2 exec smbscript "$0" ${1+"$@"}
4 test certin LDAP behaviours
8 var gc_ldb = ldb_init();
10 var options = GetOptions(ARGV,
13 "POPT_COMMON_CREDENTIALS");
14 if (options == undefined) {
15 println("Failed to parse options");
19 libinclude("base.js");
21 if (options.ARGV.length != 1) {
22 println("Usage: ldap.js <HOST>");
26 var host = options.ARGV[0];
28 function basic_tests(ldb, gc_ldb, base_dn, configuration_dn, schema_dn)
30 println("Running basic tests");
32 ldb.del("cn=ldaptestuser,cn=users," + base_dn);
35 dn: cn=ldaptestuser,cn=uSers," + base_dn + "
41 ok = ldb.del("cn=ldaptestuser,cn=users," + base_dn);
44 assert(ok.error == 0);
47 dn: cn=ldaptestuser,cn=uSers," + base_dn + "
54 assert(ok.error == 0);
59 dn: cn=ldaptestcomputer,cn=computers," + base_dn + "
64 ok = ldb.del("cn=ldaptestcomputer,cn=computers," + base_dn);
67 assert(ok.error == 0);
70 dn: cn=ldaptestcomputer,cn=computers," + base_dn + "
76 assert(ok.error == 0);
81 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
84 userAccountControl: 4096
87 ok = ldb.del("cn=ldaptest2computer,cn=computers," + base_dn);
90 assert(ok.error == 0);
93 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
96 userAccountControl: 4096
100 assert(ok.error == 0);
105 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
107 replace: servicePrincipalName
108 servicePrincipalName: host/ldaptest2computer
109 servicePrincipalName: host/ldaptest2computer
110 servicePrincipalName: cifs/ldaptest2computer
113 //LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
114 if (ok.error != 20) {
115 println("Expected error LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS, got :" + ok.errstr);
116 assert(ok.error == 20);
120 dn: cn=ldaptestuser2,cn=useRs," + base_dn + "
126 ok = ldb.del("cn=ldaptestuser2,cn=users," + base_dn);
129 assert(ok.error == 0);
132 dn: cn=ldaptestuser2,cn=useRs," + base_dn + "
139 assert(ok.error == 0);
143 ok = ldb.del("cn=ldaptestuser3,cn=users," + base_dn);
145 println("Testing Renames");
147 ok = ldb.rename("cn=ldaptestuser2,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn);
149 println("Could not rename cn=ldaptestuser2,cn=users," + base_dn + " into cn=ldaptestuser3,cn=users," + base_dn + ": " + ok.errstr);
150 assert(ok.error == 0);
153 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn);
155 println("Could not rename cn=ldaptestuser3,cn=users," + base_dn + " onto itself: " + ok.errstr);
156 assert(ok.error == 0);
159 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestUSER3,cn=users," + base_dn);
161 println("Could not rename cn=ldaptestuser3,cn=users," + base_dn + " into cn=ldaptestUSER3,cn=users," + base_dn + ": " + ok.errstr);
162 assert(ok.error == 0);
165 println("Testing ldb.search for (&(cn=ldaptestuser3)(objectClass=user))");
166 var res = ldb.search("(&(cn=ldaptestuser3)(objectClass=user))");
167 if (res.error != 0 || res.msgs.length != 1) {
168 println("Could not find (&(cn=ldaptestuser3)(objectClass=user))");
169 assert(res.error == 0);
170 assert(res.msgs.length == 1);
173 assert(res.msgs[0].dn == ("CN=ldaptestUSER3,CN=Users," + base_dn));
174 assert(res.msgs[0].cn == "ldaptestUSER3");
175 assert(res.msgs[0].name == "ldaptestUSER3");
177 // ensure we cannot add it again
179 dn: cn=ldaptestuser3,cn=userS," + base_dn + "
184 //LDB_ERR_ENTRY_ALREADY_EXISTS
185 if (ok.error != 68) {
186 println("expected error LDB_ERR_ENTRY_ALREADY_EXISTS, got: " + ok.errstr);
187 assert(ok.error == 68);
191 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser2,cn=users," + base_dn);
194 assert(ok.error == 0);
197 // ensure we cannnot rename it twice
198 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser2,cn=users," + base_dn);
199 //LDB_ERR_NO_SUCH_OBJECT
200 assert(ok.error == 32);
202 // ensure can now use that name
204 dn: cn=ldaptestuser3,cn=users," + base_dn + "
210 // ensure we now cannnot rename
211 ok = ldb.rename("cn=ldaptestuser2,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn);
212 //LDB_ERR_ENTRY_ALREADY_EXISTS
213 if (ok.error != 68) {
214 println("expected error LDB_ERR_ENTRY_ALREADY_EXISTS, got: " + ok.errstr);
215 assert(ok.error == 68);
217 assert(ok.error == 68);
218 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser3,cn=configuration," + base_dn);
219 if (ok.error != 71 && ok.error != 64) {
220 println("expected error LDB_ERR_ENTRY_ALREADY_EXISTS or LDAP_NAMING_VIOLATION, got: " + ok.errstr);
221 assert(ok.error == 71 || ok.error == 64);
223 assert(ok.error == 71 || ok.error == 64);
225 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser5,cn=users," + base_dn);
228 assert(ok.error == 0);
231 ok = ldb.del("cn=ldaptestuser5,cn=users," + base_dn);
233 println("Testing subtree Renames");
236 dn: cn=ldaptestcontainer," + base_dn + "
237 objectClass: container
241 dn: CN=ldaptestuser4,CN=ldaptestcontainer," + base_dn + "
247 ok = ldb.del("cn=ldaptestuser4,cn=ldaptestcontainer," + base_dn);
250 assert(ok.error == 0);
253 dn: CN=ldaptestuser4,CN=ldaptestcontainer," + base_dn + "
260 assert(ok.error == 0);
264 println("Testing ldb.rename of cn=ldaptestcontainer," + base_dn + " to cn=ldaptestcontainer2," + base_dn);
265 ok = ldb.rename("CN=ldaptestcontainer," + base_dn, "CN=ldaptestcontainer2," + base_dn);
268 assert(ok.error == 0);
271 println("Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user))");
272 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))");
273 if (res.error != 0 || res.msgs.length != 1) {
274 println("Could not find (&(cn=ldaptestuser4)(objectClass=user))");
275 assert(res.error == 0);
276 assert(res.msgs.length == 1);
279 assert(res.msgs[0].dn == ("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn));
281 println("Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in renamed container");
282 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))", "cn=ldaptestcontainer2," + base_dn, ldb.SCOPE_SUBTREE);
283 if (res.error != 0 || res.msgs.length != 1) {
284 println("Could not find (&(cn=ldaptestuser4)(objectClass=user)) under cn=ldaptestcontainer2," + base_dn);
285 assert(res.error == 0);
286 assert(res.msgs.length == 1);
289 assert(res.msgs[0].dn == ("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn));
291 println("Testing ldb.rename (into itself) of cn=ldaptestcontainer2," + base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer2," + base_dn);
292 ok = ldb.rename("cn=ldaptestcontainer2," + base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer2," + base_dn);
293 if (ok.error != 53) { /* LDAP_UNWILLING_TO_PERFORM */
295 assert(ok.error == 53);
298 println("Testing ldb.rename (into non-existent container) of cn=ldaptestcontainer2," + base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer3," + base_dn);
299 ok = ldb.rename("cn=ldaptestcontainer2," + base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer3," + base_dn);
300 if (ok.error != 53 && ok.error != 80) { /* LDAP_UNWILLING_TO_PERFORM or LDAP_OTHER*/
302 assert(ok.error == 53 || ok.error == 80);
305 println("Testing delete (should fail, not a leaf node) of renamed cn=ldaptestcontainer2," + base_dn);
306 ok = ldb.del("cn=ldaptestcontainer2," + base_dn);
307 if (ok.error != 66) { /* LDB_ERR_NOT_ALLOWED_ON_NON_LEAF */
309 assert(ok.error == 66);
311 println("Testing delete of subtree renamed "+res.msgs[0].dn);
312 ok = ldb.del(res.msgs[0].dn);
315 assert(ok.error == 0);
317 println("Testing delete of renamed cn=ldaptestcontainer2," + base_dn);
318 ok = ldb.del("cn=ldaptestcontainer2," + base_dn);
321 assert(ok.error == 0);
325 dn: cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn + "
329 ok = ldb.del("cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn);
332 assert(ok.error == 0);
335 dn: cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn + "
340 assert(ok.error == 0);
345 dn: cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn + "
349 ok = ldb.del("cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn);
352 assert(ok.error == 0);
355 dn: cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn + "
360 assert(ok.error == 0);
364 println("Testing ldb.search for (&(cn=ldaptestuser)(objectClass=user))");
365 var res = ldb.search("(&(cn=ldaptestuser)(objectClass=user))");
366 if (res.error != 0 || res.msgs.length != 1) {
367 println("Could not find (&(cn=ldaptestuser)(objectClass=user))");
368 assert(res.error == 0);
369 assert(res.msgs.length == 1);
372 assert(res.msgs[0].dn == ("CN=ldaptestuser,CN=Users," + base_dn));
373 assert(res.msgs[0].cn == "ldaptestuser");
374 assert(res.msgs[0].name == "ldaptestuser");
375 assert(res.msgs[0].objectClass[0] == "top");
376 assert(res.msgs[0].objectClass[1] == "person");
377 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
378 assert(res.msgs[0].objectClass[3] == "user");
379 assert(res.msgs[0].objectGUID != undefined);
380 assert(res.msgs[0].whenCreated != undefined);
381 assert(res.msgs[0].objectCategory == ("CN=Person,CN=Schema,CN=Configuration," + base_dn));
382 assert(res.msgs[0].sAMAccountType == 805306368);
383 // assert(res[0].userAccountControl == 546);
385 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
386 var res2 = ldb.search("(&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
387 if (res2.error != 0 || res2.msgs.length != 1) {
388 println("Could not find (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
389 assert(res2.error == 0);
390 assert(res2.msgs.length == 1);
393 assert(res.msgs[0].dn == res2.msgs[0].dn);
395 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon))");
396 var res3 = ldb.search("(&(cn=ldaptestuser)(objectCategory=PerSon))");
397 if (res3.error != 0) {
398 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)): " + res3.errstr);
399 assert(res3.error == 0);
400 } else if (res3.msgs.length != 1) {
401 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)): matched " + res3.msgs.length);
402 assert(res3.msgs.length == 1);
405 assert(res.msgs[0].dn == res3.msgs[0].dn);
407 if (gc_ldb != undefined) {
408 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog");
409 var res3gc = gc_ldb.search("(&(cn=ldaptestuser)(objectCategory=PerSon))");
410 if (res3gc.error != 0) {
411 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog: " + res3gc.errstr);
412 assert(res3gc.error == 0);
413 } else if (res3gc.msgs.length != 1) {
414 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog: matched " + res3gc.msgs.length);
415 assert(res3gc.msgs.length == 1);
418 assert(res.msgs[0].dn == res3gc.msgs[0].dn);
421 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in with 'phantom root' control");
422 var attrs = new Array("cn");
423 var controls = new Array("search_options:1:2");
424 var res3control = gc_ldb.search("(&(cn=ldaptestuser)(objectCategory=PerSon))", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
425 if (res3control.error != 0 || res3control.msgs.length != 1) {
426 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog");
427 assert(res3control.error == 0);
428 assert(res3control.msgs.length == 1);
431 assert(res.msgs[0].dn == res3control.msgs[0].dn);
433 ok = ldb.del(res.msgs[0].dn);
436 assert(ok.error == 0);
439 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectClass=user))");
440 var res = ldb.search("(&(cn=ldaptestcomputer)(objectClass=user))");
441 if (res.error != 0 || res.msgs.length != 1) {
442 println("Could not find (&(cn=ldaptestuser)(objectClass=user))");
443 assert(res.error == 0);
444 assert(res.msgs.length == 1);
447 assert(res.msgs[0].dn == ("CN=ldaptestcomputer,CN=Computers," + base_dn));
448 assert(res.msgs[0].cn == "ldaptestcomputer");
449 assert(res.msgs[0].name == "ldaptestcomputer");
450 assert(res.msgs[0].objectClass[0] == "top");
451 assert(res.msgs[0].objectClass[1] == "person");
452 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
453 assert(res.msgs[0].objectClass[3] == "user");
454 assert(res.msgs[0].objectClass[4] == "computer");
455 assert(res.msgs[0].objectGUID != undefined);
456 assert(res.msgs[0].whenCreated != undefined);
457 assert(res.msgs[0].objectCategory == ("CN=Computer,CN=Schema,CN=Configuration," + base_dn));
458 assert(res.msgs[0].primaryGroupID == 513);
459 // assert(res.msgs[0].sAMAccountType == 805306368);
460 // assert(res.msgs[0].userAccountControl == 546);
462 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
463 var res2 = ldb.search("(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
464 if (res2.error != 0 || res2.msgs.length != 1) {
465 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
466 assert(res2.error == 0);
467 assert(res2.msgs.length == 1);
470 assert(res.msgs[0].dn == res2.msgs[0].dn);
472 if (gc_ldb != undefined) {
473 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + ")) in Global Catlog");
474 var res2gc = gc_ldb.search("(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
475 if (res2gc.error != 0 || res2gc.msgs.length != 1) {
476 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + ")) in Global Catlog");
477 assert(res2gc.error == 0);
478 assert(res2gc.msgs.length == 1);
481 assert(res.msgs[0].dn == res2gc.msgs[0].dn);
484 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER))");
485 var res3 = ldb.search("(&(cn=ldaptestcomputer)(objectCategory=compuTER))");
486 if (res3.error != 0 || res3.msgs.length != 1) {
487 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER))");
488 assert(res3.error == 0);
489 assert(res3.msgs.length == 1);
492 assert(res.msgs[0].dn == res3.msgs[0].dn);
494 if (gc_ldb != undefined) {
495 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog");
496 var res3gc = gc_ldb.search("(&(cn=ldaptestcomputer)(objectCategory=compuTER))");
497 if (res3gc.error != 0 || res3gc.msgs.length != 1) {
498 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog");
499 assert(res3gc.error == 0);
500 assert(res3gc.msgs.length == 1);
503 assert(res.msgs[0].dn == res3gc.msgs[0].dn);
506 println("Testing ldb.search for (&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
507 var res4 = ldb.search("(&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
508 if (res4.error != 0 || res4.msgs.length != 1) {
509 println("Could not find (&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
510 assert(res4.error == 0);
511 assert(res4.msgs.length == 1);
514 assert(res.msgs[0].dn == res4.msgs[0].dn);
516 println("Testing ldb.search for (&(cn=ldaptestcomput*)(objectCategory=compuTER))");
517 var res5 = ldb.search("(&(cn=ldaptestcomput*)(objectCategory=compuTER))");
518 if (res5.error != 0 || res5.msgs.length != 1) {
519 println("Could not find (&(cn=ldaptestcomput*)(objectCategory=compuTER))");
520 assert(res5.error == 0);
521 assert(res5.msgs.length == 1);
524 assert(res.msgs[0].dn == res5.msgs[0].dn);
526 println("Testing ldb.search for (&(cn=*daptestcomputer)(objectCategory=compuTER))");
527 var res6 = ldb.search("(&(cn=*daptestcomputer)(objectCategory=compuTER))");
528 if (res6.error != 0 || res6.msgs.length != 1) {
529 println("Could not find (&(cn=*daptestcomputer)(objectCategory=compuTER))");
530 assert(res6.error == 0);
531 assert(res6.msgs.length == 1);
534 assert(res.msgs[0].dn == res6.msgs[0].dn);
536 ok = ldb.del(res.msgs[0].dn);
539 assert(ok.error == 0);
542 println("Testing ldb.search for (&(cn=ldaptest2computer)(objectClass=user))");
543 var res = ldb.search("(&(cn=ldaptest2computer)(objectClass=user))");
544 if (res.error != 0 || res.msgs.length != 1) {
545 println("Could not find (&(cn=ldaptest2computer)(objectClass=user))");
546 assert(res.error == 0);
547 assert(res.msgs.length == 1);
550 assert(res.msgs[0].dn == ("CN=ldaptest2computer,CN=Computers," + base_dn));
551 assert(res.msgs[0].cn == "ldaptest2computer");
552 assert(res.msgs[0].name == "ldaptest2computer");
553 assert(res.msgs[0].objectClass[0] == "top");
554 assert(res.msgs[0].objectClass[1] == "person");
555 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
556 assert(res.msgs[0].objectClass[3] == "user");
557 assert(res.msgs[0].objectClass[4] == "computer");
558 assert(res.msgs[0].objectGUID != undefined);
559 assert(res.msgs[0].whenCreated != undefined);
560 assert(res.msgs[0].objectCategory == "cn=Computer,cn=Schema,cn=Configuration," + base_dn);
561 assert(res.msgs[0].sAMAccountType == 805306369);
562 // assert(res.msgs[0].userAccountControl == 4098);
565 var attrs = new Array("cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor");
566 println("Testing ldb.search for (&(cn=ldaptestUSer2)(objectClass=user))");
567 var res = ldb.search("(&(cn=ldaptestUSer2)(objectClass=user))", base_dn, ldb.SCOPE_SUBTREE, attrs);
568 if (res.error != 0 || res.msgs.length != 1) {
569 println("Could not find (&(cn=ldaptestUSer2)(objectClass=user))");
570 assert(res.error == 0);
571 assert(res.msgs.length == 1);
574 assert(res.msgs[0].dn == ("CN=ldaptestuser2,CN=Users," + base_dn));
575 assert(res.msgs[0].cn == "ldaptestuser2");
576 assert(res.msgs[0].name == "ldaptestuser2");
577 assert(res.msgs[0].objectClass[0] == "top");
578 assert(res.msgs[0].objectClass[1] == "person");
579 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
580 assert(res.msgs[0].objectClass[3] == "user");
581 assert(res.msgs[0].objectGUID != undefined);
582 assert(res.msgs[0].whenCreated != undefined);
583 assert(res.msgs[0].nTSecurityDescriptor != undefined);
586 ok = ldb.del(res.msgs[0].dn);
589 assert(ok.error == 0);
592 println("Testing ldb.search for (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
593 var res = ldb.search("(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
595 if (res.error != 0 || res.msgs.length != 1) {
596 println("Could not find (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
597 assert(res.error == 0);
598 assert(res.msgs.length == 1);
601 assert(res.msgs[0].dn == ("CN=ldaptestutf8user èùéìòà,CN=Users," + base_dn));
602 assert(res.msgs[0].cn == "ldaptestutf8user èùéìòà");
603 assert(res.msgs[0].name == "ldaptestutf8user èùéìòà");
604 assert(res.msgs[0].objectClass[0] == "top");
605 assert(res.msgs[0].objectClass[1] == "person");
606 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
607 assert(res.msgs[0].objectClass[3] == "user");
608 assert(res.msgs[0].objectGUID != undefined);
609 assert(res.msgs[0].whenCreated != undefined);
611 ok = ldb.del(res.msgs[0].dn);
614 assert(ok.error == 0);
617 println("Testing ldb.search for (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))");
618 var res = ldb.search("(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
620 if (res.error != 0 || res.msgs.length != 1) {
621 println("Could not find (expect space collapse, win2k3 fails) (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))");
623 assert(res.msgs[0].dn == ("cn=ldaptestutf8user2 èùéìòà,cn=users," + base_dn));
624 assert(res.msgs[0].cn == "ldaptestutf8user2 èùéìòà");
627 println("Testing that we can't get at the configuration DN from the main search base");
628 var attrs = new Array("cn");
629 var res = ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs);
630 assert(res.error == 0);
631 if (res.msgs.length != 0) {
632 println("Got configuration DN " + res.msgs[0].dn + " which should not be able to be seen from main search base");
634 assert(res.msgs.length == 0);
636 println("Testing that we can get at the configuration DN from the main search base on the LDAP port with the 'phantom root' search_options control");
637 var attrs = new Array("cn");
638 var controls = new Array("search_options:1:2");
639 var res = ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
640 assert(res.error == 0);
641 assert(res.msgs.length > 0);
643 if (gc_ldb != undefined) {
644 println("Testing that we can get at the configuration DN from the main search base on the GC port with the search_options control == 0");
645 var attrs = new Array("cn");
646 var controls = new Array("search_options:1:0");
647 var res = gc_ldb.search("objectClass=crossRef", base_dn, gc_ldb.SCOPE_SUBTREE, attrs, controls);
648 assert(res.error == 0);
649 assert(res.msgs.length > 0);
651 println("Testing that we do find configuration elements in the global catlog");
652 var attrs = new Array("cn");
653 var res = gc_ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs);
654 assert(res.error == 0);
655 assert (res.msgs.length > 0);
657 println("Testing that we do find configuration elements and user elements at the same time");
658 var attrs = new Array("cn");
659 var res = gc_ldb.search("(|(objectClass=crossRef)(objectClass=person))", base_dn, ldb.SCOPE_SUBTREE, attrs);
660 assert(res.error == 0);
661 assert (res.msgs.length > 0);
663 println("Testing that we do find configuration elements in the global catlog, with the configuration basedn");
664 var attrs = new Array("cn");
665 var res = gc_ldb.search("objectClass=crossRef", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
666 assert(res.error == 0);
667 assert (res.msgs.length > 0);
670 println("Testing that we can get at the configuration DN on the main LDAP port");
671 var attrs = new Array("cn");
672 var res = ldb.search("objectClass=crossRef", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
673 assert(res.error == 0);
674 assert (res.msgs.length > 0);
676 println("Testing objectCategory canonacolisation");
677 var attrs = new Array("cn");
678 var res = ldb.search("objectCategory=ntDsDSA", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
679 assert(res.error == 0);
680 if (res.msgs.length == 0) {
681 println("Didn't find any records with objectCategory=ntDsDSA");
683 assert(res.msgs.length != 0);
685 var attrs = new Array("cn");
686 var res = ldb.search("objectCategory=CN=ntDs-DSA," + schema_dn, configuration_dn, ldb.SCOPE_SUBTREE, attrs);
687 assert(res.error == 0);
688 if (res.msgs.length == 0) {
689 println("Didn't find any records with objectCategory=CN=ntDs-DSA," + schema_dn);
691 assert(res.msgs.length != 0);
693 println("Testing objectClass attribute order on "+ base_dn);
694 var attrs = new Array("objectClass");
695 var res = ldb.search("objectClass=domain", base_dn, ldb.SCOPE_BASE, attrs);
696 assert(res.error == 0);
697 assert(res.msgs.length == 1);
699 assert(res.msgs[0].objectClass[0] == "top");
700 assert(res.msgs[0].objectClass[1] == "domain");
701 assert(res.msgs[0].objectClass[2] == "domainDNS");
705 var attrs = new Array("cn");
706 println("Testing ldb.search for objectCategory=person");
707 var res = ldb.search("objectCategory=person", base_dn, ldb.SCOPE_SUBTREE, attrs);
708 assert(res.error == 0);
709 assert(res.msgs.length > 0);
711 var attrs = new Array("cn");
712 var controls = new Array("domain_scope:1");
713 println("Testing ldb.search for objectCategory=person with domain scope control");
714 var res = ldb.search("objectCategory=person", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
715 assert(res.error == 0);
716 assert(res.msgs.length > 0);
718 var attrs = new Array("cn");
719 println("Testing ldb.search for objectCategory=user");
720 var res = ldb.search("objectCategory=user", base_dn, ldb.SCOPE_SUBTREE, attrs);
721 assert(res.error == 0);
722 assert(res.msgs.length > 0);
724 var attrs = new Array("cn");
725 var controls = new Array("domain_scope:1");
726 println("Testing ldb.search for objectCategory=user with domain scope control");
727 var res = ldb.search("objectCategory=user", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
728 assert(res.error == 0);
729 assert(res.msgs.length > 0);
731 var attrs = new Array("cn");
732 println("Testing ldb.search for objectCategory=group");
733 var res = ldb.search("objectCategory=group", base_dn, ldb.SCOPE_SUBTREE, attrs);
734 assert(res.error == 0);
735 assert(res.msgs.length > 0);
737 var attrs = new Array("cn");
738 var controls = new Array("domain_scope:1");
739 println("Testing ldb.search for objectCategory=group with domain scope control");
740 var res = ldb.search("objectCategory=group", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
741 assert(res.error == 0);
742 assert(res.msgs.length > 0);
746 function basedn_tests(ldb, gc_ldb)
748 println("Testing for all rootDSE attributes");
749 var attrs = new Array();
750 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
751 assert(res.error == 0);
752 assert(res.msgs.length == 1);
754 println("Testing for highestCommittedUSN");
755 var attrs = new Array("highestCommittedUSN");
756 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
757 assert(res.error == 0);
758 assert(res.msgs.length == 1);
759 assert(res.msgs[0].highestCommittedUSN != undefined);
760 assert(res.msgs[0].highestCommittedUSN != 0);
762 println("Testing for netlogon via LDAP");
763 var attrs = new Array("netlogon");
764 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
765 assert(res.error == 0);
766 assert(res.msgs.length == 0);
768 println("Testing for netlogon and highestCommittedUSN via LDAP");
769 var attrs = new Array("netlogon", "highestCommittedUSN");
770 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
771 assert(res.error == 0);
772 assert(res.msgs.length == 0);
775 function find_basedn(ldb)
777 var attrs = new Array("defaultNamingContext");
778 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
779 assert(res.error == 0);
780 assert(res.msgs.length == 1);
781 return res.msgs[0].defaultNamingContext;
784 function find_configurationdn(ldb)
786 var attrs = new Array("configurationNamingContext");
787 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
788 assert(res.error == 0);
789 assert(res.msgs.length == 1);
790 return res.msgs[0].configurationNamingContext;
793 function find_schemadn(ldb)
795 var attrs = new Array("schemaNamingContext");
796 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
797 assert(res.error == 0);
798 assert(res.msgs.length == 1);
799 return res.msgs[0].schemaNamingContext;
802 /* use command line creds if available */
803 ldb.credentials = options.get_credentials();
804 gc_ldb.credentials = options.get_credentials();
806 var ok = ldb.connect("ldap://" + host);
807 var base_dn = find_basedn(ldb);
808 var configuration_dn = find_configurationdn(ldb);
809 var schema_dn = find_schemadn(ldb);
811 printf("baseDN: %s\n", base_dn);
813 var ok = gc_ldb.connect("ldap://" + host + ":3268");
818 basic_tests(ldb, gc_ldb, base_dn, configuration_dn, schema_dn)
820 basedn_tests(ldb, gc_ldb)