Split up tests a bit, output subunit.
[ira/wip.git] / source / lib / ldb / tests / python / ldap.py
1 #!/usr/bin/python
2 # -*- coding: utf-8 -*-
3 # This is a port of the original in testprogs/ejs/ldap.js
4
5 import getopt
6 import optparse
7 import sys
8
9 import samba.getopt as options
10
11 from auth import system_session
12 from ldb import (SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE, LdbError,
13                  LDB_ERR_NO_SUCH_OBJECT, LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS,
14                  LDB_ERR_ENTRY_ALREADY_EXISTS, LDB_ERR_UNWILLING_TO_PERFORM,
15                  LDB_ERR_NOT_ALLOWED_ON_NON_LEAF, LDB_ERR_OTHER)
16 from samba import Ldb
17 from subunit import SubunitTestRunner
18 import param
19 import unittest
20
21 parser = optparse.OptionParser("ldap [options] <host>")
22 sambaopts = options.SambaOptions(parser)
23 parser.add_option_group(sambaopts)
24 parser.add_option_group(options.VersionOptions(parser))
25 # use command line creds if available
26 credopts = options.CredentialsOptions(parser)
27 parser.add_option_group(credopts)
28 creds = credopts.get_credentials()
29 opts, args = parser.parse_args()
30
31 if len(args) < 1:
32     parser.print_usage()
33     sys.exit(1)
34
35 host = args[0]
36
37 lp = sambaopts.get_loadparm()
38
39 class BasicTests(unittest.TestCase):
40     def delete_force(self, ldb, dn):
41         try:
42             ldb.delete(dn)
43         except LdbError, (num, _): 
44             self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
45
46     def find_basedn(self, ldb):
47         res = ldb.search(base="", expression="", scope=SCOPE_BASE, 
48                          attrs=["defaultNamingContext"])
49         self.assertEquals(len(res), 1)
50         return res[0]["defaultNamingContext"][0]
51
52     def find_configurationdn(self, ldb):
53         res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["configurationNamingContext"])
54         self.assertEquals(len(res), 1)
55         return res[0]["configurationNamingContext"][0]
56
57     def find_schemadn(self, ldb):
58         res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["schemaNamingContext"])
59         self.assertEquals(len(res), 1)
60         return res[0]["schemaNamingContext"][0]
61
62     def setUp(self):
63         self.ldb = ldb
64         self.gc_ldb = gc_ldb
65         self.base_dn = self.find_basedn(ldb)
66         self.configuration_dn = self.find_configurationdn(ldb)
67         self.schema_dn = self.find_schemadn(ldb)
68
69         print "baseDN: %s\n" % self.base_dn
70
71         self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
72         self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn)
73
74     def test_group_add_invalid_member(self):
75         """Testing group add with invalid member"""
76         try:
77             self.ldb.add({
78             "dn": "cn=ldaptestgroup,cn=uSers," + self.base_dn,
79             "objectclass": "group",
80             "member": "cn=ldaptestuser,cn=useRs," + self.base_dn})
81         except LdbError, (num, _): 
82             self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
83         else:
84             self.fail()
85
86     def test_all(self):
87         """Basic tests"""
88
89         self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
90
91         print "Testing user add"
92         ldb.add({
93         "dn": "cn=ldaptestuser,cn=uSers," + self.base_dn,
94         "objectclass": ["user", "person"],
95         "cN": "LDAPtestUSER",
96         "givenname": "ldap",
97         "sn": "testy"})
98
99         ldb.add({
100             "dn": "cn=ldaptestgroup,cn=uSers," + self.base_dn,
101             "objectclass": "group",
102             "member": "cn=ldaptestuser,cn=useRs," + self.base_dn})
103
104         self.delete_force(ldb, "cn=ldaptestcomputer,cn=computers," + self.base_dn)
105         ldb.add({
106             "dn": "cn=ldaptestcomputer,cn=computers," + self.base_dn,
107             "objectclass": "computer",
108             "cN": "LDAPtestCOMPUTER"})
109
110         self.delete_force(self.ldb, "cn=ldaptest2computer,cn=computers," + self.base_dn)
111         ldb.add({"dn": "cn=ldaptest2computer,cn=computers," + self.base_dn,
112             "objectClass": "computer",
113             "cn": "LDAPtest2COMPUTER",
114             "userAccountControl": "4096",
115             "displayname": "ldap testy"})
116
117         print "Testing attribute or value exists behaviour"
118         try:
119             ldb.modify_ldif("""
120 dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
121 changetype: modify
122 replace: servicePrincipalName
123 servicePrincipalName: host/ldaptest2computer
124 servicePrincipalName: host/ldaptest2computer
125 servicePrincipalName: cifs/ldaptest2computer
126 """)
127         except LdbError, (num, msg):
128             self.assertEquals(num, LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS)
129
130             ldb.modify_ldif("""
131 dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
132 changetype: modify
133 replace: servicePrincipalName
134 servicePrincipalName: host/ldaptest2computer
135 servicePrincipalName: cifs/ldaptest2computer
136 """)
137             try:
138                 ldb.modify_ldif("""
139 dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
140 changetype: modify
141 add: servicePrincipalName
142 servicePrincipalName: host/ldaptest2computer
143 """)
144             except LdbError, (num, msg):
145                 self.assertEquals(num, LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS)
146             
147             print "Testing ranged results"
148             ldb.modify_ldif("""
149 dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
150 changetype: modify
151 replace: servicePrincipalName
152 """)
153             
154             ldb.modify_ldif("""
155 dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
156 changetype: modify
157 add: servicePrincipalName
158 servicePrincipalName: host/ldaptest2computer0
159 servicePrincipalName: host/ldaptest2computer1
160 servicePrincipalName: host/ldaptest2computer2
161 servicePrincipalName: host/ldaptest2computer3
162 servicePrincipalName: host/ldaptest2computer4
163 servicePrincipalName: host/ldaptest2computer5
164 servicePrincipalName: host/ldaptest2computer6
165 servicePrincipalName: host/ldaptest2computer7
166 servicePrincipalName: host/ldaptest2computer8
167 servicePrincipalName: host/ldaptest2computer9
168 servicePrincipalName: host/ldaptest2computer10
169 servicePrincipalName: host/ldaptest2computer11
170 servicePrincipalName: host/ldaptest2computer12
171 servicePrincipalName: host/ldaptest2computer13
172 servicePrincipalName: host/ldaptest2computer14
173 servicePrincipalName: host/ldaptest2computer15
174 servicePrincipalName: host/ldaptest2computer16
175 servicePrincipalName: host/ldaptest2computer17
176 servicePrincipalName: host/ldaptest2computer18
177 servicePrincipalName: host/ldaptest2computer19
178 servicePrincipalName: host/ldaptest2computer20
179 servicePrincipalName: host/ldaptest2computer21
180 servicePrincipalName: host/ldaptest2computer22
181 servicePrincipalName: host/ldaptest2computer23
182 servicePrincipalName: host/ldaptest2computer24
183 servicePrincipalName: host/ldaptest2computer25
184 servicePrincipalName: host/ldaptest2computer26
185 servicePrincipalName: host/ldaptest2computer27
186 servicePrincipalName: host/ldaptest2computer28
187 servicePrincipalName: host/ldaptest2computer29
188 """)
189
190             res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, 
191                              attrs=["servicePrincipalName;range=0-*"])
192             self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
193             #print len(res[0]["servicePrincipalName;range=0-*"])
194             self.assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30)
195
196             res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-19"])
197             self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
198             # print res[0]["servicePrincipalName;range=0-19"].length
199             self.assertEquals(len(res[0]["servicePrincipalName;range=0-19"]), 20)
200
201             
202             res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-30"])
203             self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
204             self.assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30)
205
206             res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-40"])
207             self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
208             self.assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30)
209
210             res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=30-40"])
211             self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
212             self.assertEquals(len(res[0]["servicePrincipalName;range=30-*"]), 0)
213
214             
215             res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=10-40"])
216             self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
217             self.assertEquals(len(res[0]["servicePrincipalName;range=10-*"]), 20)
218             # pos_11 = res[0]["servicePrincipalName;range=10-*"][18]
219
220             res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=11-40"])
221             self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
222             self.assertEquals(len(res[0]["servicePrincipalName;range=11-*"]), 19)
223             # print res[0]["servicePrincipalName;range=11-*"][18]
224             # print pos_11
225             # self.assertEquals((res[0]["servicePrincipalName;range=11-*"][18]), pos_11)
226
227             res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=11-15"])
228             self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
229             self.assertEquals(len(res[0]["servicePrincipalName;range=11-15"]), 5)
230             # self.assertEquals(res[0]["servicePrincipalName;range=11-15"][4], pos_11)
231
232             res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName"])
233             self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
234             # print res[0]["servicePrincipalName"][18]
235             # print pos_11
236             self.assertEquals(len(res[0]["servicePrincipalName"]), 30)
237             # self.assertEquals(res[0]["servicePrincipalName"][18], pos_11)
238
239         self.delete_force(self.ldb, "cn=ldaptestuser2,cn=users," + self.base_dn)
240         ldb.add({
241             "dn": "cn=ldaptestuser2,cn=useRs," + self.base_dn,
242             "objectClass": ["person", "user"],
243             "cn": "LDAPtestUSER2",
244             "givenname": "testy",
245             "sn": "ldap user2"})
246
247         print "Testing Ambigious Name Resolution"
248         # Testing ldb.search for (&(anr=ldap testy)(objectClass=user))
249         res = ldb.search(expression="(&(anr=ldap testy)(objectClass=user))")
250         self.assertEquals(len(res), 3, "Could not find (&(anr=ldap testy)(objectClass=user))")
251
252         # Testing ldb.search for (&(anr=testy ldap)(objectClass=user))
253         res = ldb.search(expression="(&(anr=testy ldap)(objectClass=user))")
254         self.assertEquals(len(res), 2, "Found only %d for (&(anr=testy ldap)(objectClass=user))" % len(res))
255
256         # Testing ldb.search for (&(anr=ldap)(objectClass=user))
257         res = ldb.search(expression="(&(anr=ldap)(objectClass=user))")
258         self.assertEquals(len(res), 4, "Found only %d for (&(anr=ldap)(objectClass=user))" % len(res))
259
260         # Testing ldb.search for (&(anr==ldap)(objectClass=user))
261         res = ldb.search(expression="(&(anr==ldap)(objectClass=user))")
262         self.assertEquals(len(res), 1, "Could not find (&(anr==ldap)(objectClass=user)). Found only %d for (&(anr=ldap)(objectClass=user))" % len(res))
263
264         self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
265         self.assertEquals(res[0]["cn"][0], "ldaptestuser")
266         self.assertEquals(res[0]["name"], "ldaptestuser")
267
268         # Testing ldb.search for (&(anr=testy)(objectClass=user))
269         res = ldb.search(expression="(&(anr=testy)(objectClass=user))")
270         self.assertEquals(len(res), 2, "Found only %d for (&(anr=testy)(objectClass=user))" % len(res))
271
272         # Testing ldb.search for (&(anr=ldap testy)(objectClass=user))
273         res = ldb.search(expression="(&(anr=testy ldap)(objectClass=user))")
274         self.assertEquals(len(res), 2, "Found only %d for (&(anr=ldap testy)(objectClass=user))" % len(res))
275
276         # Testing ldb.search for (&(anr==ldap testy)(objectClass=user))
277         res = ldb.search(expression="(&(anr==testy ldap)(objectClass=user))")
278         self.assertEquals(len(res), 1, "Found only %d for (&(anr==ldap testy)(objectClass=user))" % len(res))
279
280         self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
281         self.assertEquals(res[0]["cn"][0], "ldaptestuser")
282         self.assertEquals(res[0]["name"][0], "ldaptestuser")
283
284         # Testing ldb.search for (&(anr==testy ldap)(objectClass=user))
285         res = ldb.search(expression="(&(anr==testy ldap)(objectClass=user))")
286         self.assertEquals(len(res), 1, "Could not find (&(anr==testy ldap)(objectClass=user))")
287
288         self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
289         self.assertEquals(res[0]["cn"][0], "ldaptestuser")
290         self.assertEquals(res[0]["name"][0], "ldaptestuser")
291
292         # Testing ldb.search for (&(anr=testy ldap user)(objectClass=user))
293         res = ldb.search(expression="(&(anr=testy ldap user)(objectClass=user))")
294         self.assertEquals(len(res), 1, "Could not find (&(anr=testy ldap user)(objectClass=user))")
295
296         self.assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + self.base_dn))
297         self.assertEquals(res[0]["cn"], "ldaptestuser2")
298         self.assertEquals(res[0]["name"], "ldaptestuser2")
299
300         # Testing ldb.search for (&(anr==testy ldap user2)(objectClass=user))
301         res = ldb.search(expression="(&(anr==testy ldap user2)(objectClass=user))")
302         self.assertEquals(len(res), 1, "Could not find (&(anr==testy ldap user2)(objectClass=user))")
303
304         self.assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + self.base_dn))
305         self.assertEquals(res[0]["cn"], "ldaptestuser2")
306         self.assertEquals(res[0]["name"], "ldaptestuser2")
307
308         # Testing ldb.search for (&(anr==ldap user2)(objectClass=user))
309         res = ldb.search(expression="(&(anr==ldap user2)(objectClass=user))")
310         self.assertEquals(len(res), 1, "Could not find (&(anr==ldap user2)(objectClass=user))")
311
312         self.assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + self.base_dn))
313         self.assertEquals(res[0]["cn"], "ldaptestuser2")
314         self.assertEquals(res[0]["name"], "ldaptestuser2")
315
316         # Testing ldb.search for (&(anr==not ldap user2)(objectClass=user))
317         res = ldb.search(expression="(&(anr==not ldap user2)(objectClass=user))")
318         self.assertEquals(len(res), 0, "Must not find (&(anr==not ldap user2)(objectClass=user))")
319
320         # Testing ldb.search for (&(anr=not ldap user2)(objectClass=user))
321         res = ldb.search(expression="(&(anr=not ldap user2)(objectClass=user))")
322         self.assertEquals(len(res), 0, "Must not find (&(anr=not ldap user2)(objectClass=user))")
323
324         print "Testing Group Modifies"
325         ldb.modify_ldif("""
326 dn: cn=ldaptestgroup,cn=users,""" + self.base_dn + """
327 changetype: modify
328 add: member
329 member: cn=ldaptestuser2,cn=users,""" + self.base_dn + """
330 member: cn=ldaptestcomputer,cn=computers,""" + self.base_dn + """
331 """)
332
333         self.delete_force(ldb, "cn=ldaptestuser3,cn=users," + self.base_dn)
334
335         print "Testing adding non-existent user to a group"
336         try:
337             ldb.modify_ldif("""
338 dn: cn=ldaptestgroup,cn=users,""" + self.base_dn + """
339 changetype: modify
340 add: member
341 member: cn=ldaptestuser3,cn=users,""" + self.base_dn + """
342 """)
343         except LdbError, (num, _):
344             self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
345         else:
346             self.fail()
347
348         print "Testing Renames"
349
350         ldb.rename("cn=ldaptestuser2,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=users," + self.base_dn)
351
352         ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=users," + self.base_dn)
353
354         ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestUSER3,cn=users," + self.base_dn)
355
356         print "Testing ldb.search for (&(cn=ldaptestuser3)(objectClass=user))"
357         res = ldb.search(expression="(&(cn=ldaptestuser3)(objectClass=user))")
358         self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser3)(objectClass=user))")
359
360         self.assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
361         self.assertEquals(res[0]["cn"], "ldaptestUSER3")
362         self.assertEquals(res[0]["name"], "ldaptestUSER3")
363
364         # This is a Samba special, and does not exist in real AD
365         #    print "Testing ldb.search for (dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")"
366         #    res = ldb.search("(dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")")
367         #    if (res.error != 0 || len(res) != 1) {
368         #        print "Could not find (dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")"
369         #        self.assertEquals(len(res), 1)
370         #    }
371         #    self.assertEquals(res[0].dn, ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
372         #    self.assertEquals(res[0].cn, "ldaptestUSER3")
373         #    self.assertEquals(res[0].name, "ldaptestUSER3")
374
375         print "Testing ldb.search for (distinguishedName=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")"
376         res = ldb.search(expression="(distinguishedName=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")")
377         self.assertEquals(len(res), 1, "Could not find (dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")")
378         self.assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
379         self.assertEquals(res[0]["cn"], "ldaptestUSER3")
380         self.assertEquals(res[0]["name"], "ldaptestUSER3")
381
382         # ensure we cannot add it again
383         try:
384             ldb.add({"dn": "cn=ldaptestuser3,cn=userS," + self.base_dn,
385                       "objectClass": ["person", "user"],
386                       "cn": "LDAPtestUSER3"})
387         except LdbError, (num, _):
388             self.assertEquals(num, LDB_ERR_ENTRY_ALREADY_EXISTS)
389         else:
390             self.fail()
391
392         # rename back
393         ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser2,cn=users," + self.base_dn)
394
395         # ensure we cannnot rename it twice
396         try:
397             ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser2,cn=users," + self.base_dn)
398         except LdbError, (num, _): 
399             self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
400         else:
401             self.fail()
402
403         # ensure can now use that name
404         ldb.add({"dn": "cn=ldaptestuser3,cn=users," + self.base_dn,
405                       "objectClass": ["person", "user"],
406                       "cn": "LDAPtestUSER3"})
407         
408         # ensure we now cannnot rename
409         try:
410             ldb.rename("cn=ldaptestuser2,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=users," + self.base_dn)
411         except LdbError, (num, _):
412             self.assertEquals(num, LDB_ERR_ENTRY_ALREADY_EXISTS)
413         else:
414             self.fail()
415         try:
416             ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=configuration," + self.base_dn)
417         except LdbError, (num, _):
418             self.assertTrue(num in (71, 64))
419         else:
420             self.fail()
421
422         ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser5,cn=users," + self.base_dn)
423
424         ldb.delete("cn=ldaptestuser5,cn=users," + self.base_dn)
425
426         self.delete_force(ldb, "cn=ldaptestgroup2,cn=users," + self.base_dn)
427
428         ldb.rename("cn=ldaptestgroup,cn=users," + self.base_dn, "cn=ldaptestgroup2,cn=users," + self.base_dn)
429
430         print "Testing subtree Renames"
431
432         ldb.add({"dn": "cn=ldaptestcontainer," + self.base_dn, 
433                  "objectClass": "container"})
434         
435         self.delete_force(self.ldb, "cn=ldaptestuser4,cn=ldaptestcontainer," + self.base_dn)
436         ldb.add({"dn": "CN=ldaptestuser4,CN=ldaptestcontainer," + self.base_dn, 
437                  "objectClass": ["person", "user"],
438                  "cn": "LDAPtestUSER4"})
439
440         ldb.modify_ldif("""
441 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
442 changetype: modify
443 add: member
444 member: cn=ldaptestuser4,cn=ldaptestcontainer,""" + self.base_dn + """
445 """)
446         
447         print "Testing ldb.rename of cn=ldaptestcontainer," + self.base_dn + " to cn=ldaptestcontainer2," + self.base_dn
448         ldb.rename("CN=ldaptestcontainer," + self.base_dn, "CN=ldaptestcontainer2," + self.base_dn)
449
450         print "Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user))"
451         res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))")
452         self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser4)(objectClass=user))")
453
454         print "Testing subtree ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + self.base_dn
455         try:
456             ldb.search("cn=ldaptestcontainer," + self.base_dn, 
457                     expression="(&(cn=ldaptestuser4)(objectClass=user))", 
458                     scope=SCOPE_SUBTREE)
459         except LdbError, (num, _):
460             self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
461         else:
462             self.fail()
463
464         print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + self.base_dn
465         try:
466             res = ldb.search("cn=ldaptestcontainer," + self.base_dn, 
467                     expression="(&(cn=ldaptestuser4)(objectClass=user))", scope=SCOPE_ONELEVEL)
468         except LdbError, (num, _):
469             self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
470         else:
471             self.fail()
472
473         print "Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in renamed container"
474         res = ldb.search("cn=ldaptestcontainer2," + self.base_dn, expression="(&(cn=ldaptestuser4)(objectClass=user))", scope=SCOPE_SUBTREE)
475         self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser4)(objectClass=user)) under cn=ldaptestcontainer2," + self.base_dn)
476
477         self.assertEquals(str(res[0].dn), ("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn))
478         self.assertEquals(res[0]["memberOf"][0].upper(), ("CN=ldaptestgroup2,CN=Users," + self.base_dn).upper())
479
480         print "Testing ldb.search for (&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn + ")(objectclass=group)) to check subtree renames and linked attributes"
481         res = ldb.search(self.base_dn, expression="(&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn + ")(objectclass=group))", scope=SCOPE_SUBTREE)
482         self.assertEquals(len(res), 1, "Could not find (&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn + ")(objectclass=group)), perhaps linked attributes are not conistant with subtree renames?")
483
484         print "Testing ldb.rename (into itself) of cn=ldaptestcontainer2," + self.base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer2," + self.base_dn
485         try:
486             ldb.rename("cn=ldaptestcontainer2," + self.base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer2," + self.base_dn)
487         except LdbError, (num, _):
488             self.assertEquals(num, LDB_ERR_UNWILLING_TO_PERFORM)
489         else:
490             self.fail()
491
492         print "Testing ldb.rename (into non-existent container) of cn=ldaptestcontainer2," + self.base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer3," + self.base_dn
493         try:
494             ldb.rename("cn=ldaptestcontainer2," + self.base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer3," + self.base_dn)
495         except LdbError, (num, _):
496             self.assertTrue(num in (LDB_ERR_UNWILLING_TO_PERFORM, LDB_ERR_OTHER))
497         else:
498             self.fail()
499
500         print "Testing delete (should fail, not a leaf node) of renamed cn=ldaptestcontainer2," + self.base_dn
501         try:
502             ldb.delete("cn=ldaptestcontainer2," + self.base_dn)
503         except LdbError, (num, _):
504             self.assertEquals(num, LDB_ERR_NOT_ALLOWED_ON_NON_LEAF)
505         else:
506             self.fail()
507
508         print "Testing base ldb.search for CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn
509         res = ldb.search(expression="(objectclass=*)", base=("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn), scope=SCOPE_BASE)
510         self.assertEquals(len(res), 1)
511         res = ldb.search(expression="(cn=ldaptestuser40)", base=("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn), scope=SCOPE_BASE)
512         self.assertEquals(len(res), 0)
513
514         print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + self.base_dn
515         res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))", base=("cn=ldaptestcontainer2," + self.base_dn), scope=SCOPE_ONELEVEL)
516         self.assertEquals(len(res), 0)
517
518         print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + self.base_dn
519         res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))", base=("cn=ldaptestcontainer2," + self.base_dn), scope=SCOPE_SUBTREE)
520         self.assertEquals(len(res), 0)
521
522         print "Testing delete of subtree renamed "+("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn)
523         ldb.delete(("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn))
524         print "Testing delete of renamed cn=ldaptestcontainer2," + self.base_dn
525         ldb.delete("cn=ldaptestcontainer2," + self.base_dn)
526         
527         self.delete_force(self.ldb, "cn=ldaptestutf8user èùéìòà ,cn=users," + self.base_dn)
528         ldb.add({"dn": "cn=ldaptestutf8user èùéìòà ,cn=users," + self.base_dn, "objectClass": "user"})
529
530         self.delete_force(self.ldb, "cn=ldaptestutf8user2  èùéìòà ,cn=users," + self.base_dn)
531         ldb.add({"dn": "cn=ldaptestutf8user2  èùéìòà ,cn=users," + self.base_dn, "objectClass": "user"})
532
533         print "Testing ldb.search for (&(cn=ldaptestuser)(objectClass=user))"
534         res = ldb.search(expression="(&(cn=ldaptestuser)(objectClass=user))")
535         self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser)(objectClass=user))")
536
537         self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
538         self.assertEquals(res[0]["cn"], "ldaptestuser")
539         self.assertEquals(res[0]["name"], "ldaptestuser")
540         self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"])
541         self.assertTrue("objectGUID" in res[0])
542         self.assertTrue("whenCreated" in res[0])
543         self.assertEquals(res[0]["objectCategory"], ("CN=Person,CN=Schema,CN=Configuration," + self.base_dn))
544         self.assertEquals(int(res[0]["sAMAccountType"][0]), 805306368)
545         # self.assertEquals(res[0].userAccountControl, 546)
546         self.assertEquals(res[0]["memberOf"][0], ("CN=ldaptestgroup2,CN=Users," + self.base_dn))
547         self.assertEquals(len(res[0]["memberOf"]), 1)
548      
549         print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + self.base_dn + "))"
550         res2 = ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + self.base_dn + "))")
551         self.assertEquals(len(res2), 1, "Could not find (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + self.base_dn + "))")
552
553         self.assertEquals(res[0].dn, res2[0].dn)
554
555         print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon))"
556         res3 = ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=PerSon))")
557         self.assertEquals(len(res3), 1, "Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)): matched " + len(res3))
558
559         self.assertEquals(res[0].dn, res3[0].dn)
560
561         if gc_ldb is not None:
562             print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog"
563             res3gc = gc_ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=PerSon))")
564             self.assertEquals(len(res3gc), 1)
565         
566             self.assertEquals(res[0].dn, res3gc[0].dn)
567
568         print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in with 'phantom root' control"
569         
570         res3control = gc_ldb.search(self.base_dn, expression="(&(cn=ldaptestuser)(objectCategory=PerSon))", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:2"])
571         self.assertEquals(len(res3control), 1, "Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog")
572         
573         self.assertEquals(res[0].dn, res3control[0].dn)
574
575         ldb.delete(res[0].dn)
576
577         print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectClass=user))"
578         res = ldb.search(expression="(&(cn=ldaptestcomputer)(objectClass=user))")
579         self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser)(objectClass=user))")
580
581         self.assertEquals(str(res[0].dn), ("CN=ldaptestcomputer,CN=Computers," + self.base_dn))
582         self.assertEquals(res[0]["cn"], "ldaptestcomputer")
583         self.assertEquals(res[0]["name"], "ldaptestcomputer")
584         self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user", "computer"])
585         self.assertTrue("objectGUID" in res[0])
586         self.assertTrue("whenCreated" in res[0])
587         self.assertEquals(res[0]["objectCategory"], ("CN=Computer,CN=Schema,CN=Configuration," + self.base_dn))
588         self.assertEquals(int(res[0]["primaryGroupID"][0]), 513)
589         # self.assertEquals(res[0].sAMAccountType, 805306368)
590         # self.assertEquals(res[0].userAccountControl, 546)
591         self.assertEquals(res[0]["memberOf"][0], "CN=ldaptestgroup2,CN=Users," + self.base_dn)
592         self.assertEquals(len(res[0]["memberOf"]), 1)
593
594         print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))"
595         res2 = ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))")
596         self.assertEquals(len(res2), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))")
597
598         self.assertEquals(res[0].dn, res2[0].dn)
599
600         if gc_ldb is not None:
601             print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + ")) in Global Catlog"
602             res2gc = gc_ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))")
603             self.assertEquals(len(res2gc), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + ")) in Global Catlog")
604
605             self.assertEquals(res[0].dn, res2gc[0].dn)
606
607         print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER))"
608         res3 = ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=compuTER))")
609         self.assertEquals(len(res3), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER))")
610
611         self.assertEquals(res[0].dn, res3[0].dn)
612
613         if gc_ldb is not None:
614             print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog"
615             res3gc = gc_ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=compuTER))")
616             self.assertEquals(len(res3gc), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog")
617
618             self.assertEquals(res[0].dn, res3gc[0].dn)
619
620         print "Testing ldb.search for (&(cn=ldaptestcomp*r)(objectCategory=compuTER))"
621         res4 = ldb.search(expression="(&(cn=ldaptestcomp*r)(objectCategory=compuTER))")
622         self.assertEquals(len(res4), 1, "Could not find (&(cn=ldaptestcomp*r)(objectCategory=compuTER))")
623
624         self.assertEquals(res[0].dn, res4[0].dn)
625
626         print "Testing ldb.search for (&(cn=ldaptestcomput*)(objectCategory=compuTER))"
627         res5 = ldb.search(expression="(&(cn=ldaptestcomput*)(objectCategory=compuTER))")
628         self.assertEquals(len(res5), 1, "Could not find (&(cn=ldaptestcomput*)(objectCategory=compuTER))")
629
630         self.assertEquals(res[0].dn, res5[0].dn)
631
632         print "Testing ldb.search for (&(cn=*daptestcomputer)(objectCategory=compuTER))"
633         res6 = ldb.search(expression="(&(cn=*daptestcomputer)(objectCategory=compuTER))")
634         self.assertEquals(len(res6), 1, "Could not find (&(cn=*daptestcomputer)(objectCategory=compuTER))")
635
636         self.assertEquals(res[0].dn, res6[0].dn)
637
638         ldb.delete(res[0].dn)
639
640         print "Testing ldb.search for (&(cn=ldaptest2computer)(objectClass=user))"
641         res = ldb.search(expression="(&(cn=ldaptest2computer)(objectClass=user))")
642         self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptest2computer)(objectClass=user))")
643
644         self.assertEquals(res[0].dn, ("CN=ldaptest2computer,CN=Computers," + self.base_dn))
645         self.assertEquals(res[0]["cn"], "ldaptest2computer")
646         self.assertEquals(res[0]["name"], "ldaptest2computer")
647         self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user", "computer"])
648         self.assertTrue("objectGUID" in res[0])
649         self.assertTrue("whenCreated" in res[0])
650         self.assertEquals(res[0]["objectCategory"][0], "CN=Computer,CN=Schema,CN=Configuration," + self.base_dn)
651         self.assertEquals(int(res[0]["sAMAccountType"][0]), 805306369)
652     #    self.assertEquals(res[0].userAccountControl, 4098)
653
654         ldb.delete(res[0].dn)
655
656         attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "memberOf"]
657         print "Testing ldb.search for (&(cn=ldaptestUSer2)(objectClass=user))"
658         res = ldb.search(self.base_dn, expression="(&(cn=ldaptestUSer2)(objectClass=user))", scope=SCOPE_SUBTREE, attrs=attrs)
659         self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestUSer2)(objectClass=user))")
660
661         self.assertEquals(res[0].dn, ("CN=ldaptestuser2,CN=Users," + self.base_dn))
662         self.assertEquals(res[0]["cn"], "ldaptestuser2")
663         self.assertEquals(res[0]["name"], "ldaptestuser2")
664         self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"])
665         self.assertTrue("objectGUID" in res[0])
666         self.assertTrue("whenCreated" in res[0])
667         self.assertTrue("nTSecurityDescriptor" in res[0])
668         self.assertEquals(res[0]["memberOf"][0], ("CN=ldaptestgroup2,CN=Users," + self.base_dn))
669
670         attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member"]
671         print "Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group))"
672         res = ldb.search(self.base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs)
673         self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group))")
674
675         self.assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + self.base_dn))
676         self.assertEquals(res[0]["cn"], "ldaptestgroup2")
677         self.assertEquals(res[0]["name"], "ldaptestgroup2")
678         self.assertEquals(res[0]["objectClass"], ["top", "group"])
679         self.assertTrue("objectGuid" not in res[0])
680         self.assertTrue("whenCreated" in res[0])
681         self.assertTrue("nTSecurityDescriptor" in res[0])
682         self.assertEquals(res[0]["member"], ["CN=ldaptestuser2,CN=Users," + self.base_dn])
683
684         ldb.modify_ldif("""
685 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
686 changetype: modify
687 replace: member
688 member: CN=ldaptestuser2,CN=Users,""" + self.base_dn + """
689 member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
690 """)
691         
692         print "Testing Linked attribute behaviours"
693         ldb.modify_ldif("""
694 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
695 changetype: modify
696 delete: member
697 """)
698
699         ldb.modify_ldif("""
700 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
701 changetype: modify
702 add: member
703 member: CN=ldaptestuser2,CN=Users,""" + self.base_dn + """
704 member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
705 """)
706         
707         ldb.modify_ldif("""
708 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
709 changetype: modify
710 replace: member
711 """)
712         
713         ldb.modify_ldif("""
714 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
715 changetype: modify
716 add: member
717 member: CN=ldaptestuser2,CN=Users,""" + self.base_dn + """
718 member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
719 """)
720         
721         ldb.modify_ldif("""
722 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
723 changetype: modify
724 delete: member
725 member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
726 """)
727         
728         res = ldb.search(self.base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs)
729         self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group))")
730
731         self.assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + self.base_dn))
732         self.assertEquals(res[0]["member"][0], ("CN=ldaptestuser2,CN=Users," + self.base_dn))
733         self.assertEquals(len(res[0]["member"]), 1)
734
735         ldb.delete(("CN=ldaptestuser2,CN=Users," + self.base_dn))
736
737         attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member"]
738         print "Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete"
739         res = ldb.search(self.base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs)
740         self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete")
741
742         self.assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + self.base_dn))
743         self.assertTrue("member" not in res[0])
744
745         print "Testing ldb.search for (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))"
746         res = ldb.search(expression="(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))")
747         self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))")
748
749         self.assertEquals(res[0].dn, ("CN=ldaptestutf8user èùéìòà,CN=Users," + self.base_dn))
750         self.assertEquals(res[0]["cn"], "ldaptestutf8user èùéìòà")
751         self.assertEquals(res[0]["name"], "ldaptestutf8user èùéìòà")
752         self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"])
753         self.assertTrue("objectGUID" in res[0])
754         self.assertTrue("whenCreated" in res[0])
755
756         ldb.delete(res[0].dn)
757
758         print "Testing ldb.search for (&(cn=ldaptestutf8user2*)(objectClass=user))"
759         res = ldb.search(expression="(&(cn=ldaptestutf8user2*)(objectClass=user))")
760         self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestutf8user2*)(objectClass=user))")
761
762         ldb.delete(res[0].dn)
763
764         ldb.delete(("CN=ldaptestgroup2,CN=Users," + self.base_dn))
765
766         print "Testing ldb.search for (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))"
767         res = ldb.search(expression="(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))")
768
769         #FIXME: self.assert len(res) == 1, "Could not find (expect space collapse, win2k3 fails) (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))"
770
771         print "Testing that we can't get at the configuration DN from the main search base"
772         res = ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
773         self.assertEquals(len(res), 0, "Got configuration DN " + res[0].dn + " which should not be able to be seen from main search base")
774         self.assertEquals(len(res), 0)
775
776         print "Testing that we can get at the configuration DN from the main search base on the LDAP port with the 'phantom root' search_options control"
777         res = ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:2"])
778         self.assertTrue(len(res) > 0)
779
780         if gc_ldb is not None:
781             print "Testing that we can get at the configuration DN from the main search base on the GC port with the search_options control == 0"
782             
783             res = gc_ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:0"])
784             self.assertTrue(len(res) > 0)
785
786             print "Testing that we do find configuration elements in the global catlog"
787             res = gc_ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
788             self.assertTrue(len(res) > 0)
789         
790             print "Testing that we do find configuration elements and user elements at the same time"
791             res = gc_ldb.search(self.base_dn, expression="(|(objectClass=crossRef)(objectClass=person))", scope=SCOPE_SUBTREE, attrs=["cn"])
792             self.assertTrue(len(res) > 0)
793
794             print "Testing that we do find configuration elements in the global catlog, with the configuration basedn"
795             res = gc_ldb.search(configuration_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
796             self.assertTrue(len(res) > 0)
797
798         print "Testing that we can get at the configuration DN on the main LDAP port"
799         res = ldb.search(configuration_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
800         self.assertTrue(len(res) > 0)
801
802         print "Testing objectCategory canonacolisation"
803         res = ldb.search(configuration_dn, expression="objectCategory=ntDsDSA", scope=SCOPE_SUBTREE, attrs=["cn"])
804         self.assertTrue(len(res) > 0, "Didn't find any records with objectCategory=ntDsDSA")
805         self.assertTrue(len(res) != 0)
806         
807         res = ldb.search(configuration_dn, expression="objectCategory=CN=ntDs-DSA," + schema_dn, scope=SCOPE_SUBTREE, attrs=["cn"])
808         self.assertTrue(len(res) > 0, "Didn't find any records with objectCategory=CN=ntDs-DSA," + schema_dn)
809         self.assertTrue(len(res) != 0)
810         
811         print "Testing objectClass attribute order on "+ self.base_dn
812         res = ldb.search(expression="objectClass=domain", base=self.base_dn, 
813                          scope=SCOPE_BASE, attrs=["objectClass"])
814         self.assertEquals(len(res), 1)
815
816         self.assertEquals(res[0]["objectClass"], ["top", "domain", "domainDNS"])
817
818     #  check enumeration
819
820         print "Testing ldb.search for objectCategory=person"
821         res = ldb.search(self.base_dn, expression="objectCategory=person", scope=SCOPE_SUBTREE, attrs=["cn"])
822         self.assertTrue(len(res) > 0)
823
824         print "Testing ldb.search for objectCategory=person with domain scope control"
825         res = ldb.search(self.base_dn, expression="objectCategory=person", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"])
826         self.assertTrue(len(res) > 0)
827      
828         print "Testing ldb.search for objectCategory=user"
829         res = ldb.search(self.base_dn, expression="objectCategory=user", scope=SCOPE_SUBTREE, attrs=["cn"])
830         self.assertTrue(len(res) > 0)
831         
832         print "Testing ldb.search for objectCategory=user with domain scope control"
833         res = ldb.search(self.base_dn, expression="objectCategory=user", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"])
834         self.assertTrue(len(res) > 0)
835         
836         print "Testing ldb.search for objectCategory=group"
837         res = ldb.search(self.base_dn, expression="objectCategory=group", scope=SCOPE_SUBTREE, attrs=["cn"])
838         self.assertTrue(len(res) > 0)
839
840         print "Testing ldb.search for objectCategory=group with domain scope control"
841         res = ldb.search(self.base_dn, expression="objectCategory=group", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"])
842         self.assertTrue(len(res) > 0)
843
844
845 class BaseDnTests(unittest.TestCase):
846     def setUp(self):
847         self.ldb = ldb
848
849     def test_rootdse_attrs(self):
850         """Testing for all rootDSE attributes"""
851         res = self.ldb.search(scope=SCOPE_BASE, attrs=[])
852         self.assertEquals(len(res), 1)
853
854     def test_highestcommittedusn(self):
855         """Testing for highestCommittedUSN"""
856         res = self.ldb.search("", scope=SCOPE_BASE, attrs=["highestCommittedUSN"])
857         self.assertEquals(len(res), 1)
858         self.assertTrue(int(res[0]["highestCommittedUSN"][0]) != 0)
859
860     def test_netlogon(self):
861         """Testing for netlogon via LDAP"""
862         res = self.ldb.search("", scope=SCOPE_BASE, attrs=["netlogon"])
863         self.assertEquals(len(res), 0)
864
865     def test_netlogon_highestcommitted_usn(self):
866         """Testing for netlogon and highestCommittedUSN via LDAP"""
867         res = self.ldb.search("", scope=SCOPE_BASE, 
868                 attrs=["netlogon", "highestCommittedUSN"])
869         self.assertEquals(len(res), 0)
870
871
872 if not "://" in host:
873     host = "ldap://%s" % host
874
875 ldb = Ldb(host, credentials=creds, session_info=system_session(), lp=lp)
876 gc_ldb = Ldb("%s:3268" % host, credentials=creds, 
877              session_info=system_session(), lp=lp)
878
879 runner = SubunitTestRunner()
880 runner.run(unittest.makeSuite(BaseDnTests))
881 runner.run(unittest.makeSuite(BasicTests))