from subunit.run import SubunitTestRunner
import unittest
-from samba.dcerpc import security
+from samba.dcerpc import security, samr
from samba.tests import delete_force
+from samba.ndr import ndr_unpack
parser = optparse.OptionParser("sam.py [options] <host>")
sambaopts = options.SambaOptions(parser)
print "baseDN: %s\n" % self.base_dn
+ self.domain_sid = security.dom_sid(self.ldb.get_domain_sid())
+ if "ldap://" in host:
+ hostname = host.replace("ldap://", "")
+ print "ncacn_ip_tcp:%s[sign]" % hostname
+ self.samr = samr.samr("ncacn_ip_tcp:%s[sign]" % hostname, lp, creds)
+ self.samr_handle = self.samr.Connect2(None, security.SEC_FLAG_MAXIMUM_ALLOWED)
+ self.samr_domain = self.samr.OpenDomain(self.samr_handle, security.SEC_FLAG_MAXIMUM_ALLOWED, self.domain_sid)
+ else:
+ self.samr = None
+ self.samr_handle = None
+ self.samr_domain = None
+
delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
delete_force(self.ldb, "cn=ldaptestuser2,cn=users," + self.base_dn)
delete_force(self.ldb, "cn=ldaptest\,specialuser,cn=users," + self.base_dn)
self.ldb.rename(pr_object[0] + "2," + pr_object[1] + self.base_dn,
pr_object[0] + "," + pr_object[1] + self.base_dn)
+ def test_sam_userParameters(self):
+ """Test SAM userParameters attribute"""
+ print "Test SAM description attribute"
+
+ user_dn = "cn=ldaptestuser,cn=users," + self.base_dn
+
+ self.ldb.add({
+ "dn": user_dn,
+ "objectclass": "user",
+ "sAMAccountName": "ldaptestuser"})
+
+ res = ldb.search(user_dn, scope=SCOPE_BASE, attrs=["objectSid"])
+ self.assertTrue(len(res) == 1)
+ self.assertTrue("objectSid" in res[0])
+
+ (domain_sid, user_rid) = ndr_unpack(security.dom_sid, res[0]["objectSid"][0]).split()
+ self.assertEquals(self.domain_sid, domain_sid)
+ samr_user = self.samr.OpenUser(self.samr_domain, security.SEC_FLAG_MAXIMUM_ALLOWED, user_rid)
+
+ m = Message()
+ m.dn = Dn(ldb, user_dn)
+ m["userParameters"] = MessageElement("\xff\x00\xff", FLAG_MOD_REPLACE,
+ "userParameters")
+ ldb.modify(m)
+
+ res = ldb.search(user_dn, scope=SCOPE_BASE, attrs=["userParameters"])
+ print "ldap:%d:[%r]" % (len(res[0]["userParameters"][0]), res[0]["userParameters"][0])
+ info20 = self.samr.QueryUserInfo(samr_user, 20)
+ print "samr:%d:%d:%r" % (info20.parameters.size, info20.parameters.length, info20.parameters.array)
+
+ array = [0x0035]
+ info20.parameters.array = array;
+ info20.parameters.length = 2 * len(array)
+ info20.parameters.size = info20.parameters.length
+
+ print "samr:%d:%d:%r" % (info20.parameters.size, info20.parameters.length, info20.parameters.array)
+ self.samr.SetUserInfo(samr_user, 20, info20)
+
+ res = ldb.search(user_dn, scope=SCOPE_BASE, attrs=["userParameters"])
+ print "ldap:%d:[%r]" % (len(res[0]["userParameters"][0]), res[0]["userParameters"][0])
+ info20 = self.samr.QueryUserInfo(samr_user, 20)
+ print "samr:%d:%d:%r" % (info20.parameters.size, info20.parameters.length, info20.parameters.array)
+
+ self.samr.Close(samr_user)
+ delete_force(self.ldb, user_dn)
+
if not "://" in host:
if os.path.isfile(host):
host = "tdb://%s" % host