2 # -*- coding: utf-8 -*-
3 # This is a port of the original in testprogs/ejs/ldap.js
10 sys.path.append("bin/python")
11 sys.path.append("../lib/subunit/python")
13 import samba.getopt as options
15 from samba.auth import system_session
16 from ldb import (SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE, LdbError,
17 LDB_ERR_NO_SUCH_OBJECT, LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS,
18 LDB_ERR_ENTRY_ALREADY_EXISTS, LDB_ERR_UNWILLING_TO_PERFORM,
19 LDB_ERR_NOT_ALLOWED_ON_NON_LEAF, LDB_ERR_OTHER, LDB_ERR_INVALID_DN_SYNTAX)
21 from subunit import SubunitTestRunner
22 from samba import param
25 parser = optparse.OptionParser("ldap [options] <host>")
26 sambaopts = options.SambaOptions(parser)
27 parser.add_option_group(sambaopts)
28 parser.add_option_group(options.VersionOptions(parser))
29 # use command line creds if available
30 credopts = options.CredentialsOptions(parser)
31 parser.add_option_group(credopts)
32 opts, args = parser.parse_args()
40 lp = sambaopts.get_loadparm()
41 creds = credopts.get_credentials(lp)
43 class BasicTests(unittest.TestCase):
44 def delete_force(self, ldb, dn):
47 except LdbError, (num, _):
48 self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
50 def find_basedn(self, ldb):
51 res = ldb.search(base="", expression="", scope=SCOPE_BASE,
52 attrs=["defaultNamingContext"])
53 self.assertEquals(len(res), 1)
54 return res[0]["defaultNamingContext"][0]
56 def find_configurationdn(self, ldb):
57 res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["configurationNamingContext"])
58 self.assertEquals(len(res), 1)
59 return res[0]["configurationNamingContext"][0]
61 def find_schemadn(self, ldb):
62 res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["schemaNamingContext"])
63 self.assertEquals(len(res), 1)
64 return res[0]["schemaNamingContext"][0]
69 self.base_dn = self.find_basedn(ldb)
70 self.configuration_dn = self.find_configurationdn(ldb)
71 self.schema_dn = self.find_schemadn(ldb)
73 print "baseDN: %s\n" % self.base_dn
75 self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
76 self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn)
78 def test_group_add_invalid_member(self):
79 """Testing group add with invalid member"""
82 "dn": "cn=ldaptestgroup,cn=uSers," + self.base_dn,
83 "objectclass": "group",
84 "member": "cn=ldaptestuser,cn=useRs," + self.base_dn})
86 except LdbError, (num, _):
87 self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
92 self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
94 print "Testing user add"
96 "dn": "cn=ldaptestuser,cn=uSers," + self.base_dn,
97 "objectclass": ["user", "person"],
103 "dn": "cn=ldaptestgroup,cn=uSers," + self.base_dn,
104 "objectclass": "group",
105 "member": "cn=ldaptestuser,cn=useRs," + self.base_dn})
107 self.delete_force(ldb, "cn=ldaptestcomputer,cn=computers," + self.base_dn)
109 "dn": "cn=ldaptestcomputer,cn=computers," + self.base_dn,
110 "objectclass": "computer",
111 "cN": "LDAPtestCOMPUTER"})
113 self.delete_force(self.ldb, "cn=ldaptest2computer,cn=computers," + self.base_dn)
114 ldb.add({"dn": "cn=ldaptest2computer,cn=computers," + self.base_dn,
115 "objectClass": "computer",
116 "cn": "LDAPtest2COMPUTER",
117 "userAccountControl": "4096",
118 "displayname": "ldap testy"})
120 self.delete_force(self.ldb, "cn=ldaptestcomputer3,cn=computers," + self.base_dn)
122 ldb.add({"dn": "cn=ldaptestcomputer3,cn=computers," + self.base_dn,
123 "objectClass": "computer",
124 "cn": "LDAPtest2COMPUTER"
127 except LdbError, (num, _):
128 self.assertEquals(num, LDB_ERR_INVALID_DN_SYNTAX)
130 self.delete_force(self.ldb, "cn=ldaptestcomputer3,cn=computers," + self.base_dn)
132 ldb.add({"dn": "cn=ldaptestcomputer3,cn=computers," + self.base_dn,
133 "objectClass": "computer",
134 "cn": "ldaptestcomputer3",
135 "sAMAccountType": "805306368"
138 except LdbError, (num, _):
139 self.assertEquals(num, LDB_ERR_UNWILLING_TO_PERFORM)
141 self.delete_force(self.ldb, "cn=ldaptestcomputer3,cn=computers," + self.base_dn)
143 ldb.add({"dn": "cn=ldaptestcomputer3,cn=computers," + self.base_dn,
144 "objectClass": "computer",
145 "cn": "ldaptestcomputer3",
146 "userAccountControl": "0"
149 except LdbError, (num, _):
150 self.assertEquals(num, LDB_ERR_UNWILLING_TO_PERFORM)
152 self.delete_force(self.ldb, "cn=ldaptestuser7,cn=users," + self.base_dn)
154 ldb.add({"dn": "cn=ldaptestuser7,cn=users," + self.base_dn,
155 "objectClass": "user",
156 "cn": "LDAPtestuser7",
157 "userAccountControl": "0"
160 except LdbError, (num, _):
161 self.assertEquals(num, LDB_ERR_UNWILLING_TO_PERFORM)
163 self.delete_force(self.ldb, "cn=ldaptestuser7,cn=users," + self.base_dn)
165 ldb.add({"dn": "cn=ldaptestuser7,cn=users," + self.base_dn,
166 "objectClass": "user",
167 "cn": "LDAPtestuser7",
168 "userAccountControl": "2"
171 self.delete_force(self.ldb, "cn=ldaptestuser7,cn=users," + self.base_dn)
173 self.delete_force(self.ldb, "cn=ldaptestcomputer3,cn=computers," + self.base_dn)
174 ldb.add({"dn": "cn=ldaptestcomputer3,cn=computers," + self.base_dn,
175 "objectClass": "computer",
176 "cn": "LDAPtestCOMPUTER3"
179 print "Testing ldb.search for (&(cn=ldaptestcomputer3)(objectClass=user))";
180 res = ldb.search(self.base_dn, expression="(&(cn=ldaptestcomputer3)(objectClass=user))");
181 self.assertEquals(len(res), 1, "Found only %d for (&(cn=ldaptestcomputer3)(objectClass=user))" % len(res))
183 self.assertEquals(str(res[0].dn), ("CN=ldaptestcomputer3,CN=Computers," + self.base_dn));
184 self.assertEquals(res[0]["cn"][0], "ldaptestcomputer3");
185 self.assertEquals(res[0]["name"][0], "ldaptestcomputer3");
186 self.assertEquals(res[0]["objectClass"][0], "top");
187 self.assertEquals(res[0]["objectClass"][1], "person");
188 self.assertEquals(res[0]["objectClass"][2], "organizationalPerson");
189 self.assertEquals(res[0]["objectClass"][3], "user");
190 self.assertEquals(res[0]["objectClass"][4], "computer");
191 self.assertTrue("objectGUID" in res[0])
192 self.assertTrue("whenCreated" in res[0])
193 self.assertEquals(res[0]["objectCategory"][0], ("CN=Computer,CN=Schema,CN=Configuration," + self.base_dn));
194 self.assertEquals(int(res[0]["primaryGroupID"][0]), 513);
195 self.assertEquals(int(res[0]["sAMAccountType"][0]), 805306368);
196 self.assertEquals(int(res[0]["userAccountControl"][0]), 546);
198 self.delete_force(self.ldb, "cn=ldaptestcomputer3,cn=computers," + self.base_dn)
200 print "Testing attribute or value exists behaviour"
203 dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
205 replace: servicePrincipalName
206 servicePrincipalName: host/ldaptest2computer
207 servicePrincipalName: host/ldaptest2computer
208 servicePrincipalName: cifs/ldaptest2computer
211 except LdbError, (num, msg):
212 self.assertEquals(num, LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS)
215 dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
217 replace: servicePrincipalName
218 servicePrincipalName: host/ldaptest2computer
219 servicePrincipalName: cifs/ldaptest2computer
223 dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
225 add: servicePrincipalName
226 servicePrincipalName: host/ldaptest2computer
229 except LdbError, (num, msg):
230 self.assertEquals(num, LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS)
232 print "Testing ranged results"
234 dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
236 replace: servicePrincipalName
240 dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
242 add: servicePrincipalName
243 servicePrincipalName: host/ldaptest2computer0
244 servicePrincipalName: host/ldaptest2computer1
245 servicePrincipalName: host/ldaptest2computer2
246 servicePrincipalName: host/ldaptest2computer3
247 servicePrincipalName: host/ldaptest2computer4
248 servicePrincipalName: host/ldaptest2computer5
249 servicePrincipalName: host/ldaptest2computer6
250 servicePrincipalName: host/ldaptest2computer7
251 servicePrincipalName: host/ldaptest2computer8
252 servicePrincipalName: host/ldaptest2computer9
253 servicePrincipalName: host/ldaptest2computer10
254 servicePrincipalName: host/ldaptest2computer11
255 servicePrincipalName: host/ldaptest2computer12
256 servicePrincipalName: host/ldaptest2computer13
257 servicePrincipalName: host/ldaptest2computer14
258 servicePrincipalName: host/ldaptest2computer15
259 servicePrincipalName: host/ldaptest2computer16
260 servicePrincipalName: host/ldaptest2computer17
261 servicePrincipalName: host/ldaptest2computer18
262 servicePrincipalName: host/ldaptest2computer19
263 servicePrincipalName: host/ldaptest2computer20
264 servicePrincipalName: host/ldaptest2computer21
265 servicePrincipalName: host/ldaptest2computer22
266 servicePrincipalName: host/ldaptest2computer23
267 servicePrincipalName: host/ldaptest2computer24
268 servicePrincipalName: host/ldaptest2computer25
269 servicePrincipalName: host/ldaptest2computer26
270 servicePrincipalName: host/ldaptest2computer27
271 servicePrincipalName: host/ldaptest2computer28
272 servicePrincipalName: host/ldaptest2computer29
275 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE,
276 attrs=["servicePrincipalName;range=0-*"])
277 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
278 #print len(res[0]["servicePrincipalName;range=0-*"])
279 self.assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30)
281 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-19"])
282 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
283 # print res[0]["servicePrincipalName;range=0-19"].length
284 self.assertEquals(len(res[0]["servicePrincipalName;range=0-19"]), 20)
287 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-30"])
288 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
289 self.assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30)
291 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-40"])
292 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
293 self.assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30)
295 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=30-40"])
296 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
297 self.assertEquals(len(res[0]["servicePrincipalName;range=30-*"]), 0)
300 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=10-40"])
301 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
302 self.assertEquals(len(res[0]["servicePrincipalName;range=10-*"]), 20)
303 # pos_11 = res[0]["servicePrincipalName;range=10-*"][18]
305 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=11-40"])
306 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
307 self.assertEquals(len(res[0]["servicePrincipalName;range=11-*"]), 19)
308 # print res[0]["servicePrincipalName;range=11-*"][18]
310 # self.assertEquals((res[0]["servicePrincipalName;range=11-*"][18]), pos_11)
312 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=11-15"])
313 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
314 self.assertEquals(len(res[0]["servicePrincipalName;range=11-15"]), 5)
315 # self.assertEquals(res[0]["servicePrincipalName;range=11-15"][4], pos_11)
317 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName"])
318 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
319 # print res[0]["servicePrincipalName"][18]
321 self.assertEquals(len(res[0]["servicePrincipalName"]), 30)
322 # self.assertEquals(res[0]["servicePrincipalName"][18], pos_11)
324 self.delete_force(self.ldb, "cn=ldaptestuser2,cn=users," + self.base_dn)
326 "dn": "cn=ldaptestuser2,cn=useRs," + self.base_dn,
327 "objectClass": ["person", "user"],
328 "cn": "LDAPtestUSER2",
329 "givenname": "testy",
332 print "Testing Ambigious Name Resolution"
333 # Testing ldb.search for (&(anr=ldap testy)(objectClass=user))
334 res = ldb.search(expression="(&(anr=ldap testy)(objectClass=user))")
335 self.assertEquals(len(res), 3, "Found only %d of 3 for (&(anr=ldap testy)(objectClass=user))" % len(res))
337 # Testing ldb.search for (&(anr=testy ldap)(objectClass=user))
338 res = ldb.search(expression="(&(anr=testy ldap)(objectClass=user))")
339 self.assertEquals(len(res), 2, "Found only %d of 2 for (&(anr=testy ldap)(objectClass=user))" % len(res))
341 # Testing ldb.search for (&(anr=ldap)(objectClass=user))
342 res = ldb.search(expression="(&(anr=ldap)(objectClass=user))")
343 self.assertEquals(len(res), 4, "Found only %d of 4 for (&(anr=ldap)(objectClass=user))" % len(res))
345 # Testing ldb.search for (&(anr==ldap)(objectClass=user))
346 res = ldb.search(expression="(&(anr==ldap)(objectClass=user))")
347 self.assertEquals(len(res), 1, "Could not find (&(anr==ldap)(objectClass=user)). Found only %d for (&(anr=ldap)(objectClass=user))" % len(res))
349 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
350 self.assertEquals(res[0]["cn"][0], "ldaptestuser")
351 self.assertEquals(res[0]["name"], "ldaptestuser")
353 # Testing ldb.search for (&(anr=testy)(objectClass=user))
354 res = ldb.search(expression="(&(anr=testy)(objectClass=user))")
355 self.assertEquals(len(res), 2, "Found only %d for (&(anr=testy)(objectClass=user))" % len(res))
357 # Testing ldb.search for (&(anr=testy ldap)(objectClass=user))
358 res = ldb.search(expression="(&(anr=testy ldap)(objectClass=user))")
359 self.assertEquals(len(res), 2, "Found only %d for (&(anr=testy ldap)(objectClass=user))" % len(res))
361 # Testing ldb.search for (&(anr==testy ldap)(objectClass=user))
362 # this test disabled for the moment, as anr with == tests are not understood
363 # res = ldb.search(expression="(&(anr==testy ldap)(objectClass=user))")
364 # self.assertEquals(len(res), 1, "Found only %d for (&(anr==testy ldap)(objectClass=user))" % len(res))
366 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
367 self.assertEquals(res[0]["cn"][0], "ldaptestuser")
368 self.assertEquals(res[0]["name"][0], "ldaptestuser")
370 # Testing ldb.search for (&(anr==testy ldap)(objectClass=user))
371 # res = ldb.search(expression="(&(anr==testy ldap)(objectClass=user))")
372 # self.assertEquals(len(res), 1, "Could not find (&(anr==testy ldap)(objectClass=user))")
374 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
375 self.assertEquals(res[0]["cn"][0], "ldaptestuser")
376 self.assertEquals(res[0]["name"][0], "ldaptestuser")
378 # Testing ldb.search for (&(anr=testy ldap user)(objectClass=user))
379 res = ldb.search(expression="(&(anr=testy ldap user)(objectClass=user))")
380 self.assertEquals(len(res), 1, "Could not find (&(anr=testy ldap user)(objectClass=user))")
382 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + self.base_dn))
383 self.assertEquals(res[0]["cn"], "ldaptestuser2")
384 self.assertEquals(res[0]["name"], "ldaptestuser2")
386 # Testing ldb.search for (&(anr==testy ldap user2)(objectClass=user))
387 # res = ldb.search(expression="(&(anr==testy ldap user2)(objectClass=user))")
388 # self.assertEquals(len(res), 1, "Could not find (&(anr==testy ldap user2)(objectClass=user))")
390 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + self.base_dn))
391 self.assertEquals(res[0]["cn"], "ldaptestuser2")
392 self.assertEquals(res[0]["name"], "ldaptestuser2")
394 # Testing ldb.search for (&(anr==ldap user2)(objectClass=user))
395 # res = ldb.search(expression="(&(anr==ldap user2)(objectClass=user))")
396 # self.assertEquals(len(res), 1, "Could not find (&(anr==ldap user2)(objectClass=user))")
398 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + self.base_dn))
399 self.assertEquals(res[0]["cn"], "ldaptestuser2")
400 self.assertEquals(res[0]["name"], "ldaptestuser2")
402 # Testing ldb.search for (&(anr==not ldap user2)(objectClass=user))
403 # res = ldb.search(expression="(&(anr==not ldap user2)(objectClass=user))")
404 # self.assertEquals(len(res), 0, "Must not find (&(anr==not ldap user2)(objectClass=user))")
406 # Testing ldb.search for (&(anr=not ldap user2)(objectClass=user))
407 res = ldb.search(expression="(&(anr=not ldap user2)(objectClass=user))")
408 self.assertEquals(len(res), 0, "Must not find (&(anr=not ldap user2)(objectClass=user))")
410 # Testing ldb.search for (&(anr="testy ldap")(objectClass=user)) (ie, with quotes)
411 # res = ldb.search(expression="(&(anr==\"testy ldap\")(objectClass=user))")
412 # self.assertEquals(len(res), 0, "Found (&(anr==\"testy ldap\")(objectClass=user))")
414 print "Testing Group Modifies"
416 dn: cn=ldaptestgroup,cn=users,""" + self.base_dn + """
419 member: cn=ldaptestuser2,cn=users,""" + self.base_dn + """
420 member: cn=ldaptestcomputer,cn=computers,""" + self.base_dn + """
423 self.delete_force(ldb, "cn=ldaptestuser3,cn=users," + self.base_dn)
425 print "Testing adding non-existent user to a group"
428 dn: cn=ldaptestgroup,cn=users,""" + self.base_dn + """
431 member: cn=ldaptestuser3,cn=users,""" + self.base_dn + """
434 except LdbError, (num, _):
435 self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
437 print "Testing Renames"
439 ldb.rename("cn=ldaptestuser2,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=users," + self.base_dn)
441 ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=users," + self.base_dn)
443 ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestUSER3,cn=users," + self.base_dn)
445 print "Testing ldb.search for (&(cn=ldaptestuser3)(objectClass=user))"
446 res = ldb.search(expression="(&(cn=ldaptestuser3)(objectClass=user))")
447 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser3)(objectClass=user))")
449 self.assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
450 self.assertEquals(res[0]["cn"], "ldaptestUSER3")
451 self.assertEquals(res[0]["name"], "ldaptestUSER3")
453 #"Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=*))(objectClass=user))"
454 res = ldb.search(expression="(&(&(cn=ldaptestuser3)(userAccountControl=*))(objectClass=user))")
455 self.assertEquals(len(res), 1, "(&(&(cn=ldaptestuser3)(userAccountControl=*))(objectClass=user))")
457 self.assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
458 self.assertEquals(res[0]["cn"], "ldaptestUSER3")
459 self.assertEquals(res[0]["name"], "ldaptestUSER3")
461 #"Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))"
462 res = ldb.search(expression="(&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))")
463 self.assertEquals(len(res), 1, "(&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))")
465 self.assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
466 self.assertEquals(res[0]["cn"], "ldaptestUSER3")
467 self.assertEquals(res[0]["name"], "ldaptestUSER3")
469 #"Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))"
470 res = ldb.search(expression="(&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))")
471 self.assertEquals(len(res), 0, "(&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))")
473 # This is a Samba special, and does not exist in real AD
474 # print "Testing ldb.search for (dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")"
475 # res = ldb.search("(dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")")
476 # if (res.error != 0 || len(res) != 1) {
477 # print "Could not find (dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")"
478 # self.assertEquals(len(res), 1)
480 # self.assertEquals(res[0].dn, ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
481 # self.assertEquals(res[0].cn, "ldaptestUSER3")
482 # self.assertEquals(res[0].name, "ldaptestUSER3")
484 print "Testing ldb.search for (distinguishedName=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")"
485 res = ldb.search(expression="(distinguishedName=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")")
486 self.assertEquals(len(res), 1, "Could not find (dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")")
487 self.assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
488 self.assertEquals(res[0]["cn"], "ldaptestUSER3")
489 self.assertEquals(res[0]["name"], "ldaptestUSER3")
491 # ensure we cannot add it again
493 ldb.add({"dn": "cn=ldaptestuser3,cn=userS," + self.base_dn,
494 "objectClass": ["person", "user"],
495 "cn": "LDAPtestUSER3"})
497 except LdbError, (num, _):
498 self.assertEquals(num, LDB_ERR_ENTRY_ALREADY_EXISTS)
501 ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser2,cn=users," + self.base_dn)
503 # ensure we cannnot rename it twice
505 ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn,
506 "cn=ldaptestuser2,cn=users," + self.base_dn)
508 except LdbError, (num, _):
509 self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
511 # ensure can now use that name
512 ldb.add({"dn": "cn=ldaptestuser3,cn=users," + self.base_dn,
513 "objectClass": ["person", "user"],
514 "cn": "LDAPtestUSER3"})
516 # ensure we now cannnot rename
518 ldb.rename("cn=ldaptestuser2,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=users," + self.base_dn)
520 except LdbError, (num, _):
521 self.assertEquals(num, LDB_ERR_ENTRY_ALREADY_EXISTS)
523 ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=configuration," + self.base_dn)
525 except LdbError, (num, _):
526 self.assertTrue(num in (71, 64))
528 ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser5,cn=users," + self.base_dn)
530 ldb.delete("cn=ldaptestuser5,cn=users," + self.base_dn)
532 self.delete_force(ldb, "cn=ldaptestgroup2,cn=users," + self.base_dn)
534 ldb.rename("cn=ldaptestgroup,cn=users," + self.base_dn, "cn=ldaptestgroup2,cn=users," + self.base_dn)
536 print "Testing subtree Renames"
538 ldb.add({"dn": "cn=ldaptestcontainer," + self.base_dn,
539 "objectClass": "container"})
541 self.delete_force(self.ldb, "cn=ldaptestuser4,cn=ldaptestcontainer," + self.base_dn)
542 ldb.add({"dn": "CN=ldaptestuser4,CN=ldaptestcontainer," + self.base_dn,
543 "objectClass": ["person", "user"],
544 "cn": "LDAPtestUSER4"})
547 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
550 member: cn=ldaptestuser4,cn=ldaptestcontainer,""" + self.base_dn + """
553 print "Testing ldb.rename of cn=ldaptestcontainer," + self.base_dn + " to cn=ldaptestcontainer2," + self.base_dn
554 ldb.rename("CN=ldaptestcontainer," + self.base_dn, "CN=ldaptestcontainer2," + self.base_dn)
556 print "Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user))"
557 res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))")
558 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser4)(objectClass=user))")
560 print "Testing subtree ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + self.base_dn
562 ldb.search("cn=ldaptestcontainer," + self.base_dn,
563 expression="(&(cn=ldaptestuser4)(objectClass=user))",
566 except LdbError, (num, _):
567 self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
569 print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + self.base_dn
571 res = ldb.search("cn=ldaptestcontainer," + self.base_dn,
572 expression="(&(cn=ldaptestuser4)(objectClass=user))", scope=SCOPE_ONELEVEL)
574 except LdbError, (num, _):
575 self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
577 print "Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in renamed container"
578 res = ldb.search("cn=ldaptestcontainer2," + self.base_dn, expression="(&(cn=ldaptestuser4)(objectClass=user))", scope=SCOPE_SUBTREE)
579 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser4)(objectClass=user)) under cn=ldaptestcontainer2," + self.base_dn)
581 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn))
582 self.assertEquals(res[0]["memberOf"][0].upper(), ("CN=ldaptestgroup2,CN=Users," + self.base_dn).upper())
586 print "Testing ldb.search for (&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn + ")(objectclass=group)) to check subtree renames and linked attributes"
587 res = ldb.search(self.base_dn, expression="(&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn + ")(objectclass=group))", scope=SCOPE_SUBTREE)
588 self.assertEquals(len(res), 1, "Could not find (&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn + ")(objectclass=group)), perhaps linked attributes are not conistant with subtree renames?")
590 print "Testing ldb.rename (into itself) of cn=ldaptestcontainer2," + self.base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer2," + self.base_dn
592 ldb.rename("cn=ldaptestcontainer2," + self.base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer2," + self.base_dn)
594 except LdbError, (num, _):
595 self.assertEquals(num, LDB_ERR_UNWILLING_TO_PERFORM)
597 print "Testing ldb.rename (into non-existent container) of cn=ldaptestcontainer2," + self.base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer3," + self.base_dn
599 ldb.rename("cn=ldaptestcontainer2," + self.base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer3," + self.base_dn)
601 except LdbError, (num, _):
602 self.assertTrue(num in (LDB_ERR_UNWILLING_TO_PERFORM, LDB_ERR_OTHER))
604 print "Testing delete (should fail, not a leaf node) of renamed cn=ldaptestcontainer2," + self.base_dn
606 ldb.delete("cn=ldaptestcontainer2," + self.base_dn)
608 except LdbError, (num, _):
609 self.assertEquals(num, LDB_ERR_NOT_ALLOWED_ON_NON_LEAF)
611 print "Testing base ldb.search for CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn
612 res = ldb.search(expression="(objectclass=*)", base=("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn), scope=SCOPE_BASE)
613 self.assertEquals(len(res), 1)
614 res = ldb.search(expression="(cn=ldaptestuser40)", base=("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn), scope=SCOPE_BASE)
615 self.assertEquals(len(res), 0)
617 print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + self.base_dn
618 res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))", base=("cn=ldaptestcontainer2," + self.base_dn), scope=SCOPE_ONELEVEL)
619 # FIXME: self.assertEquals(len(res), 0)
621 print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + self.base_dn
622 res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))", base=("cn=ldaptestcontainer2," + self.base_dn), scope=SCOPE_SUBTREE)
623 # FIXME: self.assertEquals(len(res), 0)
625 print "Testing delete of subtree renamed "+("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn)
626 ldb.delete(("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn))
627 print "Testing delete of renamed cn=ldaptestcontainer2," + self.base_dn
628 ldb.delete("cn=ldaptestcontainer2," + self.base_dn)
630 self.delete_force(self.ldb, "cn=ldaptestutf8user èùéìòà ,cn=users," + self.base_dn)
631 ldb.add({"dn": "cn=ldaptestutf8user èùéìòà ,cn=users," + self.base_dn, "objectClass": "user"})
633 self.delete_force(self.ldb, "cn=ldaptestutf8user2 èùéìòà ,cn=users," + self.base_dn)
634 ldb.add({"dn": "cn=ldaptestutf8user2 èùéìòà ,cn=users," + self.base_dn, "objectClass": "user"})
636 print "Testing ldb.search for (&(cn=ldaptestuser)(objectClass=user))"
637 res = ldb.search(expression="(&(cn=ldaptestuser)(objectClass=user))")
638 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser)(objectClass=user))")
640 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
641 self.assertEquals(res[0]["cn"], "ldaptestuser")
642 self.assertEquals(res[0]["name"], "ldaptestuser")
643 self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"])
644 self.assertTrue("objectGUID" in res[0])
645 self.assertTrue("whenCreated" in res[0])
646 self.assertEquals(res[0]["objectCategory"], ("CN=Person,CN=Schema,CN=Configuration," + self.base_dn))
647 self.assertEquals(int(res[0]["sAMAccountType"][0]), 805306368)
648 self.assertEquals(int(res[0]["userAccountControl"][0]), 546)
649 self.assertEquals(res[0]["memberOf"][0].upper(), ("CN=ldaptestgroup2,CN=Users," + self.base_dn).upper())
650 self.assertEquals(len(res[0]["memberOf"]), 1)
652 print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + self.base_dn + "))"
653 res2 = ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + self.base_dn + "))")
654 self.assertEquals(len(res2), 1, "Could not find (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + self.base_dn + "))")
656 self.assertEquals(res[0].dn, res2[0].dn)
658 print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon))"
659 res3 = ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=PerSon))")
660 self.assertEquals(len(res3), 1, "Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)): matched %d" % len(res3))
662 self.assertEquals(res[0].dn, res3[0].dn)
664 if gc_ldb is not None:
665 print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog"
666 res3gc = gc_ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=PerSon))")
667 self.assertEquals(len(res3gc), 1)
669 self.assertEquals(res[0].dn, res3gc[0].dn)
671 print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in with 'phantom root' control"
673 res3control = gc_ldb.search(self.base_dn, expression="(&(cn=ldaptestuser)(objectCategory=PerSon))", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:2"])
674 self.assertEquals(len(res3control), 1, "Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog")
676 self.assertEquals(res[0].dn, res3control[0].dn)
678 ldb.delete(res[0].dn)
680 print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectClass=user))"
681 res = ldb.search(expression="(&(cn=ldaptestcomputer)(objectClass=user))")
682 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser)(objectClass=user))")
684 self.assertEquals(str(res[0].dn), ("CN=ldaptestcomputer,CN=Computers," + self.base_dn))
685 self.assertEquals(res[0]["cn"], "ldaptestcomputer")
686 self.assertEquals(res[0]["name"], "ldaptestcomputer")
687 self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user", "computer"])
688 self.assertTrue("objectGUID" in res[0])
689 self.assertTrue("whenCreated" in res[0])
690 self.assertEquals(res[0]["objectCategory"], ("CN=Computer,CN=Schema,CN=Configuration," + self.base_dn))
691 self.assertEquals(int(res[0]["primaryGroupID"][0]), 513)
692 self.assertEquals(int(res[0]["sAMAccountType"][0]), 805306368)
693 self.assertEquals(int(res[0]["userAccountControl"][0]), 546)
694 self.assertEquals(res[0]["memberOf"][0].upper(), ("CN=ldaptestgroup2,CN=Users," + self.base_dn).upper())
695 self.assertEquals(len(res[0]["memberOf"]), 1)
697 print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))"
698 res2 = ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))")
699 self.assertEquals(len(res2), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))")
701 self.assertEquals(res[0].dn, res2[0].dn)
703 if gc_ldb is not None:
704 print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + ")) in Global Catlog"
705 res2gc = gc_ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))")
706 self.assertEquals(len(res2gc), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + ")) in Global Catlog")
708 self.assertEquals(res[0].dn, res2gc[0].dn)
710 print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER))"
711 res3 = ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=compuTER))")
712 self.assertEquals(len(res3), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER))")
714 self.assertEquals(res[0].dn, res3[0].dn)
716 if gc_ldb is not None:
717 print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog"
718 res3gc = gc_ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=compuTER))")
719 self.assertEquals(len(res3gc), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog")
721 self.assertEquals(res[0].dn, res3gc[0].dn)
723 print "Testing ldb.search for (&(cn=ldaptestcomp*r)(objectCategory=compuTER))"
724 res4 = ldb.search(expression="(&(cn=ldaptestcomp*r)(objectCategory=compuTER))")
725 self.assertEquals(len(res4), 1, "Could not find (&(cn=ldaptestcomp*r)(objectCategory=compuTER))")
727 self.assertEquals(res[0].dn, res4[0].dn)
729 print "Testing ldb.search for (&(cn=ldaptestcomput*)(objectCategory=compuTER))"
730 res5 = ldb.search(expression="(&(cn=ldaptestcomput*)(objectCategory=compuTER))")
731 self.assertEquals(len(res5), 1, "Could not find (&(cn=ldaptestcomput*)(objectCategory=compuTER))")
733 self.assertEquals(res[0].dn, res5[0].dn)
735 print "Testing ldb.search for (&(cn=*daptestcomputer)(objectCategory=compuTER))"
736 res6 = ldb.search(expression="(&(cn=*daptestcomputer)(objectCategory=compuTER))")
737 self.assertEquals(len(res6), 1, "Could not find (&(cn=*daptestcomputer)(objectCategory=compuTER))")
739 self.assertEquals(res[0].dn, res6[0].dn)
741 ldb.delete(res[0].dn)
743 print "Testing ldb.search for (&(cn=ldaptest2computer)(objectClass=user))"
744 res = ldb.search(expression="(&(cn=ldaptest2computer)(objectClass=user))")
745 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptest2computer)(objectClass=user))")
747 self.assertEquals(res[0].dn, ("CN=ldaptest2computer,CN=Computers," + self.base_dn))
748 self.assertEquals(res[0]["cn"], "ldaptest2computer")
749 self.assertEquals(res[0]["name"], "ldaptest2computer")
750 self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user", "computer"])
751 self.assertTrue("objectGUID" in res[0])
752 self.assertTrue("whenCreated" in res[0])
753 self.assertEquals(res[0]["objectCategory"][0], "CN=Computer,CN=Schema,CN=Configuration," + self.base_dn)
754 self.assertEquals(int(res[0]["sAMAccountType"][0]), 805306369)
755 self.assertEquals(int(res[0]["userAccountControl"][0]), 4096)
757 ldb.delete(res[0].dn)
759 attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "memberOf"]
760 print "Testing ldb.search for (&(cn=ldaptestUSer2)(objectClass=user))"
761 res = ldb.search(self.base_dn, expression="(&(cn=ldaptestUSer2)(objectClass=user))", scope=SCOPE_SUBTREE, attrs=attrs)
762 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestUSer2)(objectClass=user))")
764 self.assertEquals(res[0].dn, ("CN=ldaptestuser2,CN=Users," + self.base_dn))
765 self.assertEquals(res[0]["cn"], "ldaptestuser2")
766 self.assertEquals(res[0]["name"], "ldaptestuser2")
767 self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"])
768 self.assertTrue("objectGUID" in res[0])
769 self.assertTrue("whenCreated" in res[0])
770 self.assertTrue("nTSecurityDescriptor" in res[0])
771 self.assertEquals(res[0]["memberOf"][0].upper(), ("CN=ldaptestgroup2,CN=Users," + self.base_dn).upper())
773 attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member"]
774 print "Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group))"
775 res = ldb.search(self.base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs)
776 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group))")
778 self.assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + self.base_dn))
779 self.assertEquals(res[0]["cn"], "ldaptestgroup2")
780 self.assertEquals(res[0]["name"], "ldaptestgroup2")
781 self.assertEquals(res[0]["objectClass"], ["top", "group"])
782 self.assertTrue("objectGuid" not in res[0])
783 self.assertTrue("whenCreated" in res[0])
784 self.assertTrue("nTSecurityDescriptor" in res[0])
786 for m in res[0]["member"]:
787 memberUP.append(m.upper())
788 self.assertTrue(("CN=ldaptestuser2,CN=Users," + self.base_dn).upper() in memberUP)
791 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
794 member: CN=ldaptestuser2,CN=Users,""" + self.base_dn + """
795 member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
798 print "Testing Linked attribute behaviours"
800 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
806 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
809 member: CN=ldaptestuser2,CN=Users,""" + self.base_dn + """
810 member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
814 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
820 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
823 member: CN=ldaptestuser2,CN=Users,""" + self.base_dn + """
824 member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
828 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
831 member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
834 res = ldb.search(self.base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs)
835 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group))")
837 self.assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + self.base_dn))
838 self.assertEquals(res[0]["member"][0], ("CN=ldaptestuser2,CN=Users," + self.base_dn))
839 self.assertEquals(len(res[0]["member"]), 1)
841 ldb.delete(("CN=ldaptestuser2,CN=Users," + self.base_dn))
845 attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member"]
846 print "Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete"
847 res = ldb.search(self.base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs)
848 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete")
850 self.assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + self.base_dn))
851 self.assertTrue("member" not in res[0])
853 print "Testing ldb.search for (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))"
854 res = ldb.search(expression="(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))")
855 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))")
857 self.assertEquals(res[0].dn, ("CN=ldaptestutf8user èùéìòà,CN=Users," + self.base_dn))
858 self.assertEquals(res[0]["cn"], "ldaptestutf8user èùéìòà")
859 self.assertEquals(res[0]["name"], "ldaptestutf8user èùéìòà")
860 self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"])
861 self.assertTrue("objectGUID" in res[0])
862 self.assertTrue("whenCreated" in res[0])
864 ldb.delete(res[0].dn)
866 print "Testing ldb.search for (&(cn=ldaptestutf8user2*)(objectClass=user))"
867 res = ldb.search(expression="(&(cn=ldaptestutf8user2*)(objectClass=user))")
868 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestutf8user2*)(objectClass=user))")
870 ldb.delete(res[0].dn)
872 ldb.delete(("CN=ldaptestgroup2,CN=Users," + self.base_dn))
874 print "Testing ldb.search for (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))"
875 res = ldb.search(expression="(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))")
877 #FIXME: self.assert len(res) == 1, "Could not find (expect space collapse, win2k3 fails) (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))"
879 print "Testing that we can't get at the configuration DN from the main search base"
880 res = ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
881 self.assertEquals(len(res), 0)
883 print "Testing that we can get at the configuration DN from the main search base on the LDAP port with the 'phantom root' search_options control"
884 res = ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:2"])
885 self.assertTrue(len(res) > 0)
887 if gc_ldb is not None:
888 print "Testing that we can get at the configuration DN from the main search base on the GC port with the search_options control == 0"
890 res = gc_ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:0"])
891 self.assertTrue(len(res) > 0)
893 print "Testing that we do find configuration elements in the global catlog"
894 res = gc_ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
895 self.assertTrue(len(res) > 0)
897 print "Testing that we do find configuration elements and user elements at the same time"
898 res = gc_ldb.search(self.base_dn, expression="(|(objectClass=crossRef)(objectClass=person))", scope=SCOPE_SUBTREE, attrs=["cn"])
899 self.assertTrue(len(res) > 0)
901 print "Testing that we do find configuration elements in the global catlog, with the configuration basedn"
902 res = gc_ldb.search(self.configuration_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
903 self.assertTrue(len(res) > 0)
905 print "Testing that we can get at the configuration DN on the main LDAP port"
906 res = ldb.search(self.configuration_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
907 self.assertTrue(len(res) > 0)
909 print "Testing objectCategory canonacolisation"
910 res = ldb.search(self.configuration_dn, expression="objectCategory=ntDsDSA", scope=SCOPE_SUBTREE, attrs=["cn"])
911 self.assertTrue(len(res) > 0, "Didn't find any records with objectCategory=ntDsDSA")
912 self.assertTrue(len(res) != 0)
914 res = ldb.search(self.configuration_dn, expression="objectCategory=CN=ntDs-DSA," + self.schema_dn, scope=SCOPE_SUBTREE, attrs=["cn"])
915 self.assertTrue(len(res) > 0, "Didn't find any records with objectCategory=CN=ntDs-DSA," + self.schema_dn)
916 self.assertTrue(len(res) != 0)
918 print "Testing objectClass attribute order on "+ self.base_dn
919 res = ldb.search(expression="objectClass=domain", base=self.base_dn,
920 scope=SCOPE_BASE, attrs=["objectClass"])
921 self.assertEquals(len(res), 1)
923 self.assertEquals(res[0]["objectClass"], ["top", "domain", "domainDNS"])
927 print "Testing ldb.search for objectCategory=person"
928 res = ldb.search(self.base_dn, expression="objectCategory=person", scope=SCOPE_SUBTREE, attrs=["cn"])
929 self.assertTrue(len(res) > 0)
931 print "Testing ldb.search for objectCategory=person with domain scope control"
932 res = ldb.search(self.base_dn, expression="objectCategory=person", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"])
933 self.assertTrue(len(res) > 0)
935 print "Testing ldb.search for objectCategory=user"
936 res = ldb.search(self.base_dn, expression="objectCategory=user", scope=SCOPE_SUBTREE, attrs=["cn"])
937 self.assertTrue(len(res) > 0)
939 print "Testing ldb.search for objectCategory=user with domain scope control"
940 res = ldb.search(self.base_dn, expression="objectCategory=user", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"])
941 self.assertTrue(len(res) > 0)
943 print "Testing ldb.search for objectCategory=group"
944 res = ldb.search(self.base_dn, expression="objectCategory=group", scope=SCOPE_SUBTREE, attrs=["cn"])
945 self.assertTrue(len(res) > 0)
947 print "Testing ldb.search for objectCategory=group with domain scope control"
948 res = ldb.search(self.base_dn, expression="objectCategory=group", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"])
949 self.assertTrue(len(res) > 0)
952 class BaseDnTests(unittest.TestCase):
956 def test_rootdse_attrs(self):
957 """Testing for all rootDSE attributes"""
958 res = self.ldb.search(scope=SCOPE_BASE, attrs=[])
959 self.assertEquals(len(res), 1)
961 def test_highestcommittedusn(self):
962 """Testing for highestCommittedUSN"""
963 res = self.ldb.search("", scope=SCOPE_BASE, attrs=["highestCommittedUSN"])
964 self.assertEquals(len(res), 1)
965 self.assertTrue(int(res[0]["highestCommittedUSN"][0]) != 0)
967 def test_netlogon(self):
968 """Testing for netlogon via LDAP"""
969 res = self.ldb.search("", scope=SCOPE_BASE, attrs=["netlogon"])
970 self.assertEquals(len(res), 0)
972 def test_netlogon_highestcommitted_usn(self):
973 """Testing for netlogon and highestCommittedUSN via LDAP"""
974 res = self.ldb.search("", scope=SCOPE_BASE,
975 attrs=["netlogon", "highestCommittedUSN"])
976 self.assertEquals(len(res), 0)
978 class SchemaTests(unittest.TestCase):
979 def find_schemadn(self, ldb):
980 res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["schemaNamingContext"])
981 self.assertEquals(len(res), 1)
982 return res[0]["schemaNamingContext"][0]
986 self.schema_dn = self.find_schemadn(ldb)
988 def test_generated_schema(self):
989 """Testing we can read the generated schema via LDAP"""
990 res = self.ldb.search("cn=aggregate,"+self.schema_dn, scope=SCOPE_BASE,
991 attrs=["objectClasses", "attributeTypes", "dITContentRules"])
992 self.assertEquals(len(res), 1)
993 self.assertTrue("dITContentRules" in res[0])
994 self.assertTrue("objectClasses" in res[0])
995 self.assertTrue("attributeTypes" in res[0])
997 def test_generated_schema_is_operational(self):
998 """Testing we don't get the generated schema via LDAP by default"""
999 res = self.ldb.search("cn=aggregate,"+self.schema_dn, scope=SCOPE_BASE,
1001 self.assertEquals(len(res), 1)
1002 self.assertFalse("dITContentRules" in res[0])
1003 self.assertFalse("objectClasses" in res[0])
1004 self.assertFalse("attributeTypes" in res[0])
1006 if not "://" in host:
1007 host = "ldap://%s" % host
1009 ldb = Ldb(host, credentials=creds, session_info=system_session(), lp=lp)
1010 gc_ldb = Ldb("%s:3268" % host, credentials=creds,
1011 session_info=system_session(), lp=lp)
1013 runner = SubunitTestRunner()
1015 if not runner.run(unittest.makeSuite(BaseDnTests)).wasSuccessful():
1017 if not runner.run(unittest.makeSuite(BasicTests)).wasSuccessful():
1019 if not runner.run(unittest.makeSuite(SchemaTests)).wasSuccessful():