2 exec smbscript "$0" ${1+"$@"}
4 test certin LDAP behaviours
8 var gc_ldb = ldb_init();
10 var options = GetOptions(ARGV,
13 "POPT_COMMON_CREDENTIALS");
14 if (options == undefined) {
15 println("Failed to parse options");
19 libinclude("base.js");
21 if (options.ARGV.length != 1) {
22 println("Usage: ldap.js <HOST>");
26 var host = options.ARGV[0];
28 function basic_tests(ldb, gc_ldb, base_dn, configuration_dn, schema_dn)
30 println("Running basic tests");
32 ldb.del("cn=ldaptestuser,cn=users," + base_dn);
35 dn: cn=ldaptestuser,cn=uSers," + base_dn + "
41 ok = ldb.del("cn=ldaptestuser,cn=users," + base_dn);
44 assert(ok.error == 0);
47 dn: cn=ldaptestuser,cn=uSers," + base_dn + "
54 assert(ok.error == 0);
59 dn: cn=ldaptestcomputer,cn=computers," + base_dn + "
64 ok = ldb.del("cn=ldaptestcomputer,cn=computers," + base_dn);
67 assert(ok.error == 0);
70 dn: cn=ldaptestcomputer,cn=computers," + base_dn + "
76 assert(ok.error == 0);
81 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
84 userAccountControl: 4096
87 ok = ldb.del("cn=ldaptest2computer,cn=computers," + base_dn);
90 assert(ok.error == 0);
93 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
96 userAccountControl: 4096
100 assert(ok.error == 0);
105 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
107 replace: servicePrincipalName
108 servicePrincipalName: host/ldaptest2computer
109 servicePrincipalName: host/ldaptest2computer
110 servicePrincipalName: cifs/ldaptest2computer
113 //LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
114 if (ok.error != 20) {
115 println("Expected error LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS, got :" + ok.errstr);
116 assert(ok.error == 20);
120 dn: cn=ldaptestuser2,cn=useRs," + base_dn + "
126 ok = ldb.del("cn=ldaptestuser2,cn=users," + base_dn);
129 assert(ok.error == 0);
132 dn: cn=ldaptestuser2,cn=useRs," + base_dn + "
139 assert(ok.error == 0);
143 ok = ldb.del("cn=ldaptestuser3,cn=users," + base_dn);
145 println("Testing Renames");
147 ok = ldb.rename("cn=ldaptestuser2,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn);
149 println("Could not rename cn=ldaptestuser2,cn=users," + base_dn + " into cn=ldaptestuser3,cn=users," + base_dn + ": " + ok.errstr);
150 assert(ok.error == 0);
153 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn);
155 println("Could not rename cn=ldaptestuser3,cn=users," + base_dn + " onto itself: " + ok.errstr);
156 assert(ok.error == 0);
159 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestUSER3,cn=users," + base_dn);
161 println("Could not rename cn=ldaptestuser3,cn=users," + base_dn + " into cn=ldaptestUSER3,cn=users," + base_dn + ": " + ok.errstr);
162 assert(ok.error == 0);
165 println("Testing ldb.search for (&(cn=ldaptestuser3)(objectClass=user))");
166 var res = ldb.search("(&(cn=ldaptestuser3)(objectClass=user))");
167 if (res.error != 0 || res.msgs.length != 1) {
168 println("Could not find (&(cn=ldaptestuser3)(objectClass=user))");
169 assert(res.error == 0);
170 assert(res.msgs.length == 1);
173 assert(res.msgs[0].dn == ("CN=ldaptestUSER3,CN=Users," + base_dn));
174 assert(res.msgs[0].cn == "ldaptestUSER3");
175 assert(res.msgs[0].name == "ldaptestUSER3");
177 // ensure we cannot add it again
179 dn: cn=ldaptestuser3,cn=userS," + base_dn + "
184 //LDB_ERR_ENTRY_ALREADY_EXISTS
185 if (ok.error != 68) {
186 println("expected error LDB_ERR_ENTRY_ALREADY_EXISTS, got: " + ok.errstr);
187 assert(ok.error == 68);
191 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser2,cn=users," + base_dn);
194 assert(ok.error == 0);
197 // ensure we cannnot rename it twice
198 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser2,cn=users," + base_dn);
199 //LDB_ERR_NO_SUCH_OBJECT
200 assert(ok.error == 32);
202 // ensure can now use that name
204 dn: cn=ldaptestuser3,cn=users," + base_dn + "
210 // ensure we now cannnot rename
211 ok = ldb.rename("cn=ldaptestuser2,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn);
212 //LDB_ERR_ENTRY_ALREADY_EXISTS
213 if (ok.error != 68) {
214 println("expected error LDB_ERR_ENTRY_ALREADY_EXISTS, got: " + ok.errstr);
215 assert(ok.error == 68);
217 assert(ok.error == 68);
218 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser3,cn=configuration," + base_dn);
219 if (ok.error != 71 && ok.error != 64) {
220 println("expected error LDB_ERR_ENTRY_ALREADY_EXISTS or LDAP_NAMING_VIOLATION, got: " + ok.errstr);
221 assert(ok.error == 71 || ok.error == 64);
223 assert(ok.error == 71 || ok.error == 64);
225 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser5,cn=users," + base_dn);
228 assert(ok.error == 0);
231 ok = ldb.del("cn=ldaptestuser5,cn=users," + base_dn);
233 println("Testing subtree Renames");
236 dn: cn=ldaptestcontainer," + base_dn + "
237 objectClass: container
241 dn: CN=ldaptestuser4,CN=ldaptestcontainer," + base_dn + "
247 ok = ldb.del("cn=ldaptestuser4,cn=ldaptestcontainer," + base_dn);
250 assert(ok.error == 0);
253 dn: CN=ldaptestuser4,CN=ldaptestcontainer," + base_dn + "
260 assert(ok.error == 0);
264 println("Testing ldb.rename of cn=ldaptestcontainer," + base_dn + " to cn=ldaptestcontainer2," + base_dn);
265 ok = ldb.rename("CN=ldaptestcontainer," + base_dn, "CN=ldaptestcontainer2," + base_dn);
268 assert(ok.error == 0);
271 println("Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user))");
272 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))");
273 if (res.error != 0 || res.msgs.length != 1) {
274 println("Could not find (&(cn=ldaptestuser4)(objectClass=user))");
275 assert(res.error == 0);
276 assert(res.msgs.length == 1);
279 assert(res.msgs[0].dn == ("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn));
281 println("Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in renamed container");
282 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))", "cn=ldaptestcontainer2," + base_dn, ldb.SCOPE_SUBTREE);
283 if (res.error != 0 || res.msgs.length != 1) {
284 println("Could not find (&(cn=ldaptestuser4)(objectClass=user)) under cn=ldaptestcontainer2," + base_dn);
285 assert(res.error == 0);
286 assert(res.msgs.length == 1);
289 assert(res.msgs[0].dn == ("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn));
291 println("Testing delete (should fail, not a leaf node) of renamed cn=ldaptestcontainer2," + base_dn);
292 ok = ldb.del("cn=ldaptestcontainer2," + base_dn);
293 if (ok.error != 66) { /* LDB_ERR_NOT_ALLOWED_ON_NON_LEAF */
295 assert(ok.error == 66);
297 println("Testing delete of subtree renamed "+res.msgs[0].dn);
298 ok = ldb.del(res.msgs[0].dn);
301 assert(ok.error == 0);
303 println("Testing delete of renamed cn=ldaptestcontainer2," + base_dn);
304 ok = ldb.del("cn=ldaptestcontainer2," + base_dn);
307 assert(ok.error == 0);
311 dn: cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn + "
315 ok = ldb.del("cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn);
318 assert(ok.error == 0);
321 dn: cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn + "
326 assert(ok.error == 0);
331 dn: cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn + "
335 ok = ldb.del("cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn);
338 assert(ok.error == 0);
341 dn: cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn + "
346 assert(ok.error == 0);
350 println("Testing ldb.search for (&(cn=ldaptestuser)(objectClass=user))");
351 var res = ldb.search("(&(cn=ldaptestuser)(objectClass=user))");
352 if (res.error != 0 || res.msgs.length != 1) {
353 println("Could not find (&(cn=ldaptestuser)(objectClass=user))");
354 assert(res.error == 0);
355 assert(res.msgs.length == 1);
358 assert(res.msgs[0].dn == ("CN=ldaptestuser,CN=Users," + base_dn));
359 assert(res.msgs[0].cn == "ldaptestuser");
360 assert(res.msgs[0].name == "ldaptestuser");
361 assert(res.msgs[0].objectClass[0] == "top");
362 assert(res.msgs[0].objectClass[1] == "person");
363 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
364 assert(res.msgs[0].objectClass[3] == "user");
365 assert(res.msgs[0].objectGUID != undefined);
366 assert(res.msgs[0].whenCreated != undefined);
367 assert(res.msgs[0].objectCategory == ("CN=Person,CN=Schema,CN=Configuration," + base_dn));
368 assert(res.msgs[0].sAMAccountType == 805306368);
369 // assert(res[0].userAccountControl == 546);
371 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
372 var res2 = ldb.search("(&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
373 if (res2.error != 0 || res2.msgs.length != 1) {
374 println("Could not find (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
375 assert(res2.error == 0);
376 assert(res2.msgs.length == 1);
379 assert(res.msgs[0].dn == res2.msgs[0].dn);
381 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon))");
382 var res3 = ldb.search("(&(cn=ldaptestuser)(objectCategory=PerSon))");
383 if (res3.error != 0) {
384 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)): " + res3.errstr);
385 assert(res3.error == 0);
386 } else if (res3.msgs.length != 1) {
387 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)): matched " + res3.msgs.length);
388 assert(res3.msgs.length == 1);
391 assert(res.msgs[0].dn == res3.msgs[0].dn);
393 if (gc_ldb != undefined) {
394 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog");
395 var res3gc = gc_ldb.search("(&(cn=ldaptestuser)(objectCategory=PerSon))");
396 if (res3gc.error != 0) {
397 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog: " + res3gc.errstr);
398 assert(res3gc.error == 0);
399 } else if (res3gc.msgs.length != 1) {
400 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog: matched " + res3gc.msgs.length);
401 assert(res3gc.msgs.length == 1);
404 assert(res.msgs[0].dn == res3gc.msgs[0].dn);
407 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in with 'phantom root' control");
408 var attrs = new Array("cn");
409 var controls = new Array("search_options:1:2");
410 var res3control = gc_ldb.search("(&(cn=ldaptestuser)(objectCategory=PerSon))", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
411 if (res3control.error != 0 || res3control.msgs.length != 1) {
412 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog");
413 assert(res3control.error == 0);
414 assert(res3control.msgs.length == 1);
417 assert(res.msgs[0].dn == res3control.msgs[0].dn);
419 ok = ldb.del(res.msgs[0].dn);
422 assert(ok.error == 0);
425 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectClass=user))");
426 var res = ldb.search("(&(cn=ldaptestcomputer)(objectClass=user))");
427 if (res.error != 0 || res.msgs.length != 1) {
428 println("Could not find (&(cn=ldaptestuser)(objectClass=user))");
429 assert(res.error == 0);
430 assert(res.msgs.length == 1);
433 assert(res.msgs[0].dn == ("CN=ldaptestcomputer,CN=Computers," + base_dn));
434 assert(res.msgs[0].cn == "ldaptestcomputer");
435 assert(res.msgs[0].name == "ldaptestcomputer");
436 assert(res.msgs[0].objectClass[0] == "top");
437 assert(res.msgs[0].objectClass[1] == "person");
438 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
439 assert(res.msgs[0].objectClass[3] == "user");
440 assert(res.msgs[0].objectClass[4] == "computer");
441 assert(res.msgs[0].objectGUID != undefined);
442 assert(res.msgs[0].whenCreated != undefined);
443 assert(res.msgs[0].objectCategory == ("CN=Computer,CN=Schema,CN=Configuration," + base_dn));
444 assert(res.msgs[0].primaryGroupID == 513);
445 // assert(res.msgs[0].sAMAccountType == 805306368);
446 // assert(res.msgs[0].userAccountControl == 546);
448 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
449 var res2 = ldb.search("(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
450 if (res2.error != 0 || res2.msgs.length != 1) {
451 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
452 assert(res2.error == 0);
453 assert(res2.msgs.length == 1);
456 assert(res.msgs[0].dn == res2.msgs[0].dn);
458 if (gc_ldb != undefined) {
459 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + ")) in Global Catlog");
460 var res2gc = gc_ldb.search("(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
461 if (res2gc.error != 0 || res2gc.msgs.length != 1) {
462 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + ")) in Global Catlog");
463 assert(res2gc.error == 0);
464 assert(res2gc.msgs.length == 1);
467 assert(res.msgs[0].dn == res2gc.msgs[0].dn);
470 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER))");
471 var res3 = ldb.search("(&(cn=ldaptestcomputer)(objectCategory=compuTER))");
472 if (res3.error != 0 || res3.msgs.length != 1) {
473 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER))");
474 assert(res3.error == 0);
475 assert(res3.msgs.length == 1);
478 assert(res.msgs[0].dn == res3.msgs[0].dn);
480 if (gc_ldb != undefined) {
481 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog");
482 var res3gc = gc_ldb.search("(&(cn=ldaptestcomputer)(objectCategory=compuTER))");
483 if (res3gc.error != 0 || res3gc.msgs.length != 1) {
484 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog");
485 assert(res3gc.error == 0);
486 assert(res3gc.msgs.length == 1);
489 assert(res.msgs[0].dn == res3gc.msgs[0].dn);
492 println("Testing ldb.search for (&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
493 var res4 = ldb.search("(&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
494 if (res4.error != 0 || res4.msgs.length != 1) {
495 println("Could not find (&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
496 assert(res4.error == 0);
497 assert(res4.msgs.length == 1);
500 assert(res.msgs[0].dn == res4.msgs[0].dn);
502 println("Testing ldb.search for (&(cn=ldaptestcomput*)(objectCategory=compuTER))");
503 var res5 = ldb.search("(&(cn=ldaptestcomput*)(objectCategory=compuTER))");
504 if (res5.error != 0 || res5.msgs.length != 1) {
505 println("Could not find (&(cn=ldaptestcomput*)(objectCategory=compuTER))");
506 assert(res5.error == 0);
507 assert(res5.msgs.length == 1);
510 assert(res.msgs[0].dn == res5.msgs[0].dn);
512 println("Testing ldb.search for (&(cn=*daptestcomputer)(objectCategory=compuTER))");
513 var res6 = ldb.search("(&(cn=*daptestcomputer)(objectCategory=compuTER))");
514 if (res6.error != 0 || res6.msgs.length != 1) {
515 println("Could not find (&(cn=*daptestcomputer)(objectCategory=compuTER))");
516 assert(res6.error == 0);
517 assert(res6.msgs.length == 1);
520 assert(res.msgs[0].dn == res6.msgs[0].dn);
522 ok = ldb.del(res.msgs[0].dn);
525 assert(ok.error == 0);
528 println("Testing ldb.search for (&(cn=ldaptest2computer)(objectClass=user))");
529 var res = ldb.search("(&(cn=ldaptest2computer)(objectClass=user))");
530 if (res.error != 0 || res.msgs.length != 1) {
531 println("Could not find (&(cn=ldaptest2computer)(objectClass=user))");
532 assert(res.error == 0);
533 assert(res.msgs.length == 1);
536 assert(res.msgs[0].dn == ("CN=ldaptest2computer,CN=Computers," + base_dn));
537 assert(res.msgs[0].cn == "ldaptest2computer");
538 assert(res.msgs[0].name == "ldaptest2computer");
539 assert(res.msgs[0].objectClass[0] == "top");
540 assert(res.msgs[0].objectClass[1] == "person");
541 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
542 assert(res.msgs[0].objectClass[3] == "user");
543 assert(res.msgs[0].objectClass[4] == "computer");
544 assert(res.msgs[0].objectGUID != undefined);
545 assert(res.msgs[0].whenCreated != undefined);
546 assert(res.msgs[0].objectCategory == "cn=Computer,cn=Schema,cn=Configuration," + base_dn);
547 assert(res.msgs[0].sAMAccountType == 805306369);
548 // assert(res.msgs[0].userAccountControl == 4098);
551 var attrs = new Array("cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor");
552 println("Testing ldb.search for (&(cn=ldaptestUSer2)(objectClass=user))");
553 var res = ldb.search("(&(cn=ldaptestUSer2)(objectClass=user))", base_dn, ldb.SCOPE_SUBTREE, attrs);
554 if (res.error != 0 || res.msgs.length != 1) {
555 println("Could not find (&(cn=ldaptestUSer2)(objectClass=user))");
556 assert(res.error == 0);
557 assert(res.msgs.length == 1);
560 assert(res.msgs[0].dn == ("CN=ldaptestuser2,CN=Users," + base_dn));
561 assert(res.msgs[0].cn == "ldaptestuser2");
562 assert(res.msgs[0].name == "ldaptestuser2");
563 assert(res.msgs[0].objectClass[0] == "top");
564 assert(res.msgs[0].objectClass[1] == "person");
565 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
566 assert(res.msgs[0].objectClass[3] == "user");
567 assert(res.msgs[0].objectGUID != undefined);
568 assert(res.msgs[0].whenCreated != undefined);
569 assert(res.msgs[0].nTSecurityDescriptor != undefined);
572 ok = ldb.del(res.msgs[0].dn);
575 assert(ok.error == 0);
578 println("Testing ldb.search for (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
579 var res = ldb.search("(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
581 if (res.error != 0 || res.msgs.length != 1) {
582 println("Could not find (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
583 assert(res.error == 0);
584 assert(res.msgs.length == 1);
587 assert(res.msgs[0].dn == ("CN=ldaptestutf8user èùéìòà,CN=Users," + base_dn));
588 assert(res.msgs[0].cn == "ldaptestutf8user èùéìòà");
589 assert(res.msgs[0].name == "ldaptestutf8user èùéìòà");
590 assert(res.msgs[0].objectClass[0] == "top");
591 assert(res.msgs[0].objectClass[1] == "person");
592 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
593 assert(res.msgs[0].objectClass[3] == "user");
594 assert(res.msgs[0].objectGUID != undefined);
595 assert(res.msgs[0].whenCreated != undefined);
597 ok = ldb.del(res.msgs[0].dn);
600 assert(ok.error == 0);
603 println("Testing ldb.search for (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))");
604 var res = ldb.search("(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
606 if (res.error != 0 || res.msgs.length != 1) {
607 println("Could not find (expect space collapse, win2k3 fails) (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))");
609 assert(res.msgs[0].dn == ("cn=ldaptestutf8user2 èùéìòà,cn=users," + base_dn));
610 assert(res.msgs[0].cn == "ldaptestutf8user2 èùéìòà");
613 println("Testing that we can't get at the configuration DN from the main search base");
614 var attrs = new Array("cn");
615 var res = ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs);
616 assert(res.error == 0);
617 if (res.msgs.length != 0) {
618 println("Got configuration DN " + res.msgs[0].dn + " which should not be able to be seen from main search base");
620 assert(res.msgs.length == 0);
622 println("Testing that we can get at the configuration DN from the main search base on the LDAP port with the 'phantom root' search_options control");
623 var attrs = new Array("cn");
624 var controls = new Array("search_options:1:2");
625 var res = ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
626 assert(res.error == 0);
627 assert(res.msgs.length > 0);
629 if (gc_ldb != undefined) {
630 println("Testing that we can get at the configuration DN from the main search base on the GC port with the search_options control == 0");
631 var attrs = new Array("cn");
632 var controls = new Array("search_options:1:0");
633 var res = gc_ldb.search("objectClass=crossRef", base_dn, gc_ldb.SCOPE_SUBTREE, attrs, controls);
634 assert(res.error == 0);
635 assert(res.msgs.length > 0);
637 println("Testing that we do find configuration elements in the global catlog");
638 var attrs = new Array("cn");
639 var res = gc_ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs);
640 assert(res.error == 0);
641 assert (res.msgs.length > 0);
643 println("Testing that we do find configuration elements and user elements at the same time");
644 var attrs = new Array("cn");
645 var res = gc_ldb.search("(|(objectClass=crossRef)(objectClass=person))", base_dn, ldb.SCOPE_SUBTREE, attrs);
646 assert(res.error == 0);
647 assert (res.msgs.length > 0);
649 println("Testing that we do find configuration elements in the global catlog, with the configuration basedn");
650 var attrs = new Array("cn");
651 var res = gc_ldb.search("objectClass=crossRef", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
652 assert(res.error == 0);
653 assert (res.msgs.length > 0);
656 println("Testing that we can get at the configuration DN on the main LDAP port");
657 var attrs = new Array("cn");
658 var res = ldb.search("objectClass=crossRef", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
659 assert(res.error == 0);
660 assert (res.msgs.length > 0);
662 println("Testing objectCategory canonacolisation");
663 var attrs = new Array("cn");
664 var res = ldb.search("objectCategory=ntDsDSA", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
665 assert(res.error == 0);
666 if (res.msgs.length == 0) {
667 println("Didn't find any records with objectCategory=ntDsDSA");
669 assert(res.msgs.length != 0);
671 var attrs = new Array("cn");
672 var res = ldb.search("objectCategory=CN=ntDs-DSA," + schema_dn, configuration_dn, ldb.SCOPE_SUBTREE, attrs);
673 assert(res.error == 0);
674 if (res.msgs.length == 0) {
675 println("Didn't find any records with objectCategory=CN=ntDs-DSA," + schema_dn);
677 assert(res.msgs.length != 0);
679 println("Testing objectClass attribute order on "+ base_dn);
680 var attrs = new Array("objectClass");
681 var res = ldb.search("objectClass=domain", base_dn, ldb.SCOPE_BASE, attrs);
682 assert(res.error == 0);
683 assert(res.msgs.length == 1);
685 assert(res.msgs[0].objectClass[0] == "top");
686 assert(res.msgs[0].objectClass[1] == "domain");
687 assert(res.msgs[0].objectClass[2] == "domainDNS");
691 var attrs = new Array("cn");
692 println("Testing ldb.search for objectCategory=person");
693 var res = ldb.search("objectCategory=person", base_dn, ldb.SCOPE_SUBTREE, attrs);
694 assert(res.error == 0);
695 assert(res.msgs.length > 0);
697 var attrs = new Array("cn");
698 var controls = new Array("domain_scope:1");
699 println("Testing ldb.search for objectCategory=person with domain scope control");
700 var res = ldb.search("objectCategory=person", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
701 assert(res.error == 0);
702 assert(res.msgs.length > 0);
704 var attrs = new Array("cn");
705 println("Testing ldb.search for objectCategory=user");
706 var res = ldb.search("objectCategory=user", base_dn, ldb.SCOPE_SUBTREE, attrs);
707 assert(res.error == 0);
708 assert(res.msgs.length > 0);
710 var attrs = new Array("cn");
711 var controls = new Array("domain_scope:1");
712 println("Testing ldb.search for objectCategory=user with domain scope control");
713 var res = ldb.search("objectCategory=user", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
714 assert(res.error == 0);
715 assert(res.msgs.length > 0);
717 var attrs = new Array("cn");
718 println("Testing ldb.search for objectCategory=group");
719 var res = ldb.search("objectCategory=group", base_dn, ldb.SCOPE_SUBTREE, attrs);
720 assert(res.error == 0);
721 assert(res.msgs.length > 0);
723 var attrs = new Array("cn");
724 var controls = new Array("domain_scope:1");
725 println("Testing ldb.search for objectCategory=group with domain scope control");
726 var res = ldb.search("objectCategory=group", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
727 assert(res.error == 0);
728 assert(res.msgs.length > 0);
732 function basedn_tests(ldb, gc_ldb)
734 println("Testing for all rootDSE attributes");
735 var attrs = new Array();
736 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
737 assert(res.error == 0);
738 assert(res.msgs.length == 1);
740 println("Testing for highestCommittedUSN");
741 var attrs = new Array("highestCommittedUSN");
742 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
743 assert(res.error == 0);
744 assert(res.msgs.length == 1);
745 assert(res.msgs[0].highestCommittedUSN != undefined);
746 assert(res.msgs[0].highestCommittedUSN != 0);
748 println("Testing for netlogon via LDAP");
749 var attrs = new Array("netlogon");
750 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
751 assert(res.error == 0);
752 assert(res.msgs.length == 0);
754 println("Testing for netlogon and highestCommittedUSN via LDAP");
755 var attrs = new Array("netlogon", "highestCommittedUSN");
756 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
757 assert(res.error == 0);
758 assert(res.msgs.length == 0);
761 function find_basedn(ldb)
763 var attrs = new Array("defaultNamingContext");
764 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
765 assert(res.error == 0);
766 assert(res.msgs.length == 1);
767 return res.msgs[0].defaultNamingContext;
770 function find_configurationdn(ldb)
772 var attrs = new Array("configurationNamingContext");
773 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
774 assert(res.error == 0);
775 assert(res.msgs.length == 1);
776 return res.msgs[0].configurationNamingContext;
779 function find_schemadn(ldb)
781 var attrs = new Array("schemaNamingContext");
782 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
783 assert(res.error == 0);
784 assert(res.msgs.length == 1);
785 return res.msgs[0].schemaNamingContext;
788 /* use command line creds if available */
789 ldb.credentials = options.get_credentials();
790 gc_ldb.credentials = options.get_credentials();
792 var ok = ldb.connect("ldap://" + host);
793 var base_dn = find_basedn(ldb);
794 var configuration_dn = find_configurationdn(ldb);
795 var schema_dn = find_schemadn(ldb);
797 printf("baseDN: %s\n", base_dn);
799 var ok = gc_ldb.connect("ldap://" + host + ":3268");
804 basic_tests(ldb, gc_ldb, base_dn, configuration_dn, schema_dn)
806 basedn_tests(ldb, gc_ldb)