=ldaptestuser5,cn=users," + base_dn) - - delete_force(ldb, "cn=ldaptestgroup2,cn=users," + base_dn) - - ldb.rename("cn=ldaptestgroup,cn=users," + base_dn, "cn=ldaptestgroup2,cn=users," + base_dn) - - print "Testing subtree Renames" - - ldb.add({"dn": "cn=ldaptestcontainer," + base_dn, - "objectClass": "container"}) - - try: - ldb.add({"dn": "CN=ldaptestuser4,CN=ldaptestcontainer," + base_dn, - "objectClass": ["person", "user"], - "cn": "LDAPtestUSER4"}) - except LdbError: - ldb.delete("cn=ldaptestuser4,cn=ldaptestcontainer," + base_dn) - ldb.add({"dn": "CN=ldaptestuser4,CN=ldaptestcontainer," + base_dn, + except LdbError, (num, _): + self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT) + else: + self.fail() + + print "Testing Renames" + + ldb.rename("cn=ldaptestuser2,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=users," + self.base_dn) + + ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=users," + self.base_dn) + + ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestUSER3,cn=users," + self.base_dn) + + print "Testing ldb.search for (&(cn=ldaptestuser3)(objectClass=user))" + res = ldb.search(expression="(&(cn=ldaptestuser3)(objectClass=user))") + self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser3)(objectClass=user))") + + self.assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + self.base_dn)) + self.assertEquals(res[0]["cn"], "ldaptestUSER3") + self.assertEquals(res[0]["name"], "ldaptestUSER3") + + # This is a Samba special, and does not exist in real AD + # print "Testing ldb.search for (dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")" + # res = ldb.search("(dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")") + # if (res.error != 0 || len(res) != 1) { + # print "Could not find (dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")" + # self.assertEquals(len(res), 1) + # } + # self.assertEquals(res[0].dn, ("CN=ldaptestUSER3,CN=Users," + self.base_dn)) + # self.assertEquals(res[0].cn, "ldaptestUSER3") + # self.assertEquals(res[0].name, "ldaptestUSER3") + + print "Testing ldb.search for (distinguishedName=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")" + res = ldb.search(expression="(distinguishedName=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")") + self.assertEquals(len(res), 1, "Could not find (dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")") + self.assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + self.base_dn)) + self.assertEquals(res[0]["cn"], "ldaptestUSER3") + self.assertEquals(res[0]["name"], "ldaptestUSER3") + + # ensure we cannot add it again + try: + ldb.add({"dn": "cn=ldaptestuser3,cn=userS," + self.base_dn, "objectClass": ["person", "user"], - "cn": "LDAPtestUSER4"}) + "cn": "LDAPtestUSER3"}) + except LdbError, (num, _): + self.assertEquals(num, LDB_ERR_ENTRY_ALREADY_EXISTS) + else: + self.fail() + + # rename back + ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser2,cn=users," + self.base_dn) + + # ensure we cannnot rename it twice + try: + ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser2,cn=users," + self.base_dn) + except LdbError, (num, _): + self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT) + else: + self.fail() + + # ensure can now use that name + ldb.add({"dn": "cn=ldaptestuser3,cn=users," + self.base_dn, + "objectClass": ["person", "user"], + "cn": "LDAPtestUSER3"}) + + # ensure we now cannnot rename + try: + ldb.rename("cn=ldaptestuser2,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=users," + self.base_dn) + except LdbError, (num, _): + self.assertEquals(num, LDB_ERR_ENTRY_ALREADY_EXISTS) + else: + self.fail() + try: + ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=configuration," + self.base_dn) + except LdbError, (num, _): + self.assertTrue(num in (71, 64)) + else: + self.fail() + + ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser5,cn=users," + self.base_dn) + + ldb.delete("cn=ldaptestuser5,cn=users," + self.base_dn) + + self.delete_force(ldb, "cn=ldaptestgroup2,cn=users," + self.base_dn) + + ldb.rename("cn=ldaptestgroup,cn=users," + self.base_dn, "cn=ldaptestgroup2,cn=users," + self.base_dn) + + print "Testing subtree Renames" - ldb.modify_ldif(""" -dn: cn=ldaptestgroup2,cn=users,""" + base_dn + """ + ldb.add({"dn": "cn=ldaptestcontainer," + self.base_dn, + "objectClass": "container"}) + + self.delete_force(self.ldb, "cn=ldaptestuser4,cn=ldaptestcontainer," + self.base_dn) + ldb.add({"dn": "CN=ldaptestuser4,CN=ldaptestcontainer," + self.base_dn, + "objectClass": ["person", "user"], + "cn": "LDAPtestUSER4"}) + + ldb.modify_ldif(""" +dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """ changetype: modify add: member -member: cn=ldaptestuser4,cn=ldaptestcontainer,""" + base_dn + """ +member: cn=ldaptestuser4,cn=ldaptestcontainer,""" + self.base_dn + """ """) - - print "Testing ldb.rename of cn=ldaptestcontainer," + base_dn + " to cn=ldaptestcontainer2," + base_dn - ldb.rename("CN=ldaptestcontainer," + base_dn, "CN=ldaptestcontainer2," + base_dn) - - print "Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user))" - res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))") - assert len(res) == 1, "Could not find (&(cn=ldaptestuser4)(objectClass=user))" - - print "Testing subtree ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + base_dn - try: - ldb.search("cn=ldaptestcontainer," + base_dn, - expression="(&(cn=ldaptestuser4)(objectClass=user))", - scope=SCOPE_SUBTREE) - except LdbError, (num, _): - assert num == LDB_ERR_NO_SUCH_OBJECT - else: - assert False - - print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + base_dn - try: - res = ldb.search("cn=ldaptestcontainer," + base_dn, expression="(&(cn=ldaptestuser4)(objectClass=user))", scope=SCOPE_ONELEVEL) - except LdbError, (num, _): - assert num == LDB_ERR_NO_SUCH_OBJECT - else: - assert False - - print "Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in renamed container" - res = ldb.search("cn=ldaptestcontainer2," + base_dn, expression="(&(cn=ldaptestuser4)(objectClass=user))", scope=SCOPE_SUBTREE) - assert len(res) == 1, "Could not find (&(cn=ldaptestuser4)(objectClass=user)) under cn=ldaptestcontainer2," + base_dn - - assertEquals(str(res[0].dn), ("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn)) - assertEquals(res[0]["memberOf"][0].upper(), ("CN=ldaptestgroup2,CN=Users," + base_dn).upper()) - - print "Testing ldb.search for (&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn + ")(objectclass=group)) to check subtree renames and linked attributes" - res = ldb.search(base_dn, expression="(&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn + ")(objectclass=group))", scope=SCOPE_SUBTREE) - assert len(res) == 1, "Could not find (&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn + ")(objectclass=group)), perhaps linked attributes are not conistant with subtree renames?" - - print "Testing ldb.rename (into itself) of cn=ldaptestcontainer2," + base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer2," + base_dn - try: - ldb.rename("cn=ldaptestcontainer2," + base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer2," + base_dn) - except LdbError, (num, _): - assert num == LDB_ERR_UNWILLING_TO_PERFORM - else: - assert False - - print "Testing ldb.rename (into non-existent container) of cn=ldaptestcontainer2," + base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer3," + base_dn - try: - ldb.rename("cn=ldaptestcontainer2," + base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer3," + base_dn) - except LdbError, (num, _): - assert num in (53, 80) - else: - assert False - - print "Testing delete (should fail, not a leaf node) of renamed cn=ldaptestcontainer2," + base_dn - try: - ldb.delete("cn=ldaptestcontainer2," + base_dn) - except LdbError, (num, _): - assert num == LDB_ERR_NOT_ALLOWED_ON_NON_LEAF - else: - assert False - - print "Testing base ldb.search for CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn - res = ldb.search(expression="(objectclass=*)", base=("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn), scope=SCOPE_BASE) - assert len(res) == 1 - res = ldb.search(expression="(cn=ldaptestuser40)", base=("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn), scope=SCOPE_BASE) - assert len(res) == 0 - - print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + base_dn - res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))", base=("cn=ldaptestcontainer2," + base_dn), scope=SCOPE_ONELEVEL) - assert len(res) == 0 - - print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + base_dn - res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))", base=("cn=ldaptestcontainer2," + base_dn), scope=SCOPE_SUBTREE) - assert len(res) == 0 - - print "Testing delete of subtree renamed "+("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn) - ldb.delete(("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn)) - print "Testing delete of renamed cn=ldaptestcontainer2," + base_dn - ldb.delete("cn=ldaptestcontainer2," + base_dn) - - try: - ldb.add({"dn": "cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn, "objectClass": "user"}) - except LdbError, (num, _): - ldb.delete("cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn) - ldb.add({"dn": "cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn, "objectClass": "user"}) - - try: - ldb.add({"dn": "cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn, "objectClass": "user"}) - except LdbError, (num, _): - ldb.delete("cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn) - ldb.add({"dn": "cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn, - "objectClass": "user"}) - - print "Testing ldb.search for (&(cn=ldaptestuser)(objectClass=user))" - res = ldb.search(expression="(&(cn=ldaptestuser)(objectClass=user))") - assert len(res) == 1, "Could not find (&(cn=ldaptestuser)(objectClass=user))" - - assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + base_dn)) - assertEquals(res[0]["cn"], "ldaptestuser") - assertEquals(res[0]["name"], "ldaptestuser") - assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"]) - assert("objectGUID" in res[0]) - assert("whenCreated" in res[0]) - assertEquals(res[0]["objectCategory"], ("CN=Person,CN=Schema,CN=Configuration," + base_dn)) - assertEquals(int(res[0]["sAMAccountType"][0]), 805306368) -# assertEquals(res[0].userAccountControl, 546) - assertEquals(res[0]["memberOf"][0], ("CN=ldaptestgroup2,CN=Users," + base_dn)) - assertEquals(len(res[0]["memberOf"]), 1) - - print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))" - res2 = ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))") - assert len(res2) == 1, "Could not find (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))" - - assertEquals(res[0].dn, res2[0].dn) - - print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon))" - res3 = ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=PerSon))") - assert len(res3) == 1, "Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)): matched " + len(res3) - - assertEquals(res[0].dn, res3[0].dn) - - if gc_ldb is not None: - print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog" - res3gc = gc_ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=PerSon))") - assert len(res3gc) == 1 - - assertEquals(res[0].dn, res3gc[0].dn) - - print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in with 'phantom root' control" - - res3control = gc_ldb.search(base_dn, expression="(&(cn=ldaptestuser)(objectCategory=PerSon))", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:2"]) - assert len(res3control) == 1, "Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog" - - assertEquals(res[0].dn, res3control[0].dn) - - ldb.delete(res[0].dn) - - print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectClass=user))" - res = ldb.search(expression="(&(cn=ldaptestcomputer)(objectClass=user))") - assert len(res) == 1, "Could not find (&(cn=ldaptestuser)(objectClass=user))" - - assertEquals(str(res[0].dn), ("CN=ldaptestcomputer,CN=Computers," + base_dn)) - assertEquals(res[0]["cn"], "ldaptestcomputer") - assertEquals(res[0]["name"], "ldaptestcomputer") - assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user", "computer"]) - assert("objectGUID" in res[0]) - assert("whenCreated" in res[0]) - assertEquals(res[0]["objectCategory"], ("CN=Computer,CN=Schema,CN=Configuration," + base_dn)) - assertEquals(int(res[0]["primaryGroupID"][0]), 513) -# assertEquals(res[0].sAMAccountType, 805306368) -# assertEquals(res[0].userAccountControl, 546) - assertEquals(res[0]["memberOf"][0], "CN=ldaptestgroup2,CN=Users," + base_dn) - assertEquals(len(res[0]["memberOf"]), 1) - - print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))" - res2 = ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))") - assert len(res2) == 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))" - - assertEquals(res[0].dn, res2[0].dn) - - if gc_ldb is not None: - print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + ")) in Global Catlog" - res2gc = gc_ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))") - assert len(res2gc) == 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + ")) in Global Catlog" - - assertEquals(res[0].dn, res2gc[0].dn) - - print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER))" - res3 = ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=compuTER))") - assert len(res3) == 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER))" - - assertEquals(res[0].dn, res3[0].dn) - - if gc_ldb is not None: - print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog" - res3gc = gc_ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=compuTER))") - assert len(res3gc) == 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog" - - assertEquals(res[0].dn, res3gc[0].dn) - - print "Testing ldb.search for (&(cn=ldaptestcomp*r)(objectCategory=compuTER))" - res4 = ldb.search(expression="(&(cn=ldaptestcomp*r)(objectCategory=compuTER))") - assert len(res4) == 1, "Could not find (&(cn=ldaptestcomp*r)(objectCategory=compuTER))" - - assertEquals(res[0].dn, res4[0].dn) - - print "Testing ldb.search for (&(cn=ldaptestcomput*)(objectCategory=compuTER))" - res5 = ldb.search(expression="(&(cn=ldaptestcomput*)(objectCategory=compuTER))") - assert len(res5) == 1, "Could not find (&(cn=ldaptestcomput*)(objectCategory=compuTER))" - - assertEquals(res[0].dn, res5[0].dn) - - print "Testing ldb.search for (&(cn=*daptestcomputer)(objectCategory=compuTER))" - res6 = ldb.search(expression="(&(cn=*daptestcomputer)(objectCategory=compuTER))") - assert len(res6) == 1, "Could not find (&(cn=*daptestcomputer)(objectCategory=compuTER))" - - assertEquals(res[0].dn, res6[0].dn) - - ldb.delete(res[0].dn) - - print "Testing ldb.search for (&(cn=ldaptest2computer)(objectClass=user))" - res = ldb.search(expression="(&(cn=ldaptest2computer)(objectClass=user))") - assert len(res) == 1, "Could not find (&(cn=ldaptest2computer)(objectClass=user))" - - assertEquals(res[0].dn, ("CN=ldaptest2computer,CN=Computers," + base_dn)) - assertEquals(res[0]["cn"], "ldaptest2computer") - assertEquals(res[0]["name"], "ldaptest2computer") - assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user", "computer"]) - assert("objectGUID" in res[0]) - assert("whenCreated" in res[0]) - assertEquals(res[0]["objectCategory"][0], "CN=Computer,CN=Schema,CN=Configuration," + base_dn) - assertEquals(int(res[0]["sAMAccountType"][0]), 805306369) -# assertEquals(res[0].userAccountControl, 4098) - - ldb.delete(res[0].dn) - - attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "memberOf"] - print "Testing ldb.search for (&(cn=ldaptestUSer2)(objectClass=user))" - res = ldb.search(base_dn, expression="(&(cn=ldaptestUSer2)(objectClass=user))", scope=SCOPE_SUBTREE, attrs=attrs) - assert len(res) == 1, "Could not find (&(cn=ldaptestUSer2)(objectClass=user))" - - assertEquals(res[0].dn, ("CN=ldaptestuser2,CN=Users," + base_dn)) - assertEquals(res[0]["cn"], "ldaptestuser2") - assertEquals(res[0]["name"], "ldaptestuser2") - assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"]) - assert("objectGUID" in res[0]) - assert("whenCreated" in res[0]) - assert("nTSecurityDescriptor" in res[0]) - assertEquals(res[0]["memberOf"][0], ("CN=ldaptestgroup2,CN=Users," + base_dn)) - - attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member"] - print "Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group))" - res = ldb.search(base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs) - assert len(res) == 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group))" - - assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + base_dn)) - assertEquals(res[0]["cn"], "ldaptestgroup2") - assertEquals(res[0]["name"], "ldaptestgroup2") - assertEquals(res[0]["objectClass"], ["top", "group"]) - assert("objectGuid" not in res[0]) - assert("whenCreated" in res[0]) - assert("nTSecurityDescriptor" in res[0]) - assertEquals(res[0]["member"], ["CN=ldaptestuser2,CN=Users," + base_dn]) - - ldb.modify_ldif(""" -dn: cn=ldaptestgroup2,cn=users,""" + base_dn + """ + + print "Testing ldb.rename of cn=ldaptestcontainer," + self.base_dn + " to cn=ldaptestcontainer2," + self.base_dn + ldb.rename("CN=ldaptestcontainer," + self.base_dn, "CN=ldaptestcontainer2," + self.base_dn) + + print "Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user))" + res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))") + self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser4)(objectClass=user))") + + print "Testing subtree ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + self.base_dn + try: + ldb.search("cn=ldaptestcontainer," + self.base_dn, + expression="(&(cn=ldaptestuser4)(objectClass=user))", + scope=SCOPE_SUBTREE) + except LdbError, (num, _): + self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT) + else: + self.fail() + + print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + self.base_dn + try: + res = ldb.search("cn=ldaptestcontainer," + self.base_dn, + expression="(&(cn=ldaptestuser4)(objectClass=user))", scope=SCOPE_ONELEVEL) + except LdbError, (num, _): + self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT) + else: + self.fail() + + print "Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in renamed container" + res = ldb.search("cn=ldaptestcontainer2," + self.base_dn, expression="(&(cn=ldaptestuser4)(objectClass=user))", scope=SCOPE_SUBTREE) + self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser4)(objectClass=user)) under cn=ldaptestcontainer2," + self.base_dn) + + self.assertEquals(str(res[0].dn), ("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn)) + self.assertEquals(res[0]["memberOf"][0].upper(), ("CN=ldaptestgroup2,CN=Users," + self.base_dn).upper()) + + print "Testing ldb.search for (&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn + ")(objectclass=group)) to check subtree renames and linked attributes" + res = ldb.search(self.base_dn, expression="(&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn + ")(objectclass=group))", scope=SCOPE_SUBTREE) + self.assertEquals(len(res), 1, "Could not find (&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn + ")(objectclass=group)), perhaps linked attributes are not conistant with subtree renames?") + + print "Testing ldb.rename (into itself) of cn=ldaptestcontainer2," + self.base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer2," + self.base_dn + try: + ldb.rename("cn=ldaptestcontainer2," + self.base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer2," + self.base_dn) + except LdbError, (num, _): + self.assertEquals(num, LDB_ERR_UNWILLING_TO_PERFORM) + else: + self.fail() + + print "Testing ldb.rename (into non-existent container) of cn=ldaptestcontainer2," + self.base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer3," + self.base_dn + try: + ldb.rename("cn=ldaptestcontainer2," + self.base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer3," + self.base_dn) + except LdbError, (num, _): + self.assertTrue(num in (LDB_ERR_UNWILLING_TO_PERFORM, LDB_ERR_OTHER)) + else: + self.fail() + + print "Testing delete (should fail, not a leaf node) of renamed cn=ldaptestcontainer2," + self.base_dn + try: + ldb.delete("cn=ldaptestcontainer2," + self.base_dn) + except LdbError, (num, _): + self.assertEquals(num, LDB_ERR_NOT_ALLOWED_ON_NON_LEAF) + else: + self.fail() + + print "Testing base ldb.search for CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn + res = ldb.search(expression="(objectclass=*)", base=("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn), scope=SCOPE_BASE) + self.assertEquals(len(res), 1) + res = ldb.search(expression="(cn=ldaptestuser40)", base=("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn), scope=SCOPE_BASE) + self.assertEquals(len(res), 0) + + print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + self.base_dn + res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))", base=("cn=ldaptestcontainer2," + self.base_dn), scope=SCOPE_ONELEVEL) + self.assertEquals(len(res), 0) + + print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + self.base_dn + res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))", base=("cn=ldaptestcontainer2," + self.base_dn), scope=SCOPE_SUBTREE) + self.assertEquals(len(res), 0) + + print "Testing delete of subtree renamed "+("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn) + ldb.delete(("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn)) + print "Testing delete of renamed cn=ldaptestcontainer2," + self.base_dn + ldb.delete("cn=ldaptestcontainer2," + self.base_dn) + + self.delete_force(self.ldb, "cn=ldaptestutf8user èùéìòà ,cn=users," + self.base_dn) + ldb.add({"dn": "cn=ldaptestutf8user èùéìòà ,cn=users," + self.base_dn, "objectClass": "user"}) + + self.delete_force(self.ldb, "cn=ldaptestutf8user2 èùéìòà ,cn=users," + self.base_dn) + ldb.add({"dn": "cn=ldaptestutf8user2 èùéìòà ,cn=users," + self.base_dn, "objectClass": "user"}) + + print "Testing ldb.search for (&(cn=ldaptestuser)(objectClass=user))" + res = ldb.search(expression="(&(cn=ldaptestuser)(objectClass=user))") + self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser)(objectClass=user))") + + self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn)) + self.assertEquals(res[0]["cn"], "ldaptestuser") + self.assertEquals(res[0]["name"], "ldaptestuser") + self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"]) + self.assertTrue("objectGUID" in res[0]) + self.assertTrue("whenCreated" in res[0]) + self.assertEquals(res[0]["objectCategory"], ("CN=Person,CN=Schema,CN=Configuration," + self.base_dn)) + self.assertEquals(int(res[0]["sAMAccountType"][0]), 805306368) + # self.assertEquals(res[0].userAccountControl, 546) + self.assertEquals(res[0]["memberOf"][0], ("CN=ldaptestgroup2,CN=Users," + self.base_dn)) + self.assertEquals(len(res[0]["memberOf"]), 1) + + print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + self.base_dn + "))" + res2 = ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + self.base_dn + "))") + self.assertEquals(len(res2), 1, "Could not find (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + self.base_dn + "))") + + self.assertEquals(res[0].dn, res2[0].dn) + + print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon))" + res3 = ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=PerSon))") + self.assertEquals(len(res3), 1, "Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)): matched " + len(res3)) + + self.assertEquals(res[0].dn, res3[0].dn) + + if gc_ldb is not None: + print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog" + res3gc = gc_ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=PerSon))") + self.assertEquals(len(res3gc), 1) + + self.assertEquals(res[0].dn, res3gc[0].dn) + + print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in with 'phantom root' control" + + res3control = gc_ldb.search(self.base_dn, expression="(&(cn=ldaptestuser)(objectCategory=PerSon))", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:2"]) + self.assertEquals(len(res3control), 1, "Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog") + + self.assertEquals(res[0].dn, res3control[0].dn) + + ldb.delete(res[0].dn) + + print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectClass=user))" + res = ldb.search(expression="(&(cn=ldaptestcomputer)(objectClass=user))") + self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser)(objectClass=user))") + + self.assertEquals(str(res[0].dn), ("CN=ldaptestcomputer,CN=Computers," + self.base_dn)) + self.assertEquals(res[0]["cn"], "ldaptestcomputer") + self.assertEquals(res[0]["name"], "ldaptestcomputer") + self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user", "computer"]) + self.assertTrue("objectGUID" in res[0]) + self.assertTrue("whenCreated" in res[0]) + self.assertEquals(res[0]["objectCategory"], ("CN=Computer,CN=Schema,CN=Configuration," + self.base_dn)) + self.assertEquals(int(res[0]["primaryGroupID"][0]), 513) + # self.assertEquals(res[0].sAMAccountType, 805306368) + # self.assertEquals(res[0].userAccountControl, 546) + self.assertEquals(res[0]["memberOf"][0], "CN=ldaptestgroup2,CN=Users," + self.base_dn) + self.assertEquals(len(res[0]["memberOf"]), 1) + + print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))" + res2 = ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))") + self.assertEquals(len(res2), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))") + + self.assertEquals(res[0].dn, res2[0].dn) + + if gc_ldb is not None: + print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + ")) in Global Catlog" + res2gc = gc_ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))") + self.assertEquals(len(res2gc), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + ")) in Global Catlog") + + self.assertEquals(res[0].dn, res2gc[0].dn) + + print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER))" + res3 = ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=compuTER))") + self.assertEquals(len(res3), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER))") + + self.assertEquals(res[0].dn, res3[0].dn) + + if gc_ldb is not None: + print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog" + res3gc = gc_ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=compuTER))") + self.assertEquals(len(res3gc), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog") + + self.assertEquals(res[0].dn, res3gc[0].dn) + + print "Testing ldb.search for (&(cn=ldaptestcomp*r)(objectCategory=compuTER))" + res4 = ldb.search(expression="(&(cn=ldaptestcomp*r)(objectCategory=compuTER))") + self.assertEquals(len(res4), 1, "Could not find (&(cn=ldaptestcomp*r)(objectCategory=compuTER))") + + self.assertEquals(res[0].dn, res4[0].dn) + + print "Testing ldb.search for (&(cn=ldaptestcomput*)(objectCategory=compuTER))" + res5 = ldb.search(expression="(&(cn=ldaptestcomput*)(objectCategory=compuTER))") + self.assertEquals(len(res5), 1, "Could not find (&(cn=ldaptestcomput*)(objectCategory=compuTER))") + + self.assertEquals(res[0].dn, res5[0].dn) + + print "Testing ldb.search for (&(cn=*daptestcomputer)(objectCategory=compuTER))" + res6 = ldb.search(expression="(&(cn=*daptestcomputer)(objectCategory=compuTER))") + self.assertEquals(len(res6), 1, "Could not find (&(cn=*daptestcomputer)(objectCategory=compuTER))") + + self.assertEquals(res[0].dn, res6[0].dn) + + ldb.delete(res[0].dn) + + print "Testing ldb.search for (&(cn=ldaptest2computer)(objectClass=user))" + res = ldb.search(expression="(&(cn=ldaptest2computer)(objectClass=user))") + self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptest2computer)(objectClass=user))") + + self.assertEquals(res[0].dn, ("CN=ldaptest2computer,CN=Computers," + self.base_dn)) + self.assertEquals(res[0]["cn"], "ldaptest2computer") + self.assertEquals(res[0]["name"], "ldaptest2computer") + self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user", "computer"]) + self.assertTrue("objectGUID" in res[0]) + self.assertTrue("whenCreated" in res[0]) + self.assertEquals(res[0]["objectCategory"][0], "CN=Computer,CN=Schema,CN=Configuration," + self.base_dn) + self.assertEquals(int(res[0]["sAMAccountType"][0]), 805306369) + # self.assertEquals(res[0].userAccountControl, 4098) + + ldb.delete(res[0].dn) + + attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "memberOf"] + print "Testing ldb.search for (&(cn=ldaptestUSer2)(objectClass=user))" + res = ldb.search(self.base_dn, expression="(&(cn=ldaptestUSer2)(objectClass=user))", scope=SCOPE_SUBTREE, attrs=attrs) + self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestUSer2)(objectClass=user))") + + self.assertEquals(res[0].dn, ("CN=ldaptestuser2,CN=Users," + self.base_dn)) + self.assertEquals(res[0]["cn"], "ldaptestuser2") + self.assertEquals(res[0]["name"], "ldaptestuser2") + self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"]) + self.assertTrue("objectGUID" in res[0]) + self.assertTrue("whenCreated" in res[0]) + self.assertTrue("nTSecurityDescriptor" in res[0]) + self.assertEquals(res[0]["memberOf"][0], ("CN=ldaptestgroup2,CN=Users," + self.base_dn)) + + attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member"] + print "Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group))" + res = ldb.search(self.base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs) + self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group))") + + self.assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + self.base_dn)) + self.assertEquals(res[0]["cn"], "ldaptestgroup2") + self.assertEquals(res[0]["name"], "ldaptestgroup2") + self.assertEquals(res[0]["objectClass"], ["top", "group"]) + self.assertTrue("objectGuid" not in res[0]) + self.assertTrue("whenCreated" in res[0]) + self.assertTrue("nTSecurityDescriptor" in res[0]) + self.assertEquals(res[0]["member"], ["CN=ldaptestuser2,CN=Users," + self.base_dn]) + + ldb.modify_ldif(""" +dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """ changetype: modify replace: member -member: CN=ldaptestuser2,CN=Users,""" + base_dn + """ -member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + base_dn + """ +member: CN=ldaptestuser2,CN=Users,""" + self.base_dn + """ +member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """ """) - - print "Testing Linked attribute behaviours" - ldb.modify_ldif(""" -dn: cn=ldaptestgroup2,cn=users,""" + base_dn + """ + + print "Testing Linked attribute behaviours" + ldb.modify_ldif(""" +dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """ changetype: modify delete: member """) - ldb.modify_ldif(""" -dn: cn=ldaptestgroup2,cn=users,""" + base_dn + """ + ldb.modify_ldif(""" +dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """ changetype: modify add: member -member: CN=ldaptestuser2,CN=Users,""" + base_dn + """ -member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + base_dn + """ +member: CN=ldaptestuser2,CN=Users,""" + self.base_dn + """ +member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """ """) - - ldb.modify_ldif(""" -dn: cn=ldaptestgroup2,cn=users,""" + base_dn + """ + + ldb.modify_ldif(""" +dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """ changetype: modify replace: member """) - - ldb.modify_ldif(""" -dn: cn=ldaptestgroup2,cn=users,""" + base_dn + """ + + ldb.modify_ldif(""" +dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """ changetype: modify add: member -member: CN=ldaptestuser2,CN=Users,""" + base_dn + """ -member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + base_dn + """ +member: CN=ldaptestuser2,CN=Users,""" + self.base_dn + """ +member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """ """) - - ldb.modify_ldif(""" -dn: cn=ldaptestgroup2,cn=users,""" + base_dn + """ + + ldb.modify_ldif(""" +dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """ changetype: modify delete: member -member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + base_dn + """ +member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """ """) - - res = ldb.search(base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs) - assert len(res) == 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group))" + + res = ldb.search(self.base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs) + self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group))") - assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + base_dn)) - assertEquals(res[0]["member"][0], ("CN=ldaptestuser2,CN=Users," + base_dn)) - assertEquals(len(res[0]["member"]), 1) + self.assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + self.base_dn)) + self.assertEquals(res[0]["member"][0], ("CN=ldaptestuser2,CN=Users," + self.base_dn)) + self.assertEquals(len(res[0]["member"]), 1) - ldb.delete(("CN=ldaptestuser2,CN=Users," + base_dn)) + ldb.delete(("CN=ldaptestuser2,CN=Users," + self.base_dn)) - attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member"] - print "Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete" - res = ldb.search(base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs) - assert len(res) == 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete" + attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member"] + print "Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete" + res = ldb.search(self.base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs) + self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete") - assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + base_dn)) - assert("member" not in res[0]) + self.assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + self.base_dn)) + self.assertTrue("member" not in res[0]) - print "Testing ldb.search for (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))" - res = ldb.search(expression="(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))") - assert len(res) == 1, "Could not find (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))" + print "Testing ldb.search for (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))" + res = ldb.search(expression="(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))") + self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))") - assertEquals(res[0].dn, ("CN=ldaptestutf8user èùéìòà,CN=Users," + base_dn)) - assertEquals(res[0]["cn"], "ldaptestutf8user èùéìòà") - assertEquals(res[0]["name"], "ldaptestutf8user èùéìòà") - assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"]) - assert("objectGUID" in res[0]) - assert("whenCreated" in res[0]) + self.assertEquals(res[0].dn, ("CN=ldaptestutf8user èùéìòà,CN=Users," + self.base_dn)) + self.assertEquals(res[0]["cn"], "ldaptestutf8user èùéìòà") + self.assertEquals(res[0]["name"], "ldaptestutf8user èùéìòà") + self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"]) + self.assertTrue("objectGUID" in res[0]) + self.assertTrue("whenCreated" in res[0]) - ldb.delete(res[0].dn) + ldb.delete(res[0].dn) - print "Testing ldb.search for (&(cn=ldaptestutf8user2*)(objectClass=user))" - res = ldb.search(expression="(&(cn=ldaptestutf8user2*)(objectClass=user))") - assert len(res) == 1, "Could not find (&(cn=ldaptestutf8user2*)(objectClass=user))" + print "Testing ldb.search for (&(cn=ldaptestutf8user2*)(objectClass=user))" + res = ldb.search(expression="(&(cn=ldaptestutf8user2*)(objectClass=user))") + self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestutf8user2*)(objectClass=user))") - ldb.delete(res[0].dn) + ldb.delete(res[0].dn) - ldb.delete(("CN=ldaptestgroup2,CN=Users," + base_dn)) + ldb.delete(("CN=ldaptestgroup2,CN=Users," + self.base_dn)) - print "Testing ldb.search for (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))" - res = ldb.search(expression="(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))") + print "Testing ldb.search for (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))" + res = ldb.search(expression="(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))") - #FIXME: assert len(res) == 1, "Could not find (expect space collapse, win2k3 fails) (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))" + #FIXME: self.assert len(res) == 1, "Could not find (expect space collapse, win2k3 fails) (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))" - print "Testing that we can't get at the configuration DN from the main search base" - res = ldb.search(base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"]) - assert len(res) == 0, "Got configuration DN " + res[0].dn + " which should not be able to be seen from main search base" - assertEquals(len(res), 0) + print "Testing that we can't get at the configuration DN from the main search base" + res = ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"]) + self.assertEquals(len(res), 0, "Got configuration DN " + res[0].dn + " which should not be able to be seen from main search base") + self.assertEquals(len(res), 0) - print "Testing that we can get at the configuration DN from the main search base on the LDAP port with the 'phantom root' search_options control" - res = ldb.search(base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:2"]) - assert(len(res) > 0) + print "Testing that we can get at the configuration DN from the main search base on the LDAP port with the 'phantom root' search_options control" + res = ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:2"]) + self.assertTrue(len(res) > 0) - if gc_ldb is not None: - print "Testing that we can get at the configuration DN from the main search base on the GC port with the search_options control == 0" + if gc_ldb is not None: + print "Testing that we can get at the configuration DN from the main search base on the GC port with the search_options control == 0" + + res = gc_ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:0"]) + self.assertTrue(len(res) > 0) + + print "Testing that we do find configuration elements in the global catlog" + res = gc_ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"]) + self.assertTrue(len(res) > 0) + + print "Testing that we do find configuration elements and user elements at the same time" + res = gc_ldb.search(self.base_dn, expression="(|(objectClass=crossRef)(objectClass=person))", scope=SCOPE_SUBTREE, attrs=["cn"]) + self.assertTrue(len(res) > 0) + + print "Testing that we do find configuration elements in the global catlog, with the configuration basedn" + res = gc_ldb.search(configuration_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"]) + self.assertTrue(len(res) > 0) + + print "Testing that we can get at the configuration DN on the main LDAP port" + res = ldb.search(configuration_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"]) + self.assertTrue(len(res) > 0) + + print "Testing objectCategory canonacolisation" + res = ldb.search(configuration_dn, expression="objectCategory=ntDsDSA", scope=SCOPE_SUBTREE, attrs=["cn"]) + self.assertTrue(len(res) > 0, "Didn't find any records with objectCategory=ntDsDSA") + self.assertTrue(len(res) != 0) + + res = ldb.search(configuration_dn, expression="objectCategory=CN=ntDs-DSA," + schema_dn, scope=SCOPE_SUBTREE, attrs=["cn"]) + self.assertTrue(len(res) > 0, "Didn't find any records with objectCategory=CN=ntDs-DSA," + schema_dn) + self.assertTrue(len(res) != 0) - res = gc_ldb.search(base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:0"]) - assert(len(res) > 0) - - print "Testing that we do find configuration elements in the global catlog" - res = gc_ldb.search(base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"]) - assert (len(res) > 0) - - print "Testing that we do find configuration elements and user elements at the same time" - res = gc_ldb.search(base_dn, expression="(|(objectClass=crossRef)(objectClass=person))", scope=SCOPE_SUBTREE, attrs=["cn"]) - assert (len(res) > 0) - - print "Testing that we do find configuration elements in the global catlog, with the configuration basedn" - res = gc_ldb.search(configuration_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"]) - assert (len(res) > 0) - - print "Testing that we can get at the configuration DN on the main LDAP port" - res = ldb.search(configuration_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"]) - assert (len(res) > 0) - - print "Testing objectCategory canonacolisation" - res = ldb.search(configuration_dn, expression="objectCategory=ntDsDSA", scope=SCOPE_SUBTREE, attrs=["cn"]) - assert len(res) > 0, "Didn't find any records with objectCategory=ntDsDSA" - assert(len(res) != 0) - - res = ldb.search(configuration_dn, expression="objectCategory=CN=ntDs-DSA," + schema_dn, scope=SCOPE_SUBTREE, attrs=["cn"]) - assert len(res) > 0, "Didn't find any records with objectCategory=CN=ntDs-DSA," + schema_dn - assert(len(res) != 0) - - print "Testing objectClass attribute order on "+ base_dn - res = ldb.search(expression="objectClass=domain", base=base_dn, - scope=SCOPE_BASE, attrs=["objectClass"]) - assertEquals(len(res), 1) - - assertEquals(res[0]["objectClass"], ["top", "domain", "domainDNS"]) - -# check enumeration - - print "Testing ldb.search for objectCategory=person" - res = ldb.search(base_dn, expression="objectCategory=person", scope=SCOPE_SUBTREE, attrs=["cn"]) - assert(len(res) > 0) - - print "Testing ldb.search for objectCategory=person with domain scope control" - res = ldb.search(base_dn, expression="objectCategory=person", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"]) - assert(len(res) > 0) - - print "Testing ldb.search for objectCategory=user" - res = ldb.search(base_dn, expression="objectCategory=user", scope=SCOPE_SUBTREE, attrs=["cn"]) - assert(len(res) > 0) - - - print "Testing ldb.search for objectCategory=user with domain scope control" - res = ldb.search(base_dn, expression="objectCategory=user", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"]) - assert(len(res) > 0) - - print "Testing ldb.search for objectCategory=group" - res = ldb.search(base_dn, expression="objectCategory=group", scope=SCOPE_SUBTREE, attrs=["cn"]) - assert(len(res) > 0) - - print "Testing ldb.search for objectCategory=group with domain scope control" - res = ldb.search(base_dn, expression="objectCategory=group", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"]) - assert(len(res) > 0) - -def basedn_tests(ldb, gc_ldb): - print "Testing for all rootDSE attributes" - res = ldb.search(scope=SCOPE_BASE, attrs=[]) - assertEquals(len(res), 1) - - print "Testing for highestCommittedUSN" - res = ldb.search("", scope=SCOPE_BASE, attrs=["highestCommittedUSN"]) - assertEquals(len(res), 1) - assert(int(res[0]["highestCommittedUSN"][0]) != 0) - - print "Testing for netlogon via LDAP" - res = ldb.search("", scope=SCOPE_BASE, attrs=["netlogon"]) - assertEquals(len(res), 0) - - print "Testing for netlogon and highestCommittedUSN via LDAP" - res = ldb.search("", scope=SCOPE_BASE, - attrs=["netlogon", "highestCommittedUSN"]) - assertEquals(len(res), 0) - - -def find_basedn(ldb): - res = ldb.search(base="", expression="", scope=SCOPE_BASE, - attrs=["defaultNamingContext"]) - assertEquals(len(res), 1) - return res[0]["defaultNamingContext"][0] - - -def find_configurationdn(ldb): - res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["configurationNamingContext"]) - assertEquals(len(res), 1) - return res[0]["configurationNamingContext"][0] - - -def find_schemadn(ldb): - res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["schemaNamingContext"]) - assertEquals(len(res), 1) - return res[0]["schemaNamingContext"][0] + print "Testing objectClass attribute order on "+ self.base_dn + res = ldb.search(expression="objectClass=domain", base=self.base_dn, + scope=SCOPE_BASE, attrs=["objectClass"]) + self.assertEquals(len(res), 1) + + self.assertEquals(res[0]["objectClass"], ["top", "domain", "domainDNS"]) + + # check enumeration + + print "Testing ldb.search for objectCategory=person" + res = ldb.search(self.base_dn, expression="objectCategory=person", scope=SCOPE_SUBTREE, attrs=["cn"]) + self.assertTrue(len(res) > 0) + + print "Testing ldb.search for objectCategory=person with domain scope control" + res = ldb.search(self.base_dn, expression="objectCategory=person", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"]) + self.assertTrue(len(res) > 0) + + print "Testing ldb.search for objectCategory=user" + res = ldb.search(self.base_dn, expression="objectCategory=user", scope=SCOPE_SUBTREE, attrs=["cn"]) + self.assertTrue(len(res) > 0) + + print "Testing ldb.search for objectCategory=user with domain scope control" + res = ldb.search(self.base_dn, expression="objectCategory=user", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"]) + self.assertTrue(len(res) > 0) + + print "Testing ldb.search for objectCategory=group" + res = ldb.search(self.base_dn, expression="objectCategory=group", scope=SCOPE_SUBTREE, attrs=["cn"]) + self.assertTrue(len(res) > 0) + + print "Testing ldb.search for objectCategory=group with domain scope control" + res = ldb.search(self.base_dn, expression="objectCategory=group", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"]) + self.assertTrue(len(res) > 0) + + +class BaseDnTests(unittest.TestCase): + def setUp(self): + self.ldb = ldb + + def test_rootdse_attrs(self): + """Testing for all rootDSE attributes""" + res = self.ldb.search(scope=SCOPE_BASE, attrs=[]) + self.assertEquals(len(res), 1) + + def test_highestcommittedusn(self): + """Testing for highestCommittedUSN""" + res = self.ldb.search("", scope=SCOPE_BASE, attrs=["highestCommittedUSN"]) + self.assertEquals(len(res), 1) + self.assertTrue(int(res[0]["highestCommittedUSN"][0]) != 0) + + def test_netlogon(self): + """Testing for netlogon via LDAP""" + res = self.ldb.search("", scope=SCOPE_BASE, attrs=["netlogon"]) + self.assertEquals(len(res), 0) + + def test_netlogon_highestcommitted_usn(self): + """Testing for netlogon and highestCommittedUSN via LDAP""" + res = self.ldb.search("", scope=SCOPE_BASE, + attrs=["netlogon", "highestCommittedUSN"]) + self.assertEquals(len(res), 0) + if not "://" in host: host = "ldap://%s" % host ldb = Ldb(host, credentials=creds, session_info=system_session(), lp=lp) -base_dn = find_basedn(ldb) -configuration_dn = find_configurationdn(ldb) -schema_dn = find_schemadn(ldb) - -print "baseDN: %s\n" % base_dn - gc_ldb = Ldb("%s:3268" % host, credentials=creds, session_info=system_session(), lp=lp) -basic_tests(ldb, gc_ldb, base_dn, configuration_dn, schema_dn) -basedn_tests(ldb, gc_ldb) +runner = SubunitTestRunner() +runner.run(unittest.makeSuite(BaseDnTests)) +runner.run(unittest.makeSuite(BasicTests)) |