summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
Diffstat (limited to 'source4')
-rwxr-xr-xsource4/lib/ldb/tests/python/ldap.py1474
1 files changed, 721 insertions, 753 deletions
diff --git a/source4/lib/ldb/tests/python/ldap.py b/source4/lib/ldb/tests/python/ldap.py
index 02e07c6975..00bf5d4b38 100755
--- a/source4/lib/ldb/tests/python/ldap.py
+++ b/source4/lib/ldb/tests/python/ldap.py
@@ -12,9 +12,11 @@ from auth import system_session
from ldb import (SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE, LdbError,
LDB_ERR_NO_SUCH_OBJECT, LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS,
LDB_ERR_ENTRY_ALREADY_EXISTS, LDB_ERR_UNWILLING_TO_PERFORM,
- LDB_ERR_NOT_ALLOWED_ON_NON_LEAF)
+ LDB_ERR_NOT_ALLOWED_ON_NON_LEAF, LDB_ERR_OTHER)
from samba import Ldb
+from subunit import SubunitTestRunner
import param
+import unittest
parser = optparse.OptionParser("ldap [options] <host>")
sambaopts = options.SambaOptions(parser)
@@ -34,122 +36,123 @@ host = args[0]
lp = sambaopts.get_loadparm()
-def delete_force(ldb, dn):
- try:
- ldb.delete(dn)
- except LdbError, (num, _):
- if num != LDB_ERR_NO_SUCH_OBJECT:
- assert False
-
-def assertEquals(a1, a2):
- assert a1 == a2, "Expected %r == %r" % (a1, a2)
+class BasicTests(unittest.TestCase):
+ def delete_force(self, ldb, dn):
+ try:
+ ldb.delete(dn)
+ except LdbError, (num, _):
+ self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
+
+ def find_basedn(self, ldb):
+ res = ldb.search(base="", expression="", scope=SCOPE_BASE,
+ attrs=["defaultNamingContext"])
+ self.assertEquals(len(res), 1)
+ return res[0]["defaultNamingContext"][0]
+
+ def find_configurationdn(self, ldb):
+ res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["configurationNamingContext"])
+ self.assertEquals(len(res), 1)
+ return res[0]["configurationNamingContext"][0]
+
+ def find_schemadn(self, ldb):
+ res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["schemaNamingContext"])
+ self.assertEquals(len(res), 1)
+ return res[0]["schemaNamingContext"][0]
+
+ def setUp(self):
+ self.ldb = ldb
+ self.gc_ldb = gc_ldb
+ self.base_dn = self.find_basedn(ldb)
+ self.configuration_dn = self.find_configurationdn(ldb)
+ self.schema_dn = self.find_schemadn(ldb)
+
+ print "baseDN: %s\n" % self.base_dn
+
+ self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
+ self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn)
+
+ def test_group_add_invalid_member(self):
+ """Testing group add with invalid member"""
+ try:
+ self.ldb.add({
+ "dn": "cn=ldaptestgroup,cn=uSers," + self.base_dn,
+ "objectclass": "group",
+ "member": "cn=ldaptestuser,cn=useRs," + self.base_dn})
+ except LdbError, (num, _):
+ self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
+ else:
+ self.fail()
-def basic_tests(ldb, gc_ldb, base_dn, configuration_dn, schema_dn):
- print "Running basic tests"
+ def test_all(self):
+ """Basic tests"""
- delete_force(ldb, "cn=ldaptestuser,cn=users," + base_dn)
- delete_force(ldb, "cn=ldaptestgroup,cn=users," + base_dn)
+ self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
- print "Testing group add with invalid member"
- try:
- ldb.add({
- "dn": "cn=ldaptestgroup,cn=uSers," + base_dn,
- "objectclass": "group",
- "member": "cn=ldaptestuser,cn=useRs," + base_dn})
- except LdbError, (num, _):
- if num != LDB_ERR_NO_SUCH_OBJECT:
- assert False
- else:
- assert False
-
- print "Testing user add"
- try:
+ print "Testing user add"
ldb.add({
- "dn": "cn=ldaptestuser,cn=uSers," + base_dn,
+ "dn": "cn=ldaptestuser,cn=uSers," + self.base_dn,
"objectclass": ["user", "person"],
"cN": "LDAPtestUSER",
"givenname": "ldap",
"sn": "testy"})
- except LdbError:
- ldb.delete("cn=ldaptestuser,cn=users," + base_dn)
- ldb.add({
- "dn": "cn=ldaptestuser,cn=uSers," + base_dn,
- "objectclass": ["user", "person"],
- "cN": "LDAPtestUSER",
- "givenname": "ldap",
- "sn": "testy"})
-
- ldb.add({
- "dn": "cn=ldaptestgroup,cn=uSers," + base_dn,
- "objectclass": "group",
- "member": "cn=ldaptestuser,cn=useRs," + base_dn})
-
- try:
- ldb.add({
- "dn": "cn=ldaptestcomputer,cn=computers," + base_dn,
- "objectclass": "computer",
- "cN": "LDAPtestCOMPUTER"})
- except LdbError:
- ldb.delete("cn=ldaptestcomputer,cn=computers," + base_dn)
+
ldb.add({
- "dn": "cn=ldaptestcomputer,cn=computers," + base_dn,
- "objectClass": "computer",
- "cn": "LDAPtestCOMPUTER"})
-
- try:
- ldb.add({"dn": "cn=ldaptest2computer,cn=computers," + base_dn,
- "objectClass": "computer",
- "cn": "LDAPtest2COMPUTER",
- "userAccountControl": "4096",
- "displayname": "ldap testy"})
- except LdbError:
- ldb.delete("cn=ldaptest2computer,cn=computers," + base_dn)
+ "dn": "cn=ldaptestgroup,cn=uSers," + self.base_dn,
+ "objectclass": "group",
+ "member": "cn=ldaptestuser,cn=useRs," + self.base_dn})
+
+ self.delete_force(ldb, "cn=ldaptestcomputer,cn=computers," + self.base_dn)
ldb.add({
- "dn": "cn=ldaptest2computer,cn=computers," + base_dn,
+ "dn": "cn=ldaptestcomputer,cn=computers," + self.base_dn,
+ "objectclass": "computer",
+ "cN": "LDAPtestCOMPUTER"})
+
+ self.delete_force(self.ldb, "cn=ldaptest2computer,cn=computers," + self.base_dn)
+ ldb.add({"dn": "cn=ldaptest2computer,cn=computers," + self.base_dn,
"objectClass": "computer",
"cn": "LDAPtest2COMPUTER",
"userAccountControl": "4096",
"displayname": "ldap testy"})
- print "Testing attribute or value exists behaviour"
- try:
- ldb.modify_ldif("""
-dn: cn=ldaptest2computer,cn=computers,""" + base_dn + """
+ print "Testing attribute or value exists behaviour"
+ try:
+ ldb.modify_ldif("""
+dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
changetype: modify
replace: servicePrincipalName
servicePrincipalName: host/ldaptest2computer
servicePrincipalName: host/ldaptest2computer
servicePrincipalName: cifs/ldaptest2computer
""")
- except LdbError, (num, msg):
- assert num == LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
+ except LdbError, (num, msg):
+ self.assertEquals(num, LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS)
- ldb.modify_ldif("""
-dn: cn=ldaptest2computer,cn=computers,""" + base_dn + """
+ ldb.modify_ldif("""
+dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
changetype: modify
replace: servicePrincipalName
servicePrincipalName: host/ldaptest2computer
servicePrincipalName: cifs/ldaptest2computer
""")
- try:
- ldb.modify_ldif("""
-dn: cn=ldaptest2computer,cn=computers,""" + base_dn + """
+ try:
+ ldb.modify_ldif("""
+dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
changetype: modify
add: servicePrincipalName
servicePrincipalName: host/ldaptest2computer
""")
- except LdbError, (num, msg):
- assert num == LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
-
- print "Testing ranged results"
- ldb.modify_ldif("""
-dn: cn=ldaptest2computer,cn=computers,""" + base_dn + """
+ except LdbError, (num, msg):
+ self.assertEquals(num, LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS)
+
+ print "Testing ranged results"
+ ldb.modify_ldif("""
+dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
changetype: modify
replace: servicePrincipalName
""")
-
- ldb.modify_ldif("""
-dn: cn=ldaptest2computer,cn=computers,""" + base_dn + """
+
+ ldb.modify_ldif("""
+dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
changetype: modify
add: servicePrincipalName
servicePrincipalName: host/ldaptest2computer0
@@ -184,730 +187,695 @@ servicePrincipalName: host/ldaptest2computer28
servicePrincipalName: host/ldaptest2computer29
""")
- res = ldb.search(base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE,
- attrs=["servicePrincipalName;range=0-*"])
- assert len(res) == 1, "Could not find (cn=ldaptest2computer)"
- #print len(res[0]["servicePrincipalName;range=0-*"])
- assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30)
-
- res = ldb.search(base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-19"])
- assert len(res) == 1, "Could not find (cn=ldaptest2computer)"
-# print res[0]["servicePrincipalName;range=0-19"].length
- assertEquals(len(res[0]["servicePrincipalName;range=0-19"]), 20)
-
-
- res = ldb.search(base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-30"])
- assert len(res) == 1, "Could not find (cn=ldaptest2computer)"
- assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30)
-
- res = ldb.search(base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-40"])
- assert len(res) == 1, "Could not find (cn=ldaptest2computer)"
- assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30)
-
- res = ldb.search(base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=30-40"])
- assert len(res) == 1, "Could not find (cn=ldaptest2computer)"
- assertEquals(len(res[0]["servicePrincipalName;range=30-*"]), 0)
-
-
- res = ldb.search(base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=10-40"])
- assert len(res) == 1, "Could not find (cn=ldaptest2computer)"
- assertEquals(len(res[0]["servicePrincipalName;range=10-*"]), 20)
-# pos_11 = res[0]["servicePrincipalName;range=10-*"][18]
-
- res = ldb.search(base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=11-40"])
- assert len(res) == 1, "Could not find (cn=ldaptest2computer)"
- assertEquals(len(res[0]["servicePrincipalName;range=11-*"]), 19)
-# print res[0]["servicePrincipalName;range=11-*"][18]
-# print pos_11
-# assertEquals((res[0]["servicePrincipalName;range=11-*"][18]), pos_11)
-
- res = ldb.search(base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=11-15"])
- assert len(res) == 1, "Could not find (cn=ldaptest2computer)"
- assertEquals(len(res[0]["servicePrincipalName;range=11-15"]), 5)
-# assertEquals(res[0]["servicePrincipalName;range=11-15"][4], pos_11)
-
- res = ldb.search(base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName"])
- assert len(res) == 1, "Could not find (cn=ldaptest2computer)"
-# print res[0]["servicePrincipalName"][18]
-# print pos_11
- assertEquals(len(res[0]["servicePrincipalName"]), 30)
-# assertEquals(res[0]["servicePrincipalName"][18], pos_11)
-
- try:
+ res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE,
+ attrs=["servicePrincipalName;range=0-*"])
+ self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
+ #print len(res[0]["servicePrincipalName;range=0-*"])
+ self.assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30)
+
+ res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-19"])
+ self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
+ # print res[0]["servicePrincipalName;range=0-19"].length
+ self.assertEquals(len(res[0]["servicePrincipalName;range=0-19"]), 20)
+
+
+ res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-30"])
+ self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
+ self.assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30)
+
+ res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-40"])
+ self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
+ self.assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30)
+
+ res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=30-40"])
+ self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
+ self.assertEquals(len(res[0]["servicePrincipalName;range=30-*"]), 0)
+
+
+ res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=10-40"])
+ self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
+ self.assertEquals(len(res[0]["servicePrincipalName;range=10-*"]), 20)
+ # pos_11 = res[0]["servicePrincipalName;range=10-*"][18]
+
+ res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=11-40"])
+ self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
+ self.assertEquals(len(res[0]["servicePrincipalName;range=11-*"]), 19)
+ # print res[0]["servicePrincipalName;range=11-*"][18]
+ # print pos_11
+ # self.assertEquals((res[0]["servicePrincipalName;range=11-*"][18]), pos_11)
+
+ res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=11-15"])
+ self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
+ self.assertEquals(len(res[0]["servicePrincipalName;range=11-15"]), 5)
+ # self.assertEquals(res[0]["servicePrincipalName;range=11-15"][4], pos_11)
+
+ res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName"])
+ self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
+ # print res[0]["servicePrincipalName"][18]
+ # print pos_11
+ self.assertEquals(len(res[0]["servicePrincipalName"]), 30)
+ # self.assertEquals(res[0]["servicePrincipalName"][18], pos_11)
+
+ self.delete_force(self.ldb, "cn=ldaptestuser2,cn=users," + self.base_dn)
ldb.add({
- "dn": "cn=ldaptestuser2,cn=useRs," + base_dn,
- "objectClass": ["person", "user"],
- "cn": "LDAPtestUSER2",
- "givenname": "testy",
- "sn": "ldap user2"})
- except LdbError:
- ldb.delete("cn=ldaptestuser2,cn=users," + base_dn)
- ldb.add({
- "dn": "cn=ldaptestuser2,cn=useRs," + base_dn,
- "objectClass": ["person", "user"],
- "cn": "LDAPtestUSER2",
- "givenname": "testy",
- "sn": "ldap user2"})
-
- print "Testing Ambigious Name Resolution"
-# Testing ldb.search for (&(anr=ldap testy)(objectClass=user))
- res = ldb.search(expression="(&(anr=ldap testy)(objectClass=user))")
- assert len(res) == 3, "Could not find (&(anr=ldap testy)(objectClass=user))"
-
-# Testing ldb.search for (&(anr=testy ldap)(objectClass=user))
- res = ldb.search(expression="(&(anr=testy ldap)(objectClass=user))")
- assert len(res) == 2, "Found only %d for (&(anr=testy ldap)(objectClass=user))" % len(res)
-
-# Testing ldb.search for (&(anr=ldap)(objectClass=user))
- res = ldb.search(expression="(&(anr=ldap)(objectClass=user))")
- assert len(res) == 4, "Found only %d for (&(anr=ldap)(objectClass=user))" % len(res)
-
-# Testing ldb.search for (&(anr==ldap)(objectClass=user))
- res = ldb.search(expression="(&(anr==ldap)(objectClass=user))")
- assert len(res) == 1, "Could not find (&(anr==ldap)(objectClass=user)). Found only %d for (&(anr=ldap)(objectClass=user))" % len(res)
-
- assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + base_dn))
- assertEquals(res[0]["cn"][0], "ldaptestuser")
- assertEquals(res[0]["name"], "ldaptestuser")
-
-# Testing ldb.search for (&(anr=testy)(objectClass=user))
- res = ldb.search(expression="(&(anr=testy)(objectClass=user))")
- assert len(res) == 2, "Found only %d for (&(anr=testy)(objectClass=user))" % len(res)
-
-# Testing ldb.search for (&(anr=ldap testy)(objectClass=user))
- res = ldb.search(expression="(&(anr=testy ldap)(objectClass=user))")
- assert len(res) == 2, "Found only %d for (&(anr=ldap testy)(objectClass=user))" % len(res)
-
-# Testing ldb.search for (&(anr==ldap testy)(objectClass=user))
- res = ldb.search(expression="(&(anr==testy ldap)(objectClass=user))")
- assert len(res) == 1, "Found only %d for (&(anr==ldap testy)(objectClass=user))" % len(res)
-
- assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + base_dn))
- assertEquals(res[0]["cn"][0], "ldaptestuser")
- assertEquals(res[0]["name"][0], "ldaptestuser")
-
-# Testing ldb.search for (&(anr==testy ldap)(objectClass=user))
- res = ldb.search(expression="(&(anr==testy ldap)(objectClass=user))")
- assert len(res) == 1, "Could not find (&(anr==testy ldap)(objectClass=user))"
-
- assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + base_dn))
- assertEquals(res[0]["cn"][0], "ldaptestuser")
- assertEquals(res[0]["name"][0], "ldaptestuser")
-
- # Testing ldb.search for (&(anr=testy ldap user)(objectClass=user))
- res = ldb.search(expression="(&(anr=testy ldap user)(objectClass=user))")
- assert len(res) == 1, "Could not find (&(anr=testy ldap user)(objectClass=user))"
-
- assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + base_dn))
- assertEquals(res[0]["cn"], "ldaptestuser2")
- assertEquals(res[0]["name"], "ldaptestuser2")
-
- # Testing ldb.search for (&(anr==testy ldap user2)(objectClass=user))
- res = ldb.search(expression="(&(anr==testy ldap user2)(objectClass=user))")
- assert len(res) == 1, "Could not find (&(anr==testy ldap user2)(objectClass=user))"
-
- assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + base_dn))
- assertEquals(res[0]["cn"], "ldaptestuser2")
- assertEquals(res[0]["name"], "ldaptestuser2")
-
- # Testing ldb.search for (&(anr==ldap user2)(objectClass=user))
- res = ldb.search(expression="(&(anr==ldap user2)(objectClass=user))")
- assert len(res) == 1, "Could not find (&(anr==ldap user2)(objectClass=user))"
-
- assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + base_dn))
- assertEquals(res[0]["cn"], "ldaptestuser2")
- assertEquals(res[0]["name"], "ldaptestuser2")
-
- # Testing ldb.search for (&(anr==not ldap user2)(objectClass=user))
- res = ldb.search(expression="(&(anr==not ldap user2)(objectClass=user))")
- assert len(res) == 0, "Must not find (&(anr==not ldap user2)(objectClass=user))"
-
- # Testing ldb.search for (&(anr=not ldap user2)(objectClass=user))
- res = ldb.search(expression="(&(anr=not ldap user2)(objectClass=user))")
- assert len(res) == 0, "Must not find (&(anr=not ldap user2)(objectClass=user))"
-
- print "Testing Group Modifies"
- ldb.modify_ldif("""
-dn: cn=ldaptestgroup,cn=users,""" + base_dn + """
+ "dn": "cn=ldaptestuser2,cn=useRs," + self.base_dn,
+ "objectClass": ["person", "user"],
+ "cn": "LDAPtestUSER2",
+ "givenname": "testy",
+ "sn": "ldap user2"})
+
+ print "Testing Ambigious Name Resolution"
+ # Testing ldb.search for (&(anr=ldap testy)(objectClass=user))
+ res = ldb.search(expression="(&(anr=ldap testy)(objectClass=user))")
+ self.assertEquals(len(res), 3, "Could not find (&(anr=ldap testy)(objectClass=user))")
+
+ # Testing ldb.search for (&(anr=testy ldap)(objectClass=user))
+ res = ldb.search(expression="(&(anr=testy ldap)(objectClass=user))")
+ self.assertEquals(len(res), 2, "Found only %d for (&(anr=testy ldap)(objectClass=user))" % len(res))
+
+ # Testing ldb.search for (&(anr=ldap)(objectClass=user))
+ res = ldb.search(expression="(&(anr=ldap)(objectClass=user))")
+ self.assertEquals(len(res), 4, "Found only %d for (&(anr=ldap)(objectClass=user))" % len(res))
+
+ # Testing ldb.search for (&(anr==ldap)(objectClass=user))
+ res = ldb.search(expression="(&(anr==ldap)(objectClass=user))")
+ self.assertEquals(len(res), 1, "Could not find (&(anr==ldap)(objectClass=user)). Found only %d for (&(anr=ldap)(objectClass=user))" % len(res))
+
+ self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
+ self.assertEquals(res[0]["cn"][0], "ldaptestuser")
+ self.assertEquals(res[0]["name"], "ldaptestuser")
+
+ # Testing ldb.search for (&(anr=testy)(objectClass=user))
+ res = ldb.search(expression="(&(anr=testy)(objectClass=user))")
+ self.assertEquals(len(res), 2, "Found only %d for (&(anr=testy)(objectClass=user))" % len(res))
+
+ # Testing ldb.search for (&(anr=ldap testy)(objectClass=user))
+ res = ldb.search(expression="(&(anr=testy ldap)(objectClass=user))")
+ self.assertEquals(len(res), 2, "Found only %d for (&(anr=ldap testy)(objectClass=user))" % len(res))
+
+ # Testing ldb.search for (&(anr==ldap testy)(objectClass=user))
+ res = ldb.search(expression="(&(anr==testy ldap)(objectClass=user))")
+ self.assertEquals(len(res), 1, "Found only %d for (&(anr==ldap testy)(objectClass=user))" % len(res))
+
+ self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
+ self.assertEquals(res[0]["cn"][0], "ldaptestuser")
+ self.assertEquals(res[0]["name"][0], "ldaptestuser")
+
+ # Testing ldb.search for (&(anr==testy ldap)(objectClass=user))
+ res = ldb.search(expression="(&(anr==testy ldap)(objectClass=user))")
+ self.assertEquals(len(res), 1, "Could not find (&(anr==testy ldap)(objectClass=user))")
+
+ self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
+ self.assertEquals(res[0]["cn"][0], "ldaptestuser")
+ self.assertEquals(res[0]["name"][0], "ldaptestuser")
+
+ # Testing ldb.search for (&(anr=testy ldap user)(objectClass=user))
+ res = ldb.search(expression="(&(anr=testy ldap user)(objectClass=user))")
+ self.assertEquals(len(res), 1, "Could not find (&(anr=testy ldap user)(objectClass=user))")
+
+ self.assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + self.base_dn))
+ self.assertEquals(res[0]["cn"], "ldaptestuser2")
+ self.assertEquals(res[0]["name"], "ldaptestuser2")
+
+ # Testing ldb.search for (&(anr==testy ldap user2)(objectClass=user))
+ res = ldb.search(expression="(&(anr==testy ldap user2)(objectClass=user))")
+ self.assertEquals(len(res), 1, "Could not find (&(anr==testy ldap user2)(objectClass=user))")
+
+ self.assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + self.base_dn))
+ self.assertEquals(res[0]["cn"], "ldaptestuser2")
+ self.assertEquals(res[0]["name"], "ldaptestuser2")
+
+ # Testing ldb.search for (&(anr==ldap user2)(objectClass=user))
+ res = ldb.search(expression="(&(anr==ldap user2)(objectClass=user))")
+ self.assertEquals(len(res), 1, "Could not find (&(anr==ldap user2)(objectClass=user))")
+
+ self.assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + self.base_dn))
+ self.assertEquals(res[0]["cn"], "ldaptestuser2")
+ self.assertEquals(res[0]["name"], "ldaptestuser2")
+
+ # Testing ldb.search for (&(anr==not ldap user2)(objectClass=user))
+ res = ldb.search(expression="(&(anr==not ldap user2)(objectClass=user))")
+ self.assertEquals(len(res), 0, "Must not find (&(anr==not ldap user2)(objectClass=user))")
+
+ # Testing ldb.search for (&(anr=not ldap user2)(objectClass=user))
+ res = ldb.search(expression="(&(anr=not ldap user2)(objectClass=user))")
+ self.assertEquals(len(res), 0, "Must not find (&(anr=not ldap user2)(objectClass=user))")
+
+ print "Testing Group Modifies"
+ ldb.modify_ldif("""
+dn: cn=ldaptestgroup,cn=users,""" + self.base_dn + """
changetype: modify
add: member
-member: cn=ldaptestuser2,cn=users,""" + base_dn + """
-member: cn=ldaptestcomputer,cn=computers,""" + base_dn + """
+member: cn=ldaptestuser2,cn=users,""" + self.base_dn + """
+member: cn=ldaptestcomputer,cn=computers,""" + self.base_dn + """
""")
- delete_force(ldb, "cn=ldaptestuser3,cn=users," + base_dn)
+ self.delete_force(ldb, "cn=ldaptestuser3,cn=users," + self.base_dn)
- print "Testing adding non-existent user to a group"
- try:
- ldb.modify_ldif("""
-dn: cn=ldaptestgroup,cn=users,""" + base_dn + """
+ print "Testing adding non-existent user to a group"
+ try:
+ ldb.modify_ldif("""
+dn: cn=ldaptestgroup,cn=users,""" + self.base_dn + """
changetype: modify
add: member
-member: cn=ldaptestuser3,cn=users,""" + base_dn + """
+member: cn=ldaptestuser3,cn=users,""" + self.base_dn + """
""")
- except LdbError, (num, _):
- assert num == LDB_ERR_NO_SUCH_OBJECT
- else:
- assert False
-
- print "Testing Renames"
-
- ldb.rename("cn=ldaptestuser2,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn)
-
- ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn)
-
- ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestUSER3,cn=users," + base_dn)
-
- print "Testing ldb.search for (&(cn=ldaptestuser3)(objectClass=user))"
- res = ldb.search(expression="(&(cn=ldaptestuser3)(objectClass=user))")
- assert len(res) == 1, "Could not find (&(cn=ldaptestuser3)(objectClass=user))"
-
- assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + base_dn))
- assertEquals(res[0]["cn"], "ldaptestUSER3")
- assertEquals(res[0]["name"], "ldaptestUSER3")
-
-# This is a Samba special, and does not exist in real AD
-# print "Testing ldb.search for (dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")"
-# res = ldb.search("(dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")")
-# if (res.error != 0 || len(res) != 1) {
-# print "Could not find (dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")"
-# assertEquals(len(res), 1)
-# }
-# assertEquals(res[0].dn, ("CN=ldaptestUSER3,CN=Users," + base_dn))
-# assertEquals(res[0].cn, "ldaptestUSER3")
-# assertEquals(res[0].name, "ldaptestUSER3")
-
- print "Testing ldb.search for (distinguishedName=CN=ldaptestUSER3,CN=Users," + base_dn + ")"
- res = ldb.search(expression="(distinguishedName=CN=ldaptestUSER3,CN=Users," + base_dn + ")")
- assert len(res) == 1, "Could not find (dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")"
- assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + base_dn))
- assertEquals(res[0]["cn"], "ldaptestUSER3")
- assertEquals(res[0]["name"], "ldaptestUSER3")
-
- # ensure we cannot add it again
- try:
- ldb.add({"dn": "cn=ldaptestuser3,cn=userS," + base_dn,
- "objectClass": ["person", "user"],
- "cn": "LDAPtestUSER3"})
- except LdbError, (num, _):
- assert num == LDB_ERR_ENTRY_ALREADY_EXISTS
- else:
- assert False
-
- # rename back
- ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser2,cn=users," + base_dn)
-
- # ensure we cannnot rename it twice
- try:
- ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser2,cn=users," + base_dn)
- except LdbError, (num, _):
- assert num == LDB_ERR_NO_SUCH_OBJECT
- else:
- assert False
-
- # ensure can now use that name
- ldb.add({"dn": "cn=ldaptestuser3,cn=users," + base_dn,
- "objectClass": ["person", "user"],
- "cn": "LDAPtestUSER3"})
-
- # ensure we now cannnot rename
- try:
- ldb.rename("cn=ldaptestuser2,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn)
- except LdbError, (num, _):
- assert num == LDB_ERR_ENTRY_ALREADY_EXISTS
- else:
- assert False
- try:
- ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser3,cn=configuration," + base_dn)
- except LdbError, (num, _):
- assert num in (71, 64)
- else:
- assert False
-
- ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser5,cn=users," + base_dn)
-
- ldb.delete("cn=ldaptestuser5,cn=users," + base_dn)
-
- delete_force(ldb, "cn=ldaptestgroup2,cn=users," + base_dn)
-
- ldb.rename("cn=ldaptestgroup,cn=users," + base_dn, "cn=ldaptestgroup2,cn=users," + base_dn)
-
- print "Testing subtree Renames"
-
- ldb.add({"dn": "cn=ldaptestcontainer," + base_dn,
- "objectClass": "container"})
-
- try:
- ldb.add({"dn": "CN=ldaptestuser4,CN=ldaptestcontainer," + base_dn,
- "objectClass": ["person", "user"],
- "cn": "LDAPtestUSER4"})
- except LdbError:
- ldb.delete("cn=ldaptestuser4,cn=ldaptestcontainer," + base_dn)
- ldb.add({"dn": "CN=ldaptestuser4,CN=ldaptestcontainer," + base_dn,
+ except LdbError, (num, _):
+ self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
+ else:
+ self.fail()
+
+ print "Testing Renames"
+
+ ldb.rename("cn=ldaptestuser2,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=users," + self.base_dn)
+
+ ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=users," + self.base_dn)
+
+ ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestUSER3,cn=users," + self.base_dn)
+
+ print "Testing ldb.search for (&(cn=ldaptestuser3)(objectClass=user))"
+ res = ldb.search(expression="(&(cn=ldaptestuser3)(objectClass=user))")
+ self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser3)(objectClass=user))")
+
+ self.assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
+ self.assertEquals(res[0]["cn"], "ldaptestUSER3")
+ self.assertEquals(res[0]["name"], "ldaptestUSER3")
+
+ # This is a Samba special, and does not exist in real AD
+ # print "Testing ldb.search for (dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")"
+ # res = ldb.search("(dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")")
+ # if (res.error != 0 || len(res) != 1) {
+ # print "Could not find (dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")"
+ # self.assertEquals(len(res), 1)
+ # }
+ # self.assertEquals(res[0].dn, ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
+ # self.assertEquals(res[0].cn, "ldaptestUSER3")
+ # self.assertEquals(res[0].name, "ldaptestUSER3")
+
+ print "Testing ldb.search for (distinguishedName=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")"
+ res = ldb.search(expression="(distinguishedName=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")")
+ self.assertEquals(len(res), 1, "Could not find (dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")")
+ self.assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
+ self.assertEquals(res[0]["cn"], "ldaptestUSER3")
+ self.assertEquals(res[0]["name"], "ldaptestUSER3")
+
+ # ensure we cannot add it again
+ try:
+ ldb.add({"dn": "cn=ldaptestuser3,cn=userS," + self.base_dn,
"objectClass": ["person", "user"],
- "cn": "LDAPtestUSER4"})
+ "cn": "LDAPtestUSER3"})
+ except LdbError, (num, _):
+ self.assertEquals(num, LDB_ERR_ENTRY_ALREADY_EXISTS)
+ else:
+ self.fail()
+
+ # rename back
+ ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser2,cn=users," + self.base_dn)
+
+ # ensure we cannnot rename it twice
+ try:
+ ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser2,cn=users," + self.base_dn)
+ except LdbError, (num, _):
+ self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
+ else:
+ self.fail()
+
+ # ensure can now use that name
+ ldb.add({"dn": "cn=ldaptestuser3,cn=users," + self.base_dn,
+ "objectClass": ["person", "user"],
+ "cn": "LDAPtestUSER3"})
+
+ # ensure we now cannnot rename
+ try:
+ ldb.rename("cn=ldaptestuser2,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=users," + self.base_dn)
+ except LdbError, (num, _):
+ self.assertEquals(num, LDB_ERR_ENTRY_ALREADY_EXISTS)
+ else:
+ self.fail()
+ try:
+ ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=configuration," + self.base_dn)
+ except LdbError, (num, _):
+ self.assertTrue(num in (71, 64))
+ else:
+ self.fail()
+
+ ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser5,cn=users," + self.base_dn)
+
+ ldb.delete("cn=ldaptestuser5,cn=users," + self.base_dn)
+
+ self.delete_force(ldb, "cn=ldaptestgroup2,cn=users," + self.base_dn)
+
+ ldb.rename("cn=ldaptestgroup,cn=users," + self.base_dn, "cn=ldaptestgroup2,cn=users," + self.base_dn)
+
+ print "Testing subtree Renames"
- ldb.modify_ldif("""
-dn: cn=ldaptestgroup2,cn=users,""" + base_dn + """
+ ldb.add({"dn": "cn=ldaptestcontainer," + self.base_dn,
+ "objectClass": "container"})
+
+ self.delete_force(self.ldb, "cn=ldaptestuser4,cn=ldaptestcontainer," + self.base_dn)
+ ldb.add({"dn": "CN=ldaptestuser4,CN=ldaptestcontainer," + self.base_dn,
+ "objectClass": ["person", "user"],
+ "cn": "LDAPtestUSER4"})
+
+ ldb.modify_ldif("""
+dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
changetype: modify
add: member
-member: cn=ldaptestuser4,cn=ldaptestcontainer,""" + base_dn + """
+member: cn=ldaptestuser4,cn=ldaptestcontainer,""" + self.base_dn + """
""")
-
- print "Testing ldb.rename of cn=ldaptestcontainer," + base_dn + " to cn=ldaptestcontainer2," + base_dn
- ldb.rename("CN=ldaptestcontainer," + base_dn, "CN=ldaptestcontainer2," + base_dn)
-
- print "Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user))"
- res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))")
- assert len(res) == 1, "Could not find (&(cn=ldaptestuser4)(objectClass=user))"
-
- print "Testing subtree ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + base_dn
- try:
- ldb.search("cn=ldaptestcontainer," + base_dn,
- expression="(&(cn=ldaptestuser4)(objectClass=user))",
- scope=SCOPE_SUBTREE)
- except LdbError, (num, _):
- assert num == LDB_ERR_NO_SUCH_OBJECT
- else:
- assert False
-
- print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + base_dn
- try:
- res = ldb.search("cn=ldaptestcontainer," + base_dn, expression="(&(cn=ldaptestuser4)(objectClass=user))", scope=SCOPE_ONELEVEL)
- except LdbError, (num, _):
- assert num == LDB_ERR_NO_SUCH_OBJECT
- else:
- assert False
-
- print "Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in renamed container"
- res = ldb.search("cn=ldaptestcontainer2," + base_dn, expression="(&(cn=ldaptestuser4)(objectClass=user))", scope=SCOPE_SUBTREE)
- assert len(res) == 1, "Could not find (&(cn=ldaptestuser4)(objectClass=user)) under cn=ldaptestcontainer2," + base_dn
-
- assertEquals(str(res[0].dn), ("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn))
- assertEquals(res[0]["memberOf"][0].upper(), ("CN=ldaptestgroup2,CN=Users," + base_dn).upper())
-
- print "Testing ldb.search for (&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn + ")(objectclass=group)) to check subtree renames and linked attributes"
- res = ldb.search(base_dn, expression="(&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn + ")(objectclass=group))", scope=SCOPE_SUBTREE)
- assert len(res) == 1, "Could not find (&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn + ")(objectclass=group)), perhaps linked attributes are not conistant with subtree renames?"
-
- print "Testing ldb.rename (into itself) of cn=ldaptestcontainer2," + base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer2," + base_dn
- try:
- ldb.rename("cn=ldaptestcontainer2," + base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer2," + base_dn)
- except LdbError, (num, _):
- assert num == LDB_ERR_UNWILLING_TO_PERFORM
- else:
- assert False
-
- print "Testing ldb.rename (into non-existent container) of cn=ldaptestcontainer2," + base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer3," + base_dn
- try:
- ldb.rename("cn=ldaptestcontainer2," + base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer3," + base_dn)
- except LdbError, (num, _):
- assert num in (53, 80)
- else:
- assert False
-
- print "Testing delete (should fail, not a leaf node) of renamed cn=ldaptestcontainer2," + base_dn
- try:
- ldb.delete("cn=ldaptestcontainer2," + base_dn)
- except LdbError, (num, _):
- assert num == LDB_ERR_NOT_ALLOWED_ON_NON_LEAF
- else:
- assert False
-
- print "Testing base ldb.search for CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn
- res = ldb.search(expression="(objectclass=*)", base=("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn), scope=SCOPE_BASE)
- assert len(res) == 1
- res = ldb.search(expression="(cn=ldaptestuser40)", base=("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn), scope=SCOPE_BASE)
- assert len(res) == 0
-
- print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + base_dn
- res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))", base=("cn=ldaptestcontainer2," + base_dn), scope=SCOPE_ONELEVEL)
- assert len(res) == 0
-
- print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + base_dn
- res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))", base=("cn=ldaptestcontainer2," + base_dn), scope=SCOPE_SUBTREE)
- assert len(res) == 0
-
- print "Testing delete of subtree renamed "+("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn)
- ldb.delete(("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn))
- print "Testing delete of renamed cn=ldaptestcontainer2," + base_dn
- ldb.delete("cn=ldaptestcontainer2," + base_dn)
-
- try:
- ldb.add({"dn": "cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn, "objectClass": "user"})
- except LdbError, (num, _):
- ldb.delete("cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn)
- ldb.add({"dn": "cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn, "objectClass": "user"})
-
- try:
- ldb.add({"dn": "cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn, "objectClass": "user"})
- except LdbError, (num, _):
- ldb.delete("cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn)
- ldb.add({"dn": "cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn,
- "objectClass": "user"})
-
- print "Testing ldb.search for (&(cn=ldaptestuser)(objectClass=user))"
- res = ldb.search(expression="(&(cn=ldaptestuser)(objectClass=user))")
- assert len(res) == 1, "Could not find (&(cn=ldaptestuser)(objectClass=user))"
-
- assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + base_dn))
- assertEquals(res[0]["cn"], "ldaptestuser")
- assertEquals(res[0]["name"], "ldaptestuser")
- assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"])
- assert("objectGUID" in res[0])
- assert("whenCreated" in res[0])
- assertEquals(res[0]["objectCategory"], ("CN=Person,CN=Schema,CN=Configuration," + base_dn))
- assertEquals(int(res[0]["sAMAccountType"][0]), 805306368)
-# assertEquals(res[0].userAccountControl, 546)
- assertEquals(res[0]["memberOf"][0], ("CN=ldaptestgroup2,CN=Users," + base_dn))
- assertEquals(len(res[0]["memberOf"]), 1)
-
- print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))"
- res2 = ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))")
- assert len(res2) == 1, "Could not find (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))"
-
- assertEquals(res[0].dn, res2[0].dn)
-
- print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon))"
- res3 = ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=PerSon))")
- assert len(res3) == 1, "Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)): matched " + len(res3)
-
- assertEquals(res[0].dn, res3[0].dn)
-
- if gc_ldb is not None:
- print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog"
- res3gc = gc_ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=PerSon))")
- assert len(res3gc) == 1
-
- assertEquals(res[0].dn, res3gc[0].dn)
-
- print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in with 'phantom root' control"
-
- res3control = gc_ldb.search(base_dn, expression="(&(cn=ldaptestuser)(objectCategory=PerSon))", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:2"])
- assert len(res3control) == 1, "Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog"
-
- assertEquals(res[0].dn, res3control[0].dn)
-
- ldb.delete(res[0].dn)
-
- print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectClass=user))"
- res = ldb.search(expression="(&(cn=ldaptestcomputer)(objectClass=user))")
- assert len(res) == 1, "Could not find (&(cn=ldaptestuser)(objectClass=user))"
-
- assertEquals(str(res[0].dn), ("CN=ldaptestcomputer,CN=Computers," + base_dn))
- assertEquals(res[0]["cn"], "ldaptestcomputer")
- assertEquals(res[0]["name"], "ldaptestcomputer")
- assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user", "computer"])
- assert("objectGUID" in res[0])
- assert("whenCreated" in res[0])
- assertEquals(res[0]["objectCategory"], ("CN=Computer,CN=Schema,CN=Configuration," + base_dn))
- assertEquals(int(res[0]["primaryGroupID"][0]), 513)
-# assertEquals(res[0].sAMAccountType, 805306368)
-# assertEquals(res[0].userAccountControl, 546)
- assertEquals(res[0]["memberOf"][0], "CN=ldaptestgroup2,CN=Users," + base_dn)
- assertEquals(len(res[0]["memberOf"]), 1)
-
- print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))"
- res2 = ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))")
- assert len(res2) == 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))"
-
- assertEquals(res[0].dn, res2[0].dn)
-
- if gc_ldb is not None:
- print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + ")) in Global Catlog"
- res2gc = gc_ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))")
- assert len(res2gc) == 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + ")) in Global Catlog"
-
- assertEquals(res[0].dn, res2gc[0].dn)
-
- print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER))"
- res3 = ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=compuTER))")
- assert len(res3) == 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER))"
-
- assertEquals(res[0].dn, res3[0].dn)
-
- if gc_ldb is not None:
- print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog"
- res3gc = gc_ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=compuTER))")
- assert len(res3gc) == 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog"
-
- assertEquals(res[0].dn, res3gc[0].dn)
-
- print "Testing ldb.search for (&(cn=ldaptestcomp*r)(objectCategory=compuTER))"
- res4 = ldb.search(expression="(&(cn=ldaptestcomp*r)(objectCategory=compuTER))")
- assert len(res4) == 1, "Could not find (&(cn=ldaptestcomp*r)(objectCategory=compuTER))"
-
- assertEquals(res[0].dn, res4[0].dn)
-
- print "Testing ldb.search for (&(cn=ldaptestcomput*)(objectCategory=compuTER))"
- res5 = ldb.search(expression="(&(cn=ldaptestcomput*)(objectCategory=compuTER))")
- assert len(res5) == 1, "Could not find (&(cn=ldaptestcomput*)(objectCategory=compuTER))"
-
- assertEquals(res[0].dn, res5[0].dn)
-
- print "Testing ldb.search for (&(cn=*daptestcomputer)(objectCategory=compuTER))"
- res6 = ldb.search(expression="(&(cn=*daptestcomputer)(objectCategory=compuTER))")
- assert len(res6) == 1, "Could not find (&(cn=*daptestcomputer)(objectCategory=compuTER))"
-
- assertEquals(res[0].dn, res6[0].dn)
-
- ldb.delete(res[0].dn)
-
- print "Testing ldb.search for (&(cn=ldaptest2computer)(objectClass=user))"
- res = ldb.search(expression="(&(cn=ldaptest2computer)(objectClass=user))")
- assert len(res) == 1, "Could not find (&(cn=ldaptest2computer)(objectClass=user))"
-
- assertEquals(res[0].dn, ("CN=ldaptest2computer,CN=Computers," + base_dn))
- assertEquals(res[0]["cn"], "ldaptest2computer")
- assertEquals(res[0]["name"], "ldaptest2computer")
- assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user", "computer"])
- assert("objectGUID" in res[0])
- assert("whenCreated" in res[0])
- assertEquals(res[0]["objectCategory"][0], "CN=Computer,CN=Schema,CN=Configuration," + base_dn)
- assertEquals(int(res[0]["sAMAccountType"][0]), 805306369)
-# assertEquals(res[0].userAccountControl, 4098)
-
- ldb.delete(res[0].dn)
-
- attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "memberOf"]
- print "Testing ldb.search for (&(cn=ldaptestUSer2)(objectClass=user))"
- res = ldb.search(base_dn, expression="(&(cn=ldaptestUSer2)(objectClass=user))", scope=SCOPE_SUBTREE, attrs=attrs)
- assert len(res) == 1, "Could not find (&(cn=ldaptestUSer2)(objectClass=user))"
-
- assertEquals(res[0].dn, ("CN=ldaptestuser2,CN=Users," + base_dn))
- assertEquals(res[0]["cn"], "ldaptestuser2")
- assertEquals(res[0]["name"], "ldaptestuser2")
- assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"])
- assert("objectGUID" in res[0])
- assert("whenCreated" in res[0])
- assert("nTSecurityDescriptor" in res[0])
- assertEquals(res[0]["memberOf"][0], ("CN=ldaptestgroup2,CN=Users," + base_dn))
-
- attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member"]
- print "Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group))"
- res = ldb.search(base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs)
- assert len(res) == 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group))"
-
- assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + base_dn))
- assertEquals(res[0]["cn"], "ldaptestgroup2")
- assertEquals(res[0]["name"], "ldaptestgroup2")
- assertEquals(res[0]["objectClass"], ["top", "group"])
- assert("objectGuid" not in res[0])
- assert("whenCreated" in res[0])
- assert("nTSecurityDescriptor" in res[0])
- assertEquals(res[0]["member"], ["CN=ldaptestuser2,CN=Users," + base_dn])
-
- ldb.modify_ldif("""
-dn: cn=ldaptestgroup2,cn=users,""" + base_dn + """
+
+ print "Testing ldb.rename of cn=ldaptestcontainer," + self.base_dn + " to cn=ldaptestcontainer2," + self.base_dn
+ ldb.rename("CN=ldaptestcontainer," + self.base_dn, "CN=ldaptestcontainer2," + self.base_dn)
+
+ print "Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user))"
+ res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))")
+ self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser4)(objectClass=user))")
+
+ print "Testing subtree ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + self.base_dn
+ try:
+ ldb.search("cn=ldaptestcontainer," + self.base_dn,
+ expression="(&(cn=ldaptestuser4)(objectClass=user))",
+ scope=SCOPE_SUBTREE)
+ except LdbError, (num, _):
+ self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
+ else:
+ self.fail()
+
+ print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + self.base_dn
+ try:
+ res = ldb.search("cn=ldaptestcontainer," + self.base_dn,
+ expression="(&(cn=ldaptestuser4)(objectClass=user))", scope=SCOPE_ONELEVEL)
+ except LdbError, (num, _):
+ self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
+ else:
+ self.fail()
+
+ print "Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in renamed container"
+ res = ldb.search("cn=ldaptestcontainer2," + self.base_dn, expression="(&(cn=ldaptestuser4)(objectClass=user))", scope=SCOPE_SUBTREE)
+ self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser4)(objectClass=user)) under cn=ldaptestcontainer2," + self.base_dn)
+
+ self.assertEquals(str(res[0].dn), ("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn))
+ self.assertEquals(res[0]["memberOf"][0].upper(), ("CN=ldaptestgroup2,CN=Users," + self.base_dn).upper())
+
+ print "Testing ldb.search for (&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn + ")(objectclass=group)) to check subtree renames and linked attributes"
+ res = ldb.search(self.base_dn, expression="(&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn + ")(objectclass=group))", scope=SCOPE_SUBTREE)
+ self.assertEquals(len(res), 1, "Could not find (&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn + ")(objectclass=group)), perhaps linked attributes are not conistant with subtree renames?")
+
+ print "Testing ldb.rename (into itself) of cn=ldaptestcontainer2," + self.base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer2," + self.base_dn
+ try:
+ ldb.rename("cn=ldaptestcontainer2," + self.base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer2," + self.base_dn)
+ except LdbError, (num, _):
+ self.assertEquals(num, LDB_ERR_UNWILLING_TO_PERFORM)
+ else:
+ self.fail()
+
+ print "Testing ldb.rename (into non-existent container) of cn=ldaptestcontainer2," + self.base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer3," + self.base_dn
+ try:
+ ldb.rename("cn=ldaptestcontainer2," + self.base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer3," + self.base_dn)
+ except LdbError, (num, _):
+ self.assertTrue(num in (LDB_ERR_UNWILLING_TO_PERFORM, LDB_ERR_OTHER))
+ else:
+ self.fail()
+
+ print "Testing delete (should fail, not a leaf node) of renamed cn=ldaptestcontainer2," + self.base_dn
+ try:
+ ldb.delete("cn=ldaptestcontainer2," + self.base_dn)
+ except LdbError, (num, _):
+ self.assertEquals(num, LDB_ERR_NOT_ALLOWED_ON_NON_LEAF)
+ else:
+ self.fail()
+
+ print "Testing base ldb.search for CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn
+ res = ldb.search(expression="(objectclass=*)", base=("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn), scope=SCOPE_BASE)
+ self.assertEquals(len(res), 1)
+ res = ldb.search(expression="(cn=ldaptestuser40)", base=("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn), scope=SCOPE_BASE)
+ self.assertEquals(len(res), 0)
+
+ print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + self.base_dn
+ res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))", base=("cn=ldaptestcontainer2," + self.base_dn), scope=SCOPE_ONELEVEL)
+ self.assertEquals(len(res), 0)
+
+ print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + self.base_dn
+ res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))", base=("cn=ldaptestcontainer2," + self.base_dn), scope=SCOPE_SUBTREE)
+ self.assertEquals(len(res), 0)
+
+ print "Testing delete of subtree renamed "+("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn)
+ ldb.delete(("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn))
+ print "Testing delete of renamed cn=ldaptestcontainer2," + self.base_dn
+ ldb.delete("cn=ldaptestcontainer2," + self.base_dn)
+
+ self.delete_force(self.ldb, "cn=ldaptestutf8user èùéìòà ,cn=users," + self.base_dn)
+ ldb.add({"dn": "cn=ldaptestutf8user èùéìòà ,cn=users," + self.base_dn, "objectClass": "user"})
+
+ self.delete_force(self.ldb, "cn=ldaptestutf8user2 èùéìòà ,cn=users," + self.base_dn)
+ ldb.add({"dn": "cn=ldaptestutf8user2 èùéìòà ,cn=users," + self.base_dn, "objectClass": "user"})
+
+ print "Testing ldb.search for (&(cn=ldaptestuser)(objectClass=user))"
+ res = ldb.search(expression="(&(cn=ldaptestuser)(objectClass=user))")
+ self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser)(objectClass=user))")
+
+ self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
+ self.assertEquals(res[0]["cn"], "ldaptestuser")
+ self.assertEquals(res[0]["name"], "ldaptestuser")
+ self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"])
+ self.assertTrue("objectGUID" in res[0])
+ self.assertTrue("whenCreated" in res[0])
+ self.assertEquals(res[0]["objectCategory"], ("CN=Person,CN=Schema,CN=Configuration," + self.base_dn))
+ self.assertEquals(int(res[0]["sAMAccountType"][0]), 805306368)
+ # self.assertEquals(res[0].userAccountControl, 546)
+ self.assertEquals(res[0]["memberOf"][0], ("CN=ldaptestgroup2,CN=Users," + self.base_dn))
+ self.assertEquals(len(res[0]["memberOf"]), 1)
+
+ print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + self.base_dn + "))"
+ res2 = ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + self.base_dn + "))")
+ self.assertEquals(len(res2), 1, "Could not find (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + self.base_dn + "))")
+
+ self.assertEquals(res[0].dn, res2[0].dn)
+
+ print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon))"
+ res3 = ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=PerSon))")
+ self.assertEquals(len(res3), 1, "Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)): matched " + len(res3))
+
+ self.assertEquals(res[0].dn, res3[0].dn)
+
+ if gc_ldb is not None:
+ print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog"
+ res3gc = gc_ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=PerSon))")
+ self.assertEquals(len(res3gc), 1)
+
+ self.assertEquals(res[0].dn, res3gc[0].dn)
+
+ print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in with 'phantom root' control"
+
+ res3control = gc_ldb.search(self.base_dn, expression="(&(cn=ldaptestuser)(objectCategory=PerSon))", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:2"])
+ self.assertEquals(len(res3control), 1, "Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog")
+
+ self.assertEquals(res[0].dn, res3control[0].dn)
+
+ ldb.delete(res[0].dn)
+
+ print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectClass=user))"
+ res = ldb.search(expression="(&(cn=ldaptestcomputer)(objectClass=user))")
+ self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser)(objectClass=user))")
+
+ self.assertEquals(str(res[0].dn), ("CN=ldaptestcomputer,CN=Computers," + self.base_dn))
+ self.assertEquals(res[0]["cn"], "ldaptestcomputer")
+ self.assertEquals(res[0]["name"], "ldaptestcomputer")
+ self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user", "computer"])
+ self.assertTrue("objectGUID" in res[0])
+ self.assertTrue("whenCreated" in res[0])
+ self.assertEquals(res[0]["objectCategory"], ("CN=Computer,CN=Schema,CN=Configuration," + self.base_dn))
+ self.assertEquals(int(res[0]["primaryGroupID"][0]), 513)
+ # self.assertEquals(res[0].sAMAccountType, 805306368)
+ # self.assertEquals(res[0].userAccountControl, 546)
+ self.assertEquals(res[0]["memberOf"][0], "CN=ldaptestgroup2,CN=Users," + self.base_dn)
+ self.assertEquals(len(res[0]["memberOf"]), 1)
+
+ print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))"
+ res2 = ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))")
+ self.assertEquals(len(res2), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))")
+
+ self.assertEquals(res[0].dn, res2[0].dn)
+
+ if gc_ldb is not None:
+ print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + ")) in Global Catlog"
+ res2gc = gc_ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))")
+ self.assertEquals(len(res2gc), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + ")) in Global Catlog")
+
+ self.assertEquals(res[0].dn, res2gc[0].dn)
+
+ print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER))"
+ res3 = ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=compuTER))")
+ self.assertEquals(len(res3), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER))")
+
+ self.assertEquals(res[0].dn, res3[0].dn)
+
+ if gc_ldb is not None:
+ print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog"
+ res3gc = gc_ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=compuTER))")
+ self.assertEquals(len(res3gc), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog")
+
+ self.assertEquals(res[0].dn, res3gc[0].dn)
+
+ print "Testing ldb.search for (&(cn=ldaptestcomp*r)(objectCategory=compuTER))"
+ res4 = ldb.search(expression="(&(cn=ldaptestcomp*r)(objectCategory=compuTER))")
+ self.assertEquals(len(res4), 1, "Could not find (&(cn=ldaptestcomp*r)(objectCategory=compuTER))")
+
+ self.assertEquals(res[0].dn, res4[0].dn)
+
+ print "Testing ldb.search for (&(cn=ldaptestcomput*)(objectCategory=compuTER))"
+ res5 = ldb.search(expression="(&(cn=ldaptestcomput*)(objectCategory=compuTER))")
+ self.assertEquals(len(res5), 1, "Could not find (&(cn=ldaptestcomput*)(objectCategory=compuTER))")
+
+ self.assertEquals(res[0].dn, res5[0].dn)
+
+ print "Testing ldb.search for (&(cn=*daptestcomputer)(objectCategory=compuTER))"
+ res6 = ldb.search(expression="(&(cn=*daptestcomputer)(objectCategory=compuTER))")
+ self.assertEquals(len(res6), 1, "Could not find (&(cn=*daptestcomputer)(objectCategory=compuTER))")
+
+ self.assertEquals(res[0].dn, res6[0].dn)
+
+ ldb.delete(res[0].dn)
+
+ print "Testing ldb.search for (&(cn=ldaptest2computer)(objectClass=user))"
+ res = ldb.search(expression="(&(cn=ldaptest2computer)(objectClass=user))")
+ self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptest2computer)(objectClass=user))")
+
+ self.assertEquals(res[0].dn, ("CN=ldaptest2computer,CN=Computers," + self.base_dn))
+ self.assertEquals(res[0]["cn"], "ldaptest2computer")
+ self.assertEquals(res[0]["name"], "ldaptest2computer")
+ self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user", "computer"])
+ self.assertTrue("objectGUID" in res[0])
+ self.assertTrue("whenCreated" in res[0])
+ self.assertEquals(res[0]["objectCategory"][0], "CN=Computer,CN=Schema,CN=Configuration," + self.base_dn)
+ self.assertEquals(int(res[0]["sAMAccountType"][0]), 805306369)
+ # self.assertEquals(res[0].userAccountControl, 4098)
+
+ ldb.delete(res[0].dn)
+
+ attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "memberOf"]
+ print "Testing ldb.search for (&(cn=ldaptestUSer2)(objectClass=user))"
+ res = ldb.search(self.base_dn, expression="(&(cn=ldaptestUSer2)(objectClass=user))", scope=SCOPE_SUBTREE, attrs=attrs)
+ self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestUSer2)(objectClass=user))")
+
+ self.assertEquals(res[0].dn, ("CN=ldaptestuser2,CN=Users," + self.base_dn))
+ self.assertEquals(res[0]["cn"], "ldaptestuser2")
+ self.assertEquals(res[0]["name"], "ldaptestuser2")
+ self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"])
+ self.assertTrue("objectGUID" in res[0])
+ self.assertTrue("whenCreated" in res[0])
+ self.assertTrue("nTSecurityDescriptor" in res[0])
+ self.assertEquals(res[0]["memberOf"][0], ("CN=ldaptestgroup2,CN=Users," + self.base_dn))
+
+ attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member"]
+ print "Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group))"
+ res = ldb.search(self.base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs)
+ self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group))")
+
+ self.assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + self.base_dn))
+ self.assertEquals(res[0]["cn"], "ldaptestgroup2")
+ self.assertEquals(res[0]["name"], "ldaptestgroup2")
+ self.assertEquals(res[0]["objectClass"], ["top", "group"])
+ self.assertTrue("objectGuid" not in res[0])
+ self.assertTrue("whenCreated" in res[0])
+ self.assertTrue("nTSecurityDescriptor" in res[0])
+ self.assertEquals(res[0]["member"], ["CN=ldaptestuser2,CN=Users," + self.base_dn])
+
+ ldb.modify_ldif("""
+dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
changetype: modify
replace: member
-member: CN=ldaptestuser2,CN=Users,""" + base_dn + """
-member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + base_dn + """
+member: CN=ldaptestuser2,CN=Users,""" + self.base_dn + """
+member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
""")
-
- print "Testing Linked attribute behaviours"
- ldb.modify_ldif("""
-dn: cn=ldaptestgroup2,cn=users,""" + base_dn + """
+
+ print "Testing Linked attribute behaviours"
+ ldb.modify_ldif("""
+dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
changetype: modify
delete: member
""")
- ldb.modify_ldif("""
-dn: cn=ldaptestgroup2,cn=users,""" + base_dn + """
+ ldb.modify_ldif("""
+dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
changetype: modify
add: member
-member: CN=ldaptestuser2,CN=Users,""" + base_dn + """
-member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + base_dn + """
+member: CN=ldaptestuser2,CN=Users,""" + self.base_dn + """
+member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
""")
-
- ldb.modify_ldif("""
-dn: cn=ldaptestgroup2,cn=users,""" + base_dn + """
+
+ ldb.modify_ldif("""
+dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
changetype: modify
replace: member
""")
-
- ldb.modify_ldif("""
-dn: cn=ldaptestgroup2,cn=users,""" + base_dn + """
+
+ ldb.modify_ldif("""
+dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
changetype: modify
add: member
-member: CN=ldaptestuser2,CN=Users,""" + base_dn + """
-member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + base_dn + """
+member: CN=ldaptestuser2,CN=Users,""" + self.base_dn + """
+member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
""")
-
- ldb.modify_ldif("""
-dn: cn=ldaptestgroup2,cn=users,""" + base_dn + """
+
+ ldb.modify_ldif("""
+dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
changetype: modify
delete: member
-member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + base_dn + """
+member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
""")
-
- res = ldb.search(base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs)
- assert len(res) == 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group))"
+
+ res = ldb.search(self.base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs)
+ self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group))")
- assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + base_dn))
- assertEquals(res[0]["member"][0], ("CN=ldaptestuser2,CN=Users," + base_dn))
- assertEquals(len(res[0]["member"]), 1)
+ self.assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + self.base_dn))
+ self.assertEquals(res[0]["member"][0], ("CN=ldaptestuser2,CN=Users," + self.base_dn))
+ self.assertEquals(len(res[0]["member"]), 1)
- ldb.delete(("CN=ldaptestuser2,CN=Users," + base_dn))
+ ldb.delete(("CN=ldaptestuser2,CN=Users," + self.base_dn))
- attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member"]
- print "Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete"
- res = ldb.search(base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs)
- assert len(res) == 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete"
+ attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member"]
+ print "Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete"
+ res = ldb.search(self.base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs)
+ self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete")
- assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + base_dn))
- assert("member" not in res[0])
+ self.assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + self.base_dn))
+ self.assertTrue("member" not in res[0])
- print "Testing ldb.search for (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))"
- res = ldb.search(expression="(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))")
- assert len(res) == 1, "Could not find (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))"
+ print "Testing ldb.search for (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))"
+ res = ldb.search(expression="(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))")
+ self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))")
- assertEquals(res[0].dn, ("CN=ldaptestutf8user èùéìòà,CN=Users," + base_dn))
- assertEquals(res[0]["cn"], "ldaptestutf8user èùéìòà")
- assertEquals(res[0]["name"], "ldaptestutf8user èùéìòà")
- assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"])
- assert("objectGUID" in res[0])
- assert("whenCreated" in res[0])
+ self.assertEquals(res[0].dn, ("CN=ldaptestutf8user èùéìòà,CN=Users," + self.base_dn))
+ self.assertEquals(res[0]["cn"], "ldaptestutf8user èùéìòà")
+ self.assertEquals(res[0]["name"], "ldaptestutf8user èùéìòà")
+ self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"])
+ self.assertTrue("objectGUID" in res[0])
+ self.assertTrue("whenCreated" in res[0])
- ldb.delete(res[0].dn)
+ ldb.delete(res[0].dn)
- print "Testing ldb.search for (&(cn=ldaptestutf8user2*)(objectClass=user))"
- res = ldb.search(expression="(&(cn=ldaptestutf8user2*)(objectClass=user))")
- assert len(res) == 1, "Could not find (&(cn=ldaptestutf8user2*)(objectClass=user))"
+ print "Testing ldb.search for (&(cn=ldaptestutf8user2*)(objectClass=user))"
+ res = ldb.search(expression="(&(cn=ldaptestutf8user2*)(objectClass=user))")
+ self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestutf8user2*)(objectClass=user))")
- ldb.delete(res[0].dn)
+ ldb.delete(res[0].dn)
- ldb.delete(("CN=ldaptestgroup2,CN=Users," + base_dn))
+ ldb.delete(("CN=ldaptestgroup2,CN=Users," + self.base_dn))
- print "Testing ldb.search for (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))"
- res = ldb.search(expression="(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))")
+ print "Testing ldb.search for (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))"
+ res = ldb.search(expression="(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))")
- #FIXME: assert len(res) == 1, "Could not find (expect space collapse, win2k3 fails) (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))"
+ #FIXME: self.assert len(res) == 1, "Could not find (expect space collapse, win2k3 fails) (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))"
- print "Testing that we can't get at the configuration DN from the main search base"
- res = ldb.search(base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
- assert len(res) == 0, "Got configuration DN " + res[0].dn + " which should not be able to be seen from main search base"
- assertEquals(len(res), 0)
+ print "Testing that we can't get at the configuration DN from the main search base"
+ res = ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
+ self.assertEquals(len(res), 0, "Got configuration DN " + res[0].dn + " which should not be able to be seen from main search base")
+ self.assertEquals(len(res), 0)
- print "Testing that we can get at the configuration DN from the main search base on the LDAP port with the 'phantom root' search_options control"
- res = ldb.search(base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:2"])
- assert(len(res) > 0)
+ print "Testing that we can get at the configuration DN from the main search base on the LDAP port with the 'phantom root' search_options control"
+ res = ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:2"])
+ self.assertTrue(len(res) > 0)
- if gc_ldb is not None:
- print "Testing that we can get at the configuration DN from the main search base on the GC port with the search_options control == 0"
+ if gc_ldb is not None:
+ print "Testing that we can get at the configuration DN from the main search base on the GC port with the search_options control == 0"
+
+ res = gc_ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:0"])
+ self.assertTrue(len(res) > 0)
+
+ print "Testing that we do find configuration elements in the global catlog"
+ res = gc_ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
+ self.assertTrue(len(res) > 0)
+
+ print "Testing that we do find configuration elements and user elements at the same time"
+ res = gc_ldb.search(self.base_dn, expression="(|(objectClass=crossRef)(objectClass=person))", scope=SCOPE_SUBTREE, attrs=["cn"])
+ self.assertTrue(len(res) > 0)
+
+ print "Testing that we do find configuration elements in the global catlog, with the configuration basedn"
+ res = gc_ldb.search(configuration_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
+ self.assertTrue(len(res) > 0)
+
+ print "Testing that we can get at the configuration DN on the main LDAP port"
+ res = ldb.search(configuration_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
+ self.assertTrue(len(res) > 0)
+
+ print "Testing objectCategory canonacolisation"
+ res = ldb.search(configuration_dn, expression="objectCategory=ntDsDSA", scope=SCOPE_SUBTREE, attrs=["cn"])
+ self.assertTrue(len(res) > 0, "Didn't find any records with objectCategory=ntDsDSA")
+ self.assertTrue(len(res) != 0)
+
+ res = ldb.search(configuration_dn, expression="objectCategory=CN=ntDs-DSA," + schema_dn, scope=SCOPE_SUBTREE, attrs=["cn"])
+ self.assertTrue(len(res) > 0, "Didn't find any records with objectCategory=CN=ntDs-DSA," + schema_dn)
+ self.assertTrue(len(res) != 0)
- res = gc_ldb.search(base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:0"])
- assert(len(res) > 0)
-
- print "Testing that we do find configuration elements in the global catlog"
- res = gc_ldb.search(base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
- assert (len(res) > 0)
-
- print "Testing that we do find configuration elements and user elements at the same time"
- res = gc_ldb.search(base_dn, expression="(|(objectClass=crossRef)(objectClass=person))", scope=SCOPE_SUBTREE, attrs=["cn"])
- assert (len(res) > 0)
-
- print "Testing that we do find configuration elements in the global catlog, with the configuration basedn"
- res = gc_ldb.search(configuration_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
- assert (len(res) > 0)
-
- print "Testing that we can get at the configuration DN on the main LDAP port"
- res = ldb.search(configuration_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
- assert (len(res) > 0)
-
- print "Testing objectCategory canonacolisation"
- res = ldb.search(configuration_dn, expression="objectCategory=ntDsDSA", scope=SCOPE_SUBTREE, attrs=["cn"])
- assert len(res) > 0, "Didn't find any records with objectCategory=ntDsDSA"
- assert(len(res) != 0)
-
- res = ldb.search(configuration_dn, expression="objectCategory=CN=ntDs-DSA," + schema_dn, scope=SCOPE_SUBTREE, attrs=["cn"])
- assert len(res) > 0, "Didn't find any records with objectCategory=CN=ntDs-DSA," + schema_dn
- assert(len(res) != 0)
-
- print "Testing objectClass attribute order on "+ base_dn
- res = ldb.search(expression="objectClass=domain", base=base_dn,
- scope=SCOPE_BASE, attrs=["objectClass"])
- assertEquals(len(res), 1)
-
- assertEquals(res[0]["objectClass"], ["top", "domain", "domainDNS"])
-
-# check enumeration
-
- print "Testing ldb.search for objectCategory=person"
- res = ldb.search(base_dn, expression="objectCategory=person", scope=SCOPE_SUBTREE, attrs=["cn"])
- assert(len(res) > 0)
-
- print "Testing ldb.search for objectCategory=person with domain scope control"
- res = ldb.search(base_dn, expression="objectCategory=person", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"])
- assert(len(res) > 0)
-
- print "Testing ldb.search for objectCategory=user"
- res = ldb.search(base_dn, expression="objectCategory=user", scope=SCOPE_SUBTREE, attrs=["cn"])
- assert(len(res) > 0)
-
-
- print "Testing ldb.search for objectCategory=user with domain scope control"
- res = ldb.search(base_dn, expression="objectCategory=user", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"])
- assert(len(res) > 0)
-
- print "Testing ldb.search for objectCategory=group"
- res = ldb.search(base_dn, expression="objectCategory=group", scope=SCOPE_SUBTREE, attrs=["cn"])
- assert(len(res) > 0)
-
- print "Testing ldb.search for objectCategory=group with domain scope control"
- res = ldb.search(base_dn, expression="objectCategory=group", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"])
- assert(len(res) > 0)
-
-def basedn_tests(ldb, gc_ldb):
- print "Testing for all rootDSE attributes"
- res = ldb.search(scope=SCOPE_BASE, attrs=[])
- assertEquals(len(res), 1)
-
- print "Testing for highestCommittedUSN"
- res = ldb.search("", scope=SCOPE_BASE, attrs=["highestCommittedUSN"])
- assertEquals(len(res), 1)
- assert(int(res[0]["highestCommittedUSN"][0]) != 0)
-
- print "Testing for netlogon via LDAP"
- res = ldb.search("", scope=SCOPE_BASE, attrs=["netlogon"])
- assertEquals(len(res), 0)
-
- print "Testing for netlogon and highestCommittedUSN via LDAP"
- res = ldb.search("", scope=SCOPE_BASE,
- attrs=["netlogon", "highestCommittedUSN"])
- assertEquals(len(res), 0)
-
-
-def find_basedn(ldb):
- res = ldb.search(base="", expression="", scope=SCOPE_BASE,
- attrs=["defaultNamingContext"])
- assertEquals(len(res), 1)
- return res[0]["defaultNamingContext"][0]
-
-
-def find_configurationdn(ldb):
- res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["configurationNamingContext"])
- assertEquals(len(res), 1)
- return res[0]["configurationNamingContext"][0]
-
-
-def find_schemadn(ldb):
- res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["schemaNamingContext"])
- assertEquals(len(res), 1)
- return res[0]["schemaNamingContext"][0]
+ print "Testing objectClass attribute order on "+ self.base_dn
+ res = ldb.search(expression="objectClass=domain", base=self.base_dn,
+ scope=SCOPE_BASE, attrs=["objectClass"])
+ self.assertEquals(len(res), 1)
+
+ self.assertEquals(res[0]["objectClass"], ["top", "domain", "domainDNS"])
+
+ # check enumeration
+
+ print "Testing ldb.search for objectCategory=person"
+ res = ldb.search(self.base_dn, expression="objectCategory=person", scope=SCOPE_SUBTREE, attrs=["cn"])
+ self.assertTrue(len(res) > 0)
+
+ print "Testing ldb.search for objectCategory=person with domain scope control"
+ res = ldb.search(self.base_dn, expression="objectCategory=person", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"])
+ self.assertTrue(len(res) > 0)
+
+ print "Testing ldb.search for objectCategory=user"
+ res = ldb.search(self.base_dn, expression="objectCategory=user", scope=SCOPE_SUBTREE, attrs=["cn"])
+ self.assertTrue(len(res) > 0)
+
+ print "Testing ldb.search for objectCategory=user with domain scope control"
+ res = ldb.search(self.base_dn, expression="objectCategory=user", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"])
+ self.assertTrue(len(res) > 0)
+
+ print "Testing ldb.search for objectCategory=group"
+ res = ldb.search(self.base_dn, expression="objectCategory=group", scope=SCOPE_SUBTREE, attrs=["cn"])
+ self.assertTrue(len(res) > 0)
+
+ print "Testing ldb.search for objectCategory=group with domain scope control"
+ res = ldb.search(self.base_dn, expression="objectCategory=group", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"])
+ self.assertTrue(len(res) > 0)
+
+
+class BaseDnTests(unittest.TestCase):
+ def setUp(self):
+ self.ldb = ldb
+
+ def test_rootdse_attrs(self):
+ """Testing for all rootDSE attributes"""
+ res = self.ldb.search(scope=SCOPE_BASE, attrs=[])
+ self.assertEquals(len(res), 1)
+
+ def test_highestcommittedusn(self):
+ """Testing for highestCommittedUSN"""
+ res = self.ldb.search("", scope=SCOPE_BASE, attrs=["highestCommittedUSN"])
+ self.assertEquals(len(res), 1)
+ self.assertTrue(int(res[0]["highestCommittedUSN"][0]) != 0)
+
+ def test_netlogon(self):
+ """Testing for netlogon via LDAP"""
+ res = self.ldb.search("", scope=SCOPE_BASE, attrs=["netlogon"])
+ self.assertEquals(len(res), 0)
+
+ def test_netlogon_highestcommitted_usn(self):
+ """Testing for netlogon and highestCommittedUSN via LDAP"""
+ res = self.ldb.search("", scope=SCOPE_BASE,
+ attrs=["netlogon", "highestCommittedUSN"])
+ self.assertEquals(len(res), 0)
+
if not "://" in host:
host = "ldap://%s" % host
ldb = Ldb(host, credentials=creds, session_info=system_session(), lp=lp)
-base_dn = find_basedn(ldb)
-configuration_dn = find_configurationdn(ldb)
-schema_dn = find_schemadn(ldb)
-
-print "baseDN: %s\n" % base_dn
-
gc_ldb = Ldb("%s:3268" % host, credentials=creds,
session_info=system_session(), lp=lp)
-basic_tests(ldb, gc_ldb, base_dn, configuration_dn, schema_dn)
-basedn_tests(ldb, gc_ldb)
+runner = SubunitTestRunner()
+runner.run(unittest.makeSuite(BaseDnTests))
+runner.run(unittest.makeSuite(BasicTests))