git.samba.org / garming / samba-autobuild / .git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
blackbox/dbcheck-links.sh: prepare regression test for skipping expired tombstones
[garming/samba-autobuild/.git] / testprogs / blackbox / dbcheck-links.sh
1 #!/bin/sh
2
3 if [ $# -lt 1 ]; then
4 cat <<EOF
5 Usage: dbcheck-links.sh PREFIX RELEASE
6 EOF
7 exit 1;
8 fi
9
10 PREFIX_ABS="$1"
11 RELEASE="$2"
12 shift 2
13
14 . `dirname $0`/subunit.sh
15
16 . `dirname $0`/common-links.sh
17
18 dbcheck() {
19     tmpfile=$PREFIX_ABS/$RELEASE/expected-dbcheck-link-output${1}.txt.tmp
20     tmpldif1=$PREFIX_ABS/$RELEASE/expected-dbcheck-output${1}2.txt.tmp1
21
22     TZ=UTC $ldbsearch -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb -s base -b '' | grep highestCommittedUSN > $tmpldif1
23
24     $PYTHON $BINDIR/samba-tool dbcheck -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb $3 --fix --yes > $tmpfile
25     if [ "$?" != "$2" ]; then
26         return 1
27     fi
28     sort $tmpfile > $tmpfile.sorted
29     sort $release_dir/expected-dbcheck-link-output${1}.txt > $tmpfile.expected
30     diff -u $tmpfile.sorted $tmpfile.expected
31     if [ "$?" != "0" ]; then
32         return 1
33     fi
34
35     tmpldif2=$PREFIX_ABS/$RELEASE/expected-dbcheck-output${1}2.txt.tmp2
36     TZ=UTC $ldbsearch -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb -s base -b '' | grep highestCommittedUSN > $tmpldif2
37
38     diff -u $tmpldif1 $tmpldif2
39     if [ "$?" != "0" ]; then
40         return 1
41     fi
42 }
43
44 dbcheck_dangling() {
45     dbcheck "" "1" "--selftest-check-expired-tombstones"
46     return $?
47 }
48
49 dbcheck_one_way() {
50     dbcheck "_one_way" "0" "CN=Configuration,DC=release-4-5-0-pre1,DC=samba,DC=corp --selftest-check-expired-tombstones"
51     return $?
52 }
53
54 dbcheck_clean() {
55     tmpldif1=$PREFIX_ABS/$RELEASE/expected-dbcheck-output2.txt.tmp1
56
57     TZ=UTC $ldbsearch -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb -s base -b '' | grep highestCommittedUSN > $tmpldif1
58
59     $PYTHON $BINDIR/samba-tool dbcheck -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb
60     if [ "$?" != "0" ]; then
61         return 1
62     fi
63     tmpldif2=$PREFIX_ABS/$RELEASE/expected-dbcheck-output2.txt.tmp2
64     TZ=UTC $ldbsearch -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb -s base -b '' | grep highestCommittedUSN > $tmpldif2
65
66     diff -u $tmpldif1 $tmpldif2
67     if [ "$?" != "0" ]; then
68         return 1
69     fi
70 }
71
72 check_expected_after_links() {
73     tmpldif=$PREFIX_ABS/$RELEASE/expected-links-after-link-dbcheck.ldif.tmp
74     TZ=UTC $ldbsearch -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb '(|(cn=swimmers)(cn=leaders)(cn=helpers))' -s sub -b DC=release-4-5-0-pre1,DC=samba,DC=corp --show-deleted --sorted member > $tmpldif
75     diff -u $tmpldif $release_dir/expected-links-after-link-dbcheck.ldif
76     if [ "$?" != "0" ]; then
77         return 1
78     fi
79 }
80
81 check_expected_after_deleted_links() {
82     tmpldif=$PREFIX_ABS/$RELEASE/expected-deleted-links-after-link-dbcheck.ldif.tmp
83     TZ=UTC $ldbsearch -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb '(|(cn=swimmers)(cn=leaders)(cn=helpers))' -s sub -b DC=release-4-5-0-pre1,DC=samba,DC=corp --show-deleted --reveal --sorted member > $tmpldif
84     diff -u $tmpldif $release_dir/expected-deleted-links-after-link-dbcheck.ldif
85     if [ "$?" != "0" ]; then
86         return 1
87     fi
88 }
89
90 check_expected_after_objects() {
91     tmpldif=$PREFIX_ABS/$RELEASE/expected-objects-after-link-dbcheck.ldif.tmp
92     TZ=UTC $ldbsearch -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb '(|(samaccountname=fred)(samaccountname=ddg)(samaccountname=usg)(samaccountname=user1)(samaccountname=user1x)(samaccountname=user2))' -s sub -b DC=release-4-5-0-pre1,DC=samba,DC=corp --show-deleted --reveal --sorted samAccountName | grep sAMAccountName > $tmpldif
93     diff -u $tmpldif $release_dir/expected-objects-after-link-dbcheck.ldif
94     if [ "$?" != "0" ]; then
95         return 1
96     fi
97 }
98
99 duplicate_member() {
100     # We use an exisiting group so we have a stable GUID in the
101     # dbcheck output
102     LDIF1=$(TZ=UTC $ldbsearch -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb -b 'CN=Enterprise Admins,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp' -s base --reveal --extended-dn member)
103     DN=$(echo "${LDIF1}" | grep '^dn: ')
104     MSG=$(echo "${LDIF1}" | grep -v '^dn: ' | grep -v '^#' | grep -v '^$')
105     ldif=$PREFIX_ABS/${RELEASE}/duplicate-member-multi.ldif
106     {
107         echo "${DN}"
108         echo "changetype: modify"
109         echo "replace: member"
110         echo "${MSG}"
111         echo "${MSG}" | sed -e 's!RMD_LOCAL_USN=[1-9][0-9]*!RMD_LOCAL_USN=0!'
112     } > $ldif
113
114     TZ=UTC $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb.d/DC%3DRELEASE-4-5-0-PRE1,DC%3DSAMBA,DC%3DCORP.ldb $ldif
115     if [ "$?" != "0" ]; then
116         return 1
117     fi
118 }
119
120 dbcheck_duplicate_member() {
121     dbcheck "_duplicate_member" "1" "--selftest-check-expired-tombstones"
122     return $?
123 }
124
125 check_expected_after_duplicate_links() {
126     tmpldif=$PREFIX_ABS/$RELEASE/expected-duplicates-after-link-dbcheck.ldif.tmp
127     TZ=UTC $ldbsearch -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb '(|(cn=administrator)(cn=enterprise admins))' -s sub -b DC=release-4-5-0-pre1,DC=samba,DC=corp --show-deleted --sorted memberOf member > $tmpldif
128     diff -u $tmpldif $release_dir/expected-duplicates-after-link-dbcheck.ldif
129     if [ "$?" != "0" ]; then
130         return 1
131     fi
132 }
133
134 missing_link_sid_corruption() {
135     # Step1: add user "missingsidu1"
136     #
137     ldif=$PREFIX_ABS/${RELEASE}/missing_link_sid_corruption1.ldif
138     cat > $ldif <<EOF
139 dn: CN=missingsidu1,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp
140 changetype: add
141 objectclass: user
142 samaccountname: missingsidu1
143 objectGUID: 0da8f25e-d110-11e8-80b7-3c970ec68461
144 objectSid: S-1-5-21-4177067393-1453636373-93818738-771
145 EOF
146
147     out=$(TZ=UTC $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb --relax $ldif)
148     if [ "$?" != "0" ]; then
149         echo "ldbmodify returned:\n$out"
150         return 1
151     fi
152
153     # Step2: add user "missingsidu2"
154     #
155     ldif=$PREFIX_ABS/${RELEASE}/missing_link_sid_corruption2.ldif
156     cat > $ldif <<EOF
157 dn: CN=missingsidu2,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp
158 changetype: add
159 objectclass: user
160 samaccountname: missingsidu2
161 objectGUID: 66eb8f52-d110-11e8-ab9b-3c970ec68461
162 objectSid: S-1-5-21-4177067393-1453636373-93818738-772
163 EOF
164
165     out=$(TZ=UTC $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb --relax $ldif)
166     if [ "$?" != "0" ]; then
167         echo "ldbmodify returned:\n$out"
168         return 1
169     fi
170
171     # Step3: add group "missingsidg3" and add users as members
172     #
173     ldif=$PREFIX_ABS/${RELEASE}/missing_link_sid_corruption3.ldif
174     cat > $ldif <<EOF
175 dn: CN=missingsidg3,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp
176 changetype: add
177 objectclass: group
178 samaccountname: missingsidg3
179 objectGUID: fd992424-d114-11e8-bb36-3c970ec68461
180 objectSid: S-1-5-21-4177067393-1453636373-93818738-773
181 member: CN=missingsidu1,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp
182 member: CN=missingsidu2,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp
183 EOF
184
185     out=$(TZ=UTC $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb --relax $ldif)
186     if [ "$?" != "0" ]; then
187         echo "ldbmodify returned:\n$out"
188         return 1
189     fi
190
191     # Step4: remove one user again, so that we have one deleted link
192     #
193     ldif=$PREFIX_ABS/${RELEASE}/missing_link_sid_corruption4.ldif
194     cat > $ldif <<EOF
195 dn: CN=missingsidg3,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp
196 changetype: modify
197 delete: member
198 member: CN=missingsidu1,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp
199 EOF
200
201     out=$(TZ=UTC $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb --relax $ldif)
202     if [ "$?" != "0" ]; then
203         echo "ldbmodify returned:\n$out"
204         return 1
205     fi
206
207     #
208     # Step5: remove the SIDS from the links
209     #
210     LDIF1=$(TZ=UTC $ldbsearch -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb -b 'CN=missingsidg3,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp' -s base --reveal --extended-dn --show-binary member)
211     DN=$(echo "${LDIF1}" | grep '^dn: ')
212     MSG=$(echo "${LDIF1}" | grep -v '^dn: ' | grep -v '^#' | grep -v '^$')
213     ldif=$PREFIX_ABS/${RELEASE}/missing_link_sid_corruption5.ldif
214     {
215         echo "${DN}"
216         echo "changetype: modify"
217         echo "replace: member"
218         #echo "${MSG}"
219         echo "${MSG}" | sed \
220                 -e 's!<SID=S-1-5-21-4177067393-1453636373-93818738-771>;!!g' \
221                 -e 's!<SID=S-1-5-21-4177067393-1453636373-93818738-772>;!!g' \
222                 -e 's!RMD_ADDTIME=[1-9][0-9]*!RMD_ADDTIME=123456789000000000!g' \
223                 -e 's!RMD_CHANGETIME=[1-9][0-9]*!RMD_CHANGETIME=123456789000000000!g' \
224                 | cat
225     } > $ldif
226
227     out=$(TZ=UTC $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb.d/DC%3DRELEASE-4-5-0-PRE1,DC%3DSAMBA,DC%3DCORP.ldb $ldif)
228     if [ "$?" != "0" ]; then
229         echo "ldbmodify returned:\n$out"
230         return 1
231     fi
232
233     return 0
234 }
235
236 dbcheck_missing_link_sid_corruption() {
237     dbcheck "-missing-link-sid-corruption" "1" "--selftest-check-expired-tombstones"
238     return $?
239 }
240
241 add_lost_deleted_user1() {
242     ldif=$PREFIX_ABS/${RELEASE}/add_lost_deleted_user1.ldif
243     cat > $ldif <<EOF
244 dn: CN=fred\0ADEL:2301a64c-1234-5678-851e-12d4a711cfb4,OU=removed,DC=release-4-5-0-pre1,DC=samba,DC=corp
245 objectClass: top
246 objectClass: person
247 objectClass: organizationalPerson
248 objectClass: user
249 instanceType: 4
250 whenCreated: 20160629043638.0Z
251 uSNCreated: 3740
252 objectGUID: 2301a64c-1234-5678-851e-12d4a711cfb4
253 objectSid: S-1-5-21-4177067393-1453636373-93818738-1011
254 sAMAccountName: fred
255 userAccountControl: 512
256 isDeleted: TRUE
257 lastKnownParent: <GUID=f28216e9-1234-5678-8b2d-6bb229563b62>;OU=removed,DC=rel
258  ease-4-5-0-pre1,DC=samba,DC=corp
259 isRecycled: TRUE
260 cn:: ZnJlZApERUw6MjMwMWE2NGMtMTIzNC01Njc4LTg1MWUtMTJkNGE3MTFjZmI0
261 name:: ZnJlZApERUw6MjMwMWE2NGMtMTIzNC01Njc4LTg1MWUtMTJkNGE3MTFjZmI0
262 replPropertyMetaData:: AQAAAAAAAAAXAAAAAAAAAAAAAAABAAAAVuGDDQMAAACjlkROuH+XT4o
263  z0jjbi14tnA4AAAAAAACcDgAAAAAAAAMAAAACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4A
264  AAAAAACiDgAAAAAAAAEAAgABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAA
265  AAAAAIAAgABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAADAAAgABAA
266  AAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAABkBAgABAAAAVuGDDQMAAAC
267  jlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAAAEACQACAAAAV+GDDQMAAACjlkROuH+XT4oz
268  0jjbi14tog4AAAAAAACiDgAAAAAAAAgACQADAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tng4AA
269  AAAAACeDgAAAAAAABAACQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAA
270  AAABkACQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAFoACQABAAA
271  AVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnQ4AAAAAAACdDgAAAAAAAF4ACQABAAAAVuGDDQMAAACj
272  lkROuH+XT4oz0jjbi14tnQ4AAAAAAACdDgAAAAAAAGAACQADAAAAV+GDDQMAAACjlkROuH+XT4oz0
273  jjbi14tog4AAAAAAACiDgAAAAAAAGIACQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAA
274  AAAACiDgAAAAAAAH0ACQABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnQ4AAAAAAACdDgAAAAA
275  AAJIACQABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAAJ8ACQACAAAA
276  V+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAN0ACQABAAAAVuGDDQMAAACjl
277  kROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAAC4BCQACAAAAV+GDDQMAAACjlkROuH+XT4oz0j
278  jbi14tog4AAAAAAACiDgAAAAAAAJACCQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAA
279  AAACiDgAAAAAAAA0DCQABAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAA
280  AA4DCQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAAoICQABAAAAV
281  +GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAA==
282 whenChanged: 20160629043639.0Z
283 uSNChanged: 3746
284 nTSecurityDescriptor:: AQAXjBQAAAAwAAAATAAAAMQAAAABBQAAAAAABRUAAACB/fj4FbukVnK
285  PlwUAAgAAAQUAAAAAAAUVAAAAgf34+BW7pFZyj5cFAAIAAAQAeAACAAAAB1o4ACAAAAADAAAAvjsO
286  8/Cf0RG2AwAA+ANnwaV6lr/mDdARooUAqgAwSeIBAQAAAAAAAQAAAAAHWjgAIAAAAAMAAAC/Ow7z8
287  J/REbYDAAD4A2fBpXqWv+YN0BGihQCqADBJ4gEBAAAAAAABAAAAAAQA1AcsAAAAAAAkAP8BDwABBQ
288  AAAAAABRUAAACB/fj4FbukVnKPlwUAAgAAAAAUAP8BDwABAQAAAAAABRIAAAAAABgA/wEPAAECAAA
289  AAAAFIAAAACQCAAAAABQAlAACAAEBAAAAAAAFCgAAAAUAKAAAAQAAAQAAAFMacqsvHtARmBkAqgBA
290  UpsBAQAAAAAABQoAAAAFACgAAAEAAAEAAABUGnKrLx7QEZgZAKoAQFKbAQEAAAAAAAUKAAAABQAoA
291  AABAAABAAAAVhpyqy8e0BGYGQCqAEBSmwEBAAAAAAAFCgAAAAUAKAAwAAAAAQAAAIa4tXdKlNERrr
292  0AAPgDZ8EBAQAAAAAABQoAAAAFACgAMAAAAAEAAACylVfkVZTREa69AAD4A2fBAQEAAAAAAAUKAAA
293  ABQAoADAAAAABAAAAs5VX5FWU0RGuvQAA+ANnwQEBAAAAAAAFCgAAAAUAOAAQAAAAAQAAAPiIcAPh
294  CtIRtCIAoMlo+TkBBQAAAAAABRUAAACB/fj4FbukVnKPlwUpAgAABQA4ABAAAAABAAAAAEIWTMAg0
295  BGnaACqAG4FKQEFAAAAAAAFFQAAAIH9+PgVu6RWco+XBSkCAAAFADgAEAAAAAEAAABAwgq8qXnQEZ
296  AgAMBPwtTPAQUAAAAAAAUVAAAAgf34+BW7pFZyj5cFKQIAAAAAFAAAAAIAAQEAAAAAAAULAAAABQA
297  oABAAAAABAAAAQi+6WaJ50BGQIADAT8LTzwEBAAAAAAAFCwAAAAUAKAAQAAAAAQAAAIa4tXdKlNER
298  rr0AAPgDZ8EBAQAAAAAABQsAAAAFACgAEAAAAAEAAACzlVfkVZTREa69AAD4A2fBAQEAAAAAAAULA
299  AAABQAoABAAAAABAAAAVAGN5Pi80RGHAgDAT7lgUAEBAAAAAAAFCwAAAAUAKAAAAQAAAQAAAFMacq
300  svHtARmBkAqgBAUpsBAQAAAAAAAQAAAAAFADgAEAAAAAEAAAAQICBfpXnQEZAgAMBPwtTPAQUAAAA
301  AAAUVAAAAgf34+BW7pFZyj5cFKQIAAAUAOAAwAAAAAQAAAH96lr/mDdARooUAqgAwSeIBBQAAAAAA
302  BRUAAACB/fj4FbukVnKPlwUFAgAABQAsABAAAAABAAAAHbGpRq5gWkC36P+KWNRW0gECAAAAAAAFI
303  AAAADACAAAFACwAMAAAAAEAAAAcmrZtIpTREa69AAD4A2fBAQIAAAAAAAUgAAAAMQIAAAUALAAwAA
304  AAAQAAAGK8BVjJvShEpeKFag9MGF4BAgAAAAAABSAAAAAxAgAABRo8ABAAAAADAAAAAEIWTMAg0BG
305  naACqAG4FKRTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8ABAAAAADAAAAAEIWTMAg
306  0BGnaACqAG4FKbp6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo8ABAAAAADAAAAECAgX
307  6V50BGQIADAT8LUzxTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8ABAAAAADAAAAEC
308  AgX6V50BGQIADAT8LUz7p6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo8ABAAAAADAAA
309  AQMIKvKl50BGQIADAT8LUzxTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8ABAAAAAD
310  AAAAQMIKvKl50BGQIADAT8LUz7p6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo8ABAAA
311  AADAAAAQi+6WaJ50BGQIADAT8LTzxTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8AB
312  AAAAADAAAAQi+6WaJ50BGQIADAT8LTz7p6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo
313  8ABAAAAADAAAA+IhwA+EK0hG0IgCgyWj5ORTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAA
314  BRI8ABAAAAADAAAA+IhwA+EK0hG0IgCgyWj5Obp6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqA
315  gAABRo4ABAAAAADAAAAbZ7Gt8cs0hGFTgCgyYP2CIZ6lr/mDdARooUAqgAwSeIBAQAAAAAABQkAAA
316  AFGjgAEAAAAAMAAABtnsa3xyzSEYVOAKDJg/YInHqWv+YN0BGihQCqADBJ4gEBAAAAAAAFCQAAAAU
317  SOAAQAAAAAwAAAG2exrfHLNIRhU4AoMmD9gi6epa/5g3QEaKFAKoAMEniAQEAAAAAAAUJAAAABRos
318  AJQAAgACAAAAFMwoSDcUvEWbB61vAV5fKAECAAAAAAAFIAAAACoCAAAFGiwAlAACAAIAAACcepa/5
319  g3QEaKFAKoAMEniAQIAAAAAAAUgAAAAKgIAAAUSLACUAAIAAgAAALp6lr/mDdARooUAqgAwSeIBAg
320  AAAAAABSAAAAAqAgAABRIoADABAAABAAAA3kfmkW/ZcEuVV9Y/9PPM2AEBAAAAAAAFCgAAAAASJAD
321  /AQ8AAQUAAAAAAAUVAAAAgf34+BW7pFZyj5cFBwIAAAASGAAEAAAAAQIAAAAAAAUgAAAAKgIAAAAS
322  GAC9AQ8AAQIAAAAAAAUgAAAAIAIAAA==
323 EOF
324
325     out=$(TZ=UTC $ldbadd -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb.d/DC%3DRELEASE-4-5-0-PRE1,DC%3DSAMBA,DC%3DCORP.ldb $ldif)
326     if [ "$?" != "0" ]; then
327         echo "ldbadd returned:\n$out"
328         return 1
329     fi
330
331     return 0
332 }
333
334 dbcheck_lost_deleted_user1() {
335     dbcheck "-lost-deleted-user1" "1" "--selftest-check-expired-tombstones"
336     return $?
337 }
338
339 remove_lost_deleted_user1() {
340     out=$(TZ=UTC $ldbdel -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb "<GUID=2301a64c-1234-5678-851e-12d4a711cfb4>" --show-recycled --relax)
341     if [ "$?" != "0" ]; then
342         echo "ldbdel returned:\n$out"
343         return 1
344     fi
345
346     return 0
347 }
348
349 add_lost_deleted_user2() {
350     ldif=$PREFIX_ABS/${RELEASE}/add_lost_deleted_user2.ldif
351     cat > $ldif <<EOF
352 dn: CN=fred\0ADEL:2301a64c-8765-4321-851e-12d4a711cfb4,CN=LostAndFound,DC=release-4-5-0-pre1,DC=samba,DC=corp
353 objectClass: top
354 objectClass: person
355 objectClass: organizationalPerson
356 objectClass: user
357 instanceType: 4
358 whenCreated: 20160629043638.0Z
359 uSNCreated: 3740
360 objectGUID: 2301a64c-8765-4321-851e-12d4a711cfb4
361 objectSid: S-1-5-21-4177067393-1453636373-93818738-1001
362 sAMAccountName: fred
363 userAccountControl: 512
364 isDeleted: TRUE
365 lastKnownParent: OU=removed,DC=release-4-5-0-pre1,DC=samba,DC=corp
366 isRecycled: TRUE
367 cn:: ZnJlZApERUw6MjMwMWE2NGMtODc2NS00MzIxLTg1MWUtMTJkNGE3MTFjZmI0
368 name:: ZnJlZApERUw6MjMwMWE2NGMtODc2NS00MzIxLTg1MWUtMTJkNGE3MTFjZmI0
369 replPropertyMetaData:: AQAAAAAAAAAXAAAAAAAAAAAAAAABAAAAVuGDDQMAAACjlkROuH+XT4o
370  z0jjbi14tnA4AAAAAAACcDgAAAAAAAAMAAAACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4A
371  AAAAAACiDgAAAAAAAAEAAgABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAA
372  AAAAAIAAgABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAADAAAgABAA
373  AAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAABkBAgABAAAAVuGDDQMAAAC
374  jlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAAAEACQAEAAAAePOWEgMAAACjlkROuH+XT4oz
375  0jjbi14tvA4AAAAAAAC8DgAAAAAAAAgACQADAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tng4AA
376  AAAAACeDgAAAAAAABAACQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAA
377  AAABkACQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAFoACQABAAA
378  AVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnQ4AAAAAAACdDgAAAAAAAF4ACQABAAAAVuGDDQMAAACj
379  lkROuH+XT4oz0jjbi14tnQ4AAAAAAACdDgAAAAAAAGAACQADAAAAV+GDDQMAAACjlkROuH+XT4oz0
380  jjbi14tog4AAAAAAACiDgAAAAAAAGIACQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAA
381  AAAACiDgAAAAAAAH0ACQABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnQ4AAAAAAACdDgAAAAA
382  AAJIACQABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAAJ8ACQACAAAA
383  V+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAN0ACQABAAAAVuGDDQMAAACjl
384  kROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAAC4BCQACAAAAV+GDDQMAAACjlkROuH+XT4oz0j
385  jbi14tog4AAAAAAACiDgAAAAAAAJACCQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAA
386  AAACiDgAAAAAAAA0DCQADAAAAePOWEgMAAACjlkROuH+XT4oz0jjbi14tvQ4AAAAAAAC9DgAAAAAA
387  AA4DCQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAAoICQABAAAAV
388  +GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAA==
389 whenChanged: 20160629043639.0Z
390 uSNChanged: 3746
391 nTSecurityDescriptor:: AQAXjBQAAAAwAAAATAAAAMQAAAABBQAAAAAABRUAAACB/fj4FbukVnK
392  PlwUAAgAAAQUAAAAAAAUVAAAAgf34+BW7pFZyj5cFAAIAAAQAeAACAAAAB1o4ACAAAAADAAAAvjsO
393  8/Cf0RG2AwAA+ANnwaV6lr/mDdARooUAqgAwSeIBAQAAAAAAAQAAAAAHWjgAIAAAAAMAAAC/Ow7z8
394  J/REbYDAAD4A2fBpXqWv+YN0BGihQCqADBJ4gEBAAAAAAABAAAAAAQA1AcsAAAAAAAkAP8BDwABBQ
395  AAAAAABRUAAACB/fj4FbukVnKPlwUAAgAAAAAUAP8BDwABAQAAAAAABRIAAAAAABgA/wEPAAECAAA
396  AAAAFIAAAACQCAAAAABQAlAACAAEBAAAAAAAFCgAAAAUAKAAAAQAAAQAAAFMacqsvHtARmBkAqgBA
397  UpsBAQAAAAAABQoAAAAFACgAAAEAAAEAAABUGnKrLx7QEZgZAKoAQFKbAQEAAAAAAAUKAAAABQAoA
398  AABAAABAAAAVhpyqy8e0BGYGQCqAEBSmwEBAAAAAAAFCgAAAAUAKAAwAAAAAQAAAIa4tXdKlNERrr
399  0AAPgDZ8EBAQAAAAAABQoAAAAFACgAMAAAAAEAAACylVfkVZTREa69AAD4A2fBAQEAAAAAAAUKAAA
400  ABQAoADAAAAABAAAAs5VX5FWU0RGuvQAA+ANnwQEBAAAAAAAFCgAAAAUAOAAQAAAAAQAAAPiIcAPh
401  CtIRtCIAoMlo+TkBBQAAAAAABRUAAACB/fj4FbukVnKPlwUpAgAABQA4ABAAAAABAAAAAEIWTMAg0
402  BGnaACqAG4FKQEFAAAAAAAFFQAAAIH9+PgVu6RWco+XBSkCAAAFADgAEAAAAAEAAABAwgq8qXnQEZ
403  AgAMBPwtTPAQUAAAAAAAUVAAAAgf34+BW7pFZyj5cFKQIAAAAAFAAAAAIAAQEAAAAAAAULAAAABQA
404  oABAAAAABAAAAQi+6WaJ50BGQIADAT8LTzwEBAAAAAAAFCwAAAAUAKAAQAAAAAQAAAIa4tXdKlNER
405  rr0AAPgDZ8EBAQAAAAAABQsAAAAFACgAEAAAAAEAAACzlVfkVZTREa69AAD4A2fBAQEAAAAAAAULA
406  AAABQAoABAAAAABAAAAVAGN5Pi80RGHAgDAT7lgUAEBAAAAAAAFCwAAAAUAKAAAAQAAAQAAAFMacq
407  svHtARmBkAqgBAUpsBAQAAAAAAAQAAAAAFADgAEAAAAAEAAAAQICBfpXnQEZAgAMBPwtTPAQUAAAA
408  AAAUVAAAAgf34+BW7pFZyj5cFKQIAAAUAOAAwAAAAAQAAAH96lr/mDdARooUAqgAwSeIBBQAAAAAA
409  BRUAAACB/fj4FbukVnKPlwUFAgAABQAsABAAAAABAAAAHbGpRq5gWkC36P+KWNRW0gECAAAAAAAFI
410  AAAADACAAAFACwAMAAAAAEAAAAcmrZtIpTREa69AAD4A2fBAQIAAAAAAAUgAAAAMQIAAAUALAAwAA
411  AAAQAAAGK8BVjJvShEpeKFag9MGF4BAgAAAAAABSAAAAAxAgAABRo8ABAAAAADAAAAAEIWTMAg0BG
412  naACqAG4FKRTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8ABAAAAADAAAAAEIWTMAg
413  0BGnaACqAG4FKbp6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo8ABAAAAADAAAAECAgX
414  6V50BGQIADAT8LUzxTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8ABAAAAADAAAAEC
415  AgX6V50BGQIADAT8LUz7p6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo8ABAAAAADAAA
416  AQMIKvKl50BGQIADAT8LUzxTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8ABAAAAAD
417  AAAAQMIKvKl50BGQIADAT8LUz7p6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo8ABAAA
418  AADAAAAQi+6WaJ50BGQIADAT8LTzxTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8AB
419  AAAAADAAAAQi+6WaJ50BGQIADAT8LTz7p6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo
420  8ABAAAAADAAAA+IhwA+EK0hG0IgCgyWj5ORTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAA
421  BRI8ABAAAAADAAAA+IhwA+EK0hG0IgCgyWj5Obp6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqA
422  gAABRo4ABAAAAADAAAAbZ7Gt8cs0hGFTgCgyYP2CIZ6lr/mDdARooUAqgAwSeIBAQAAAAAABQkAAA
423  AFGjgAEAAAAAMAAABtnsa3xyzSEYVOAKDJg/YInHqWv+YN0BGihQCqADBJ4gEBAAAAAAAFCQAAAAU
424  SOAAQAAAAAwAAAG2exrfHLNIRhU4AoMmD9gi6epa/5g3QEaKFAKoAMEniAQEAAAAAAAUJAAAABRos
425  AJQAAgACAAAAFMwoSDcUvEWbB61vAV5fKAECAAAAAAAFIAAAACoCAAAFGiwAlAACAAIAAACcepa/5
426  g3QEaKFAKoAMEniAQIAAAAAAAUgAAAAKgIAAAUSLACUAAIAAgAAALp6lr/mDdARooUAqgAwSeIBAg
427  AAAAAABSAAAAAqAgAABRIoADABAAABAAAA3kfmkW/ZcEuVV9Y/9PPM2AEBAAAAAAAFCgAAAAASJAD
428  /AQ8AAQUAAAAAAAUVAAAAgf34+BW7pFZyj5cFBwIAAAASGAAEAAAAAQIAAAAAAAUgAAAAKgIAAAAS
429  GAC9AQ8AAQIAAAAAAAUgAAAAIAIAAA==
430 EOF
431
432     out=$(TZ=UTC $ldbadd -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb.d/DC%3DRELEASE-4-5-0-PRE1,DC%3DSAMBA,DC%3DCORP.ldb $ldif)
433     if [ "$?" != "0" ]; then
434         echo "ldbadd returned:\n$out"
435         return 1
436     fi
437
438     return 0
439 }
440
441 dbcheck_lost_deleted_user2() {
442     dbcheck "-lost-deleted-user2" "1" "--selftest-check-expired-tombstones"
443     return $?
444 }
445
446 add_lost_deleted_user3() {
447     ldif=$PREFIX_ABS/${RELEASE}/add_lost_deleted_user3.ldif
448     cat > $ldif <<EOF
449 dn: CN=fred\0ADEL:2301a64c-1122-5566-851e-12d4a711cfb4,OU=removed,DC=release-4-5-0-pre1,DC=samba,DC=corp
450 objectClass: top
451 objectClass: person
452 objectClass: organizationalPerson
453 objectClass: user
454 instanceType: 4
455 whenCreated: 20160629043638.0Z
456 uSNCreated: 3740
457 objectGUID: 2301a64c-1122-5566-851e-12d4a711cfb4
458 objectSid: S-1-5-21-4177067393-1453636373-93818738-1010
459 sAMAccountName: fred
460 userAccountControl: 512
461 isDeleted: TRUE
462 lastKnownParent: <GUID=f28216e9-1234-5678-8b2d-6bb229563b62>;OU=removed,DC=rel
463  ease-4-5-0-pre1,DC=samba,DC=corp
464 isRecycled: TRUE
465 cn:: ZnJlZApERUw6MjMwMWE2NGMtMTEyMi01NTY2LTg1MWUtMTJkNGE3MTFjZmI0
466 name:: ZnJlZApERUw6MjMwMWE2NGMtMTEyMi01NTY2LTg1MWUtMTJkNGE3MTFjZmI0
467 replPropertyMetaData:: AQAAAAAAAAAXAAAAAAAAAAAAAAABAAAAVuGDDQMAAACjlkROuH+XT4o
468  z0jjbi14tnA4AAAAAAACcDgAAAAAAAAMAAAACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4A
469  AAAAAACiDgAAAAAAAAEAAgABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAA
470  AAAAAIAAgABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAADAAAgABAA
471  AAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAABkBAgABAAAAVuGDDQMAAAC
472  jlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAAAEACQACAAAAV+GDDQMAAACjlkROuH+XT4oz
473  0jjbi14tog4AAAAAAACiDgAAAAAAAAgACQADAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tng4AA
474  AAAAACeDgAAAAAAABAACQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAA
475  AAABkACQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAFoACQABAAA
476  AVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnQ4AAAAAAACdDgAAAAAAAF4ACQABAAAAVuGDDQMAAACj
477  lkROuH+XT4oz0jjbi14tnQ4AAAAAAACdDgAAAAAAAGAACQADAAAAV+GDDQMAAACjlkROuH+XT4oz0
478  jjbi14tog4AAAAAAACiDgAAAAAAAGIACQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAA
479  AAAACiDgAAAAAAAH0ACQABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnQ4AAAAAAACdDgAAAAA
480  AAJIACQABAAAAVuGDDQMAAACjlkROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAAJ8ACQACAAAA
481  V+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAN0ACQABAAAAVuGDDQMAAACjl
482  kROuH+XT4oz0jjbi14tnA4AAAAAAACcDgAAAAAAAC4BCQACAAAAV+GDDQMAAACjlkROuH+XT4oz0j
483  jbi14tog4AAAAAAACiDgAAAAAAAJACCQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAA
484  AAACiDgAAAAAAAA0DCQABAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAA
485  AA4DCQACAAAAV+GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAAoICQABAAAAV
486  +GDDQMAAACjlkROuH+XT4oz0jjbi14tog4AAAAAAACiDgAAAAAAAA==
487 whenChanged: 20160629043639.0Z
488 uSNChanged: 3746
489 nTSecurityDescriptor:: AQAXjBQAAAAwAAAATAAAAMQAAAABBQAAAAAABRUAAACB/fj4FbukVnK
490  PlwUAAgAAAQUAAAAAAAUVAAAAgf34+BW7pFZyj5cFAAIAAAQAeAACAAAAB1o4ACAAAAADAAAAvjsO
491  8/Cf0RG2AwAA+ANnwaV6lr/mDdARooUAqgAwSeIBAQAAAAAAAQAAAAAHWjgAIAAAAAMAAAC/Ow7z8
492  J/REbYDAAD4A2fBpXqWv+YN0BGihQCqADBJ4gEBAAAAAAABAAAAAAQA1AcsAAAAAAAkAP8BDwABBQ
493  AAAAAABRUAAACB/fj4FbukVnKPlwUAAgAAAAAUAP8BDwABAQAAAAAABRIAAAAAABgA/wEPAAECAAA
494  AAAAFIAAAACQCAAAAABQAlAACAAEBAAAAAAAFCgAAAAUAKAAAAQAAAQAAAFMacqsvHtARmBkAqgBA
495  UpsBAQAAAAAABQoAAAAFACgAAAEAAAEAAABUGnKrLx7QEZgZAKoAQFKbAQEAAAAAAAUKAAAABQAoA
496  AABAAABAAAAVhpyqy8e0BGYGQCqAEBSmwEBAAAAAAAFCgAAAAUAKAAwAAAAAQAAAIa4tXdKlNERrr
497  0AAPgDZ8EBAQAAAAAABQoAAAAFACgAMAAAAAEAAACylVfkVZTREa69AAD4A2fBAQEAAAAAAAUKAAA
498  ABQAoADAAAAABAAAAs5VX5FWU0RGuvQAA+ANnwQEBAAAAAAAFCgAAAAUAOAAQAAAAAQAAAPiIcAPh
499  CtIRtCIAoMlo+TkBBQAAAAAABRUAAACB/fj4FbukVnKPlwUpAgAABQA4ABAAAAABAAAAAEIWTMAg0
500  BGnaACqAG4FKQEFAAAAAAAFFQAAAIH9+PgVu6RWco+XBSkCAAAFADgAEAAAAAEAAABAwgq8qXnQEZ
501  AgAMBPwtTPAQUAAAAAAAUVAAAAgf34+BW7pFZyj5cFKQIAAAAAFAAAAAIAAQEAAAAAAAULAAAABQA
502  oABAAAAABAAAAQi+6WaJ50BGQIADAT8LTzwEBAAAAAAAFCwAAAAUAKAAQAAAAAQAAAIa4tXdKlNER
503  rr0AAPgDZ8EBAQAAAAAABQsAAAAFACgAEAAAAAEAAACzlVfkVZTREa69AAD4A2fBAQEAAAAAAAULA
504  AAABQAoABAAAAABAAAAVAGN5Pi80RGHAgDAT7lgUAEBAAAAAAAFCwAAAAUAKAAAAQAAAQAAAFMacq
505  svHtARmBkAqgBAUpsBAQAAAAAAAQAAAAAFADgAEAAAAAEAAAAQICBfpXnQEZAgAMBPwtTPAQUAAAA
506  AAAUVAAAAgf34+BW7pFZyj5cFKQIAAAUAOAAwAAAAAQAAAH96lr/mDdARooUAqgAwSeIBBQAAAAAA
507  BRUAAACB/fj4FbukVnKPlwUFAgAABQAsABAAAAABAAAAHbGpRq5gWkC36P+KWNRW0gECAAAAAAAFI
508  AAAADACAAAFACwAMAAAAAEAAAAcmrZtIpTREa69AAD4A2fBAQIAAAAAAAUgAAAAMQIAAAUALAAwAA
509  AAAQAAAGK8BVjJvShEpeKFag9MGF4BAgAAAAAABSAAAAAxAgAABRo8ABAAAAADAAAAAEIWTMAg0BG
510  naACqAG4FKRTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8ABAAAAADAAAAAEIWTMAg
511  0BGnaACqAG4FKbp6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo8ABAAAAADAAAAECAgX
512  6V50BGQIADAT8LUzxTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8ABAAAAADAAAAEC
513  AgX6V50BGQIADAT8LUz7p6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo8ABAAAAADAAA
514  AQMIKvKl50BGQIADAT8LUzxTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8ABAAAAAD
515  AAAAQMIKvKl50BGQIADAT8LUz7p6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo8ABAAA
516  AADAAAAQi+6WaJ50BGQIADAT8LTzxTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAABRI8AB
517  AAAAADAAAAQi+6WaJ50BGQIADAT8LTz7p6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqAgAABRo
518  8ABAAAAADAAAA+IhwA+EK0hG0IgCgyWj5ORTMKEg3FLxFmwetbwFeXygBAgAAAAAABSAAAAAqAgAA
519  BRI8ABAAAAADAAAA+IhwA+EK0hG0IgCgyWj5Obp6lr/mDdARooUAqgAwSeIBAgAAAAAABSAAAAAqA
520  gAABRo4ABAAAAADAAAAbZ7Gt8cs0hGFTgCgyYP2CIZ6lr/mDdARooUAqgAwSeIBAQAAAAAABQkAAA
521  AFGjgAEAAAAAMAAABtnsa3xyzSEYVOAKDJg/YInHqWv+YN0BGihQCqADBJ4gEBAAAAAAAFCQAAAAU
522  SOAAQAAAAAwAAAG2exrfHLNIRhU4AoMmD9gi6epa/5g3QEaKFAKoAMEniAQEAAAAAAAUJAAAABRos
523  AJQAAgACAAAAFMwoSDcUvEWbB61vAV5fKAECAAAAAAAFIAAAACoCAAAFGiwAlAACAAIAAACcepa/5
524  g3QEaKFAKoAMEniAQIAAAAAAAUgAAAAKgIAAAUSLACUAAIAAgAAALp6lr/mDdARooUAqgAwSeIBAg
525  AAAAAABSAAAAAqAgAABRIoADABAAABAAAA3kfmkW/ZcEuVV9Y/9PPM2AEBAAAAAAAFCgAAAAASJAD
526  /AQ8AAQUAAAAAAAUVAAAAgf34+BW7pFZyj5cFBwIAAAASGAAEAAAAAQIAAAAAAAUgAAAAKgIAAAAS
527  GAC9AQ8AAQIAAAAAAAUgAAAAIAIAAA==
528 EOF
529
530     out=$(TZ=UTC $ldbadd -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb.d/DC%3DRELEASE-4-5-0-PRE1,DC%3DSAMBA,DC%3DCORP.ldb $ldif)
531     if [ "$?" != "0" ]; then
532         echo "ldbadd returned:\n$out"
533         return 1
534     fi
535
536     return 0
537 }
538
539 dbcheck_lost_deleted_user3() {
540     # here we don't pass --selftest-check-expired-tombstones
541     # as we want to test the default
542     dbcheck "-lost-deleted-user3" "1" ""
543     return $?
544 }
545
546 remove_lost_deleted_user3() {
547     out=$(TZ=UTC $ldbdel -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb "<GUID=2301a64c-1122-5566-851e-12d4a711cfb4>" --show-recycled --relax)
548     if [ "$?" != "0" ]; then
549         echo "ldbdel returned:\n$out"
550         return 1
551     fi
552
553     return 0
554 }
555
556 forward_link_corruption() {
557     #
558     # Step1: add a duplicate forward link from
559     # "CN=Enterprise Admins" to "CN=Administrator"
560     #
561     LDIF1=$(TZ=UTC $ldbsearch -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb -b 'CN=Enterprise Admins,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp' -s base --reveal --extended-dn member)
562     DN=$(echo "${LDIF1}" | grep '^dn: ')
563     MSG=$(echo "${LDIF1}" | grep -v '^dn: ' | grep -v '^#' | grep -v '^$')
564     ldif=$PREFIX_ABS/${RELEASE}/forward_link_corruption1.ldif
565     {
566         echo "${DN}"
567         echo "changetype: modify"
568         echo "replace: member"
569         echo "${MSG}"
570         echo "${MSG}" | sed -e 's!RMD_LOCAL_USN=[1-9][0-9]*!RMD_LOCAL_USN=0!'
571     } > $ldif
572
573     out=$(TZ=UTC $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb.d/DC%3DRELEASE-4-5-0-PRE1,DC%3DSAMBA,DC%3DCORP.ldb $ldif)
574     if [ "$?" != "0" ]; then
575         echo "ldbmodify returned:\n$out"
576         return 1
577     fi
578
579     #
580     # Step2: add user "dangling"
581     #
582     ldif=$PREFIX_ABS/${RELEASE}/forward_link_corruption2.ldif
583     cat > $ldif <<EOF
584 dn: CN=dangling,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp
585 changetype: add
586 objectclass: user
587 samaccountname: dangling
588 objectGUID: fd8a04ac-cea0-4921-b1a6-c173e1155c22
589 EOF
590
591     out=$(TZ=UTC $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb --relax $ldif)
592     if [ "$?" != "0" ]; then
593         echo "ldbmodify returned:\n$out"
594         return 1
595     fi
596
597     #
598     # Step3: add a dangling backlink from
599     # "CN=dangling" to "CN=Enterprise Admins"
600     #
601     ldif=$PREFIX_ABS/${RELEASE}/forward_link_corruption3.ldif
602     {
603         echo "dn: CN=dangling,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp"
604         echo "changetype: modify"
605         echo "add: memberOf"
606         echo "memberOf: <GUID=304ad703-468b-465e-9787-470b3dfd7d75>;<SID=S-1-5-21-4177067393-1453636373-93818738-519>;CN=Enterprise Admins,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp"
607     } > $ldif
608
609     out=$(TZ=UTC $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb.d/DC%3DRELEASE-4-5-0-PRE1,DC%3DSAMBA,DC%3DCORP.ldb $ldif)
610     if [ "$?" != "0" ]; then
611         echo "ldbmodify returned:\n$out"
612         return 1
613     fi
614 }
615
616 dbcheck_forward_link_corruption() {
617     dbcheck "-forward-link-corruption" "1" "--selftest-check-expired-tombstones"
618     return $?
619 }
620
621 check_expected_after_dbcheck_forward_link_corruption() {
622     tmpldif=$PREFIX_ABS/$RELEASE/expected-after-dbcheck-forward-link-corruption.ldif.tmp
623     TZ=UTC $ldbsearch -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb '(|(cn=dangling)(cn=enterprise admins))' -s sub -b DC=release-4-5-0-pre1,DC=samba,DC=corp --show-deleted --sorted memberOf member > $tmpldif
624     diff -u $tmpldif $release_dir/expected-after-dbcheck-forward-link-corruption.ldif
625     if [ "$?" != "0" ]; then
626         return 1
627     fi
628 }
629
630 oneway_link_corruption() {
631     #
632     # Step1: add  OU "dangling-ou"
633     #
634     ldif=$PREFIX_ABS/${RELEASE}/oneway_link_corruption.ldif
635     cat > $ldif <<EOF
636 dn: OU=dangling-ou,DC=release-4-5-0-pre1,DC=samba,DC=corp
637 changetype: add
638 objectclass: organizationalUnit
639 objectGUID: 20600e7c-92bb-492e-9552-f3ed7f8a2cad
640 EOF
641
642     out=$(TZ=UTC $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb --relax $ldif)
643     if [ "$?" != "0" ]; then
644         echo "ldbmodify returned:\n$out"
645         return 1
646     fi
647
648     #
649     # Step2: add  msExchConfigurationContainer "dangling-msexch"
650     #
651     ldif=$PREFIX_ABS/${RELEASE}/oneway_link_corruption2.ldif
652     cat > $ldif <<EOF
653 dn: OU=dangling-from,DC=release-4-5-0-pre1,DC=samba,DC=corp
654 changetype: add
655 objectclass: organizationalUnit
656 seeAlso: OU=dangling-ou,DC=release-4-5-0-pre1,DC=samba,DC=corp
657 EOF
658
659     out=$(TZ=UTC $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb $ldif)
660     if [ "$?" != "0" ]; then
661         echo "ldbmodify returned:\n$out"
662         return 1
663     fi
664
665     #
666     # Step3: rename dangling-ou to dangling-ou2
667     #
668     # Because this is a one-way link we don't fix it at runtime
669     #
670     out=$(TZ=UTC $ldbrename -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb OU=dangling-ou,DC=release-4-5-0-pre1,DC=samba,DC=corp OU=dangling-ou2,DC=release-4-5-0-pre1,DC=samba,DC=corp)
671     if [ "$?" != "0" ]; then
672         echo "ldbmodify returned:\n$out"
673         return 1
674     fi
675 }
676
677 dbcheck_oneway_link_corruption() {
678     dbcheck "-oneway-link-corruption" "0" "--selftest-check-expired-tombstones"
679     return $?
680 }
681
682 check_expected_after_dbcheck_oneway_link_corruption() {
683     tmpldif=$PREFIX_ABS/$RELEASE/expected-after-dbcheck-oneway-link-corruption.ldif.tmp
684     TZ=UTC $ldbsearch -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb '(|(ou=dangling-ou)(ou=dangling-ou2)(ou=dangling-from))' -s sub -b DC=release-4-5-0-pre1,DC=samba,DC=corp --show-deleted --sorted seeAlso > $tmpldif
685     diff -u $tmpldif $release_dir/expected-after-dbcheck-oneway-link-corruption.ldif
686     if [ "$?" != "0" ]; then
687         return 1
688     fi
689 }
690
691 dbcheck_dangling_multi_valued() {
692
693     $PYTHON $BINDIR/samba-tool dbcheck -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb --selftest-check-expired-tombstones --fix --yes
694     if [ "$?" != "1" ]; then
695         return 1
696     fi
697 }
698
699 dangling_multi_valued_check_missing() {
700     WORDS=`TZ=UTC $ldbsearch -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb '(samaccountname=dangling-multi2)' -s sub -b DC=release-4-5-0-pre1,DC=samba,DC=corp --show-deleted --reveal --sorted msDS-RevealedDSAs | grep msDS-RevealedDSAs | wc -l`
701     if [ $WORDS -ne 4 ]; then
702         echo Got only $WORDS links for dangling-multi2
703         return 1
704     fi
705     WORDS=`TZ=UTC $ldbsearch -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb '(samaccountname=dangling-multi3)' -s sub -b DC=release-4-5-0-pre1,DC=samba,DC=corp --show-deleted --reveal --sorted msDS-RevealedDSAs | grep msDS-RevealedDSAs | wc -l`
706     if [ $WORDS -ne 4 ]; then
707         echo Got only $WORDS links for dangling-multi3
708         return 1
709     fi
710 }
711
712 dangling_multi_valued_check_equal_or_too_many() {
713     WORDS=`TZ=UTC $ldbsearch -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb '(samaccountname=dangling-multi1)' -s sub -b DC=release-4-5-0-pre1,DC=samba,DC=corp --show-deleted --reveal --sorted msDS-RevealedDSAs | grep msDS-RevealedDSAs | wc -l`
714     if [ $WORDS -ne 4 ]; then
715         echo Got $WORDS links for dangling-multi1
716         return 1
717     fi
718
719     WORDS=`TZ=UTC $ldbsearch -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb '(samaccountname=dangling-multi5)' -s sub -b DC=release-4-5-0-pre1,DC=samba,DC=corp --show-deleted --reveal --sorted msDS-RevealedDSAs | grep msDS-RevealedDSAs | wc -l`
720
721     if [ $WORDS -ne 0 ]; then
722         echo Got $WORDS links for dangling-multi5
723         return 1
724     fi
725
726     WORDS=`TZ=UTC $ldbsearch -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb '(samaccountname=Administrator)' -s sub -b DC=release-4-5-0-pre1,DC=samba,DC=corp --show-deleted --reveal --sorted msDS-RevealedDSAs | grep msDS-RevealedDSAs | wc -l`
727
728     if [ $WORDS -ne 2 ]; then
729         echo Got $WORDS links for Administrator
730         return 1
731     fi
732 }
733
734
735 if [ -d $release_dir ]; then
736     testit $RELEASE undump
737     testit "add_two_more_users" add_two_more_users
738     testit "add_four_more_links" add_four_more_links
739     testit "remove_one_link" remove_one_link
740     testit "remove_one_user" remove_one_user
741     testit "move_one_user" move_one_user
742     testit "add_dangling_link" add_dangling_link
743     testit "add_dangling_backlink" add_dangling_backlink
744     testit "add_deleted_dangling_backlink" add_deleted_dangling_backlink
745     testit "revive_links_on_deleted_group" revive_links_on_deleted_group
746     testit "revive_backlink_on_deleted_group" revive_backlink_on_deleted_group
747     testit "add_deleted_target_link" add_deleted_target_link
748     testit "add_deleted_target_backlink" add_deleted_target_backlink
749     testit "dbcheck_dangling" dbcheck_dangling
750     testit "dbcheck_clean" dbcheck_clean
751     testit "check_expected_after_deleted_links" check_expected_after_deleted_links
752     testit "check_expected_after_links" check_expected_after_links
753     testit "check_expected_after_objects" check_expected_after_objects
754     testit "duplicate_member" duplicate_member
755     testit "dbcheck_duplicate_member" dbcheck_duplicate_member
756     testit "check_expected_after_duplicate_links" check_expected_after_duplicate_links
757     testit "duplicate_clean" dbcheck_clean
758     testit "forward_link_corruption" forward_link_corruption
759     testit "dbcheck_forward_link_corruption" dbcheck_forward_link_corruption
760     testit "check_expected_after_dbcheck_forward_link_corruption" check_expected_after_dbcheck_forward_link_corruption
761     testit "forward_link_corruption_clean" dbcheck_clean
762     testit "oneway_link_corruption" oneway_link_corruption
763     testit "dbcheck_oneway_link_corruption" dbcheck_oneway_link_corruption
764     testit "check_expected_after_dbcheck_oneway_link_corruption" check_expected_after_dbcheck_oneway_link_corruption
765     testit "oneway_link_corruption_clean" dbcheck_clean
766     testit "dangling_one_way_link" dangling_one_way_link
767     testit "dbcheck_one_way" dbcheck_one_way
768     testit "dbcheck_clean2" dbcheck_clean
769     testit "missing_link_sid_corruption" missing_link_sid_corruption
770     testit "dbcheck_missing_link_sid_corruption" dbcheck_missing_link_sid_corruption
771     testit "missing_link_sid_clean" dbcheck_clean
772     testit "add_lost_deleted_user1" add_lost_deleted_user1
773     testit "dbcheck_lost_deleted_user1" dbcheck_lost_deleted_user1
774     testit "lost_deleted_user1_clean_A" dbcheck_clean
775     testit "remove_lost_deleted_user1" remove_lost_deleted_user1
776     testit "lost_deleted_user1_clean_B" dbcheck_clean
777     testit "add_lost_deleted_user2" add_lost_deleted_user2
778     testit "dbcheck_lost_deleted_user2" dbcheck_lost_deleted_user2
779     testit "lost_deleted_user2_clean" dbcheck_clean
780     testit "add_lost_deleted_user3" add_lost_deleted_user3
781     testit "dbcheck_lost_deleted_user3" dbcheck_lost_deleted_user3
782     testit "lost_deleted_user3_clean_A" dbcheck_clean
783     testit "remove_lost_deleted_user3" remove_lost_deleted_user3
784     testit "lost_deleted_user3_clean_B" dbcheck_clean
785     testit "dangling_one_way_dn" dangling_one_way_dn
786     testit "deleted_one_way_dn" deleted_one_way_dn
787     testit "dbcheck_clean3" dbcheck_clean
788     testit "add_dangling_multi_valued" add_dangling_multi_valued
789     testit "dbcheck_dangling_multi_valued" dbcheck_dangling_multi_valued
790     testit "dangling_multi_valued_check_missing" dangling_multi_valued_check_missing
791     testit "dangling_multi_valued_check_equal_or_too_many" dangling_multi_valued_check_equal_or_too_many
792     # Currently this cannot pass
793     testit "dbcheck_dangling_multi_valued_clean" dbcheck_clean
794 else
795     subunit_start_test $RELEASE
796     subunit_skip_test $RELEASE <<EOF
797 no test provision
798 EOF
799
800     subunit_start_test "tombstones_expunge"
801     subunit_skip_test "tombstones_expunge" <<EOF
802 no test provision
803 EOF
804 fi
805
806 if [ -d $PREFIX_ABS/${RELEASE} ]; then
807     rm -fr $PREFIX_ABS/${RELEASE}
808 fi
809
810 exit $failed
Unnamed repository; edit this file 'description' to name the repository.