#!/bin/sh # test some simple LDAP and CLDAP operations if [ $# -lt 3 ]; then cat <<EOF Usage: test_ldap.sh SERVER USERNAME PASSWORD EOF exit 1; fi # see if we support ldaps if grep HAVE_LIBGNUTLS.1 include/config.h > /dev/null && test -n "$CONFFILE" && grep tls.enabled.=yes $CONFFILE > /dev/null; then PROTOCOLS="ldap ldaps" else PROTOCOLS="ldap" fi SERVER="$1" USERNAME="$2" PASSWORD="$3" incdir=`dirname $0` . $incdir/test_functions.sh for p in $PROTOCOLS; do for options in "" "--option=socket:testnonblock=true" "-U$USERNAME%$PASSWORD --option=socket:testnonblock=true" "-U$USERNAME%$PASSWORD"; do echo "TESTING PROTOCOL $p with options $options" testit "RootDSE" bin/ldbsearch $CONFIGURATION $options --basedn='' -H $p://$SERVER -s base DUMMY=x dnsHostName highestCommittedUSN || failed=`expr $failed + 1` echo "Getting defaultNamingContext" BASEDN=`bin/ldbsearch $CONFIGURATION $options --basedn='' -H $p://$SERVER -s base DUMMY=x defaultNamingContext | grep defaultNamingContext | awk '{print $2}'` echo "BASEDN is $BASEDN" testit "Listing Users" bin/ldbsearch $options $CONFIGURATION -H $p://$SERVER '(objectclass=user)' sAMAccountName || failed=`expr $failed + 1` testit "Listing Groups" bin/ldbsearch $options $CONFIGURATION -H $p://$SERVER '(objectclass=group)' sAMAccountName || failed=`expr $failed + 1` nentries=`bin/ldbsearch $options -H $p://$SERVER $CONFIGURATION '(|(|(&(!(groupType:1.2.840.113556.1.4.803:=1))(groupType:1.2.840.113556.1.4.803:=2147483648)(groupType:1.2.840.113556.1.4.804:=10))(samAccountType=805306368))(samAccountType=805306369))' sAMAccountName | grep sAMAccountName | wc -l` echo "Found $nentries entries" if [ $nentries -lt 10 ]; then echo "Should have found at least 10 entries" failed=`expr $failed + 1` fi echo "Check rootDSE for Controls" nentries=`bin/ldbsearch $options $CONFIGURATION -H $p://$SERVER -s base -b "" '(objectclass=*)' | grep -i supportedControl | wc -l` if [ $nentries -lt 4 ]; then echo "Should have found at least 4 entries" failed=`expr $failed + 1` fi echo "Test Paged Results Control" nentries=`bin/ldbsearch $options $CONFIGURATION -H $p://$SERVER --controls=paged_results:1:5 '(objectclass=user)' | grep sAMAccountName | wc -l` if [ $nentries -lt 1 ]; then echo "Paged Results Control test returned 0 items" failed=`expr $failed + 1` fi echo "Test Server Sort Control" nentries=`bin/ldbsearch $options $CONFIGURATION -H $p://$SERVER --controls=server_sort:1:0:sAMAccountName '(objectclass=user)' | grep sAMAccountName | wc -l` if [ $nentries -lt 1 ]; then echo "Server Sort Control test returned 0 items" failed=`expr $failed + 1` fi echo "Test Extended DN Control" nentries=`bin/ldbsearch $options $CONFIGURATION -H $p://$SERVER --controls=extended_dn:1:0 '(objectclass=user)' | grep sAMAccountName | wc -l` if [ $nentries -lt 1 ]; then echo "Extended DN Control test returned 0 items" failed=`expr $failed + 1` fi echo "Test Attribute Scope Query Control" nentries=`bin/ldbsearch $options $CONFIGURATION -H $p://$SERVER --controls=asq:1:member -s base -b "CN=Administrators,CN=Builtin,$BASEDN" | grep sAMAccountName | wc -l` if [ $nentries -lt 1 ]; then echo "Attribute Scope Query test returned 0 items" failed=`expr $failed + 1` fi done done testit "CLDAP" bin/smbtorture $TORTURE_OPTIONS //$SERVER/_none_ LDAP-CLDAP || failed=`expr $failed + 1` # only do the ldb tests when not in quick mode - they are quite slow, and ldb # is now pretty well tested by the rest of the quick tests anyway test "$TORTURE_QUICK" = "yes" || { LDBDIR=lib/ldb export LDBDIR testit "ldb tests" $LDBDIR/tests/test-tdb.sh || failed=`expr $failed + 1` } SCRIPTDIR=../testprogs/ejs testit "ejs ldap test" $SCRIPTDIR/ldap.js $CONFIGURATION $SERVER -U$USERNAME%$PASSWORD || failed=`expr $failed + 1` testok $0 $failed