name = ldb_msg_find_attr_as_string(ac->msg, "sAMAccountName", NULL);
if (name == NULL) {
- return ldb_operr(ldb);
+ /* The "sAMAccountName" cannot be nothing */
+ ldb_set_errstring(ldb,
+ "samldb: Empty account names aren't allowed!");
+ return LDB_ERR_CONSTRAINT_VIOLATION;
}
ret = samdb_search_count(ldb, ac, NULL, "(sAMAccountName=%s)",
talloc_free(tmp_msg);
if (sam_accountname == NULL) {
- return ldb_operr(ldb);
+ /* The "sAMAccountName" cannot be nothing */
+ ldb_set_errstring(ldb,
+ "samldb: Empty account names aren't allowed!");
+ return LDB_ERR_UNWILLING_TO_PERFORM;
}
enc_str = ldb_binary_encode_string(ac, sam_accountname);
self.assertEquals(num, ERR_ENTRY_ALREADY_EXISTS)
self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
+ # Try to create a user with an invalid account name
+ try:
+ ldb.add({
+ "dn": "cn=ldaptestuser,cn=users," + self.base_dn,
+ "objectclass": "user",
+ "sAMAccountName": []})
+ self.fail()
+ except LdbError, (num, _):
+ self.assertEquals(num, ERR_CONSTRAINT_VIOLATION)
+ self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
+
# Try to create a user with an invalid primary group
try:
ldb.add({
except LdbError, (num, _):
self.assertEquals(num, ERR_ATTRIBUTE_OR_VALUE_EXISTS)
+ m = Message()
+ m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
+ m["sAMAccountName"] = MessageElement([], FLAG_MOD_REPLACE,
+ "sAMAccountName")
+ try:
+ ldb.modify(m)
+ self.fail()
+ except LdbError, (num, _):
+ self.assertEquals(num, ERR_UNWILLING_TO_PERFORM)
+
m = Message()
m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
m["sAMAccountName"] = MessageElement([], FLAG_MOD_DELETE,