2 exec smbscript "$0" ${1+"$@"}
4 test certin LDAP behaviours
8 var gc_ldb = ldb_init();
10 var options = GetOptions(ARGV,
13 "POPT_COMMON_CREDENTIALS");
14 if (options == undefined) {
15 println("Failed to parse options");
19 libinclude("base.js");
21 if (options.ARGV.length != 1) {
22 println("Usage: ldap.js <HOST>");
26 var host = options.ARGV[0];
28 function basic_tests(ldb, gc_ldb, base_dn, configuration_dn, schema_dn)
30 println("Running basic tests");
32 ldb.del("cn=ldaptestcomputer,cn=computers," + base_dn);
33 ldb.del("cn=ldaptestcomputer3,cn=computers," + base_dn);
34 ldb.del("cn=ldaptest2computer,cn=computers," + base_dn);
35 ldb.del("cn=ldaptestuser,cn=users," + base_dn);
36 ldb.del("cn=ldaptestuser2,cn=users," + base_dn);
37 ldb.del("cn=ldaptestuser3,cn=users," + base_dn);
38 ldb.del("cn=ldaptestuser4,cn=users," + base_dn);
39 ldb.del("cn=ldaptestuser5,cn=users," + base_dn);
40 ldb.del("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn);
41 ldb.del("cn=ldaptestuser7,cn=users," + base_dn);
42 ldb.del("CN=ldaptestcontainer2," + base_dn);
43 ldb.del("cn=ldaptestgroup,cn=users," + base_dn);
44 ldb.del("cn=ldaptestgroup2,cn=users," + base_dn);
46 println("Testing group add with invalid member");
48 dn: cn=ldaptestgroup,cn=uSers," + base_dn + "
50 member: cn=ldaptestuser,cn=useRs," + base_dn + "
53 if (ok.error != 32) { /* LDAP_NO_SUCH_OBJECT */
55 assert(ok.error == 32);
58 println("Testing user add");
60 dn: cn=ldaptestuser,cn=uSers," + base_dn + "
68 ok = ldb.del("cn=ldaptestuser,cn=users," + base_dn);
71 assert(ok.error == 0);
74 dn: cn=ldaptestuser,cn=uSers," + base_dn + "
83 assert(ok.error == 0);
88 dn: cn=ldaptestgroup,cn=uSers," + base_dn + "
90 member: cn=ldaptestuser,cn=useRs," + base_dn + "
94 assert(ok.error == 0);
98 dn: cn=ldaptestcomputer,cn=computers," + base_dn + "
103 ok = ldb.del("cn=ldaptestcomputer,cn=computers," + base_dn);
106 assert(ok.error == 0);
109 dn: cn=ldaptestcomputer,cn=computers," + base_dn + "
110 objectClass: computer
115 assert(ok.error == 0);
121 assert(ok.error == 0);
125 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
126 objectClass: computer
127 cn: LDAPtest2COMPUTER
128 userAccountControl: 4096
129 displayname: ldap testy
132 ok = ldb.del("cn=ldaptest2computer,cn=computers," + base_dn);
135 // assert(ok.error == 0);
138 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
139 objectClass: computer
140 cn: LDAPtest2COMPUTER
141 userAccountControl: 4096
142 displayname: ldap testy
146 assert(ok.error == 0);
151 dn: cn=ldaptestcomputer3,cn=computers," + base_dn + "
152 objectClass: computer
153 cn: LDAPtest2COMPUTER
155 if (ok.error != 34) {
156 println("Did not reject invalid RDN compared with DN: " + ok.errstr);
157 assert(ok.error == 34);
161 dn: cn=ldaptestcomputer3,cn=computers," + base_dn + "
162 objectClass: computer
163 cn: LDAPtestCOMPUTER3
164 sAMAccountType: 805306368
167 if (ok.error != 53) {
168 println("Did not reject invalid 'sAMAccountType: 805306368': " + ok.errstr);
169 assert(ok.error == 53);
173 dn: cn=ldaptestcomputer3,cn=computers," + base_dn + "
174 objectClass: computer
175 cn: LDAPtestCOMPUTER3
176 userAccountControl: 0
179 if (ok.error != 53) {
180 println("Did not reject invalid 'userAccountControl: 0': " + ok.errstr);
181 assert(ok.error == 53);
185 dn: cn=ldaptestuser7,cn=users," + base_dn + "
188 userAccountControl: 0
191 if (ok.error != 53) {
192 println("Did not reject invalid 'userAccountControl: 0': " + ok.errstr);
193 assert(ok.error == 53);
197 dn: cn=ldaptestuser7,cn=users," + base_dn + "
200 userAccountControl: 2
204 println("Did not accept 'userAccountControl: 2': " + ok.errstr);
205 assert(ok.error == 0);
208 ldb.del("cn=ldaptestuser7,cn=users," + base_dn);
211 dn: cn=ldaptestcomputer3,cn=computers," + base_dn + "
212 objectclass: computer
213 cN: LDAPtestCOMPUTER3
216 ok = ldb.del("cn=ldaptestcomputer3,cn=computers," + base_dn);
219 assert(ok.error == 0);
222 dn: cn=ldaptestcomputer3,cn=computers," + base_dn + "
223 objectClass: computer
224 cn: LDAPtestCOMPUTER3
228 assert(ok.error == 0);
232 println("Testing ldb.search for (&(cn=ldaptestcomputer3)(objectClass=user))");
233 var res = ldb.search("(&(cn=ldaptestcomputer3)(objectClass=user))");
234 if (res.error != 0 || res.msgs.length != 1) {
235 println("Could not find (&(cn=ldaptestcomputer3)(objectClass=user))");
236 assert(res.error == 0);
237 assert(res.msgs.length == 1);
240 assert(res.msgs[0].dn == ("CN=ldaptestcomputer3,CN=Computers," + base_dn));
241 assert(res.msgs[0].cn == "ldaptestcomputer3");
242 assert(res.msgs[0].name == "ldaptestcomputer3");
243 assert(res.msgs[0].objectClass[0] == "top");
244 assert(res.msgs[0].objectClass[1] == "person");
245 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
246 assert(res.msgs[0].objectClass[3] == "user");
247 assert(res.msgs[0].objectClass[4] == "computer");
248 assert(res.msgs[0].objectGUID != undefined);
249 assert(res.msgs[0].whenCreated != undefined);
250 assert(res.msgs[0].objectCategory == ("CN=Computer,CN=Schema,CN=Configuration," + base_dn));
251 assert(res.msgs[0].primaryGroupID == 513);
252 assert(res.msgs[0].sAMAccountType == 805306368);
253 assert(res.msgs[0].userAccountControl == 546);
255 ldb.del(res.msgs[0].dn);
257 println("Testing attribute or value exists behaviour");
259 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
261 replace: servicePrincipalName
262 servicePrincipalName: host/ldaptest2computer
263 servicePrincipalName: host/ldaptest2computer
264 servicePrincipalName: cifs/ldaptest2computer
267 //LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
268 if (ok.error != 20) {
269 println("Expected error LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS, got :" + ok.errstr);
270 assert(ok.error == 20);
274 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
276 replace: servicePrincipalName
277 servicePrincipalName: host/ldaptest2computer
278 servicePrincipalName: cifs/ldaptest2computer
282 println("Failed to replace servicePrincpalName:" + ok.errstr);
283 assert(ok.error == 20);
287 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
289 add: servicePrincipalName
290 servicePrincipalName: host/ldaptest2computer
293 //LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
294 if (ok.error != 20) {
295 println("Expected error LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS, got :" + ok.errstr);
296 assert(ok.error == 20);
299 println("Testing ranged results");
301 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
303 replace: servicePrincipalName
306 println("Failed to replace servicePrincpalName:" + ok.errstr);
307 assert(ok.error == 0);
311 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
313 add: servicePrincipalName
314 servicePrincipalName: host/ldaptest2computer0
315 servicePrincipalName: host/ldaptest2computer1
316 servicePrincipalName: host/ldaptest2computer2
317 servicePrincipalName: host/ldaptest2computer3
318 servicePrincipalName: host/ldaptest2computer4
319 servicePrincipalName: host/ldaptest2computer5
320 servicePrincipalName: host/ldaptest2computer6
321 servicePrincipalName: host/ldaptest2computer7
322 servicePrincipalName: host/ldaptest2computer8
323 servicePrincipalName: host/ldaptest2computer9
324 servicePrincipalName: host/ldaptest2computer10
325 servicePrincipalName: host/ldaptest2computer11
326 servicePrincipalName: host/ldaptest2computer12
327 servicePrincipalName: host/ldaptest2computer13
328 servicePrincipalName: host/ldaptest2computer14
329 servicePrincipalName: host/ldaptest2computer15
330 servicePrincipalName: host/ldaptest2computer16
331 servicePrincipalName: host/ldaptest2computer17
332 servicePrincipalName: host/ldaptest2computer18
333 servicePrincipalName: host/ldaptest2computer19
334 servicePrincipalName: host/ldaptest2computer20
335 servicePrincipalName: host/ldaptest2computer21
336 servicePrincipalName: host/ldaptest2computer22
337 servicePrincipalName: host/ldaptest2computer23
338 servicePrincipalName: host/ldaptest2computer24
339 servicePrincipalName: host/ldaptest2computer25
340 servicePrincipalName: host/ldaptest2computer26
341 servicePrincipalName: host/ldaptest2computer27
342 servicePrincipalName: host/ldaptest2computer28
343 servicePrincipalName: host/ldaptest2computer29
347 println("Failed to replace servicePrincpalName:" + ok.errstr);
348 assert(ok.error == 0);
352 var attrs = new Array("servicePrincipalName;range=0-*");
353 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
354 if (res.error != 0 || res.msgs.length != 1) {
355 println("Could not find (cn=ldaptest2computer) for servicePrincipalName;range=0-*");
356 assert(res.error == 0);
357 assert(res.msgs.length == 1);
359 // println(res.msgs[0]["servicePrincipalName;range=0-*"].length);
360 assert(res.msgs[0]["servicePrincipalName;range=0-*"].length == 30);
362 var attrs = new Array("servicePrincipalName;range=0-19");
363 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
364 if (res.error != 0 || res.msgs.length != 1) {
365 println("Could not find (cn=ldaptest2computer) for servicePrincipalName;range=0-19");
366 assert(res.error == 0);
367 assert(res.msgs.length == 1);
369 // println(res.msgs[0]["servicePrincipalName;range=0-19"].length);
370 assert(res.msgs[0]["servicePrincipalName;range=0-19"].length == 20);
372 var attrs = new Array("servicePrincipalName;range=0-30");
373 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
374 if (res.error != 0 || res.msgs.length != 1) {
375 println("Could not find (cn=ldaptest2computer) at servicePrincipalName;range=0-19");
376 assert(res.error == 0);
377 assert(res.msgs.length == 1);
379 assert(res.msgs[0]["servicePrincipalName;range=0-*"].length == 30);
381 var attrs = new Array("servicePrincipalName;range=0-40");
382 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
383 if (res.error != 0 || res.msgs.length != 1) {
384 println("Could not find (cn=ldaptest2computer) at servicePrincipalName;range=0-40");
385 assert(res.error == 0);
386 assert(res.msgs.length == 1);
388 assert(res.msgs[0]["servicePrincipalName;range=0-*"].length == 30);
390 var attrs = new Array("servicePrincipalName;range=30-40");
391 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
392 if (res.error != 0 || res.msgs.length != 1) {
393 println("Could not find (cn=ldaptest2computer) at servicePrincipalName;range=30-40");
394 assert(res.error == 0);
395 assert(res.msgs.length == 1);
397 assert(res.msgs[0]["servicePrincipalName;range=30-*"].length == 0);
399 var attrs = new Array("servicePrincipalName;range=10-40");
400 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
401 if (res.error != 0 || res.msgs.length != 1) {
402 println("Could not find (cn=ldaptest2computer) at servicePrincipalName;range=10-40");
403 assert(res.error == 0);
404 assert(res.msgs.length == 1);
406 assert(res.msgs[0]["servicePrincipalName;range=10-*"].length == 20);
407 // var pos_11 = res.msgs[0]["servicePrincipalName;range=10-*"][18];
409 var attrs = new Array("servicePrincipalName;range=11-40");
410 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
411 if (res.error != 0 || res.msgs.length != 1) {
412 println("Could not find (cn=ldaptest2computer) at servicePrincipalName;range=10-*");
413 assert(res.error == 0);
414 assert(res.msgs.length == 1);
416 assert(res.msgs[0]["servicePrincipalName;range=11-*"].length == 19);
417 // println(res.msgs[0]["servicePrincipalName;range=11-*"][18]);
419 // assert((res.msgs[0]["servicePrincipalName;range=11-*"][18]) == pos_11);
421 var attrs = new Array("servicePrincipalName;range=11-15");
422 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
423 if (res.error != 0 || res.msgs.length != 1) {
424 println("Could not find (cn=ldaptest2computer) at servicePrincipalName;range=11-15");
425 assert(res.error == 0);
426 assert(res.msgs.length == 1);
428 assert(res.msgs[0]["servicePrincipalName;range=11-15"].length == 5);
429 // assert(res.msgs[0]["servicePrincipalName;range=11-15"][4] == pos_11);
431 var attrs = new Array("servicePrincipalName");
432 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
433 if (res.error != 0 || res.msgs.length != 1) {
434 println("Could not find (cn=ldaptest2computer) at servicePrincipalName");
435 assert(res.error == 0);
436 assert(res.msgs.length == 1);
438 // println(res.msgs[0]["servicePrincipalName"][18]);
440 assert(res.msgs[0]["servicePrincipalName"].length == 30);
441 // assert(res.msgs[0]["servicePrincipalName"][18] == pos_11);
444 dn: cn=ldaptestuser2,cn=useRs," + base_dn + "
452 ok = ldb.del("cn=ldaptestuser2,cn=users," + base_dn);
455 assert(ok.error == 0);
458 dn: cn=ldaptestuser2,cn=useRs," + base_dn + "
467 assert(ok.error == 0);
472 println("Testing Ambigious Name Resolution");
473 // Testing ldb.search for (&(anr=ldap testy)(objectClass=user))
474 var res = ldb.search("(&(anr=ldap testy)(objectClass=user))");
475 if (res.error != 0 || res.msgs.length != 3) {
476 println("Could not find (&(anr=ldap testy)(objectClass=user))");
477 assert(res.error == 0);
478 assert(res.msgs.length == 3);
481 // Testing ldb.search for (&(anr=testy ldap)(objectClass=user))
482 var res = ldb.search("(&(anr=testy ldap)(objectClass=user))");
483 if (res.error != 0 || res.msgs.length != 2) {
484 println("Found only " + res.msgs.length + " for (&(anr=testy ldap)(objectClass=user))");
485 assert(res.error == 0);
486 assert(res.msgs.length == 2);
489 var res = ldb.search("(&(anr=\"testy ldap\")(objectClass=user))");
490 if (res.error != 0 || res.msgs.length != 0) {
491 println("Found " + res.msgs.length + " for (&(anr=\"testy ldap\")(objectClass=user))");
492 assert(res.error == 0);
493 assert(res.msgs.length == 0);
496 // Testing ldb.search for (&(anr=ldap)(objectClass=user))
497 var res = ldb.search("(&(anr=ldap)(objectClass=user))");
498 if (res.error != 0 || res.msgs.length != 4) {
499 println("Found only " + res.msgs.length + " for (&(anr=ldap)(objectClass=user))");
500 assert(res.error == 0);
501 assert(res.msgs.length == 4);
504 // Testing ldb.search for (&(anr==ldap)(objectClass=user))
505 var res = ldb.search("(&(anr==ldap)(objectClass=user))");
506 if (res.error != 0 || res.msgs.length != 1) {
507 println("Found only " + res.msgs.length + " for (&(anr=ldap)(objectClass=user))");
508 println("Could not find (&(anr==ldap)(objectClass=user))");
509 assert(res.error == 0);
510 assert(res.msgs.length == 1);
513 assert(res.msgs[0].dn == ("CN=ldaptestuser,CN=Users," + base_dn));
514 assert(res.msgs[0].cn == "ldaptestuser");
515 assert(res.msgs[0].name == "ldaptestuser");
517 // Testing ldb.search for (&(anr=testy)(objectClass=user))
518 var res = ldb.search("(&(anr=testy)(objectClass=user))");
519 if (res.error != 0 || res.msgs.length != 2) {
520 println("Found only " + res.msgs.length + " for (&(anr=testy)(objectClass=user))");
521 assert(res.error == 0);
522 assert(res.msgs.length == 2);
525 // Testing ldb.search for (&(anr=ldap testy)(objectClass=user))
526 var res = ldb.search("(&(anr=testy ldap)(objectClass=user))");
527 if (res.error != 0 || res.msgs.length != 2) {
528 println("Found only " + res.msgs.length + " for (&(anr=ldap testy)(objectClass=user))");
529 assert(res.error == 0);
530 assert(res.msgs.length == 2);
533 // Testing ldb.search for (&(anr==ldap testy)(objectClass=user))
534 var res = ldb.search("(&(anr==testy ldap)(objectClass=user))");
535 if (res.error != 0 || res.msgs.length != 1) {
536 println("Found only " + res.msgs.length + " for (&(anr==ldap testy)(objectClass=user))");
537 assert(res.error == 0);
538 assert(res.msgs.length == 1);
541 assert(res.msgs[0].dn == ("CN=ldaptestuser,CN=Users," + base_dn));
542 assert(res.msgs[0].cn == "ldaptestuser");
543 assert(res.msgs[0].name == "ldaptestuser");
545 // Testing ldb.search for (&(anr==testy ldap)(objectClass=user))
546 var res = ldb.search("(&(anr==testy ldap)(objectClass=user))");
547 if (res.error != 0 || res.msgs.length != 1) {
548 println("Could not find (&(anr==testy ldap)(objectClass=user))");
549 assert(res.error == 0);
550 assert(res.msgs.length == 1);
553 assert(res.msgs[0].dn == ("CN=ldaptestuser,CN=Users," + base_dn));
554 assert(res.msgs[0].cn == "ldaptestuser");
555 assert(res.msgs[0].name == "ldaptestuser");
557 // Testing ldb.search for (&(anr=testy ldap user)(objectClass=user))
558 var res = ldb.search("(&(anr=testy ldap user)(objectClass=user))");
559 if (res.error != 0 || res.msgs.length != 1) {
560 println("Could not find (&(anr=testy ldap user)(objectClass=user))");
561 assert(res.error == 0);
562 assert(res.msgs.length == 1);
565 assert(res.msgs[0].dn == ("CN=ldaptestuser2,CN=Users," + base_dn));
566 assert(res.msgs[0].cn == "ldaptestuser2");
567 assert(res.msgs[0].name == "ldaptestuser2");
569 // Testing ldb.search for (&(anr==testy ldap user2)(objectClass=user))
570 var res = ldb.search("(&(anr==testy ldap user2)(objectClass=user))");
571 if (res.error != 0 || res.msgs.length != 1) {
572 println("Could not find (&(anr==testy ldap user2)(objectClass=user))");
573 assert(res.error == 0);
574 assert(res.msgs.length == 1);
577 assert(res.msgs[0].dn == ("CN=ldaptestuser2,CN=Users," + base_dn));
578 assert(res.msgs[0].cn == "ldaptestuser2");
579 assert(res.msgs[0].name == "ldaptestuser2");
581 // Testing ldb.search for (&(anr==ldap user2)(objectClass=user))
582 var res = ldb.search("(&(anr==ldap user2)(objectClass=user))");
583 if (res.error != 0 || res.msgs.length != 1) {
584 println("Could not find (&(anr==ldap user2)(objectClass=user))");
585 assert(res.error == 0);
586 assert(res.msgs.length == 1);
589 assert(res.msgs[0].dn == ("CN=ldaptestuser2,CN=Users," + base_dn));
590 assert(res.msgs[0].cn == "ldaptestuser2");
591 assert(res.msgs[0].name == "ldaptestuser2");
593 // Testing ldb.search for (&(anr==not ldap user2)(objectClass=user))
594 var res = ldb.search("(&(anr==not ldap user2)(objectClass=user))");
595 if (res.error != 0 || res.msgs.length != 0) {
596 println("Must not find (&(anr==not ldap user2)(objectClass=user))");
597 assert(res.error == 0);
598 assert(res.msgs.length == 0);
601 // Testing ldb.search for (&(anr=not ldap user2)(objectClass=user))
602 var res = ldb.search("(&(anr=not ldap user2)(objectClass=user))");
603 if (res.error != 0 || res.msgs.length != 0) {
604 println("Must not find (&(anr=not ldap user2)(objectClass=user))");
605 assert(res.error == 0);
606 assert(res.msgs.length == 0);
609 println("Testing Group Modifies");
611 dn: cn=ldaptestgroup,cn=users," + base_dn + "
614 member: cn=ldaptestuser2,cn=users," + base_dn + "
615 member: cn=ldaptestcomputer,cn=computers," + base_dn + "
620 assert(ok.error == 0);
623 ok = ldb.del("cn=ldaptestuser3,cn=users," + base_dn);
625 println("Testing adding non-existent user to a group");
627 dn: cn=ldaptestgroup,cn=users," + base_dn + "
630 member: cn=ldaptestuser3,cn=users," + base_dn + "
632 if (ok.error != 32) { /* LDAP_NO_SUCH_OBJECT */
634 assert(ok.error == 32);
637 println("Testing Renames");
639 ok = ldb.rename("cn=ldaptestuser2,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn);
641 println("Could not rename cn=ldaptestuser2,cn=users," + base_dn + " into cn=ldaptestuser3,cn=users," + base_dn + ": " + ok.errstr);
642 assert(ok.error == 0);
645 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn);
647 println("Could not rename cn=ldaptestuser3,cn=users," + base_dn + " onto itself: " + ok.errstr);
648 assert(ok.error == 0);
651 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestUSER3,cn=users," + base_dn);
653 println("Could not rename cn=ldaptestuser3,cn=users," + base_dn + " into cn=ldaptestUSER3,cn=users," + base_dn + ": " + ok.errstr);
654 assert(ok.error == 0);
657 println("Testing ldb.search for (&(cn=ldaptestuser3)(objectClass=user))");
658 var res = ldb.search("(&(cn=ldaptestuser3)(objectClass=user))");
659 if (res.error != 0 || res.msgs.length != 1) {
660 println("Could not find (&(cn=ldaptestuser3)(objectClass=user))");
661 assert(res.error == 0);
662 assert(res.msgs.length == 1);
665 assert(res.msgs[0].dn == ("CN=ldaptestUSER3,CN=Users," + base_dn));
666 assert(res.msgs[0].cn == "ldaptestUSER3");
667 assert(res.msgs[0].name == "ldaptestUSER3");
669 println("Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=*))(objectClass=user))");
670 var res = ldb.search("(&(&(cn=ldaptestuser3)(userAccountControl=*))(objectClass=user))");
671 if (res.error != 0 || res.msgs.length != 1) {
672 println("Could not find (&(cn=ldaptestuser3)(objectClass=user))");
673 assert(res.error == 0);
674 assert(res.msgs.length == 1);
677 assert(res.msgs[0].dn == ("CN=ldaptestUSER3,CN=Users," + base_dn));
678 assert(res.msgs[0].cn == "ldaptestUSER3");
679 assert(res.msgs[0].name == "ldaptestUSER3");
681 println("Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))");
682 var res = ldb.search("(&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))");
683 if (res.error != 0 || res.msgs.length != 1) {
684 println("Could not find (&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))");
685 assert(res.error == 0);
686 assert(res.msgs.length == 1);
689 assert(res.msgs[0].dn == ("CN=ldaptestUSER3,CN=Users," + base_dn));
690 assert(res.msgs[0].cn == "ldaptestUSER3");
691 assert(res.msgs[0].name == "ldaptestUSER3");
693 println("Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))");
694 var res = ldb.search("(&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))");
695 if (res.error != 0 || res.msgs.length != 0) {
696 println("Should not find (&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))");
697 assert(res.error == 0);
698 assert(res.msgs.length == 0);
701 // This is a Samba special, and does not exist in real AD
702 // println("Testing ldb.search for (dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")");
703 // var res = ldb.search("(dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")");
704 // if (res.error != 0 || res.msgs.length != 1) {
705 // println("Could not find (dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")");
706 // assert(res.error == 0);
707 // assert(res.msgs.length == 1);
709 // assert(res.msgs[0].dn == ("CN=ldaptestUSER3,CN=Users," + base_dn));
710 // assert(res.msgs[0].cn == "ldaptestUSER3");
711 // assert(res.msgs[0].name == "ldaptestUSER3");
713 println("Testing ldb.search for (distinguishedName=CN=ldaptestUSER3,CN=Users," + base_dn + ")");
714 var res = ldb.search("(distinguishedName=CN=ldaptestUSER3,CN=Users," + base_dn + ")");
715 if (res.error != 0 || res.msgs.length != 1) {
716 println("Could not find (dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")");
717 assert(res.error == 0);
718 assert(res.msgs.length == 1);
720 assert(res.msgs[0].dn == ("CN=ldaptestUSER3,CN=Users," + base_dn));
721 assert(res.msgs[0].cn == "ldaptestUSER3");
722 assert(res.msgs[0].name == "ldaptestUSER3");
724 // ensure we cannot add it again
726 dn: cn=ldaptestuser3,cn=userS," + base_dn + "
731 //LDB_ERR_ENTRY_ALREADY_EXISTS
732 if (ok.error != 68) {
733 println("expected error LDB_ERR_ENTRY_ALREADY_EXISTS, got: " + ok.errstr);
734 assert(ok.error == 68);
738 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser2,cn=users," + base_dn);
741 assert(ok.error == 0);
744 // ensure we cannnot rename it twice
745 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser2,cn=users," + base_dn);
746 //LDB_ERR_NO_SUCH_OBJECT
747 assert(ok.error == 32);
749 // ensure can now use that name
751 dn: cn=ldaptestuser3,cn=users," + base_dn + "
757 // ensure we now cannnot rename
758 ok = ldb.rename("cn=ldaptestuser2,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn);
759 //LDB_ERR_ENTRY_ALREADY_EXISTS
760 if (ok.error != 68) {
761 println("expected error LDB_ERR_ENTRY_ALREADY_EXISTS, got: " + ok.errstr);
762 assert(ok.error == 68);
764 assert(ok.error == 68);
765 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser3,cn=configuration," + base_dn);
766 if (ok.error != 71 && ok.error != 64) {
767 println("expected error LDB_ERR_ENTRY_ALREADY_EXISTS or LDAP_NAMING_VIOLATION, got: " + ok.errstr);
768 assert(ok.error == 71 || ok.error == 64);
770 assert(ok.error == 71 || ok.error == 64);
772 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser5,cn=users," + base_dn);
775 assert(ok.error == 0);
778 ok = ldb.del("cn=ldaptestuser5,cn=users," + base_dn);
780 ok = ldb.del("cn=ldaptestgroup2,cn=users," + base_dn);
782 ok = ldb.rename("cn=ldaptestgroup,cn=users," + base_dn, "cn=ldaptestgroup2,cn=users," + base_dn);
785 assert(ok.error == 0);
788 println("Testing subtree Renames");
791 dn: cn=ldaptestcontainer," + base_dn + "
792 objectClass: container
796 dn: CN=ldaptestuser4,CN=ldaptestcontainer," + base_dn + "
802 ok = ldb.del("cn=ldaptestuser4,cn=ldaptestcontainer," + base_dn);
805 assert(ok.error == 0);
808 dn: CN=ldaptestuser4,CN=ldaptestcontainer," + base_dn + "
815 assert(ok.error == 0);
820 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
823 member: cn=ldaptestuser4,cn=ldaptestcontainer," + base_dn + "
826 println("Failure adding ldaptestuser4 to a group");
828 assert(ok.error == 0);
831 println("Testing ldb.rename of cn=ldaptestcontainer," + base_dn + " to cn=ldaptestcontainer2," + base_dn);
832 ok = ldb.rename("CN=ldaptestcontainer," + base_dn, "CN=ldaptestcontainer2," + base_dn);
835 assert(ok.error == 0);
838 println("Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user))");
839 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))");
840 if (res.error != 0 || res.msgs.length != 1) {
841 println("Could not find (&(cn=ldaptestuser4)(objectClass=user))");
842 assert(res.error == 0);
843 assert(res.msgs.length == 1);
846 println("Testing subtree ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + base_dn);
847 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))", "cn=ldaptestcontainer," + base_dn, ldb.SCOPE_SUBTREE);
848 if (res.error != 32) {
850 assert(res.error == 32);
853 println("Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + base_dn);
854 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))", "cn=ldaptestcontainer," + base_dn, ldb.SCOPE_ONELEVEL);
855 if (res.error != 32) {
857 assert(res.error == 32);
860 println("Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in renamed container");
861 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))", "cn=ldaptestcontainer2," + base_dn, ldb.SCOPE_SUBTREE);
862 if (res.error != 0 || res.msgs.length != 1) {
863 println("Could not find (&(cn=ldaptestuser4)(objectClass=user)) under cn=ldaptestcontainer2," + base_dn);
864 assert(res.error == 0);
865 assert(res.msgs.length == 1);
868 assert(res.msgs[0].dn == ("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn));
869 assert(strupper(res.msgs[0].memberOf[0]) == (strupper("CN=ldaptestgroup2,CN=Users," + base_dn)));
871 println("Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group)) in cn=users");
872 var res_group = ldb.search("(&(cn=ldaptestgroup2)(objectClass=group))", "cn=users," + base_dn, ldb.SCOPE_SUBTREE);
873 if (res_group.error != 0 || res_group.msgs.length != 1) {
874 println("Could not find (&(cn=ldaptestgroup2)(objectClass=group)) under cn=users," + base_dn);
875 assert(res_group.error == 0);
876 assert(res_group.msgs.length == 1);
879 println("Testing ldb.search for (member=CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn + ") to check subtree renames and linked attributes");
880 var res = ldb.search("(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn + ")", base_dn, ldb.SCOPE_SUBTREE);
881 if (res.error != 0 || res.msgs.length != 1) {
882 for (i=0; i < res_group.msgs[0].member.length; i++) {
883 println("res_group.member[" + i + "]: " + res_group.msgs[0].member[i]);
886 println("Could not find (member=CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn + "), perhaps linked attributes are not conistant with subtree renames?");
887 println("Testing ldb.search for (member=CN=ldaptestuser4,CN=ldaptestcontainer," + base_dn + ") to check if it just hasn't been updated");
888 var res2 = ldb.search("(member=CN=ldaptestuser4,CN=ldaptestcontainer," + base_dn + ")", base_dn, ldb.SCOPE_SUBTREE);
889 if (res2.error != 0 || res2.msgs.length != 1) {
890 println("Could not find (member=CN=ldaptestuser4,CN=ldaptestcontainer," + base_dn + "), very odd, it wasn't here at all..");
893 assert(res.error == 0);
894 assert(res.msgs.length == 1);
897 println("Testing ldb.rename (into itself) of cn=ldaptestcontainer2," + base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer2," + base_dn);
898 ok = ldb.rename("cn=ldaptestcontainer2," + base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer2," + base_dn);
899 if (ok.error != 53) { /* LDAP_UNWILLING_TO_PERFORM */
901 assert(ok.error == 53);
904 println("Testing ldb.rename (into non-existent container) of cn=ldaptestcontainer2," + base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer3," + base_dn);
905 ok = ldb.rename("cn=ldaptestcontainer2," + base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer3," + base_dn);
906 if (ok.error != 53 && ok.error != 80) { /* LDAP_UNWILLING_TO_PERFORM or LDAP_OTHER*/
908 assert(ok.error == 53 || ok.error == 80);
911 println("Testing delete (should fail, not a leaf node) of renamed cn=ldaptestcontainer2," + base_dn);
912 ok = ldb.del("cn=ldaptestcontainer2," + base_dn);
913 if (ok.error != 66) { /* LDB_ERR_NOT_ALLOWED_ON_NON_LEAF */
915 assert(ok.error == 66);
918 println("Testing base ldb.search for CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn);
919 var res = ldb.search("(objectclass=*)", ("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn), ldb.SCOPE_BASE);
920 if (res.error == 0 && res.count == 1) {
921 assert(res.error == 0 && res.count == 1);
923 var res = ldb.search("(cn=ldaptestuser40)", ("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn), ldb.SCOPE_BASE);
924 if (res.error == 0 && res.count == 0) {
925 assert(res.error == 0 && res.count == 0);
928 println("Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + base_dn);
929 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))", "cn=ldaptestcontainer2," + base_dn, ldb.SCOPE_ONELEVEL);
930 if (res.error == 0 && res.count == 0) {
931 assert(res.error == 0 && res.count == 0);
934 println("Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + base_dn);
935 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))", "cn=ldaptestcontainer2," + base_dn, ldb.SCOPE_SUBTREE);
936 if (res.error == 0 && res.count == 0) {
937 assert(res.error == 0 && res.count == 0);
940 println("Testing delete of subtree renamed "+("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn));
941 ok = ldb.del(("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn));
944 assert(ok.error == 0);
946 println("Testing delete of renamed cn=ldaptestcontainer2," + base_dn);
947 ok = ldb.del("cn=ldaptestcontainer2," + base_dn);
950 assert(ok.error == 0);
954 dn: cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn + "
958 ok = ldb.del("cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn);
961 assert(ok.error == 0);
964 dn: cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn + "
969 assert(ok.error == 0);
974 dn: cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn + "
978 ok = ldb.del("cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn);
981 assert(ok.error == 0);
984 dn: cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn + "
989 assert(ok.error == 0);
993 println("Testing ldb.search for (&(cn=ldaptestuser)(objectClass=user))");
994 var res = ldb.search("(&(cn=ldaptestuser)(objectClass=user))");
995 if (res.error != 0 || res.msgs.length != 1) {
996 println("Could not find (&(cn=ldaptestuser)(objectClass=user))");
997 assert(res.error == 0);
998 assert(res.msgs.length == 1);
1001 assert(res.msgs[0].dn == ("CN=ldaptestuser,CN=Users," + base_dn));
1002 assert(res.msgs[0].cn == "ldaptestuser");
1003 assert(res.msgs[0].name == "ldaptestuser");
1004 assert(res.msgs[0].objectClass[0] == "top");
1005 assert(res.msgs[0].objectClass[1] == "person");
1006 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
1007 assert(res.msgs[0].objectClass[3] == "user");
1008 assert(res.msgs[0].objectGUID != undefined);
1009 assert(res.msgs[0].whenCreated != undefined);
1010 assert(res.msgs[0].objectCategory == ("CN=Person,CN=Schema,CN=Configuration," + base_dn));
1011 assert(res.msgs[0].sAMAccountType == 805306368);
1012 assert(res.msgs[0].userAccountControl == 546);
1013 assert(strupper(res.msgs[0].memberOf[0]) == strupper("CN=ldaptestgroup2,CN=Users," + base_dn));
1014 assert(res.msgs[0].memberOf.length == 1);
1016 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
1017 var res2 = ldb.search("(&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
1018 if (res2.error != 0 || res2.msgs.length != 1) {
1019 println("Could not find (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
1020 assert(res2.error == 0);
1021 assert(res2.msgs.length == 1);
1024 assert(res.msgs[0].dn == res2.msgs[0].dn);
1026 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon))");
1027 var res3 = ldb.search("(&(cn=ldaptestuser)(objectCategory=PerSon))");
1028 if (res3.error != 0) {
1029 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)): " + res3.errstr);
1030 assert(res3.error == 0);
1031 } else if (res3.msgs.length != 1) {
1032 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)): matched " + res3.msgs.length);
1033 assert(res3.msgs.length == 1);
1036 assert(res.msgs[0].dn == res3.msgs[0].dn);
1038 if (gc_ldb != undefined) {
1039 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog");
1040 var res3gc = gc_ldb.search("(&(cn=ldaptestuser)(objectCategory=PerSon))");
1041 if (res3gc.error != 0) {
1042 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog: " + res3gc.errstr);
1043 assert(res3gc.error == 0);
1044 } else if (res3gc.msgs.length != 1) {
1045 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog: matched " + res3gc.msgs.length);
1046 assert(res3gc.msgs.length == 1);
1049 assert(res.msgs[0].dn == res3gc.msgs[0].dn);
1052 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in with 'phantom root' control");
1053 var attrs = new Array("cn");
1054 var controls = new Array("search_options:1:2");
1055 var res3control = gc_ldb.search("(&(cn=ldaptestuser)(objectCategory=PerSon))", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
1056 if (res3control.error != 0 || res3control.msgs.length != 1) {
1057 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog");
1058 assert(res3control.error == 0);
1059 assert(res3control.msgs.length == 1);
1062 assert(res.msgs[0].dn == res3control.msgs[0].dn);
1064 ok = ldb.del(res.msgs[0].dn);
1065 if (ok.error != 0) {
1067 assert(ok.error == 0);
1070 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectClass=user))");
1071 var res = ldb.search("(&(cn=ldaptestcomputer)(objectClass=user))");
1072 if (res.error != 0 || res.msgs.length != 1) {
1073 println("Could not find (&(cn=ldaptestcomputer)(objectClass=user))");
1074 assert(res.error == 0);
1075 assert(res.msgs.length == 1);
1078 assert(res.msgs[0].dn == ("CN=ldaptestcomputer,CN=Computers," + base_dn));
1079 assert(res.msgs[0].cn == "ldaptestcomputer");
1080 assert(res.msgs[0].name == "ldaptestcomputer");
1081 assert(res.msgs[0].objectClass[0] == "top");
1082 assert(res.msgs[0].objectClass[1] == "person");
1083 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
1084 assert(res.msgs[0].objectClass[3] == "user");
1085 assert(res.msgs[0].objectClass[4] == "computer");
1086 assert(res.msgs[0].objectGUID != undefined);
1087 assert(res.msgs[0].whenCreated != undefined);
1088 assert(res.msgs[0].objectCategory == "cn=Computer,cn=Schema,cn=Configuration," + base_dn);
1089 assert(res.msgs[0].sAMAccountType == 805306368);
1090 assert(res.msgs[0].userAccountControl == 546);
1092 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
1093 var res2 = ldb.search("(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
1094 if (res2.error != 0 || res2.msgs.length != 1) {
1095 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
1096 assert(res2.error == 0);
1097 assert(res2.msgs.length == 1);
1100 assert(res.msgs[0].dn == res2.msgs[0].dn);
1102 if (gc_ldb != undefined) {
1103 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + ")) in Global Catlog");
1104 var res2gc = gc_ldb.search("(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
1105 if (res2gc.error != 0 || res2gc.msgs.length != 1) {
1106 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + ")) in Global Catlog");
1107 assert(res2gc.error == 0);
1108 assert(res2gc.msgs.length == 1);
1111 assert(res.msgs[0].dn == res2gc.msgs[0].dn);
1114 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER))");
1115 var res3 = ldb.search("(&(cn=ldaptestcomputer)(objectCategory=compuTER))");
1116 if (res3.error != 0 || res3.msgs.length != 1) {
1117 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER))");
1118 assert(res3.error == 0);
1119 assert(res3.msgs.length == 1);
1122 assert(res.msgs[0].dn == res3.msgs[0].dn);
1124 if (gc_ldb != undefined) {
1125 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog");
1126 var res3gc = gc_ldb.search("(&(cn=ldaptestcomputer)(objectCategory=compuTER))");
1127 if (res3gc.error != 0 || res3gc.msgs.length != 1) {
1128 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog");
1129 assert(res3gc.error == 0);
1130 assert(res3gc.msgs.length == 1);
1133 assert(res.msgs[0].dn == res3gc.msgs[0].dn);
1136 println("Testing ldb.search for (&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
1137 var res4 = ldb.search("(&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
1138 if (res4.error != 0 || res4.msgs.length != 1) {
1139 println("Could not find (&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
1140 assert(res4.error == 0);
1141 assert(res4.msgs.length == 1);
1144 assert(res.msgs[0].dn == res4.msgs[0].dn);
1146 println("Testing ldb.search for (&(cn=ldaptestcomput*)(objectCategory=compuTER))");
1147 var res5 = ldb.search("(&(cn=ldaptestcomput*)(objectCategory=compuTER))");
1148 if (res5.error != 0 || res5.msgs.length != 1) {
1149 println("Could not find (&(cn=ldaptestcomput*)(objectCategory=compuTER))");
1150 assert(res5.error == 0);
1151 assert(res5.msgs.length == 1);
1154 assert(res.msgs[0].dn == res5.msgs[0].dn);
1156 println("Testing ldb.search for (&(cn=*daptestcomputer)(objectCategory=compuTER))");
1157 var res6 = ldb.search("(&(cn=*daptestcomputer)(objectCategory=compuTER))");
1158 if (res6.error != 0 || res6.msgs.length != 1) {
1159 println("Could not find (&(cn=*daptestcomputer)(objectCategory=compuTER))");
1160 assert(res6.error == 0);
1161 assert(res6.msgs.length == 1);
1164 assert(res.msgs[0].dn == res6.msgs[0].dn);
1166 ok = ldb.del(res.msgs[0].dn);
1167 if (ok.error != 0) {
1169 assert(ok.error == 0);
1172 println("Testing ldb.search for (&(cn=ldaptest2computer)(objectClass=user))");
1173 var res = ldb.search("(&(cn=ldaptest2computer)(objectClass=user))");
1174 if (res.error != 0 || res.msgs.length != 1) {
1175 println("Could not find (&(cn=ldaptest2computer)(objectClass=user))");
1176 assert(res.error == 0);
1177 assert(res.msgs.length == 1);
1180 assert(res.msgs[0].dn == ("CN=ldaptest2computer,CN=Computers," + base_dn));
1181 assert(res.msgs[0].cn == "ldaptest2computer");
1182 assert(res.msgs[0].name == "ldaptest2computer");
1183 assert(res.msgs[0].objectClass[0] == "top");
1184 assert(res.msgs[0].objectClass[1] == "person");
1185 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
1186 assert(res.msgs[0].objectClass[3] == "user");
1187 assert(res.msgs[0].objectClass[4] == "computer");
1188 assert(res.msgs[0].objectGUID != undefined);
1189 assert(res.msgs[0].whenCreated != undefined);
1190 assert(res.msgs[0].objectCategory == "cn=Computer,cn=Schema,cn=Configuration," + base_dn);
1191 assert(res.msgs[0].sAMAccountType == 805306369);
1192 assert(res.msgs[0].userAccountControl == 4096);
1195 ok = ldb.del(res.msgs[0].dn);
1196 if (ok.error != 0) {
1198 assert(ok.error == 0);
1201 var attrs = new Array("cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "memberOf");
1202 println("Testing ldb.search for (&(cn=ldaptestUSer2)(objectClass=user))");
1203 var res = ldb.search("(&(cn=ldaptestUSer2)(objectClass=user))", base_dn, ldb.SCOPE_SUBTREE, attrs);
1204 if (res.error != 0 || res.msgs.length != 1) {
1205 println("Could not find (&(cn=ldaptestUSer2)(objectClass=user))");
1206 assert(res.error == 0);
1207 assert(res.msgs.length == 1);
1210 assert(res.msgs[0].dn == ("CN=ldaptestuser2,CN=Users," + base_dn));
1211 assert(res.msgs[0].cn == "ldaptestuser2");
1212 assert(res.msgs[0].name == "ldaptestuser2");
1213 assert(res.msgs[0].objectClass[0] == "top");
1214 assert(res.msgs[0].objectClass[1] == "person");
1215 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
1216 assert(res.msgs[0].objectClass[3] == "user");
1217 assert(res.msgs[0].objectGUID != undefined);
1218 assert(res.msgs[0].whenCreated != undefined);
1219 assert(res.msgs[0].nTSecurityDescriptor != undefined);
1220 assert(res.msgs[0].memberOf[0] == ("CN=ldaptestgroup2,CN=Users," + base_dn));
1222 var attrs = new Array("cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member");
1223 println("Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group))");
1224 var res = ldb.search("(&(cn=ldaptestgroup2)(objectClass=group))", base_dn, ldb.SCOPE_SUBTREE, attrs);
1225 if (res.error != 0 || res.msgs.length != 1) {
1226 println("Could not find (&(cn=ldaptestgroup2)(objectClass=group))");
1227 assert(res.error == 0);
1228 assert(res.msgs.length == 1);
1231 assert(res.msgs[0].dn == ("CN=ldaptestgroup2,CN=Users," + base_dn));
1232 assert(res.msgs[0].cn == "ldaptestgroup2");
1233 assert(res.msgs[0].name == "ldaptestgroup2");
1234 assert(res.msgs[0].objectClass[0] == "top");
1235 assert(res.msgs[0].objectClass[1] == "group");
1236 assert(res.msgs[0].objectGUID != undefined);
1237 assert(res.msgs[0].whenCreated != undefined);
1238 assert(res.msgs[0].nTSecurityDescriptor != undefined);
1239 assert(res.msgs[0].member[0] == ("CN=ldaptestuser2,CN=Users," + base_dn));
1240 assert(res.msgs[0].member.length == 1);
1243 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
1246 member: CN=ldaptestuser2,CN=Users," + base_dn + "
1247 member: CN=ldaptestutf8user èùéìòà,CN=Users," + base_dn + "
1249 if (ok.error != 0) {
1250 println("Failure testing replace of linked attributes");
1252 assert(ok.error == 0);
1255 println("Testing Linked attribute behaviours");
1257 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
1261 if (ok.error != 0) {
1262 println("Failure testing delete of linked attributes");
1264 assert(ok.error == 0);
1268 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
1271 member: CN=ldaptestuser2,CN=Users," + base_dn + "
1272 member: CN=ldaptestutf8user èùéìòà,CN=Users," + base_dn + "
1274 if (ok.error != 0) {
1275 println("Failure testing add of linked attributes");
1277 assert(ok.error == 0);
1281 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
1285 if (ok.error != 0) {
1286 println("Failure testing replace of linked attributes");
1288 assert(ok.error == 0);
1292 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
1295 member: CN=ldaptestuser2,CN=Users," + base_dn + "
1296 member: CN=ldaptestutf8user èùéìòà,CN=Users," + base_dn + "
1298 if (ok.error != 0) {
1299 println("Failure testing add of linked attributes");
1301 assert(ok.error == 0);
1305 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
1308 member: CN=ldaptestutf8user èùéìòà,CN=Users," + base_dn + "
1310 if (ok.error != 0) {
1311 println("Failure testing replace of linked attributes");
1313 assert(ok.error == 0);
1316 var res = ldb.search("(&(cn=ldaptestgroup2)(objectClass=group))", base_dn, ldb.SCOPE_SUBTREE, attrs);
1317 if (res.error != 0 || res.msgs.length != 1) {
1318 println("Could not find (&(cn=ldaptestgroup2)(objectClass=group))");
1319 assert(res.error == 0);
1320 assert(res.msgs.length == 1);
1323 assert(res.msgs[0].dn == ("CN=ldaptestgroup2,CN=Users," + base_dn));
1324 assert(res.msgs[0].member[0] == ("CN=ldaptestuser2,CN=Users," + base_dn));
1325 assert(res.msgs[0].member.length == 1);
1327 ok = ldb.del(("CN=ldaptestuser2,CN=Users," + base_dn));
1328 if (ok.error != 0) {
1330 assert(ok.error == 0);
1333 var attrs = new Array("cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member");
1334 println("Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete");
1335 var res = ldb.search("(&(cn=ldaptestgroup2)(objectClass=group))", base_dn, ldb.SCOPE_SUBTREE, attrs);
1336 if (res.error != 0 || res.msgs.length != 1) {
1337 println("Could not find (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete");
1338 assert(res.error == 0);
1339 assert(res.msgs.length == 1);
1342 assert(res.msgs[0].dn == ("CN=ldaptestgroup2,CN=Users," + base_dn));
1343 assert(res.msgs[0].member == undefined);
1345 println("Testing ldb.search for (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
1346 var res = ldb.search("(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
1348 if (res.error != 0 || res.msgs.length != 1) {
1349 println("Could not find (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
1350 assert(res.error == 0);
1351 assert(res.msgs.length == 1);
1354 assert(res.msgs[0].dn == ("CN=ldaptestutf8user èùéìòà,CN=Users," + base_dn));
1355 assert(res.msgs[0].cn == "ldaptestutf8user èùéìòà");
1356 assert(res.msgs[0].name == "ldaptestutf8user èùéìòà");
1357 assert(res.msgs[0].objectClass[0] == "top");
1358 assert(res.msgs[0].objectClass[1] == "person");
1359 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
1360 assert(res.msgs[0].objectClass[3] == "user");
1361 assert(res.msgs[0].objectGUID != undefined);
1362 assert(res.msgs[0].whenCreated != undefined);
1364 ok = ldb.del(res.msgs[0].dn);
1365 if (ok.error != 0) {
1367 assert(ok.error == 0);
1370 println("Testing ldb.search for (&(cn=ldaptestutf8user2*)(objectClass=user))");
1371 var res = ldb.search("(&(cn=ldaptestutf8user2*)(objectClass=user))");
1372 if (res.error != 0 || res.msgs.length != 1) {
1373 println("Could not find (&(cn=ldaptestutf8user2*)(objectClass=user))");
1374 assert(res.error == 0);
1375 assert(res.msgs.length == 1);
1378 ok = ldb.del(res.msgs[0].dn);
1379 if (ok.error != 0) {
1381 assert(ok.error == 0);
1384 ok = ldb.del(("CN=ldaptestgroup2,CN=Users," + base_dn))
1385 if (ok.error != 0) {
1387 assert(ok.error == 0);
1390 println("Testing ldb.search for (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))");
1391 var res = ldb.search("(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
1393 if (res.error != 0 || res.msgs.length != 1) {
1394 println("Could not find (expect space collapse, win2k3 fails) (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))");
1396 assert(res.msgs[0].dn == ("cn=ldaptestutf8user2 èùéìòà,cn=users," + base_dn));
1397 assert(res.msgs[0].cn == "ldaptestutf8user2 èùéìòà");
1400 println("Testing that we can't get at the configuration DN from the main search base");
1401 var attrs = new Array("cn");
1402 var res = ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs);
1403 assert(res.error == 0);
1404 if (res.msgs.length != 0) {
1405 println("Got configuration DN " + res.msgs[0].dn + " which should not be able to be seen from main search base");
1407 assert(res.msgs.length == 0);
1409 println("Testing that we can get at the configuration DN from the main search base on the LDAP port with the 'phantom root' search_options control");
1410 var attrs = new Array("cn");
1411 var controls = new Array("search_options:1:2");
1412 var res = ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
1413 assert(res.error == 0);
1414 assert(res.msgs.length > 0);
1416 if (gc_ldb != undefined) {
1417 println("Testing that we can get at the configuration DN from the main search base on the GC port with the search_options control == 0");
1418 var attrs = new Array("cn");
1419 var controls = new Array("search_options:1:0");
1420 var res = gc_ldb.search("objectClass=crossRef", base_dn, gc_ldb.SCOPE_SUBTREE, attrs, controls);
1421 assert(res.error == 0);
1422 assert(res.msgs.length > 0);
1424 println("Testing that we do find configuration elements in the global catlog");
1425 var attrs = new Array("cn");
1426 var res = gc_ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs);
1427 assert(res.error == 0);
1428 assert (res.msgs.length > 0);
1430 println("Testing that we do find configuration elements and user elements at the same time");
1431 var attrs = new Array("cn");
1432 var res = gc_ldb.search("(|(objectClass=crossRef)(objectClass=person))", base_dn, ldb.SCOPE_SUBTREE, attrs);
1433 assert(res.error == 0);
1434 assert (res.msgs.length > 0);
1436 println("Testing that we do find configuration elements in the global catlog, with the configuration basedn");
1437 var attrs = new Array("cn");
1438 var res = gc_ldb.search("objectClass=crossRef", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
1439 assert(res.error == 0);
1440 assert (res.msgs.length > 0);
1443 println("Testing that we can get at the configuration DN on the main LDAP port");
1444 var attrs = new Array("cn");
1445 var res = ldb.search("objectClass=crossRef", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
1446 assert(res.error == 0);
1447 assert (res.msgs.length > 0);
1449 println("Testing objectCategory canonacolisation");
1450 var attrs = new Array("cn");
1451 var res = ldb.search("objectCategory=ntDsDSA", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
1452 assert(res.error == 0);
1453 if (res.msgs.length == 0) {
1454 println("Didn't find any records with objectCategory=ntDsDSA");
1456 assert(res.msgs.length != 0);
1458 var attrs = new Array("cn");
1459 var res = ldb.search("objectCategory=CN=ntDs-DSA," + schema_dn, configuration_dn, ldb.SCOPE_SUBTREE, attrs);
1460 assert(res.error == 0);
1461 if (res.msgs.length == 0) {
1462 println("Didn't find any records with objectCategory=CN=ntDs-DSA," + schema_dn);
1464 assert(res.msgs.length != 0);
1466 println("Testing objectClass attribute order on "+ base_dn);
1467 var attrs = new Array("objectClass");
1468 var res = ldb.search("objectClass=domain", base_dn, ldb.SCOPE_BASE, attrs);
1469 assert(res.error == 0);
1470 assert(res.msgs.length == 1);
1472 assert(res.msgs[0].objectClass[0] == "top");
1473 assert(res.msgs[0].objectClass[1] == "domain");
1474 assert(res.msgs[0].objectClass[2] == "domainDNS");
1476 // check enumeration
1478 var attrs = new Array("cn");
1479 println("Testing ldb.search for objectCategory=person");
1480 var res = ldb.search("objectCategory=person", base_dn, ldb.SCOPE_SUBTREE, attrs);
1481 assert(res.error == 0);
1482 assert(res.msgs.length > 0);
1484 var attrs = new Array("cn");
1485 var controls = new Array("domain_scope:1");
1486 println("Testing ldb.search for objectCategory=person with domain scope control");
1487 var res = ldb.search("objectCategory=person", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
1488 assert(res.error == 0);
1489 assert(res.msgs.length > 0);
1491 var attrs = new Array("cn");
1492 println("Testing ldb.search for objectCategory=user");
1493 var res = ldb.search("objectCategory=user", base_dn, ldb.SCOPE_SUBTREE, attrs);
1494 assert(res.error == 0);
1495 assert(res.msgs.length > 0);
1497 var attrs = new Array("cn");
1498 var controls = new Array("domain_scope:1");
1499 println("Testing ldb.search for objectCategory=user with domain scope control");
1500 var res = ldb.search("objectCategory=user", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
1501 assert(res.error == 0);
1502 assert(res.msgs.length > 0);
1504 var attrs = new Array("cn");
1505 println("Testing ldb.search for objectCategory=group");
1506 var res = ldb.search("objectCategory=group", base_dn, ldb.SCOPE_SUBTREE, attrs);
1507 assert(res.error == 0);
1508 assert(res.msgs.length > 0);
1510 var attrs = new Array("cn");
1511 var controls = new Array("domain_scope:1");
1512 println("Testing ldb.search for objectCategory=group with domain scope control");
1513 var res = ldb.search("objectCategory=group", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
1514 assert(res.error == 0);
1515 assert(res.msgs.length > 0);
1519 function basedn_tests(ldb, gc_ldb)
1521 println("Testing for all rootDSE attributes");
1522 var attrs = new Array();
1523 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1524 assert(res.error == 0);
1525 assert(res.msgs.length == 1);
1527 println("Testing for highestCommittedUSN");
1528 var attrs = new Array("highestCommittedUSN");
1529 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1530 assert(res.error == 0);
1531 assert(res.msgs.length == 1);
1532 assert(res.msgs[0].highestCommittedUSN != undefined);
1533 assert(res.msgs[0].highestCommittedUSN != 0);
1535 println("Testing for netlogon via LDAP");
1536 var attrs = new Array("netlogon");
1537 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1538 assert(res.error == 0);
1539 assert(res.msgs.length == 0);
1541 println("Testing for netlogon and highestCommittedUSN via LDAP");
1542 var attrs = new Array("netlogon", "highestCommittedUSN");
1543 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1544 assert(res.error == 0);
1545 assert(res.msgs.length == 0);
1548 function find_basedn(ldb)
1550 var attrs = new Array("defaultNamingContext");
1551 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1552 assert(res.error == 0);
1553 assert(res.msgs.length == 1);
1554 return res.msgs[0].defaultNamingContext;
1557 function find_configurationdn(ldb)
1559 var attrs = new Array("configurationNamingContext");
1560 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1561 assert(res.error == 0);
1562 assert(res.msgs.length == 1);
1563 return res.msgs[0].configurationNamingContext;
1566 function find_schemadn(ldb)
1568 var attrs = new Array("schemaNamingContext");
1569 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1570 assert(res.error == 0);
1571 assert(res.msgs.length == 1);
1572 return res.msgs[0].schemaNamingContext;
1575 /* use command line creds if available */
1576 ldb.credentials = options.get_credentials();
1577 gc_ldb.credentials = options.get_credentials();
1579 var ok = ldb.connect("ldap://" + host);
1580 var base_dn = find_basedn(ldb);
1582 var configuration_dn = find_configurationdn(ldb);
1583 var schema_dn = find_schemadn(ldb);
1585 println("baseDN: %s\n", base_dn);
1587 var ok = gc_ldb.connect("ldap://" + host + ":3268");
1592 basic_tests(ldb, gc_ldb, base_dn, configuration_dn, schema_dn)
1594 basedn_tests(ldb, gc_ldb)