TODO test_sam_userParameters

diff --git a/source4/dsdb/tests/python/sam.py b/source4/dsdb/tests/python/sam.py
index 804905b6cd2e5a5d689209c6937ec54d14988e7c..7bc7155f9d594fc0aa146525faf78433aecd68e4 100755 (executable)
--- a/source4/dsdb/tests/python/sam.py
+++ b/source4/dsdb/tests/python/sam.py
@@ -42,8 +42,9 @@ from samba.dcerpc.security import (DOMAIN_RID_USERS, DOMAIN_RID_ADMINS,
 from subunit.run import SubunitTestRunner
 import unittest
 
-from samba.dcerpc import security
+from samba.dcerpc import security, samr
 from samba.tests import delete_force
+from samba.ndr import ndr_unpack
 
 parser = optparse.OptionParser("sam.py [options] <host>")
 sambaopts = options.SambaOptions(parser)
@@ -72,6 +73,18 @@ class SamTests(samba.tests.TestCase):
 
         print "baseDN: %s\n" % self.base_dn
 
+        self.domain_sid = security.dom_sid(self.ldb.get_domain_sid())
+        if "ldap://" in host:
+            hostname = host.replace("ldap://", "")
+            print "ncacn_ip_tcp:%s[sign]" % hostname
+            self.samr = samr.samr("ncacn_ip_tcp:%s[sign]" % hostname, lp, creds)
+            self.samr_handle = self.samr.Connect2(None, security.SEC_FLAG_MAXIMUM_ALLOWED)
+            self.samr_domain = self.samr.OpenDomain(self.samr_handle, security.SEC_FLAG_MAXIMUM_ALLOWED, self.domain_sid)
+        else:
+            self.samr = None
+            self.samr_handle = None
+            self.samr_domain = None
+
         delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
         delete_force(self.ldb, "cn=ldaptestuser2,cn=users," + self.base_dn)
         delete_force(self.ldb, "cn=ldaptest\,specialuser,cn=users," + self.base_dn)
@@ -2877,6 +2890,52 @@ class SamTests(samba.tests.TestCase):
             self.ldb.rename(pr_object[0] + "2," + pr_object[1] + self.base_dn,
                             pr_object[0] + "," + pr_object[1] + self.base_dn)
 
+    def test_sam_userParameters(self):
+        """Test SAM userParameters attribute"""
+        print "Test SAM description attribute"
+
+        user_dn = "cn=ldaptestuser,cn=users," + self.base_dn
+
+        self.ldb.add({
+            "dn": user_dn,
+            "objectclass": "user",
+            "sAMAccountName": "ldaptestuser"})
+
+        res = ldb.search(user_dn, scope=SCOPE_BASE, attrs=["objectSid"])
+        self.assertTrue(len(res) == 1)
+        self.assertTrue("objectSid" in res[0])
+
+        (domain_sid, user_rid) = ndr_unpack(security.dom_sid, res[0]["objectSid"][0]).split()
+        self.assertEquals(self.domain_sid, domain_sid)
+        samr_user = self.samr.OpenUser(self.samr_domain, security.SEC_FLAG_MAXIMUM_ALLOWED, user_rid)
+
+        m = Message()
+        m.dn = Dn(ldb, user_dn)
+        m["userParameters"] = MessageElement("\xff\x00\xff", FLAG_MOD_REPLACE,
+          "userParameters")
+        ldb.modify(m)
+
+        res = ldb.search(user_dn, scope=SCOPE_BASE, attrs=["userParameters"])
+        print "ldap:%d:[%r]" % (len(res[0]["userParameters"][0]), res[0]["userParameters"][0])
+        info20 = self.samr.QueryUserInfo(samr_user, 20)
+        print "samr:%d:%d:%r" % (info20.parameters.size, info20.parameters.length, info20.parameters.array)
+
+        array = [0x0035]
+        info20.parameters.array = array;
+        info20.parameters.length = 2 * len(array)
+        info20.parameters.size = info20.parameters.length
+
+        print "samr:%d:%d:%r" % (info20.parameters.size, info20.parameters.length, info20.parameters.array)
+        self.samr.SetUserInfo(samr_user, 20, info20)
+
+        res = ldb.search(user_dn, scope=SCOPE_BASE, attrs=["userParameters"])
+        print "ldap:%d:[%r]" % (len(res[0]["userParameters"][0]), res[0]["userParameters"][0])
+        info20 = self.samr.QueryUserInfo(samr_user, 20)
+        print "samr:%d:%d:%r" % (info20.parameters.size, info20.parameters.length, info20.parameters.array)
+
+        self.samr.Close(samr_user)
+        delete_force(self.ldb, user_dn)
+
 if not "://" in host:
     if os.path.isfile(host):
         host = "tdb://%s" % host