2 exec smbscript "$0" ${1+"$@"}
4 test certin LDAP behaviours
8 var gc_ldb = ldb_init();
10 var options = GetOptions(ARGV,
13 "POPT_COMMON_CREDENTIALS");
14 if (options == undefined) {
15 println("Failed to parse options");
19 libinclude("base.js");
21 if (options.ARGV.length != 1) {
22 println("Usage: ldap.js <HOST>");
26 var host = options.ARGV[0];
28 function basic_tests(ldb, gc_ldb, base_dn, configuration_dn, schema_dn)
30 println("Running basic tests");
32 ldb.del("cn=ldaptestcomputer,cn=computers," + base_dn);
33 ldb.del("cn=ldaptestcomputer3,cn=computers," + base_dn);
34 ldb.del("cn=ldaptest2computer,cn=computers," + base_dn);
35 ldb.del("cn=ldaptestuser,cn=users," + base_dn);
36 ldb.del("cn=ldaptestuser2,cn=users," + base_dn);
37 ldb.del("cn=ldaptestuser3,cn=users," + base_dn);
38 ldb.del("cn=ldaptestuser4,cn=users," + base_dn);
39 ldb.del("cn=ldaptestuser5,cn=users," + base_dn);
40 ldb.del("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn);
41 ldb.del("cn=ldaptestuser7,cn=users," + base_dn);
42 ldb.del("CN=ldaptestcontainer2," + base_dn);
43 ldb.del("cn=ldaptestgroup,cn=users," + base_dn);
44 ldb.del("cn=ldaptestgroup2,cn=users," + base_dn);
46 println("Testing group add with invalid member");
48 dn: cn=ldaptestgroup,cn=uSers," + base_dn + "
50 member: cn=ldaptestuser,cn=useRs," + base_dn + "
53 if (ok.error != 32) { /* LDAP_NO_SUCH_OBJECT */
55 assert(ok.error == 32);
58 println("Testing user add");
60 dn: cn=ldaptestuser,cn=uSers," + base_dn + "
68 ok = ldb.del("cn=ldaptestuser,cn=users," + base_dn);
71 assert(ok.error == 0);
74 dn: cn=ldaptestuser,cn=uSers," + base_dn + "
83 assert(ok.error == 0);
88 dn: cn=ldaptestgroup,cn=uSers," + base_dn + "
90 member: cn=ldaptestuser,cn=useRs," + base_dn + "
94 assert(ok.error == 0);
98 dn: cn=ldaptestcomputer,cn=computers," + base_dn + "
103 ok = ldb.del("cn=ldaptestcomputer,cn=computers," + base_dn);
106 assert(ok.error == 0);
109 dn: cn=ldaptestcomputer,cn=computers," + base_dn + "
110 objectClass: computer
115 assert(ok.error == 0);
121 assert(ok.error == 0);
125 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
126 objectClass: computer
127 cn: LDAPtest2COMPUTER
128 userAccountControl: 4096
129 displayname: ldap testy
132 ok = ldb.del("cn=ldaptest2computer,cn=computers," + base_dn);
135 // assert(ok.error == 0);
138 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
139 objectClass: computer
140 cn: LDAPtest2COMPUTER
141 userAccountControl: 4096
142 displayname: ldap testy
146 assert(ok.error == 0);
151 dn: cn=ldaptestcomputer3,cn=computers," + base_dn + "
152 objectClass: computer
153 cn: LDAPtest2COMPUTER
155 if (ok.error != 34) {
156 println("Did not reject invalid RDN compared with DN: " + ok.errstr);
157 assert(ok.error == 34);
161 dn: cn=ldaptestcomputer3,cn=computers," + base_dn + "
162 objectClass: computer
163 cn: LDAPtestCOMPUTER3
164 sAMAccountType: 805306368
167 if (ok.error != 53) {
168 println("Did not reject invalid 'sAMAccountType: 805306368': " + ok.errstr);
169 assert(ok.error == 53);
173 dn: cn=ldaptestcomputer3,cn=computers," + base_dn + "
174 objectClass: computer
175 cn: LDAPtestCOMPUTER3
176 userAccountControl: 0
179 if (ok.error != 53) {
180 println("Did not reject invalid 'userAccountControl: 0': " + ok.errstr);
181 assert(ok.error == 53);
185 dn: cn=ldaptestuser7,cn=users," + base_dn + "
188 userAccountControl: 0
191 if (ok.error != 53) {
192 println("Did not reject invalid 'userAccountControl: 0': " + ok.errstr);
193 assert(ok.error == 53);
197 dn: cn=ldaptestuser7,cn=users," + base_dn + "
200 userAccountControl: 2
204 println("Did not accept 'userAccountControl: 2': " + ok.errstr);
205 assert(ok.error == 0);
208 ldb.del("cn=ldaptestuser7,cn=users," + base_dn);
211 dn: cn=ldaptestcomputer3,cn=computers," + base_dn + "
212 objectclass: computer
213 cN: LDAPtestCOMPUTER3
216 ok = ldb.del("cn=ldaptestcomputer3,cn=computers," + base_dn);
219 assert(ok.error == 0);
222 dn: cn=ldaptestcomputer3,cn=computers," + base_dn + "
223 objectClass: computer
224 cn: LDAPtestCOMPUTER3
228 assert(ok.error == 0);
232 println("Testing ldb.search for (&(cn=ldaptestcomputer3)(objectClass=user))");
233 var res = ldb.search("(&(cn=ldaptestcomputer3)(objectClass=user))");
234 if (res.error != 0 || res.msgs.length != 1) {
235 println("Could not find (&(cn=ldaptestcomputer3)(objectClass=user))");
236 assert(res.error == 0);
237 assert(res.msgs.length == 1);
240 assert(res.msgs[0].dn == ("CN=ldaptestcomputer3,CN=Computers," + base_dn));
241 assert(res.msgs[0].cn == "ldaptestcomputer3");
242 assert(res.msgs[0].name == "ldaptestcomputer3");
243 assert(res.msgs[0].objectClass[0] == "top");
244 assert(res.msgs[0].objectClass[1] == "person");
245 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
246 assert(res.msgs[0].objectClass[3] == "user");
247 assert(res.msgs[0].objectClass[4] == "computer");
248 assert(res.msgs[0].objectGUID != undefined);
249 assert(res.msgs[0].whenCreated != undefined);
250 assert(res.msgs[0].objectCategory == ("CN=Computer,CN=Schema,CN=Configuration," + base_dn));
251 assert(res.msgs[0].primaryGroupID == 513);
252 assert(res.msgs[0].sAMAccountType == 805306368);
253 assert(res.msgs[0].userAccountControl == 546);
255 ldb.del(res.msgs[0].dn);
257 println("Testing attribute or value exists behaviour");
259 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
261 replace: servicePrincipalName
262 servicePrincipalName: host/ldaptest2computer
263 servicePrincipalName: host/ldaptest2computer
264 servicePrincipalName: cifs/ldaptest2computer
267 //LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
268 if (ok.error != 20) {
269 println("Expected error LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS, got :" + ok.errstr);
270 assert(ok.error == 20);
274 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
276 replace: servicePrincipalName
277 servicePrincipalName: host/ldaptest2computer
278 servicePrincipalName: cifs/ldaptest2computer
282 println("Failed to replace servicePrincpalName:" + ok.errstr);
283 assert(ok.error == 20);
287 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
289 add: servicePrincipalName
290 servicePrincipalName: host/ldaptest2computer
293 //LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
294 if (ok.error != 20) {
295 println("Expected error LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS, got :" + ok.errstr);
296 assert(ok.error == 20);
299 println("Testing ranged results");
301 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
303 replace: servicePrincipalName
306 println("Failed to replace servicePrincpalName:" + ok.errstr);
307 assert(ok.error == 0);
311 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
313 add: servicePrincipalName
314 servicePrincipalName: host/ldaptest2computer0
315 servicePrincipalName: host/ldaptest2computer1
316 servicePrincipalName: host/ldaptest2computer2
317 servicePrincipalName: host/ldaptest2computer3
318 servicePrincipalName: host/ldaptest2computer4
319 servicePrincipalName: host/ldaptest2computer5
320 servicePrincipalName: host/ldaptest2computer6
321 servicePrincipalName: host/ldaptest2computer7
322 servicePrincipalName: host/ldaptest2computer8
323 servicePrincipalName: host/ldaptest2computer9
324 servicePrincipalName: host/ldaptest2computer10
325 servicePrincipalName: host/ldaptest2computer11
326 servicePrincipalName: host/ldaptest2computer12
327 servicePrincipalName: host/ldaptest2computer13
328 servicePrincipalName: host/ldaptest2computer14
329 servicePrincipalName: host/ldaptest2computer15
330 servicePrincipalName: host/ldaptest2computer16
331 servicePrincipalName: host/ldaptest2computer17
332 servicePrincipalName: host/ldaptest2computer18
333 servicePrincipalName: host/ldaptest2computer19
334 servicePrincipalName: host/ldaptest2computer20
335 servicePrincipalName: host/ldaptest2computer21
336 servicePrincipalName: host/ldaptest2computer22
337 servicePrincipalName: host/ldaptest2computer23
338 servicePrincipalName: host/ldaptest2computer24
339 servicePrincipalName: host/ldaptest2computer25
340 servicePrincipalName: host/ldaptest2computer26
341 servicePrincipalName: host/ldaptest2computer27
342 servicePrincipalName: host/ldaptest2computer28
343 servicePrincipalName: host/ldaptest2computer29
347 println("Failed to replace servicePrincpalName:" + ok.errstr);
348 assert(ok.error == 0);
352 var attrs = new Array("servicePrincipalName;range=0-*");
353 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
354 if (res.error != 0 || res.msgs.length != 1) {
355 println("Could not find (cn=ldaptest2computer) for servicePrincipalName;range=0-*");
356 assert(res.error == 0);
357 assert(res.msgs.length == 1);
359 // println(res.msgs[0]["servicePrincipalName;range=0-*"].length);
360 assert(res.msgs[0]["servicePrincipalName;range=0-*"].length == 30);
362 var attrs = new Array("servicePrincipalName;range=0-19");
363 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
364 if (res.error != 0 || res.msgs.length != 1) {
365 println("Could not find (cn=ldaptest2computer) for servicePrincipalName;range=0-19");
366 assert(res.error == 0);
367 assert(res.msgs.length == 1);
369 // println(res.msgs[0]["servicePrincipalName;range=0-19"].length);
370 assert(res.msgs[0]["servicePrincipalName;range=0-19"].length == 20);
372 var attrs = new Array("servicePrincipalName;range=0-30");
373 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
374 if (res.error != 0 || res.msgs.length != 1) {
375 println("Could not find (cn=ldaptest2computer) at servicePrincipalName;range=0-19");
376 assert(res.error == 0);
377 assert(res.msgs.length == 1);
379 assert(res.msgs[0]["servicePrincipalName;range=0-*"].length == 30);
381 var attrs = new Array("servicePrincipalName;range=0-40");
382 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
383 if (res.error != 0 || res.msgs.length != 1) {
384 println("Could not find (cn=ldaptest2computer) at servicePrincipalName;range=0-40");
385 assert(res.error == 0);
386 assert(res.msgs.length == 1);
388 assert(res.msgs[0]["servicePrincipalName;range=0-*"].length == 30);
390 var attrs = new Array("servicePrincipalName;range=30-40");
391 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
392 if (res.error != 0 || res.msgs.length != 1) {
393 println("Could not find (cn=ldaptest2computer) at servicePrincipalName;range=30-40");
394 assert(res.error == 0);
395 assert(res.msgs.length == 1);
397 assert(res.msgs[0]["servicePrincipalName;range=30-*"].length == 0);
399 var attrs = new Array("servicePrincipalName;range=10-40");
400 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
401 if (res.error != 0 || res.msgs.length != 1) {
402 println("Could not find (cn=ldaptest2computer) at servicePrincipalName;range=10-40");
403 assert(res.error == 0);
404 assert(res.msgs.length == 1);
406 assert(res.msgs[0]["servicePrincipalName;range=10-*"].length == 20);
407 // var pos_11 = res.msgs[0]["servicePrincipalName;range=10-*"][18];
409 var attrs = new Array("servicePrincipalName;range=11-40");
410 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
411 if (res.error != 0 || res.msgs.length != 1) {
412 println("Could not find (cn=ldaptest2computer) at servicePrincipalName;range=10-*");
413 assert(res.error == 0);
414 assert(res.msgs.length == 1);
416 assert(res.msgs[0]["servicePrincipalName;range=11-*"].length == 19);
417 // println(res.msgs[0]["servicePrincipalName;range=11-*"][18]);
419 // assert((res.msgs[0]["servicePrincipalName;range=11-*"][18]) == pos_11);
421 var attrs = new Array("servicePrincipalName;range=11-15");
422 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
423 if (res.error != 0 || res.msgs.length != 1) {
424 println("Could not find (cn=ldaptest2computer) at servicePrincipalName;range=11-15");
425 assert(res.error == 0);
426 assert(res.msgs.length == 1);
428 assert(res.msgs[0]["servicePrincipalName;range=11-15"].length == 5);
429 // assert(res.msgs[0]["servicePrincipalName;range=11-15"][4] == pos_11);
431 var attrs = new Array("servicePrincipalName");
432 var res = ldb.search("(cn=ldaptest2computer))", base_dn, ldb.SCOPE_SUBTREE, attrs);
433 if (res.error != 0 || res.msgs.length != 1) {
434 println("Could not find (cn=ldaptest2computer) at servicePrincipalName");
435 assert(res.error == 0);
436 assert(res.msgs.length == 1);
438 // println(res.msgs[0]["servicePrincipalName"][18]);
440 assert(res.msgs[0]["servicePrincipalName"].length == 30);
441 // assert(res.msgs[0]["servicePrincipalName"][18] == pos_11);
444 dn: cn=ldaptestuser2,cn=useRs," + base_dn + "
452 ok = ldb.del("cn=ldaptestuser2,cn=users," + base_dn);
455 assert(ok.error == 0);
458 dn: cn=ldaptestuser2,cn=useRs," + base_dn + "
467 assert(ok.error == 0);
472 println("Testing Ambigious Name Resolution");
473 // Testing ldb.search for (&(anr=ldap testy)(objectClass=user))
474 var res = ldb.search("(&(anr=ldap testy)(objectClass=user))");
475 if (res.error != 0 || res.msgs.length != 3) {
476 println("Could not find (&(anr=ldap testy)(objectClass=user))");
477 assert(res.error == 0);
478 assert(res.msgs.length == 3);
481 // Testing ldb.search for (&(anr=testy ldap)(objectClass=user))
482 var res = ldb.search("(&(anr=testy ldap)(objectClass=user))");
483 if (res.error != 0 || res.msgs.length != 2) {
484 println("Found only " + res.msgs.length + " for (&(anr=testy ldap)(objectClass=user))");
485 assert(res.error == 0);
486 assert(res.msgs.length == 2);
489 var res = ldb.search("(&(anr=testy ldap)(objectClass=user))");
490 if (res.error != 0 || res.msgs.length != 2) {
491 println("Found only " + res.msgs.length + " for (&(anr=\"testy ldap\")(objectClass=user))");
492 assert(res.error == 0);
493 assert(res.msgs.length == 2);
496 // Testing ldb.search for (&(anr=ldap)(objectClass=user))
497 var res = ldb.search("(&(anr=ldap)(objectClass=user))");
498 if (res.error != 0 || res.msgs.length != 4) {
499 println("Found only " + res.msgs.length + " for (&(anr=ldap)(objectClass=user))");
500 assert(res.error == 0);
501 assert(res.msgs.length == 4);
504 // Testing ldb.search for (&(anr==ldap)(objectClass=user))
505 var res = ldb.search("(&(anr==ldap)(objectClass=user))");
506 if (res.error != 0 || res.msgs.length != 1) {
507 println("Found only " + res.msgs.length + " for (&(anr=ldap)(objectClass=user))");
508 println("Could not find (&(anr==ldap)(objectClass=user))");
509 assert(res.error == 0);
510 assert(res.msgs.length == 1);
513 assert(res.msgs[0].dn == ("CN=ldaptestuser,CN=Users," + base_dn));
514 assert(res.msgs[0].cn == "ldaptestuser");
515 assert(res.msgs[0].name == "ldaptestuser");
517 // Testing ldb.search for (&(anr=testy)(objectClass=user))
518 var res = ldb.search("(&(anr=testy)(objectClass=user))");
519 if (res.error != 0 || res.msgs.length != 2) {
520 println("Found only " + res.msgs.length + " for (&(anr=testy)(objectClass=user))");
521 assert(res.error == 0);
522 assert(res.msgs.length == 2);
525 // Testing ldb.search for (&(anr=ldap testy)(objectClass=user))
526 var res = ldb.search("(&(anr=testy ldap)(objectClass=user))");
527 if (res.error != 0 || res.msgs.length != 2) {
528 println("Found only " + res.msgs.length + " for (&(anr=ldap testy)(objectClass=user))");
529 assert(res.error == 0);
530 assert(res.msgs.length == 2);
533 // Testing ldb.search for (&(anr==ldap testy)(objectClass=user))
534 var res = ldb.search("(&(anr==testy ldap)(objectClass=user))");
535 if (res.error != 0 || res.msgs.length != 1) {
536 println("Found only " + res.msgs.length + " for (&(anr==ldap testy)(objectClass=user))");
537 assert(res.error == 0);
538 assert(res.msgs.length == 1);
541 assert(res.msgs[0].dn == ("CN=ldaptestuser,CN=Users," + base_dn));
542 assert(res.msgs[0].cn == "ldaptestuser");
543 assert(res.msgs[0].name == "ldaptestuser");
545 // Testing ldb.search for (&(anr==testy ldap)(objectClass=user))
546 var res = ldb.search("(&(anr==testy ldap)(objectClass=user))");
547 if (res.error != 0 || res.msgs.length != 1) {
548 println("Could not find (&(anr==testy ldap)(objectClass=user))");
549 assert(res.error == 0);
550 assert(res.msgs.length == 1);
553 assert(res.msgs[0].dn == ("CN=ldaptestuser,CN=Users," + base_dn));
554 assert(res.msgs[0].cn == "ldaptestuser");
555 assert(res.msgs[0].name == "ldaptestuser");
557 // Testing ldb.search for (&(anr=testy ldap user)(objectClass=user))
558 var res = ldb.search("(&(anr=testy ldap user)(objectClass=user))");
559 if (res.error != 0 || res.msgs.length != 1) {
560 println("Could not find (&(anr=testy ldap user)(objectClass=user))");
561 assert(res.error == 0);
562 assert(res.msgs.length == 1);
565 assert(res.msgs[0].dn == ("CN=ldaptestuser2,CN=Users," + base_dn));
566 assert(res.msgs[0].cn == "ldaptestuser2");
567 assert(res.msgs[0].name == "ldaptestuser2");
569 // Testing ldb.search for (&(anr==testy ldap user2)(objectClass=user))
570 var res = ldb.search("(&(anr==testy ldap user2)(objectClass=user))");
571 if (res.error != 0 || res.msgs.length != 1) {
572 println("Could not find (&(anr==testy ldap user2)(objectClass=user))");
573 assert(res.error == 0);
574 assert(res.msgs.length == 1);
577 assert(res.msgs[0].dn == ("CN=ldaptestuser2,CN=Users," + base_dn));
578 assert(res.msgs[0].cn == "ldaptestuser2");
579 assert(res.msgs[0].name == "ldaptestuser2");
581 // Testing ldb.search for (&(anr==ldap user2)(objectClass=user))
582 var res = ldb.search("(&(anr==ldap user2)(objectClass=user))");
583 if (res.error != 0 || res.msgs.length != 1) {
584 println("Could not find (&(anr==ldap user2)(objectClass=user))");
585 assert(res.error == 0);
586 assert(res.msgs.length == 1);
589 assert(res.msgs[0].dn == ("CN=ldaptestuser2,CN=Users," + base_dn));
590 assert(res.msgs[0].cn == "ldaptestuser2");
591 assert(res.msgs[0].name == "ldaptestuser2");
593 // Testing ldb.search for (&(anr==not ldap user2)(objectClass=user))
594 var res = ldb.search("(&(anr==not ldap user2)(objectClass=user))");
595 if (res.error != 0 || res.msgs.length != 0) {
596 println("Must not find (&(anr==not ldap user2)(objectClass=user))");
597 assert(res.error == 0);
598 assert(res.msgs.length == 0);
601 // Testing ldb.search for (&(anr=not ldap user2)(objectClass=user))
602 var res = ldb.search("(&(anr=not ldap user2)(objectClass=user))");
603 if (res.error != 0 || res.msgs.length != 0) {
604 println("Must not find (&(anr=not ldap user2)(objectClass=user))");
605 assert(res.error == 0);
606 assert(res.msgs.length == 0);
609 println("Testing Group Modifies");
611 dn: cn=ldaptestgroup,cn=users," + base_dn + "
614 member: cn=ldaptestuser2,cn=users," + base_dn + "
615 member: cn=ldaptestcomputer,cn=computers," + base_dn + "
620 assert(ok.error == 0);
623 ok = ldb.del("cn=ldaptestuser3,cn=users," + base_dn);
625 println("Testing adding non-existent user to a group");
627 dn: cn=ldaptestgroup,cn=users," + base_dn + "
630 member: cn=ldaptestuser3,cn=users," + base_dn + "
632 if (ok.error != 32) { /* LDAP_NO_SUCH_OBJECT */
634 assert(ok.error == 32);
637 println("Testing Renames");
639 ok = ldb.rename("cn=ldaptestuser2,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn);
641 println("Could not rename cn=ldaptestuser2,cn=users," + base_dn + " into cn=ldaptestuser3,cn=users," + base_dn + ": " + ok.errstr);
642 assert(ok.error == 0);
645 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn);
647 println("Could not rename cn=ldaptestuser3,cn=users," + base_dn + " onto itself: " + ok.errstr);
648 assert(ok.error == 0);
651 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestUSER3,cn=users," + base_dn);
653 println("Could not rename cn=ldaptestuser3,cn=users," + base_dn + " into cn=ldaptestUSER3,cn=users," + base_dn + ": " + ok.errstr);
654 assert(ok.error == 0);
657 println("Testing ldb.search for (&(cn=ldaptestuser3)(objectClass=user))");
658 var res = ldb.search("(&(cn=ldaptestuser3)(objectClass=user))");
659 if (res.error != 0 || res.msgs.length != 1) {
660 println("Could not find (&(cn=ldaptestuser3)(objectClass=user))");
661 assert(res.error == 0);
662 assert(res.msgs.length == 1);
665 assert(res.msgs[0].dn == ("CN=ldaptestUSER3,CN=Users," + base_dn));
666 assert(res.msgs[0].cn == "ldaptestUSER3");
667 assert(res.msgs[0].name == "ldaptestUSER3");
669 println("Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=*))(objectClass=user))");
670 var res = ldb.search("(&(&(cn=ldaptestuser3)(userAccountControl=*))(objectClass=user))");
671 if (res.error != 0 || res.msgs.length != 1) {
672 println("Could not find (&(cn=ldaptestuser3)(objectClass=user))");
673 assert(res.error == 0);
674 assert(res.msgs.length == 1);
677 assert(res.msgs[0].dn == ("CN=ldaptestUSER3,CN=Users," + base_dn));
678 assert(res.msgs[0].cn == "ldaptestUSER3");
679 assert(res.msgs[0].name == "ldaptestUSER3");
681 println("Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))");
682 var res = ldb.search("(&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))");
683 if (res.error != 0 || res.msgs.length != 1) {
684 println("Could not find (&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))");
685 assert(res.error == 0);
686 assert(res.msgs.length == 1);
689 assert(res.msgs[0].dn == ("CN=ldaptestUSER3,CN=Users," + base_dn));
690 assert(res.msgs[0].cn == "ldaptestUSER3");
691 assert(res.msgs[0].name == "ldaptestUSER3");
693 println("Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))");
694 var res = ldb.search("(&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))");
695 if (res.error != 0 || res.msgs.length != 0) {
696 println("Should not find (&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))");
697 assert(res.error == 0);
698 assert(res.msgs.length == 0);
701 // This is a Samba special, and does not exist in real AD
702 // println("Testing ldb.search for (dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")");
703 // var res = ldb.search("(dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")");
704 // if (res.error != 0 || res.msgs.length != 1) {
705 // println("Could not find (dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")");
706 // assert(res.error == 0);
707 // assert(res.msgs.length == 1);
709 // assert(res.msgs[0].dn == ("CN=ldaptestUSER3,CN=Users," + base_dn));
710 // assert(res.msgs[0].cn == "ldaptestUSER3");
711 // assert(res.msgs[0].name == "ldaptestUSER3");
713 println("Testing ldb.search for (distinguishedName=CN=ldaptestUSER3,CN=Users," + base_dn + ")");
714 var res = ldb.search("(distinguishedName=CN=ldaptestUSER3,CN=Users," + base_dn + ")");
715 if (res.error != 0 || res.msgs.length != 1) {
716 println("Could not find (dn=CN=ldaptestUSER3,CN=Users," + base_dn + ")");
717 assert(res.error == 0);
718 assert(res.msgs.length == 1);
720 assert(res.msgs[0].dn == ("CN=ldaptestUSER3,CN=Users," + base_dn));
721 assert(res.msgs[0].cn == "ldaptestUSER3");
722 assert(res.msgs[0].name == "ldaptestUSER3");
724 // ensure we cannot add it again
726 dn: cn=ldaptestuser3,cn=userS," + base_dn + "
731 //LDB_ERR_ENTRY_ALREADY_EXISTS
732 if (ok.error != 68) {
733 println("expected error LDB_ERR_ENTRY_ALREADY_EXISTS, got: " + ok.errstr);
734 assert(ok.error == 68);
738 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser2,cn=users," + base_dn);
741 assert(ok.error == 0);
744 // ensure we cannnot rename it twice
745 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser2,cn=users," + base_dn);
746 //LDB_ERR_NO_SUCH_OBJECT
747 assert(ok.error == 32);
749 // ensure can now use that name
751 dn: cn=ldaptestuser3,cn=users," + base_dn + "
757 // ensure we now cannnot rename
758 ok = ldb.rename("cn=ldaptestuser2,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn);
759 //LDB_ERR_ENTRY_ALREADY_EXISTS
760 if (ok.error != 68) {
761 println("expected error LDB_ERR_ENTRY_ALREADY_EXISTS, got: " + ok.errstr);
762 assert(ok.error == 68);
764 assert(ok.error == 68);
765 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser3,cn=configuration," + base_dn);
766 if (ok.error != 71 && ok.error != 64) {
767 println("expected error LDB_ERR_ENTRY_ALREADY_EXISTS or LDAP_NAMING_VIOLATION, got: " + ok.errstr);
768 assert(ok.error == 71 || ok.error == 64);
770 assert(ok.error == 71 || ok.error == 64);
772 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser5,cn=users," + base_dn);
775 assert(ok.error == 0);
778 ok = ldb.del("cn=ldaptestuser5,cn=users," + base_dn);
780 ok = ldb.del("cn=ldaptestgroup2,cn=users," + base_dn);
782 ok = ldb.rename("cn=ldaptestgroup,cn=users," + base_dn, "cn=ldaptestgroup2,cn=users," + base_dn);
785 assert(ok.error == 0);
788 println("Testing subtree Renames");
791 dn: cn=ldaptestcontainer," + base_dn + "
792 objectClass: container
796 dn: CN=ldaptestuser4,CN=ldaptestcontainer," + base_dn + "
802 ok = ldb.del("cn=ldaptestuser4,cn=ldaptestcontainer," + base_dn);
805 assert(ok.error == 0);
808 dn: CN=ldaptestuser4,CN=ldaptestcontainer," + base_dn + "
815 assert(ok.error == 0);
820 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
823 member: cn=ldaptestuser4,cn=ldaptestcontainer," + base_dn + "
826 println("Failure adding ldaptestuser4 to a group");
828 assert(ok.error == 0);
831 println("Testing ldb.rename of cn=ldaptestcontainer," + base_dn + " to cn=ldaptestcontainer2," + base_dn);
832 ok = ldb.rename("CN=ldaptestcontainer," + base_dn, "CN=ldaptestcontainer2," + base_dn);
835 assert(ok.error == 0);
838 println("Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user))");
839 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))");
840 if (res.error != 0 || res.msgs.length != 1) {
841 println("Could not find (&(cn=ldaptestuser4)(objectClass=user))");
842 assert(res.error == 0);
843 assert(res.msgs.length == 1);
846 println("Testing subtree ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + base_dn);
847 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))", "cn=ldaptestcontainer," + base_dn, ldb.SCOPE_SUBTREE);
848 if (res.error != 32) {
850 assert(res.error == 32);
853 println("Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + base_dn);
854 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))", "cn=ldaptestcontainer," + base_dn, ldb.SCOPE_ONELEVEL);
855 if (res.error != 32) {
857 assert(res.error == 32);
860 println("Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in renamed container");
861 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))", "cn=ldaptestcontainer2," + base_dn, ldb.SCOPE_SUBTREE);
862 if (res.error != 0 || res.msgs.length != 1) {
863 println("Could not find (&(cn=ldaptestuser4)(objectClass=user)) under cn=ldaptestcontainer2," + base_dn);
864 assert(res.error == 0);
865 assert(res.msgs.length == 1);
868 assert(res.msgs[0].dn == ("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn));
869 assert(strupper(res.msgs[0].memberOf[0]) == strupper(("CN=ldaptestgroup2,CN=Users," + base_dn)));
871 println("Testing ldb.search for (&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn + ")(objectclass=group)) to check subtree renames and linked attributes");
872 var res = ldb.search("(&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn + ")(objectclass=group))", base_dn, ldb.SCOPE_SUBTREE);
873 if (res.error != 0 || res.msgs.length != 1) {
874 println("Could not find (&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn + ")(objectclass=group)), perhaps linked attributes are not conistant with subtree renames?");
875 assert(res.error == 0);
876 assert(res.msgs.length == 1);
879 println("Testing ldb.rename (into itself) of cn=ldaptestcontainer2," + base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer2," + base_dn);
880 ok = ldb.rename("cn=ldaptestcontainer2," + base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer2," + base_dn);
881 if (ok.error != 53) { /* LDAP_UNWILLING_TO_PERFORM */
883 assert(ok.error == 53);
886 println("Testing ldb.rename (into non-existent container) of cn=ldaptestcontainer2," + base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer3," + base_dn);
887 ok = ldb.rename("cn=ldaptestcontainer2," + base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer3," + base_dn);
888 if (ok.error != 53 && ok.error != 80) { /* LDAP_UNWILLING_TO_PERFORM or LDAP_OTHER*/
890 assert(ok.error == 53 || ok.error == 80);
893 println("Testing delete (should fail, not a leaf node) of renamed cn=ldaptestcontainer2," + base_dn);
894 ok = ldb.del("cn=ldaptestcontainer2," + base_dn);
895 if (ok.error != 66) { /* LDB_ERR_NOT_ALLOWED_ON_NON_LEAF */
897 assert(ok.error == 66);
900 println("Testing base ldb.search for CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn);
901 var res = ldb.search("(objectclass=*)", ("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn), ldb.SCOPE_BASE);
902 if (res.error == 0 && res.count == 1) {
903 assert(res.error == 0 && res.count == 1);
905 var res = ldb.search("(cn=ldaptestuser40)", ("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn), ldb.SCOPE_BASE);
906 if (res.error == 0 && res.count == 0) {
907 assert(res.error == 0 && res.count == 0);
910 println("Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + base_dn);
911 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))", "cn=ldaptestcontainer2," + base_dn, ldb.SCOPE_ONELEVEL);
912 if (res.error == 0 && res.count == 0) {
913 assert(res.error == 0 && res.count == 0);
916 println("Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + base_dn);
917 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))", "cn=ldaptestcontainer2," + base_dn, ldb.SCOPE_SUBTREE);
918 if (res.error == 0 && res.count == 0) {
919 assert(res.error == 0 && res.count == 0);
922 println("Testing delete of subtree renamed "+("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn));
923 ok = ldb.del(("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn));
926 assert(ok.error == 0);
928 println("Testing delete of renamed cn=ldaptestcontainer2," + base_dn);
929 ok = ldb.del("cn=ldaptestcontainer2," + base_dn);
932 assert(ok.error == 0);
936 dn: cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn + "
940 ok = ldb.del("cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn);
943 assert(ok.error == 0);
946 dn: cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn + "
951 assert(ok.error == 0);
956 dn: cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn + "
960 ok = ldb.del("cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn);
963 assert(ok.error == 0);
966 dn: cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn + "
971 assert(ok.error == 0);
975 println("Testing ldb.search for (&(cn=ldaptestuser)(objectClass=user))");
976 var res = ldb.search("(&(cn=ldaptestuser)(objectClass=user))");
977 if (res.error != 0 || res.msgs.length != 1) {
978 println("Could not find (&(cn=ldaptestuser)(objectClass=user))");
979 assert(res.error == 0);
980 assert(res.msgs.length == 1);
983 assert(res.msgs[0].dn == ("CN=ldaptestuser,CN=Users," + base_dn));
984 assert(res.msgs[0].cn == "ldaptestuser");
985 assert(res.msgs[0].name == "ldaptestuser");
986 assert(res.msgs[0].objectClass[0] == "top");
987 assert(res.msgs[0].objectClass[1] == "person");
988 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
989 assert(res.msgs[0].objectClass[3] == "user");
990 assert(res.msgs[0].objectGUID != undefined);
991 assert(res.msgs[0].whenCreated != undefined);
992 assert(res.msgs[0].objectCategory == ("CN=Person,CN=Schema,CN=Configuration," + base_dn));
993 assert(res.msgs[0].sAMAccountType == 805306368);
994 assert(res.msgs[0].userAccountControl == 546);
995 assert(res.msgs[0].memberOf[0] == ("CN=ldaptestgroup2,CN=Users," + base_dn));
996 assert(res.msgs[0].memberOf.length == 1);
998 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
999 var res2 = ldb.search("(&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
1000 if (res2.error != 0 || res2.msgs.length != 1) {
1001 println("Could not find (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
1002 assert(res2.error == 0);
1003 assert(res2.msgs.length == 1);
1006 assert(res.msgs[0].dn == res2.msgs[0].dn);
1008 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon))");
1009 var res3 = ldb.search("(&(cn=ldaptestuser)(objectCategory=PerSon))");
1010 if (res3.error != 0) {
1011 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)): " + res3.errstr);
1012 assert(res3.error == 0);
1013 } else if (res3.msgs.length != 1) {
1014 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)): matched " + res3.msgs.length);
1015 assert(res3.msgs.length == 1);
1018 assert(res.msgs[0].dn == res3.msgs[0].dn);
1020 if (gc_ldb != undefined) {
1021 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog");
1022 var res3gc = gc_ldb.search("(&(cn=ldaptestuser)(objectCategory=PerSon))");
1023 if (res3gc.error != 0) {
1024 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog: " + res3gc.errstr);
1025 assert(res3gc.error == 0);
1026 } else if (res3gc.msgs.length != 1) {
1027 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog: matched " + res3gc.msgs.length);
1028 assert(res3gc.msgs.length == 1);
1031 assert(res.msgs[0].dn == res3gc.msgs[0].dn);
1034 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in with 'phantom root' control");
1035 var attrs = new Array("cn");
1036 var controls = new Array("search_options:1:2");
1037 var res3control = gc_ldb.search("(&(cn=ldaptestuser)(objectCategory=PerSon))", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
1038 if (res3control.error != 0 || res3control.msgs.length != 1) {
1039 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog");
1040 assert(res3control.error == 0);
1041 assert(res3control.msgs.length == 1);
1044 assert(res.msgs[0].dn == res3control.msgs[0].dn);
1046 ok = ldb.del(res.msgs[0].dn);
1047 if (ok.error != 0) {
1049 assert(ok.error == 0);
1052 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectClass=user))");
1053 var res = ldb.search("(&(cn=ldaptestcomputer)(objectClass=user))");
1054 if (res.error != 0 || res.msgs.length != 1) {
1055 println("Could not find (&(cn=ldaptestcomputer)(objectClass=user))");
1056 assert(res.error == 0);
1057 assert(res.msgs.length == 1);
1060 assert(res.msgs[0].dn == ("CN=ldaptestcomputer,CN=Computers," + base_dn));
1061 assert(res.msgs[0].cn == "ldaptestcomputer");
1062 assert(res.msgs[0].name == "ldaptestcomputer");
1063 assert(res.msgs[0].objectClass[0] == "top");
1064 assert(res.msgs[0].objectClass[1] == "person");
1065 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
1066 assert(res.msgs[0].objectClass[3] == "user");
1067 assert(res.msgs[0].objectClass[4] == "computer");
1068 assert(res.msgs[0].objectGUID != undefined);
1069 assert(res.msgs[0].whenCreated != undefined);
1070 assert(res.msgs[0].objectCategory == "cn=Computer,cn=Schema,cn=Configuration," + base_dn);
1071 assert(res.msgs[0].sAMAccountType == 805306368);
1072 assert(res.msgs[0].userAccountControl == 546);
1074 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
1075 var res2 = ldb.search("(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
1076 if (res2.error != 0 || res2.msgs.length != 1) {
1077 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
1078 assert(res2.error == 0);
1079 assert(res2.msgs.length == 1);
1082 assert(res.msgs[0].dn == res2.msgs[0].dn);
1084 if (gc_ldb != undefined) {
1085 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + ")) in Global Catlog");
1086 var res2gc = gc_ldb.search("(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
1087 if (res2gc.error != 0 || res2gc.msgs.length != 1) {
1088 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + ")) in Global Catlog");
1089 assert(res2gc.error == 0);
1090 assert(res2gc.msgs.length == 1);
1093 assert(res.msgs[0].dn == res2gc.msgs[0].dn);
1096 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER))");
1097 var res3 = ldb.search("(&(cn=ldaptestcomputer)(objectCategory=compuTER))");
1098 if (res3.error != 0 || res3.msgs.length != 1) {
1099 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER))");
1100 assert(res3.error == 0);
1101 assert(res3.msgs.length == 1);
1104 assert(res.msgs[0].dn == res3.msgs[0].dn);
1106 if (gc_ldb != undefined) {
1107 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog");
1108 var res3gc = gc_ldb.search("(&(cn=ldaptestcomputer)(objectCategory=compuTER))");
1109 if (res3gc.error != 0 || res3gc.msgs.length != 1) {
1110 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog");
1111 assert(res3gc.error == 0);
1112 assert(res3gc.msgs.length == 1);
1115 assert(res.msgs[0].dn == res3gc.msgs[0].dn);
1118 println("Testing ldb.search for (&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
1119 var res4 = ldb.search("(&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
1120 if (res4.error != 0 || res4.msgs.length != 1) {
1121 println("Could not find (&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
1122 assert(res4.error == 0);
1123 assert(res4.msgs.length == 1);
1126 assert(res.msgs[0].dn == res4.msgs[0].dn);
1128 println("Testing ldb.search for (&(cn=ldaptestcomput*)(objectCategory=compuTER))");
1129 var res5 = ldb.search("(&(cn=ldaptestcomput*)(objectCategory=compuTER))");
1130 if (res5.error != 0 || res5.msgs.length != 1) {
1131 println("Could not find (&(cn=ldaptestcomput*)(objectCategory=compuTER))");
1132 assert(res5.error == 0);
1133 assert(res5.msgs.length == 1);
1136 assert(res.msgs[0].dn == res5.msgs[0].dn);
1138 println("Testing ldb.search for (&(cn=*daptestcomputer)(objectCategory=compuTER))");
1139 var res6 = ldb.search("(&(cn=*daptestcomputer)(objectCategory=compuTER))");
1140 if (res6.error != 0 || res6.msgs.length != 1) {
1141 println("Could not find (&(cn=*daptestcomputer)(objectCategory=compuTER))");
1142 assert(res6.error == 0);
1143 assert(res6.msgs.length == 1);
1146 assert(res.msgs[0].dn == res6.msgs[0].dn);
1148 ok = ldb.del(res.msgs[0].dn);
1149 if (ok.error != 0) {
1151 assert(ok.error == 0);
1154 println("Testing ldb.search for (&(cn=ldaptest2computer)(objectClass=user))");
1155 var res = ldb.search("(&(cn=ldaptest2computer)(objectClass=user))");
1156 if (res.error != 0 || res.msgs.length != 1) {
1157 println("Could not find (&(cn=ldaptest2computer)(objectClass=user))");
1158 assert(res.error == 0);
1159 assert(res.msgs.length == 1);
1162 assert(res.msgs[0].dn == ("CN=ldaptest2computer,CN=Computers," + base_dn));
1163 assert(res.msgs[0].cn == "ldaptest2computer");
1164 assert(res.msgs[0].name == "ldaptest2computer");
1165 assert(res.msgs[0].objectClass[0] == "top");
1166 assert(res.msgs[0].objectClass[1] == "person");
1167 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
1168 assert(res.msgs[0].objectClass[3] == "user");
1169 assert(res.msgs[0].objectClass[4] == "computer");
1170 assert(res.msgs[0].objectGUID != undefined);
1171 assert(res.msgs[0].whenCreated != undefined);
1172 assert(res.msgs[0].objectCategory == "cn=Computer,cn=Schema,cn=Configuration," + base_dn);
1173 assert(res.msgs[0].sAMAccountType == 805306369);
1174 assert(res.msgs[0].userAccountControl == 4096);
1177 ok = ldb.del(res.msgs[0].dn);
1178 if (ok.error != 0) {
1180 assert(ok.error == 0);
1183 var attrs = new Array("cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "memberOf");
1184 println("Testing ldb.search for (&(cn=ldaptestUSer2)(objectClass=user))");
1185 var res = ldb.search("(&(cn=ldaptestUSer2)(objectClass=user))", base_dn, ldb.SCOPE_SUBTREE, attrs);
1186 if (res.error != 0 || res.msgs.length != 1) {
1187 println("Could not find (&(cn=ldaptestUSer2)(objectClass=user))");
1188 assert(res.error == 0);
1189 assert(res.msgs.length == 1);
1192 assert(res.msgs[0].dn == ("CN=ldaptestuser2,CN=Users," + base_dn));
1193 assert(res.msgs[0].cn == "ldaptestuser2");
1194 assert(res.msgs[0].name == "ldaptestuser2");
1195 assert(res.msgs[0].objectClass[0] == "top");
1196 assert(res.msgs[0].objectClass[1] == "person");
1197 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
1198 assert(res.msgs[0].objectClass[3] == "user");
1199 assert(res.msgs[0].objectGUID != undefined);
1200 assert(res.msgs[0].whenCreated != undefined);
1201 assert(res.msgs[0].nTSecurityDescriptor != undefined);
1202 assert(res.msgs[0].memberOf[0] == ("CN=ldaptestgroup2,CN=Users," + base_dn));
1204 var attrs = new Array("cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member");
1205 println("Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group))");
1206 var res = ldb.search("(&(cn=ldaptestgroup2)(objectClass=group))", base_dn, ldb.SCOPE_SUBTREE, attrs);
1207 if (res.error != 0 || res.msgs.length != 1) {
1208 println("Could not find (&(cn=ldaptestgroup2)(objectClass=group))");
1209 assert(res.error == 0);
1210 assert(res.msgs.length == 1);
1213 assert(res.msgs[0].dn == ("CN=ldaptestgroup2,CN=Users," + base_dn));
1214 assert(res.msgs[0].cn == "ldaptestgroup2");
1215 assert(res.msgs[0].name == "ldaptestgroup2");
1216 assert(res.msgs[0].objectClass[0] == "top");
1217 assert(res.msgs[0].objectClass[1] == "group");
1218 assert(res.msgs[0].objectGUID != undefined);
1219 assert(res.msgs[0].whenCreated != undefined);
1220 assert(res.msgs[0].nTSecurityDescriptor != undefined);
1221 assert(res.msgs[0].member[0] == ("CN=ldaptestuser2,CN=Users," + base_dn));
1222 assert(res.msgs[0].member.length == 1);
1225 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
1228 member: CN=ldaptestuser2,CN=Users," + base_dn + "
1229 member: CN=ldaptestutf8user èùéìòà,CN=Users," + base_dn + "
1231 if (ok.error != 0) {
1232 println("Failure testing replace of linked attributes");
1234 assert(ok.error == 0);
1237 println("Testing Linked attribute behaviours");
1239 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
1243 if (ok.error != 0) {
1244 println("Failure testing delete of linked attributes");
1246 assert(ok.error == 0);
1250 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
1253 member: CN=ldaptestuser2,CN=Users," + base_dn + "
1254 member: CN=ldaptestutf8user èùéìòà,CN=Users," + base_dn + "
1256 if (ok.error != 0) {
1257 println("Failure testing add of linked attributes");
1259 assert(ok.error == 0);
1263 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
1267 if (ok.error != 0) {
1268 println("Failure testing replace of linked attributes");
1270 assert(ok.error == 0);
1274 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
1277 member: CN=ldaptestuser2,CN=Users," + base_dn + "
1278 member: CN=ldaptestutf8user èùéìòà,CN=Users," + base_dn + "
1280 if (ok.error != 0) {
1281 println("Failure testing add of linked attributes");
1283 assert(ok.error == 0);
1287 dn: cn=ldaptestgroup2,cn=users," + base_dn + "
1290 member: CN=ldaptestutf8user èùéìòà,CN=Users," + base_dn + "
1292 if (ok.error != 0) {
1293 println("Failure testing replace of linked attributes");
1295 assert(ok.error == 0);
1298 var res = ldb.search("(&(cn=ldaptestgroup2)(objectClass=group))", base_dn, ldb.SCOPE_SUBTREE, attrs);
1299 if (res.error != 0 || res.msgs.length != 1) {
1300 println("Could not find (&(cn=ldaptestgroup2)(objectClass=group))");
1301 assert(res.error == 0);
1302 assert(res.msgs.length == 1);
1305 assert(res.msgs[0].dn == ("CN=ldaptestgroup2,CN=Users," + base_dn));
1306 assert(res.msgs[0].member[0] == ("CN=ldaptestuser2,CN=Users," + base_dn));
1307 assert(res.msgs[0].member.length == 1);
1309 ok = ldb.del(("CN=ldaptestuser2,CN=Users," + base_dn));
1310 if (ok.error != 0) {
1312 assert(ok.error == 0);
1315 var attrs = new Array("cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member");
1316 println("Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete");
1317 var res = ldb.search("(&(cn=ldaptestgroup2)(objectClass=group))", base_dn, ldb.SCOPE_SUBTREE, attrs);
1318 if (res.error != 0 || res.msgs.length != 1) {
1319 println("Could not find (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete");
1320 assert(res.error == 0);
1321 assert(res.msgs.length == 1);
1324 assert(res.msgs[0].dn == ("CN=ldaptestgroup2,CN=Users," + base_dn));
1325 assert(res.msgs[0].member == undefined);
1327 println("Testing ldb.search for (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
1328 var res = ldb.search("(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
1330 if (res.error != 0 || res.msgs.length != 1) {
1331 println("Could not find (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
1332 assert(res.error == 0);
1333 assert(res.msgs.length == 1);
1336 assert(res.msgs[0].dn == ("CN=ldaptestutf8user èùéìòà,CN=Users," + base_dn));
1337 assert(res.msgs[0].cn == "ldaptestutf8user èùéìòà");
1338 assert(res.msgs[0].name == "ldaptestutf8user èùéìòà");
1339 assert(res.msgs[0].objectClass[0] == "top");
1340 assert(res.msgs[0].objectClass[1] == "person");
1341 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
1342 assert(res.msgs[0].objectClass[3] == "user");
1343 assert(res.msgs[0].objectGUID != undefined);
1344 assert(res.msgs[0].whenCreated != undefined);
1346 ok = ldb.del(res.msgs[0].dn);
1347 if (ok.error != 0) {
1349 assert(ok.error == 0);
1352 println("Testing ldb.search for (&(cn=ldaptestutf8user2*)(objectClass=user))");
1353 var res = ldb.search("(&(cn=ldaptestutf8user2*)(objectClass=user))");
1354 if (res.error != 0 || res.msgs.length != 1) {
1355 println("Could not find (&(cn=ldaptestutf8user2*)(objectClass=user))");
1356 assert(res.error == 0);
1357 assert(res.msgs.length == 1);
1360 ok = ldb.del(res.msgs[0].dn);
1361 if (ok.error != 0) {
1363 assert(ok.error == 0);
1366 ok = ldb.del(("CN=ldaptestgroup2,CN=Users," + base_dn))
1367 if (ok.error != 0) {
1369 assert(ok.error == 0);
1372 println("Testing ldb.search for (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))");
1373 var res = ldb.search("(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
1375 if (res.error != 0 || res.msgs.length != 1) {
1376 println("Could not find (expect space collapse, win2k3 fails) (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))");
1378 assert(res.msgs[0].dn == ("cn=ldaptestutf8user2 èùéìòà,cn=users," + base_dn));
1379 assert(res.msgs[0].cn == "ldaptestutf8user2 èùéìòà");
1382 println("Testing that we can't get at the configuration DN from the main search base");
1383 var attrs = new Array("cn");
1384 var res = ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs);
1385 assert(res.error == 0);
1386 if (res.msgs.length != 0) {
1387 println("Got configuration DN " + res.msgs[0].dn + " which should not be able to be seen from main search base");
1389 assert(res.msgs.length == 0);
1391 println("Testing that we can get at the configuration DN from the main search base on the LDAP port with the 'phantom root' search_options control");
1392 var attrs = new Array("cn");
1393 var controls = new Array("search_options:1:2");
1394 var res = ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
1395 assert(res.error == 0);
1396 assert(res.msgs.length > 0);
1398 if (gc_ldb != undefined) {
1399 println("Testing that we can get at the configuration DN from the main search base on the GC port with the search_options control == 0");
1400 var attrs = new Array("cn");
1401 var controls = new Array("search_options:1:0");
1402 var res = gc_ldb.search("objectClass=crossRef", base_dn, gc_ldb.SCOPE_SUBTREE, attrs, controls);
1403 assert(res.error == 0);
1404 assert(res.msgs.length > 0);
1406 println("Testing that we do find configuration elements in the global catlog");
1407 var attrs = new Array("cn");
1408 var res = gc_ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs);
1409 assert(res.error == 0);
1410 assert (res.msgs.length > 0);
1412 println("Testing that we do find configuration elements and user elements at the same time");
1413 var attrs = new Array("cn");
1414 var res = gc_ldb.search("(|(objectClass=crossRef)(objectClass=person))", base_dn, ldb.SCOPE_SUBTREE, attrs);
1415 assert(res.error == 0);
1416 assert (res.msgs.length > 0);
1418 println("Testing that we do find configuration elements in the global catlog, with the configuration basedn");
1419 var attrs = new Array("cn");
1420 var res = gc_ldb.search("objectClass=crossRef", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
1421 assert(res.error == 0);
1422 assert (res.msgs.length > 0);
1425 println("Testing that we can get at the configuration DN on the main LDAP port");
1426 var attrs = new Array("cn");
1427 var res = ldb.search("objectClass=crossRef", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
1428 assert(res.error == 0);
1429 assert (res.msgs.length > 0);
1431 println("Testing objectCategory canonacolisation");
1432 var attrs = new Array("cn");
1433 var res = ldb.search("objectCategory=ntDsDSA", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
1434 assert(res.error == 0);
1435 if (res.msgs.length == 0) {
1436 println("Didn't find any records with objectCategory=ntDsDSA");
1438 assert(res.msgs.length != 0);
1440 var attrs = new Array("cn");
1441 var res = ldb.search("objectCategory=CN=ntDs-DSA," + schema_dn, configuration_dn, ldb.SCOPE_SUBTREE, attrs);
1442 assert(res.error == 0);
1443 if (res.msgs.length == 0) {
1444 println("Didn't find any records with objectCategory=CN=ntDs-DSA," + schema_dn);
1446 assert(res.msgs.length != 0);
1448 println("Testing objectClass attribute order on "+ base_dn);
1449 var attrs = new Array("objectClass");
1450 var res = ldb.search("objectClass=domain", base_dn, ldb.SCOPE_BASE, attrs);
1451 assert(res.error == 0);
1452 assert(res.msgs.length == 1);
1454 assert(res.msgs[0].objectClass[0] == "top");
1455 assert(res.msgs[0].objectClass[1] == "domain");
1456 assert(res.msgs[0].objectClass[2] == "domainDNS");
1458 // check enumeration
1460 var attrs = new Array("cn");
1461 println("Testing ldb.search for objectCategory=person");
1462 var res = ldb.search("objectCategory=person", base_dn, ldb.SCOPE_SUBTREE, attrs);
1463 assert(res.error == 0);
1464 assert(res.msgs.length > 0);
1466 var attrs = new Array("cn");
1467 var controls = new Array("domain_scope:1");
1468 println("Testing ldb.search for objectCategory=person with domain scope control");
1469 var res = ldb.search("objectCategory=person", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
1470 assert(res.error == 0);
1471 assert(res.msgs.length > 0);
1473 var attrs = new Array("cn");
1474 println("Testing ldb.search for objectCategory=user");
1475 var res = ldb.search("objectCategory=user", base_dn, ldb.SCOPE_SUBTREE, attrs);
1476 assert(res.error == 0);
1477 assert(res.msgs.length > 0);
1479 var attrs = new Array("cn");
1480 var controls = new Array("domain_scope:1");
1481 println("Testing ldb.search for objectCategory=user with domain scope control");
1482 var res = ldb.search("objectCategory=user", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
1483 assert(res.error == 0);
1484 assert(res.msgs.length > 0);
1486 var attrs = new Array("cn");
1487 println("Testing ldb.search for objectCategory=group");
1488 var res = ldb.search("objectCategory=group", base_dn, ldb.SCOPE_SUBTREE, attrs);
1489 assert(res.error == 0);
1490 assert(res.msgs.length > 0);
1492 var attrs = new Array("cn");
1493 var controls = new Array("domain_scope:1");
1494 println("Testing ldb.search for objectCategory=group with domain scope control");
1495 var res = ldb.search("objectCategory=group", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
1496 assert(res.error == 0);
1497 assert(res.msgs.length > 0);
1501 function basedn_tests(ldb, gc_ldb)
1503 println("Testing for all rootDSE attributes");
1504 var attrs = new Array();
1505 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1506 assert(res.error == 0);
1507 assert(res.msgs.length == 1);
1509 println("Testing for highestCommittedUSN");
1510 var attrs = new Array("highestCommittedUSN");
1511 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1512 assert(res.error == 0);
1513 assert(res.msgs.length == 1);
1514 assert(res.msgs[0].highestCommittedUSN != undefined);
1515 assert(res.msgs[0].highestCommittedUSN != 0);
1517 println("Testing for netlogon via LDAP");
1518 var attrs = new Array("netlogon");
1519 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1520 assert(res.error == 0);
1521 assert(res.msgs.length == 0);
1523 println("Testing for netlogon and highestCommittedUSN via LDAP");
1524 var attrs = new Array("netlogon", "highestCommittedUSN");
1525 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1526 assert(res.error == 0);
1527 assert(res.msgs.length == 0);
1530 function find_basedn(ldb)
1532 var attrs = new Array("defaultNamingContext");
1533 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1534 assert(res.error == 0);
1535 assert(res.msgs.length == 1);
1536 return res.msgs[0].defaultNamingContext;
1539 function find_configurationdn(ldb)
1541 var attrs = new Array("configurationNamingContext");
1542 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1543 assert(res.error == 0);
1544 assert(res.msgs.length == 1);
1545 return res.msgs[0].configurationNamingContext;
1548 function find_schemadn(ldb)
1550 var attrs = new Array("schemaNamingContext");
1551 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
1552 assert(res.error == 0);
1553 assert(res.msgs.length == 1);
1554 return res.msgs[0].schemaNamingContext;
1557 /* use command line creds if available */
1558 ldb.credentials = options.get_credentials();
1559 gc_ldb.credentials = options.get_credentials();
1561 var ok = ldb.connect("ldap://" + host);
1562 var base_dn = find_basedn(ldb);
1564 var configuration_dn = find_configurationdn(ldb);
1565 var schema_dn = find_schemadn(ldb);
1567 println("baseDN: %s\n", base_dn);
1569 var ok = gc_ldb.connect("ldap://" + host + ":3268");
1574 basic_tests(ldb, gc_ldb, base_dn, configuration_dn, schema_dn)
1576 basedn_tests(ldb, gc_ldb)