2 exec smbscript "$0" ${1+"$@"}
4 test certin LDAP behaviours
8 var gc_ldb = ldb_init();
10 var options = GetOptions(ARGV,
13 "POPT_COMMON_CREDENTIALS");
14 if (options == undefined) {
15 println("Failed to parse options");
19 libinclude("base.js");
21 if (options.ARGV.length != 1) {
22 println("Usage: ldap.js <HOST>");
26 var host = options.ARGV[0];
28 function basic_tests(ldb, gc_ldb, base_dn, configuration_dn, schema_dn)
30 println("Running basic tests");
32 ldb.del("cn=ldaptestuser,cn=users," + base_dn);
33 ldb.del("cn=ldaptestuser2,cn=users," + base_dn);
34 ldb.del("cn=ldaptestuser3,cn=users," + base_dn);
35 ldb.del("cn=ldaptestuser4,cn=users," + base_dn);
36 ldb.del("cn=ldaptestuser5,cn=users," + base_dn);
37 ldb.del("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn);
38 ldb.del("CN=ldaptestcontainer2," + base_dn);
39 ldb.del("cn=ldaptestgroup,cn=users," + base_dn);
41 println("Testing group add with invalid member");
43 dn: cn=ldaptestgroup,cn=uSers," + base_dn + "
45 member: cn=ldaptestuser,cn=useRs," + base_dn + "
48 if (ok.error != 32) { /* LDAP_NO_SUCH_OBJECT */
50 assert(ok.error == 32);
53 println("Testing user add");
55 dn: cn=ldaptestuser,cn=uSers," + base_dn + "
63 ok = ldb.del("cn=ldaptestuser,cn=users," + base_dn);
66 assert(ok.error == 0);
69 dn: cn=ldaptestuser,cn=uSers," + base_dn + "
78 assert(ok.error == 0);
83 dn: cn=ldaptestgroup,cn=uSers," + base_dn + "
85 member: cn=ldaptestuser,cn=useRs," + base_dn + "
89 assert(ok.error == 0);
93 dn: cn=ldaptestcomputer,cn=computers," + base_dn + "
98 ok = ldb.del("cn=ldaptestcomputer,cn=computers," + base_dn);
101 assert(ok.error == 0);
104 dn: cn=ldaptestcomputer,cn=computers," + base_dn + "
105 objectClass: computer
110 assert(ok.error == 0);
116 assert(ok.error == 0);
120 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
121 objectClass: computer
122 cn: LDAPtest2COMPUTER
123 userAccountControl: 4096
124 displayname: ldap testy
127 ok = ldb.del("cn=ldaptest2computer,cn=computers," + base_dn);
130 assert(ok.error == 0);
133 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
134 objectClass: computer
135 cn: LDAPtest2COMPUTER
136 userAccountControl: 4096
137 displayname: ldap testy
141 assert(ok.error == 0);
145 println("Testing attribute or value exists behaviour");
147 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
149 replace: servicePrincipalName
150 servicePrincipalName: host/ldaptest2computer
151 servicePrincipalName: host/ldaptest2computer
152 servicePrincipalName: cifs/ldaptest2computer
155 //LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
156 if (ok.error != 20) {
157 println("Expected error LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS, got :" + ok.errstr);
158 assert(ok.error == 20);
162 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
164 replace: servicePrincipalName
165 servicePrincipalName: host/ldaptest2computer
166 servicePrincipalName: cifs/ldaptest2computer
170 println("Failed to replace servicePrincpalName:" + ok.errstr);
171 assert(ok.error == 20);
175 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
177 add: servicePrincipalName
178 servicePrincipalName: host/ldaptest2computer
181 //LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
182 if (ok.error != 20) {
183 println("Expected error LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS, got :" + ok.errstr);
184 assert(ok.error == 20);
187 println("Testing ranged results");
189 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
191 replace: servicePrincipalName
194 println("Failed to replace servicePrincpalName:" + ok.errstr);
195 assert(ok.error == 0);
199 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
201 add: servicePrincipalName
202 servicePrincipalName: host/ldaptest2computer0
203 servicePrincipalName: host/ldaptest2computer1
204 servicePrincipalName: host/ldaptest2computer2
205 servicePrincipalName: host/ldaptest2computer3
206 servicePrincipalName: host/ldaptest2computer4
207 servicePrincipalName: host/ldaptest2computer5
208 servicePrincipalName: host/ldaptest2computer6
209 servicePrincipalName: host/ldaptest2computer7
210 servicePrincipalName: host/ldaptest2computer8
211 servicePrincipalName: host/ldaptest2computer9
212 servicePrincipalName: host/ldaptest2computer10
213 servicePrincipalName: host/ldaptest2computer11
214 servicePrincipalName: host/ldaptest2computer12
215 servicePrincipalName: host/ldaptest2computer13
216 servicePrincipalName: host/ldaptest2computer14
217 servicePrincipalName: host/ldaptest2computer15
218 servicePrincipalName: host/ldaptest2computer16
219 servicePrincipalName: host/ldaptest2computer17
220 servicePrincipalName: host/ldaptest2computer18
221 servicePrincipalName: host/ldaptest2computer19
222 servicePrincipalName: host/ldaptest2computer20
223 servicePrincipalName: host/ldaptest2computer21
224 servicePrincipalName: host/ldaptest2computer22
225 servicePrincipalName: host/ldaptest2computer23
226 servicePrincipalName: host/ldaptest2computer24
227 servicePrincipalName: host/ldaptest2computer25
228 servicePrincipalName: host/ldaptest2computer26
229 servicePrincipalName: host/ldaptest2computer27
230 servicePrincipalName: host/ldaptest2computer28
231 servicePrincipalName: host/ldaptest2computer29
235 println("Failed to replace servicePrincpalName:" + ok.errstr);
236 assert(ok.error == 0);
240 var attrs = new Array("servicePrincipalName;range=0-*");
241 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
242 if (res.error != 0 || res.msgs.length != 1) {
243 println("Could not find (cn=ldaptest2computer) for servicePrincipalName;range=0-*");
244 assert(res.error == 0);
245 assert(res.msgs.length == 1);
247 // println(res.msgs[0]["servicePrincipalName;range=0-*"].length);
248 assert(res.msgs[0]["servicePrincipalName;range=0-*"].length == 30);
250 var attrs = new Array("servicePrincipalName;range=0-19");
251 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
252 if (res.error != 0 || res.msgs.length != 1) {
253 println("Could not find (cn=ldaptest2computer) for servicePrincipalName;range=0-19");
254 assert(res.error == 0);
255 assert(res.msgs.length == 1);
257 // println(res.msgs[0]["servicePrincipalName;range=0-19"].length);
258 assert(res.msgs[0]["servicePrincipalName;range=0-19"].length == 20);
260 var attrs = new Array("servicePrincipalName;range=0-30");
261 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
262 if (res.error != 0 || res.msgs.length != 1) {
263 println("Could not find (cn=ldaptest2computer) at servicePrincipalName;range=0-19");
264 assert(res.error == 0);
265 assert(res.msgs.length == 1);
267 assert(res.msgs[0]["servicePrincipalName;range=0-*"].length == 30);
269 var attrs = new Array("servicePrincipalName;range=0-40");
270 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
271 if (res.error != 0 || res.msgs.length != 1) {
272 println("Could not find (cn=ldaptest2computer) at servicePrincipalName;range=0-40");
273 assert(res.error == 0);
274 assert(res.msgs.length == 1);
276 assert(res.msgs[0]["servicePrincipalName;range=0-*"].length == 30);
278 var attrs = new Array("servicePrincipalName;range=30-40");
279 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
280 if (res.error != 0 || res.msgs.length != 1) {
281 println("Could not find (cn=ldaptest2computer) at servicePrincipalName;range=30-40");
282 assert(res.error == 0);
283 assert(res.msgs.length == 1);
285 assert(res.msgs[0]["servicePrincipalName;range=30-*"].length == 0);
287 var attrs = new Array("servicePrincipalName;range=10-40");
288 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
289 if (res.error != 0 || res.msgs.length != 1) {
290 println("Could not find (cn=ldaptest2computer) at servicePrincipalName;range=10-40");
291 assert(res.error == 0);
292 assert(res.msgs.length == 1);
294 assert(res.msgs[0]["servicePrincipalName;range=10-*"].length == 20);
295 // var pos_11 = res.msgs[0]["servicePrincipalName;range=10-*"][18];
297 var attrs = new Array("servicePrincipalName;range=11-40");
298 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
299 if (res.error != 0 || res.msgs.length != 1) {
300 println("Could not find (cn=ldaptest2computer) at servicePrincipalName;range=10-*");
301 assert(res.error == 0);
302 assert(res.msgs.length == 1);
304 assert(res.msgs[0]["servicePrincipalName;range=11-*"].length == 19);
305 // println(res.msgs[0]["servicePrincipalName;range=11-*"][18]);
307 // assert((res.msgs[0]["servicePrincipalName;range=11-*"][18]) == pos_11);
309 var attrs = new Array("servicePrincipalName;range=11-15");
310 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
311 if (res.error != 0 || res.msgs.length != 1) {
312 println("Could not find (cn=ldaptest2computer) at servicePrincipalName;range=11-15");
313 assert(res.error == 0);
314 assert(res.msgs.length == 1);
316 assert(res.msgs[0]["servicePrincipalName;range=11-15"].length == 5);
317 // assert(res.msgs[0]["servicePrincipalName;range=11-15"][4] == pos_11);
319 var attrs = new Array("servicePrincipalName");
320 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
321 if (res.error != 0 || res.msgs.length != 1) {
322 println("Could not find (cn=ldaptest2computer) at servicePrincipalName");
323 assert(res.error == 0);
324 assert(res.msgs.length == 1);
326 // println(res.msgs[0]["servicePrincipalName"][18]);
328 assert(res.msgs[0]["servicePrincipalName"].length == 30);
329 // assert(res.msgs[0]["servicePrincipalName"][18] == pos_11);
332 dn: cn=ldaptestuser2,cn=useRs," + base_dn + "
340 ok = ldb.del("cn=ldaptestuser2,cn=users," + base_dn);
343 assert(ok.error == 0);
346 dn: cn=ldaptestuser2,cn=useRs," + base_dn + "
355 assert(ok.error == 0);
360 println("Testing Ambigious Name Resolution");
361 // Testing ldb.search for (&(anr=ldap testy)(objectClass=user))
362 var res = ldb.search("(&(anr=ldap testy)(objectClass=user))");
363 if (res.error != 0 || res.msgs.length != 3) {
364 println("Could not find (&(anr=ldap testy)(objectClass=user))");
365 assert(res.error == 0);
366 assert(res.msgs.length == 3);
369 // Testing ldb.search for (&(anr=testy ldap)(objectClass=user))
370 var res = ldb.search("(&(anr=testy ldap)(objectClass=user))");
371 if (res.error != 0 || res.msgs.length != 2) {
372 println("Found only " + res.msgs.length + " for (&(anr=testy ldap)(objectClass=user))");
373 assert(res.error == 0);
374 assert(res.msgs.length == 2);
377 // Testing ldb.search for (&(anr=ldap)(objectClass=user))
378 var res = ldb.search("(&(anr=ldap)(objectClass=user))");
379 if (res.error != 0 || res.msgs.length != 4) {
380 println("Found only " + res.msgs.length + " for (&(anr=ldap)(objectClass=user))");
381 assert(res.error == 0);
382 assert(res.msgs.length == 4);
385 // Testing ldb.search for (&(anr==ldap)(objectClass=user))
386 var res = ldb.search("(&(anr==ldap)(objectClass=user))");
387 if (res.error != 0 || res.msgs.length != 1) {
388 println("Found only " + res.msgs.length + " for (&(anr=ldap)(objectClass=user))");
389 println("Could not find (&(anr==ldap)(objectClass=user))");
390 assert(res.error == 0);
391 assert(res.msgs.length == 1);
394 assert(res.msgs[0].dn == ("CN=ldaptestuser,CN=Users," + base_dn));
395 assert(res.msgs[0].cn == "ldaptestuser");
396 assert(res.msgs[0].name == "ldaptestuser");
398 // Testing ldb.search for (&(anr=testy)(objectClass=user))
399 var res = ldb.search("(&(anr=testy)(objectClass=user))");
400 if (res.error != 0 || res.msgs.length != 2) {
401 println("Found only " + res.msgs.length + " for (&(anr=testy)(objectClass=user))");
402 assert(res.error == 0);
403 assert(res.msgs.length == 2);
406 // Testing ldb.search for (&(anr=ldap testy)(objectClass=user))
407 var res = ldb.search("(&(anr=testy ldap)(objectClass=user))");
408 if (res.error != 0 || res.msgs.length != 2) {
409 println("Found only " + res.msgs.length + " for (&(anr=ldap testy)(objectClass=user))");
410 assert(res.error == 0);
411 assert(res.msgs.length == 2);
414 // Testing ldb.search for (&(anr==ldap testy)(objectClass=user))
415 var res = ldb.search("(&(anr==testy ldap)(objectClass=user))");
416 if (res.error != 0 || res.msgs.length != 1) {
417 println("Found only " + res.msgs.length + " for (&(anr==ldap testy)(objectClass=user))");
418 assert(res.error == 0);
419 assert(res.msgs.length == 1);
422 assert(res.msgs[0].dn == ("CN=ldaptestuser,CN=Users," + base_dn));
423 assert(res.msgs[0].cn == "ldaptestuser");
424 assert(res.msgs[0].name == "ldaptestuser");
426 // Testing ldb.search for (&(anr==testy ldap)(objectClass=user))
427 var res = ldb.search("(&(anr==testy ldap)(objectClass=user))");
428 if (res.error != 0 || res.msgs.length != 1) {
429 println("Could not find (&(anr==testy ldap)(objectClass=user))");
430 assert(res.error == 0);
431 assert(res.msgs.length == 1);
434 assert(res.msgs[0].dn == ("CN=ldaptestuser,CN=Users," + base_dn));
435 assert(res.msgs[0].cn == "ldaptestuser");
436 assert(res.msgs[0].name == "ldaptestuser");
438 // Testing ldb.search for (&(anr=testy ldap user)(objectClass=user))
439 var res = ldb.search("(&(anr=testy ldap user)(objectClass=user))");
440 if (res.error != 0 || res.msgs.length != 1) {
441 println("Could not find (&(anr=testy ldap user)(objectClass=user))");
442 assert(res.error == 0);
443 assert(res.msgs.length == 1);
446 assert(res.msgs[0].dn == ("CN=ldaptestuser2,CN=Users," + base_dn));
447 assert(res.msgs[0].cn == "ldaptestuser2");
448 assert(res.msgs[0].name == "ldaptestuser2");
450 // Testing ldb.search for (&(anr==testy ldap user2)(objectClass=user))
451 var res = ldb.search("(&(anr==testy ldap user2)(objectClass=user))");
452 if (res.error != 0 || res.msgs.length != 1) {
453 println("Could not find (&(anr==testy ldap user2)(objectClass=user))");
454 assert(res.error == 0);
455 assert(res.msgs.length == 1);
458 assert(res.msgs[0].dn == ("CN=ldaptestuser2,CN=Users," + base_dn));
459 assert(res.msgs[0].cn == "ldaptestuser2");
460 assert(res.msgs[0].name == "ldaptestuser2");
462 // Testing ldb.search for (&(anr==ldap user2)(objectClass=user))
463 var res = ldb.search("(&(anr==ldap user2)(objectClass=user))");
464 if (res.error != 0 || res.msgs.length != 1) {
465 println("Could not find (&(anr==ldap user2)(objectClass=user))");
466 assert(res.error == 0);
467 assert(res.msgs.length == 1);
470 assert(res.msgs[0].dn == ("CN=ldaptestuser2,CN=Users," + base_dn));
471 assert(res.msgs[0].cn == "ldaptestuser2");
472 assert(res.msgs[0].name == "ldaptestuser2");
474 // Testing ldb.search for (&(anr==not ldap user2)(objectClass=user))
475 var res = ldb.search("(&(anr==not ldap user2)(objectClass=user))");
476 if (res.error != 0 || res.msgs.length != 0) {
477 println("Must not find (&(anr==not ldap user2)(objectClass=user))");
478 assert(res.error == 0);
479 assert(res.msgs.length == 0);
482 // Testing ldb.search for (&(anr=not ldap user2)(objectClass=user))
483 var res = ldb.search("(&(anr=not ldap user2)(objectClass=user))");
484 if (res.error != 0 || res.msgs.length != 0) {
485 println("Must not find (&(anr=not ldap user2)(objectClass=user))");
486 assert(res.error == 0);
487 assert(res.msgs.length == 0);
490 println("Testing Group Modifies");
492 dn: cn=ldaptestgroup,cn=users," + base_dn + "
495 member: cn=ldaptestuser2,cn=users," + base_dn + "
496 member: cn=ldaptestcomputer,cn=computers," + base_dn + "
501 assert(ok.error == 0);
504 ok = ldb.del("cn=ldaptestuser3,cn=users," + base_dn);
506 println("Testing adding non-existent user to a group");
508 dn: cn=ldaptestgroup,cn=users," + base_dn + "
511 member: cn=ldaptestuser3,cn=users," + base_dn + "
513 if (ok.error != 32) { /* LDAP_NO_SUCH_OBJECT */
515 assert(ok.error == 32);
518 println("Testing Renames");
520 ok = ldb.rename("cn=ldaptestuser2,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn);
522 println("Could not rename cn=ldaptestuser2,cn=users," + base_dn + " into cn=ldaptestuser3,cn=users," + base_dn + ": " + ok.errstr);
523 assert(ok.error == 0);
526 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn);
528 println("Could not rename cn=ldaptestuser3,cn=users," + base_dn + " onto itself: " + ok.errstr);
529 assert(ok.error == 0);
532 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestUSER3,cn=users," + base_dn);
534 println("Could not rename cn=ldaptestuser3,cn=users," + base_dn + " into cn=ldaptestUSER3,cn=users," + base_dn + ": " + ok.errstr);
535 assert(ok.error == 0);
538 println("Testing ldb.search for (&(cn=ldaptestuser3)(objectClass=user))");
539 var res = ldb.search("(&(cn=ldaptestuser3)(objectClass=user))");
540 if (res.error != 0 || res.msgs.length != 1) {
541 println("Could not find (&(cn=ldaptestuser3)(objectClass=user))");
542 assert(res.error == 0);
543 assert(res.msgs.length == 1);
546 assert(res.msgs[0].dn == ("CN=ldaptestUSER3,CN=Users," + base_dn));
547 assert(res.msgs[0].cn == "ldaptestUSER3");
548 assert(res.msgs[0].name == "ldaptestUSER3");
550 // This is a Samba special, and does not exist in real AD
551 // println("Testing ldb.search for (dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")");
552 // var res = ldb.search("(dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")");
553 // if (res.error != 0 || res.msgs.length != 1) {
554 // println("Could not find (dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")");
555 // assert(res.error == 0);
556 // assert(res.msgs.length == 1);
558 // assert(res.msgs[0].dn == ("CN=ldaptestUSER3,CN=Users," + base_dn));
559 // assert(res.msgs[0].cn == "ldaptestUSER3");
560 // assert(res.msgs[0].name == "ldaptestUSER3");
562 println("Testing ldb.search for (distinguishedName=CN=ldaptestUSER3,CN=Users," + base_dn + ")");
563 var res = ldb.search("(distinguishedName=CN=ldaptestUSER3,CN=Users," + base_dn + ")");
564 if (res.error != 0 || res.msgs.length != 1) {
565 println("Could not find (dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")");
566 assert(res.error == 0);
567 assert(res.msgs.length == 1);
569 assert(res.msgs[0].dn == ("CN=ldaptestUSER3,CN=Users," + base_dn));
570 assert(res.msgs[0].cn == "ldaptestUSER3");
571 assert(res.msgs[0].name == "ldaptestUSER3");
573 // ensure we cannot add it again
575 dn: cn=ldaptestuser3,cn=userS," + base_dn + "
580 //LDB_ERR_ENTRY_ALREADY_EXISTS
581 if (ok.error != 68) {
582 println("expected error LDB_ERR_ENTRY_ALREADY_EXISTS, got: " + ok.errstr);
583 assert(ok.error == 68);
587 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser2,cn=users," + base_dn);
590 assert(ok.error == 0);
593 // ensure we cannnot rename it twice
594 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser2,cn=users," + base_dn);
595 //LDB_ERR_NO_SUCH_OBJECT
596 assert(ok.error == 32);
598 // ensure can now use that name
600 dn: cn=ldaptestuser3,cn=users," + base_dn + "
606 // ensure we now cannnot rename
607 ok = ldb.rename("cn=ldaptestuser2,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn);
608 //LDB_ERR_ENTRY_ALREADY_EXISTS
609 if (ok.error != 68) {
610 println("expected error LDB_ERR_ENTRY_ALREADY_EXISTS, got: " + ok.errstr);
611 assert(ok.error == 68);
613 assert(ok.error == 68);
614 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser3,cn=configuration," + base_dn);
615 if (ok.error != 71 && ok.error != 64) {
616 println("expected error LDB_ERR_ENTRY_ALREADY_EXISTS or LDAP_NAMING_VIOLATION, got: " + ok.errstr);
617 assert(ok.error == 71 || ok.error == 64);
619 assert(ok.error == 71 || ok.error == 64);
621 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser5,cn=users," + base_dn);
624 assert(ok.error == 0);
627 ok = ldb.del("cn=ldaptestuser5,cn=users," + base_dn);
629 ok = ldb.del("cn=ldaptestgroup2,cn=users," + base_dn);
631 ok = ldb.rename("cn=ldaptestgroup,cn=users," + base_dn, "cn=ldaptestgroup2,cn=users," + base_dn);
634 assert(ok.error == 0);
637 println("Testing subtree Renames");
640 dn: cn=ldaptestcontainer," + base_dn + "
641 objectClass: container
645 dn: CN=ldaptestuser4,CN=ldaptestcontainer," + base_dn + "
651 ok = ldb.del("cn=ldaptestuser4,cn=ldaptestcontainer," + base_dn);
654 assert(ok.error == 0);
657 dn: CN=ldaptestuser4,CN=ldaptestcontainer," + base_dn + "
664 assert(ok.error == 0);
669 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
672 member: cn=ldaptestuser4,cn=ldaptestcontainer," + base_dn + "
675 println("Failure adding ldaptestuser4 to a group");
677 assert(ok.error == 0);
680 println("Testing ldb.rename of cn=ldaptestcontainer," + base_dn + " to cn=ldaptestcontainer2," + base_dn);
681 ok = ldb.rename("CN=ldaptestcontainer," + base_dn, "CN=ldaptestcontainer2," + base_dn);
684 assert(ok.error == 0);
687 println("Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user))");
688 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))");
689 if (res.error != 0 || res.msgs.length != 1) {
690 println("Could not find (&(cn=ldaptestuser4)(objectClass=user))");
691 assert(res.error == 0);
692 assert(res.msgs.length == 1);
695 println("Testing subtree ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + base_dn);
696 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))", "cn=ldaptestcontainer," + base_dn, ldb.SCOPE_SUBTREE);
697 if (res.error != 32) {
699 assert(res.error == 32);
702 println("Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + base_dn);
703 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))", "cn=ldaptestcontainer," + base_dn, ldb.SCOPE_ONELEVEL);
704 if (res.error != 32) {
706 assert(res.error == 32);
709 println("Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in renamed container");
710 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))", "cn=ldaptestcontainer2," + base_dn, ldb.SCOPE_SUBTREE);
711 if (res.error != 0 || res.msgs.length != 1) {
712 println("Could not find (&(cn=ldaptestuser4)(objectClass=user)) under cn=ldaptestcontainer2," + base_dn);
713 assert(res.error == 0);
714 assert(res.msgs.length == 1);
717 assert(res.msgs[0].dn == ("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn));
718 assert(strupper(res.msgs[0].memberOf[0]) == strupper(("CN=ldaptestgroup2,CN=Users," + base_dn)));
720 println("Testing ldb.search for (&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn + ")(objectclass=group)) to check subtree renames and linked attributes");
721 var res = ldb.search("(&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn + ")(objectclass=group))", base_dn, ldb.SCOPE_SUBTREE);
722 if (res.error != 0 || res.msgs.length != 1) {
723 println("Could not find (&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn + ")(objectclass=group)), perhaps linked attributes are not conistant with subtree renames?");
724 assert(res.error == 0);
725 assert(res.msgs.length == 1);
728 println("Testing ldb.rename (into itself) of cn=ldaptestcontainer2," + base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer2," + base_dn);
729 ok = ldb.rename("cn=ldaptestcontainer2," + base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer2," + base_dn);
730 if (ok.error != 53) { /* LDAP_UNWILLING_TO_PERFORM */
732 assert(ok.error == 53);
735 println("Testing ldb.rename (into non-existent container) of cn=ldaptestcontainer2," + base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer3," + base_dn);
736 ok = ldb.rename("cn=ldaptestcontainer2," + base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer3," + base_dn);
737 if (ok.error != 53 && ok.error != 80) { /* LDAP_UNWILLING_TO_PERFORM or LDAP_OTHER*/
739 assert(ok.error == 53 || ok.error == 80);
742 println("Testing delete (should fail, not a leaf node) of renamed cn=ldaptestcontainer2," + base_dn);
743 ok = ldb.del("cn=ldaptestcontainer2," + base_dn);
744 if (ok.error != 66) { /* LDB_ERR_NOT_ALLOWED_ON_NON_LEAF */
746 assert(ok.error == 66);
749 println("Testing base ldb.search for CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn);
750 var res = ldb.search("(objectclass=*)", ("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn), ldb.SCOPE_BASE);
751 if (res.error == 0 && res.count == 1) {
752 assert(res.error == 0 && res.count == 1);
754 var res = ldb.search("(cn=ldaptestuser40)", ("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn), ldb.SCOPE_BASE);
755 if (res.error == 0 && res.count == 0) {
756 assert(res.error == 0 && res.count == 0);
759 println("Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + base_dn);
760 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))", "cn=ldaptestcontainer2," + base_dn, ldb.SCOPE_ONELEVEL);
761 if (res.error == 0 && res.count == 0) {
762 assert(res.error == 0 && res.count == 0);
765 println("Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + base_dn);
766 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))", "cn=ldaptestcontainer2," + base_dn, ldb.SCOPE_SUBTREE);
767 if (res.error == 0 && res.count == 0) {
768 assert(res.error == 0 && res.count == 0);
771 println("Testing delete of subtree renamed "+("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn));
772 ok = ldb.del(("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn));
775 assert(ok.error == 0);
777 println("Testing delete of renamed cn=ldaptestcontainer2," + base_dn);
778 ok = ldb.del("cn=ldaptestcontainer2," + base_dn);
781 assert(ok.error == 0);
785 dn: cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn + "
789 ok = ldb.del("cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn);
792 assert(ok.error == 0);
795 dn: cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn + "
800 assert(ok.error == 0);
805 dn: cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn + "
809 ok = ldb.del("cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn);
812 assert(ok.error == 0);
815 dn: cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn + "
820 assert(ok.error == 0);
824 println("Testing ldb.search for (&(cn=ldaptestuser)(objectClass=user))");
825 var res = ldb.search("(&(cn=ldaptestuser)(objectClass=user))");
826 if (res.error != 0 || res.msgs.length != 1) {
827 println("Could not find (&(cn=ldaptestuser)(objectClass=user))");
828 assert(res.error == 0);
829 assert(res.msgs.length == 1);
832 assert(res.msgs[0].dn == ("CN=ldaptestuser,CN=Users," + base_dn));
833 assert(res.msgs[0].cn == "ldaptestuser");
834 assert(res.msgs[0].name == "ldaptestuser");
835 assert(res.msgs[0].objectClass[0] == "top");
836 assert(res.msgs[0].objectClass[1] == "person");
837 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
838 assert(res.msgs[0].objectClass[3] == "user");
839 assert(res.msgs[0].objectGUID != undefined);
840 assert(res.msgs[0].whenCreated != undefined);
841 assert(res.msgs[0].objectCategory == ("CN=Person,CN=Schema,CN=Configuration," + base_dn));
842 assert(res.msgs[0].sAMAccountType == 805306368);
843 // assert(res[0].userAccountControl == 546);
844 assert(res.msgs[0].memberOf[0] == ("CN=ldaptestgroup2,CN=Users," + base_dn));
845 assert(res.msgs[0].memberOf.length == 1);
847 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
848 var res2 = ldb.search("(&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
849 if (res2.error != 0 || res2.msgs.length != 1) {
850 println("Could not find (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
851 assert(res2.error == 0);
852 assert(res2.msgs.length == 1);
855 assert(res.msgs[0].dn == res2.msgs[0].dn);
857 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon))");
858 var res3 = ldb.search("(&(cn=ldaptestuser)(objectCategory=PerSon))");
859 if (res3.error != 0) {
860 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)): " + res3.errstr);
861 assert(res3.error == 0);
862 } else if (res3.msgs.length != 1) {
863 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)): matched " + res3.msgs.length);
864 assert(res3.msgs.length == 1);
867 assert(res.msgs[0].dn == res3.msgs[0].dn);
869 if (gc_ldb != undefined) {
870 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog");
871 var res3gc = gc_ldb.search("(&(cn=ldaptestuser)(objectCategory=PerSon))");
872 if (res3gc.error != 0) {
873 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog: " + res3gc.errstr);
874 assert(res3gc.error == 0);
875 } else if (res3gc.msgs.length != 1) {
876 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog: matched " + res3gc.msgs.length);
877 assert(res3gc.msgs.length == 1);
880 assert(res.msgs[0].dn == res3gc.msgs[0].dn);
883 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in with 'phantom root' control");
884 var attrs = new Array("cn");
885 var controls = new Array("search_options:1:2");
886 var res3control = gc_ldb.search("(&(cn=ldaptestuser)(objectCategory=PerSon))", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
887 if (res3control.error != 0 || res3control.msgs.length != 1) {
888 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog");
889 assert(res3control.error == 0);
890 assert(res3control.msgs.length == 1);
893 assert(res.msgs[0].dn == res3control.msgs[0].dn);
895 ok = ldb.del(res.msgs[0].dn);
898 assert(ok.error == 0);
901 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectClass=user))");
902 var res = ldb.search("(&(cn=ldaptestcomputer)(objectClass=user))");
903 if (res.error != 0 || res.msgs.length != 1) {
904 println("Could not find (&(cn=ldaptestuser)(objectClass=user))");
905 assert(res.error == 0);
906 assert(res.msgs.length == 1);
909 assert(res.msgs[0].dn == ("CN=ldaptestcomputer,CN=Computers," + base_dn));
910 assert(res.msgs[0].cn == "ldaptestcomputer");
911 assert(res.msgs[0].name == "ldaptestcomputer");
912 assert(res.msgs[0].objectClass[0] == "top");
913 assert(res.msgs[0].objectClass[1] == "person");
914 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
915 assert(res.msgs[0].objectClass[3] == "user");
916 assert(res.msgs[0].objectClass[4] == "computer");
917 assert(res.msgs[0].objectGUID != undefined);
918 assert(res.msgs[0].whenCreated != undefined);
919 assert(res.msgs[0].objectCategory == ("CN=Computer,CN=Schema,CN=Configuration," + base_dn));
920 assert(res.msgs[0].primaryGroupID == 513);
921 // assert(res.msgs[0].sAMAccountType == 805306368);
922 // assert(res.msgs[0].userAccountControl == 546);
923 assert(res.msgs[0].memberOf[0] == ("CN=ldaptestgroup2,CN=Users," + base_dn));
924 assert(res.msgs[0].memberOf.length == 1);
926 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
927 var res2 = ldb.search("(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
928 if (res2.error != 0 || res2.msgs.length != 1) {
929 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
930 assert(res2.error == 0);
931 assert(res2.msgs.length == 1);
934 assert(res.msgs[0].dn == res2.msgs[0].dn);
936 if (gc_ldb != undefined) {
937 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + ")) in Global Catlog");
938 var res2gc = gc_ldb.search("(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
939 if (res2gc.error != 0 || res2gc.msgs.length != 1) {
940 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + ")) in Global Catlog");
941 assert(res2gc.error == 0);
942 assert(res2gc.msgs.length == 1);
945 assert(res.msgs[0].dn == res2gc.msgs[0].dn);
948 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER))");
949 var res3 = ldb.search("(&(cn=ldaptestcomputer)(objectCategory=compuTER))");
950 if (res3.error != 0 || res3.msgs.length != 1) {
951 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER))");
952 assert(res3.error == 0);
953 assert(res3.msgs.length == 1);
956 assert(res.msgs[0].dn == res3.msgs[0].dn);
958 if (gc_ldb != undefined) {
959 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog");
960 var res3gc = gc_ldb.search("(&(cn=ldaptestcomputer)(objectCategory=compuTER))");
961 if (res3gc.error != 0 || res3gc.msgs.length != 1) {
962 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog");
963 assert(res3gc.error == 0);
964 assert(res3gc.msgs.length == 1);
967 assert(res.msgs[0].dn == res3gc.msgs[0].dn);
970 println("Testing ldb.search for (&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
971 var res4 = ldb.search("(&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
972 if (res4.error != 0 || res4.msgs.length != 1) {
973 println("Could not find (&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
974 assert(res4.error == 0);
975 assert(res4.msgs.length == 1);
978 assert(res.msgs[0].dn == res4.msgs[0].dn);
980 println("Testing ldb.search for (&(cn=ldaptestcomput*)(objectCategory=compuTER))");
981 var res5 = ldb.search("(&(cn=ldaptestcomput*)(objectCategory=compuTER))");
982 if (res5.error != 0 || res5.msgs.length != 1) {
983 println("Could not find (&(cn=ldaptestcomput*)(objectCategory=compuTER))");
984 assert(res5.error == 0);
985 assert(res5.msgs.length == 1);
988 assert(res.msgs[0].dn == res5.msgs[0].dn);
990 println("Testing ldb.search for (&(cn=*daptestcomputer)(objectCategory=compuTER))");
991 var res6 = ldb.search("(&(cn=*daptestcomputer)(objectCategory=compuTER))");
992 if (res6.error != 0 || res6.msgs.length != 1) {
993 println("Could not find (&(cn=*daptestcomputer)(objectCategory=compuTER))");
994 assert(res6.error == 0);
995 assert(res6.msgs.length == 1);
998 assert(res.msgs[0].dn == res6.msgs[0].dn);
1000 ok = ldb.del(res.msgs[0].dn);
1001 if (ok.error != 0) {
1003 assert(ok.error == 0);
1006 println("Testing ldb.search for (&(cn=ldaptest2computer)(objectClass=user))");
1007 var res = ldb.search("(&(cn=ldaptest2computer)(objectClass=user))");
1008 if (res.error != 0 || res.msgs.length != 1) {
1009 println("Could not find (&(cn=ldaptest2computer)(objectClass=user))");
1010 assert(res.error == 0);
1011 assert(res.msgs.length == 1);
1014 assert(res.msgs[0].dn == ("CN=ldaptest2computer,CN=Computers," + base_dn));
1015 assert(res.msgs[0].cn == "ldaptest2computer");
1016 assert(res.msgs[0].name == "ldaptest2computer");
1017 assert(res.msgs[0].objectClass[0] == "top");
1018 assert(res.msgs[0].objectClass[1] == "person");
1019 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
1020 assert(res.msgs[0].objectClass[3] == "user");
1021 assert(res.msgs[0].objectClass[4] == "computer");
1022 assert(res.msgs[0].objectGUID != undefined);
1023 assert(res.msgs[0].whenCreated != undefined);
1024 assert(res.msgs[0].objectCategory == "cn=Computer,cn=Schema,cn=Configuration," + base_dn);
1025 assert(res.msgs[0].sAMAccountType == 805306369);
1026 // assert(res.msgs[0].userAccountControl == 4098);
1029 ok = ldb.del(res.msgs[0].dn);
1030 if (ok.error != 0) {
1032 assert(ok.error == 0);
1035 var attrs = new Array("cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "memberOf");
1036 println("Testing ldb.search for (&(cn=ldaptestUSer2)(objectClass=user))");
1037 var res = ldb.search("(&(cn=ldaptestUSer2)(objectClass=user))", base_dn, ldb.SCOPE_SUBTREE, attrs);
1038 if (res.error != 0 || res.msgs.length != 1) {
1039 println("Could not find (&(cn=ldaptestUSer2)(objectClass=user))");
1040 assert(res.error == 0);
1041 assert(res.msgs.length == 1);
1044 assert(res.msgs[0].dn == ("CN=ldaptestuser2,CN=Users," + base_dn));
1045 assert(res.msgs[0].cn == "ldaptestuser2");
1046 assert(res.msgs[0].name == "ldaptestuser2");
1047 assert(res.msgs[0].objectClass[0] == "top");
1048 assert(res.msgs[0].objectClass[1] == "person");
1049 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
1050 assert(res.msgs[0].objectClass[3] == "user");
1051 assert(res.msgs[0].objectGUID != undefined);
1052 assert(res.msgs[0].whenCreated != undefined);
1053 assert(res.msgs[0].nTSecurityDescriptor != undefined);
1054 assert(res.msgs[0].memberOf[0] == ("CN=ldaptestgroup2,CN=Users," + base_dn));
1056 var attrs = new Array("cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member");
1057 println("Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group))");
1058 var res = ldb.search("(&(cn=ldaptestgroup2)(objectClass=group))", base_dn, ldb.SCOPE_SUBTREE, attrs);
1059 if (res.error != 0 || res.msgs.length != 1) {
1060 println("Could not find (&(cn=ldaptestgroup2)(objectClass=group))");
1061 assert(res.error == 0);
1062 assert(res.msgs.length == 1);
1065 assert(res.msgs[0].dn == ("CN=ldaptestgroup2,CN=Users," + base_dn));
1066 assert(res.msgs[0].cn == "ldaptestgroup2");
1067 assert(res.msgs[0].name == "ldaptestgroup2");
1068 assert(res.msgs[0].objectClass[0] == "top");
1069 assert(res.msgs[0].objectClass[1] == "group");
1070 assert(res.msgs[0].objectGUID != undefined);
1071 assert(res.msgs[0].whenCreated != undefined);
1072 assert(res.msgs[0].nTSecurityDescriptor != undefined);
1073 assert(res.msgs[0].member[0] == ("CN=ldaptestuser2,CN=Users," + base_dn));
1074 assert(res.msgs[0].member.length == 1);
1077 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
1080 member: CN=ldaptestuser2,CN=Users," + base_dn + "
1081 member: CN=ldaptestutf8user èùéìòà,CN=Users," + base_dn + "
1083 if (ok.error != 0) {
1084 println("Failure testing replace of linked attributes");
1086 assert(ok.error == 0);
1089 println("Testing Linked attribute behaviours");
1091 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
1095 if (ok.error != 0) {
1096 println("Failure testing delete of linked attributes");
1098 assert(ok.error == 0);
1102 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
1105 member: CN=ldaptestuser2,CN=Users," + base_dn + "
1106 member: CN=ldaptestutf8user èùéìòà,CN=Users," + base_dn + "
1108 if (ok.error != 0) {
1109 println("Failure testing add of linked attributes");
1111 assert(ok.error == 0);
1115 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
1119 if (ok.error != 0) {
1120 println("Failure testing replace of linked attributes");
1122 assert(ok.error == 0);
1126 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
1129 member: CN=ldaptestuser2,CN=Users," + base_dn + "
1130 member: CN=ldaptestutf8user èùéìòà,CN=Users," + base_dn + "
1132 if (ok.error != 0) {
1133 println("Failure testing add of linked attributes");
1135 assert(ok.error == 0);
1139 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
1142 member: CN=ldaptestutf8user èùéìòà,CN=Users," + base_dn + "
1144 if (ok.error != 0) {
1145 println("Failure testing replace of linked attributes");
1147 assert(ok.error == 0);
1150 var res = ldb.search("(&(cn=ldaptestgroup2)(objectClass=group))", base_dn, ldb.SCOPE_SUBTREE, attrs);
1151 if (res.error != 0 || res.msgs.length != 1) {
1152 println("Could not find (&(cn=ldaptestgroup2)(objectClass=group))");
1153 assert(res.error == 0);
1154 assert(res.msgs.length == 1);
1157 assert(res.msgs[0].dn == ("CN=ldaptestgroup2,CN=Users," + base_dn));
1158 assert(res.msgs[0].member[0] == ("CN=ldaptestuser2,CN=Users," + base_dn));
1159 assert(res.msgs[0].member.length == 1);
1161 ok = ldb.del(("CN=ldaptestuser2,CN=Users," + base_dn));
1162 if (ok.error != 0) {
1164 assert(ok.error == 0);
1167 var attrs = new Array("cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member");
1168 println("Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete");
1169 var res = ldb.search("(&(cn=ldaptestgroup2)(objectClass=group))", base_dn, ldb.SCOPE_SUBTREE, attrs);
1170 if (res.error != 0 || res.msgs.length != 1) {
1171 println("Could not find (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete");
1172 assert(res.error == 0);
1173 assert(res.msgs.length == 1);
1176 assert(res.msgs[0].dn == ("CN=ldaptestgroup2,CN=Users," + base_dn));
1177 assert(res.msgs[0].member == undefined);
1179 println("Testing ldb.search for (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
1180 var res = ldb.search("(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
1182 if (res.error != 0 || res.msgs.length != 1) {
1183 println("Could not find (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
1184 assert(res.error == 0);
1185 assert(res.msgs.length == 1);
1188 assert(res.msgs[0].dn == ("CN=ldaptestutf8user èùéìòà,CN=Users," + base_dn));
1189 assert(res.msgs[0].cn == "ldaptestutf8user èùéìòà");
1190 assert(res.msgs[0].name == "ldaptestutf8user èùéìòà");
1191 assert(res.msgs[0].objectClass[0] == "top");
1192 assert(res.msgs[0].objectClass[1] == "person");
1193 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
1194 assert(res.msgs[0].objectClass[3] == "user");
1195 assert(res.msgs[0].objectGUID != undefined);
1196 assert(res.msgs[0].whenCreated != undefined);
1198 ok = ldb.del(res.msgs[0].dn);
1199 if (ok.error != 0) {
1201 assert(ok.error == 0);
1204 println("Testing ldb.search for (&(cn=ldaptestutf8user2*)(objectClass=user))");
1205 var res = ldb.search("(&(cn=ldaptestutf8user2*)(objectClass=user))");
1206 if (res.error != 0 || res.msgs.length != 1) {
1207 println("Could not find (&(cn=ldaptestutf8user2*)(objectClass=user))");
1208 assert(res.error == 0);
1209 assert(res.msgs.length == 1);
1212 ok = ldb.del(res.msgs[0].dn);
1213 if (ok.error != 0) {
1215 assert(ok.error == 0);
1218 ok = ldb.del(("CN=ldaptestgroup2,CN=Users," + base_dn))
1219 if (ok.error != 0) {
1221 assert(ok.error == 0);
1224 println("Testing ldb.search for (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))");
1225 var res = ldb.search("(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
1227 if (res.error != 0 || res.msgs.length != 1) {
1228 println("Could not find (expect space collapse, win2k3 fails) (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))");
1230 assert(res.msgs[0].dn == ("cn=ldaptestutf8user2 èùéìòà,cn=users," + base_dn));
1231 assert(res.msgs[0].cn == "ldaptestutf8user2 èùéìòà");
1234 println("Testing that we can't get at the configuration DN from the main search base");
1235 var attrs = new Array("cn");
1236 var res = ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs);
1237 assert(res.error == 0);
1238 if (res.msgs.length != 0) {
1239 println("Got configuration DN " + res.msgs[0].dn + " which should not be able to be seen from main search base");
1241 assert(res.msgs.length == 0);
1243 println("Testing that we can get at the configuration DN from the main search base on the LDAP port with the 'phantom root' search_options control");
1244 var attrs = new Array("cn");
1245 var controls = new Array("search_options:1:2");
1246 var res = ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
1247 assert(res.error == 0);
1248 assert(res.msgs.length > 0);
1250 if (gc_ldb != undefined) {
1251 println("Testing that we can get at the configuration DN from the main search base on the GC port with the search_options control == 0");
1252 var attrs = new Array("cn");
1253 var controls = new Array("search_options:1:0");
1254 var res = gc_ldb.search("objectClass=crossRef", base_dn, gc_ldb.SCOPE_SUBTREE, attrs, controls);
1255 assert(res.error == 0);
1256 assert(res.msgs.length > 0);
1258 println("Testing that we do find configuration elements in the global catlog");
1259 var attrs = new Array("cn");
1260 var res = gc_ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs);
1261 assert(res.error == 0);
1262 assert (res.msgs.length > 0);
1264 println("Testing that we do find configuration elements and user elements at the same time");
1265 var attrs = new Array("cn");
1266 var res = gc_ldb.search("(|(objectClass=crossRef)(objectClass=person))", base_dn, ldb.SCOPE_SUBTREE, attrs);
1267 assert(res.error == 0);
1268 assert (res.msgs.length > 0);
1270 println("Testing that we do find configuration elements in the global catlog, with the configuration basedn");
1271 var attrs = new Array("cn");
1272 var res = gc_ldb.search("objectClass=crossRef", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
1273 assert(res.error == 0);
1274 assert (res.msgs.length > 0);
1277 println("Testing that we can get at the configuration DN on the main LDAP port");
1278 var attrs = new Array("cn");
1279 var res = ldb.search("objectClass=crossRef", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
1280 assert(res.error == 0);
1281 assert (res.msgs.length > 0);
1283 println("Testing objectCategory canonacolisation");
1284 var attrs = new Array("cn");
1285 var res = ldb.search("objectCategory=ntDsDSA", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
1286 assert(res.error == 0);
1287 if (res.msgs.length == 0) {
1288 println("Didn't find any records with objectCategory=ntDsDSA");
1290 assert(res.msgs.length != 0);
1292 var attrs = new Array("cn");
1293 var res = ldb.search("objectCategory=CN=ntDs-DSA," + schema_dn, configuration_dn, ldb.SCOPE_SUBTREE, attrs);
1294 assert(res.error == 0);
1295 if (res.msgs.length == 0) {
1296 println("Didn't find any records with objectCategory=CN=ntDs-DSA," + schema_dn);
1298 assert(res.msgs.length != 0);
1300 println("Testing objectClass attribute order on "+ base_dn);
1301 var attrs = new Array("objectClass");
1302 var res = ldb.search("objectClass=domain", base_dn, ldb.SCOPE_BASE, attrs);
1303 assert(res.error == 0);
1304 assert(res.msgs.length == 1);
1306 assert(res.msgs[0].objectClass[0] == "top");
1307 assert(res.msgs[0].objectClass[1] == "domain");
1308 assert(res.msgs[0].objectClass[2] == "domainDNS");
1310 // check enumeration
1312 var attrs = new Array("cn");
1313 println("Testing ldb.search for objectCategory=person");
1314 var res = ldb.search("objectCategory=person", base_dn, ldb.SCOPE_SUBTREE, attrs);
1315 assert(res.error == 0);
1316 assert(res.msgs.length > 0);
1318 var attrs = new Array("cn");
1319 var controls = new Array("domain_scope:1");
1320 println("Testing ldb.search for objectCategory=person with domain scope control");
1321 var res = ldb.search("objectCategory=person", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
1322 assert(res.error == 0);
1323 assert(res.msgs.length > 0);
1325 var attrs = new Array("cn");
1326 println("Testing ldb.search for objectCategory=user");
1327 var res = ldb.search("objectCategory=user", base_dn, ldb.SCOPE_SUBTREE, attrs);
1328 assert(res.error == 0);
1329 assert(res.msgs.length > 0);
1331 var attrs = new Array("cn");
1332 var controls = new Array("domain_scope:1");
1333 println("Testing ldb.search for objectCategory=user with domain scope control");
1334 var res = ldb.search("objectCategory=user", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
1335 assert(res.error == 0);
1336 assert(res.msgs.length > 0);
1338 var attrs = new Array("cn");
1339 println("Testing ldb.search for objectCategory=group");
1340 var res = ldb.search("objectCategory=group", base_dn, ldb.SCOPE_SUBTREE, attrs);
1341 assert(res.error == 0);
1342 assert(res.msgs.length > 0);
1344 var attrs = new Array("cn");
1345 var controls = new Array("domain_scope:1");
1346 println("Testing ldb.search for objectCategory=group with domain scope control");
1347 var res = ldb.search("objectCategory=group", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
1348 assert(res.error == 0);
1349 assert(res.msgs.length > 0);
1353 function basedn_tests(ldb, gc_ldb)
1355 println("Testing for all rootDSE attributes");
1356 var attrs = new Array();
1357 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1358 assert(res.error == 0);
1359 assert(res.msgs.length == 1);
1361 println("Testing for highestCommittedUSN");
1362 var attrs = new Array("highestCommittedUSN");
1363 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1364 assert(res.error == 0);
1365 assert(res.msgs.length == 1);
1366 assert(res.msgs[0].highestCommittedUSN != undefined);
1367 assert(res.msgs[0].highestCommittedUSN != 0);
1369 println("Testing for netlogon via LDAP");
1370 var attrs = new Array("netlogon");
1371 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1372 assert(res.error == 0);
1373 assert(res.msgs.length == 0);
1375 println("Testing for netlogon and highestCommittedUSN via LDAP");
1376 var attrs = new Array("netlogon", "highestCommittedUSN");
1377 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1378 assert(res.error == 0);
1379 assert(res.msgs.length == 0);
1382 function find_basedn(ldb)
1384 var attrs = new Array("defaultNamingContext");
1385 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1386 assert(res.error == 0);
1387 assert(res.msgs.length == 1);
1388 return res.msgs[0].defaultNamingContext;
1391 function find_configurationdn(ldb)
1393 var attrs = new Array("configurationNamingContext");
1394 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1395 assert(res.error == 0);
1396 assert(res.msgs.length == 1);
1397 return res.msgs[0].configurationNamingContext;
1400 function find_schemadn(ldb)
1402 var attrs = new Array("schemaNamingContext");
1403 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1404 assert(res.error == 0);
1405 assert(res.msgs.length == 1);
1406 return res.msgs[0].schemaNamingContext;
1409 /* use command line creds if available */
1410 ldb.credentials = options.get_credentials();
1411 gc_ldb.credentials = options.get_credentials();
1413 var ok = ldb.connect("ldap://" + host);
1414 var base_dn = find_basedn(ldb);
1416 var configuration_dn = find_configurationdn(ldb);
1417 var schema_dn = find_schemadn(ldb);
1419 println("baseDN: %s\n", base_dn);
1421 var ok = gc_ldb.connect("ldap://" + host + ":3268");
1426 basic_tests(ldb, gc_ldb, base_dn, configuration_dn, schema_dn)
1428 basedn_tests(ldb, gc_ldb)