2 exec smbscript "$0" ${1+"$@"}
4 test certin LDAP behaviours
8 var gc_ldb = ldb_init();
10 var options = GetOptions(ARGV,
13 "POPT_COMMON_CREDENTIALS");
14 if (options == undefined) {
15 println("Failed to parse options");
19 libinclude("base.js");
21 if (options.ARGV.length != 1) {
22 println("Usage: ldap.js <HOST>");
26 var host = options.ARGV[0];
28 function basic_tests(ldb, gc_ldb, base_dn, configuration_dn)
30 println("Running basic tests");
32 ldb.del("cn=ldaptestuser,cn=users," + base_dn);
35 dn: cn=ldaptestuser,cn=users," + base_dn + "
41 ok = ldb.del("cn=ldaptestuser,cn=users," + base_dn);
43 println(ldb.errstring());
47 dn: cn=ldaptestuser,cn=users," + base_dn + "
53 println(ldb.errstring());
59 dn: cn=ldaptestcomputer,cn=computers," + base_dn + "
64 ok = ldb.del("cn=ldaptestcomputer,cn=computers," + base_dn);
66 println(ldb.errstring());
70 dn: cn=ldaptestcomputer,cn=computers," + base_dn + "
75 println(ldb.errstring());
81 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
84 userAccountControl: 4096
87 ok = ldb.del("cn=ldaptest2computer,cn=computers," + base_dn);
89 println(ldb.errstring());
93 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
96 userAccountControl: 4096
99 println(ldb.errstring());
105 dn: cn=ldaptestuser2,cn=users," + base_dn + "
111 ok = ldb.del("cn=ldaptestuser2,cn=users," + base_dn);
113 println(ldb.errstring());
117 dn: cn=ldaptestuser2,cn=users," + base_dn + "
123 println(ldb.errstring());
129 dn: cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn + "
133 ok = ldb.del("cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn);
135 println(ldb.errstring());
139 dn: cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn + "
143 println(ldb.errstring());
149 dn: cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn + "
153 ok = ldb.del("cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn);
155 println(ldb.errstring());
159 dn: cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn + "
163 println(ldb.errstring());
168 println("Testing ldb.search for (&(cn=ldaptestuser)(objectClass=user))");
169 var res = ldb.search("(&(cn=ldaptestuser)(objectClass=user))");
170 if (res.length != 1) {
171 println("Could not find (&(cn=ldaptestuser)(objectClass=user))");
172 assert(res.length == 1);
175 assert(res[0].dn == "cn=ldaptestuser,cn=users," + base_dn);
176 assert(res[0].cn == "ldaptestuser");
177 assert(res[0].name == "ldaptestuser");
178 assert(res[0].objectClass[0] == "top");
179 assert(res[0].objectClass[1] == "person");
180 assert(res[0].objectClass[2] == "organizationalPerson");
181 assert(res[0].objectClass[3] == "user");
182 assert(res[0].objectGUID != undefined);
183 assert(res[0].whenCreated != undefined);
184 assert(res[0].objectCategory == "cn=Person,cn=Schema,cn=Configuration," + base_dn);
185 assert(res[0].sAMAccountType == 805306368);
186 // assert(res[0].userAccountControl == 546);
188 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
189 var res2 = ldb.search("(&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
190 if (res2.length != 1) {
191 println("Could not find (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
192 assert(res2.length == 1);
195 assert(res[0].dn == res2[0].dn);
197 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon))");
198 var res3 = ldb.search("(&(cn=ldaptestuser)(objectCategory=PerSon))");
199 if (res3.length != 1) {
200 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon))");
201 assert(res3.length == 1);
204 assert(res[0].dn == res3[0].dn);
206 if (gc_ldb != undefined) {
207 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog");
208 var res3gc = gc_ldb.search("(&(cn=ldaptestuser)(objectCategory=PerSon))");
209 if (res3gc.length != 1) {
210 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog");
211 assert(res3gc.length == 1);
214 assert(res[0].dn == res3gc[0].dn);
217 ok = ldb.del(res[0].dn);
219 println(ldb.errstring());
223 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectClass=user))");
224 var res = ldb.search("(&(cn=ldaptestcomputer)(objectClass=user))");
225 if (res.length != 1) {
226 println("Could not find (&(cn=ldaptestuser)(objectClass=user))");
227 assert(res.length == 1);
230 assert(res[0].dn == "cn=ldaptestcomputer,cn=computers," + base_dn);
231 assert(res[0].cn == "ldaptestcomputer");
232 assert(res[0].name == "ldaptestcomputer");
233 assert(res[0].objectClass[0] == "top");
234 assert(res[0].objectClass[1] == "person");
235 assert(res[0].objectClass[2] == "organizationalPerson");
236 assert(res[0].objectClass[3] == "user");
237 assert(res[0].objectClass[4] == "computer");
238 assert(res[0].objectGUID != undefined);
239 assert(res[0].whenCreated != undefined);
240 assert(res[0].objectCategory == "cn=Computer,cn=Schema,cn=Configuration," + base_dn);
241 // assert(res[0].sAMAccountType == 805306368);
242 // assert(res[0].userAccountControl == 546);
244 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
245 var res2 = ldb.search("(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
246 if (res2.length != 1) {
247 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
248 assert(res2.length == 1);
251 assert(res[0].dn == res2[0].dn);
253 if (gc_ldb != undefined) {
254 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + ")) in Global Catlog");
255 var res2gc = gc_ldb.search("(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
256 if (res2gc.length != 1) {
257 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + ")) in Global Catlog");
258 assert(res2gc.length == 1);
261 assert(res[0].dn == res2gc[0].dn);
264 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER))");
265 var res3 = ldb.search("(&(cn=ldaptestcomputer)(objectCategory=compuTER))");
266 if (res3.length != 1) {
267 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER))");
268 assert(res3.length == 1);
271 assert(res[0].dn == res3[0].dn);
273 if (gc_ldb != undefined) {
274 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog");
275 var res3gc = gc_ldb.search("(&(cn=ldaptestcomputer)(objectCategory=compuTER))");
276 if (res3gc.length != 1) {
277 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog");
278 assert(res3gc.length == 1);
281 assert(res[0].dn == res3gc[0].dn);
284 println("Testing ldb.search for (&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
285 var res4 = ldb.search("(&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
286 if (res4.length != 1) {
287 println("Could not find (&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
288 assert(res4.length == 1);
291 assert(res[0].dn == res4[0].dn);
293 println("Testing ldb.search for (&(cn=ldaptestcomput*)(objectCategory=compuTER))");
294 var res5 = ldb.search("(&(cn=ldaptestcomput*)(objectCategory=compuTER))");
295 if (res5.length != 1) {
296 println("Could not find (&(cn=ldaptestcomput*)(objectCategory=compuTER))");
297 assert(res5.length == 1);
300 assert(res[0].dn == res5[0].dn);
302 println("Testing ldb.search for (&(cn=*daptestcomputer)(objectCategory=compuTER))");
303 var res6 = ldb.search("(&(cn=*daptestcomputer)(objectCategory=compuTER))");
304 if (res6.length != 1) {
305 println("Could not find (&(cn=*daptestcomputer)(objectCategory=compuTER))");
306 assert(res6.length == 1);
309 assert(res[0].dn == res6[0].dn);
311 ok = ldb.del(res[0].dn);
313 println(ldb.errstring());
317 println("Testing ldb.search for (&(cn=ldaptest2computer)(objectClass=user))");
318 var res = ldb.search("(&(cn=ldaptest2computer)(objectClass=user))");
319 if (res.length != 1) {
320 println("Could not find (&(cn=ldaptest2computer)(objectClass=user))");
321 assert(res.length == 1);
324 assert(res[0].dn == "cn=ldaptest2computer,cn=computers," + base_dn);
325 assert(res[0].cn == "ldaptest2computer");
326 assert(res[0].name == "ldaptest2computer");
327 assert(res[0].objectClass[0] == "top");
328 assert(res[0].objectClass[1] == "person");
329 assert(res[0].objectClass[2] == "organizationalPerson");
330 assert(res[0].objectClass[3] == "user");
331 assert(res[0].objectClass[4] == "computer");
332 assert(res[0].objectGUID != undefined);
333 assert(res[0].whenCreated != undefined);
334 assert(res[0].objectCategory == "cn=Computer,cn=Schema,cn=Configuration," + base_dn);
335 assert(res[0].sAMAccountType == 805306369);
336 // assert(res[0].userAccountControl == 4098);
339 println("Testing ldb.search for (&(cn=ldaptestUSer2)(objectClass=user))");
340 var res = ldb.search("(&(cn=ldaptestUSer2)(objectClass=user))");
341 if (res.length != 1) {
342 println("Could not find (&(cn=ldaptestUSer2)(objectClass=user))");
343 assert(res.length == 1);
346 assert(res[0].dn == "cn=ldaptestuser2,cn=users," + base_dn);
347 assert(res[0].cn == "ldaptestuser2");
348 assert(res[0].name == "ldaptestuser2");
349 assert(res[0].objectClass[0] == "top");
350 assert(res[0].objectClass[1] == "person");
351 assert(res[0].objectClass[2] == "organizationalPerson");
352 assert(res[0].objectClass[3] == "user");
353 assert(res[0].objectGUID != undefined);
354 assert(res[0].whenCreated != undefined);
356 ok = ldb.del(res[0].dn);
358 println(ldb.errstring());
362 println("Testing ldb.search for (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
363 var res = ldb.search("(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
365 if (res.length != 1) {
366 println("Could not find (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
367 assert(res.length == 1);
370 assert(res[0].dn == "cn=ldaptestutf8user èùéìòà,cn=users," + base_dn);
371 assert(res[0].cn == "ldaptestutf8user èùéìòà");
372 assert(res[0].name == "ldaptestutf8user èùéìòà");
373 assert(res[0].objectClass[0] == "top");
374 assert(res[0].objectClass[1] == "person");
375 assert(res[0].objectClass[2] == "organizationalPerson");
376 assert(res[0].objectClass[3] == "user");
377 assert(res[0].objectGUID != undefined);
378 assert(res[0].whenCreated != undefined);
380 ok = ldb.del(res[0].dn);
382 println(ldb.errstring());
386 println("Testing ldb.search for (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))");
387 var res = ldb.search("(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
389 if (res.length != 1) {
390 println("Could not find (expect space collapse, win2k3 fails) (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))");
392 assert(res[0].dn == "cn=ldaptestutf8user2 èùéìòà,cn=users," + base_dn);
393 assert(res[0].cn == "ldaptestutf8user2 èùéìòà");
396 println("Testing that we can't get at the configuration DN from the main search base");
397 var attrs = new Array("cn");
398 var res = ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs);
399 assert (res.length == 0);
401 if (gc_ldb != undefined) {
402 println("Testing that we do find configuration elements in the global catlog");
403 var attrs = new Array("cn");
404 var res = gc_ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs);
405 assert (res.length > 0);
407 println("Testing that we do find configuration elements and user elements at the same time");
408 var attrs = new Array("cn");
409 var res = gc_ldb.search("(|(objectClass=crossRef)(objectClass=person))", base_dn, ldb.SCOPE_SUBTREE, attrs);
410 assert (res.length > 0);
412 println("Testing that we do find configuration elements in the global catlog, with the configuration basedn");
413 var attrs = new Array("cn");
414 var res = gc_ldb.search("objectClass=crossRef", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
415 assert (res.length > 0);
418 println("Testing that we can get at the configuration DN on the main LDAP port");
419 var attrs = new Array("cn");
420 var res = ldb.search("objectClass=crossRef", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
421 assert (res.length > 0);
425 function basedn_tests(ldb, gc_ldb)
427 println("Testing for all rootDSE attributes");
428 var attrs = new Array();
429 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
430 assert(res.length == 1);
432 println("Testing for highestCommittedUSN");
433 var attrs = new Array("highestCommittedUSN");
434 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
435 assert(res.length == 1);
436 assert(res[0].highestCommittedUSN != undefined);
437 assert(res[0].highestCommittedUSN != 0);
439 println("Testing for netlogon via LDAP");
440 var attrs = new Array("netlogon");
441 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
442 assert(res.length == 0);
444 println("Testing for netlogon and highestCommittedUSN via LDAP");
445 var attrs = new Array("netlogon", "highestCommittedUSN");
446 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
447 assert(res.length == 0);
450 function find_basedn(ldb)
452 var attrs = new Array("defaultNamingContext");
453 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
454 assert(res.length == 1);
455 return res[0].defaultNamingContext;
458 function find_configurationdn(ldb)
460 var attrs = new Array("configurationNamingContext");
461 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
462 assert(res.length == 1);
463 return res[0].configurationNamingContext;
466 /* use command line creds if available */
467 ldb.credentials = options.get_credentials();
468 gc_ldb.credentials = options.get_credentials();
470 var ok = ldb.connect("ldap://" + host);
471 var base_dn = find_basedn(ldb);
472 var configuration_dn = find_configurationdn(ldb);
474 printf("baseDN: %s\n", base_dn);
476 var ok = gc_ldb.connect("ldap://" + host + ":3268");
481 basic_tests(ldb, gc_ldb, base_dn, configuration_dn)
483 basedn_tests(ldb, gc_ldb)