2 # -*- coding: utf-8 -*-
3 # This is a port of the original in testprogs/ejs/ldap.js
10 sys.path.append("bin/python")
12 import samba.getopt as options
14 from samba.auth import system_session
15 from ldb import (SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE, LdbError,
16 LDB_ERR_NO_SUCH_OBJECT, LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS,
17 LDB_ERR_ENTRY_ALREADY_EXISTS, LDB_ERR_UNWILLING_TO_PERFORM,
18 LDB_ERR_NOT_ALLOWED_ON_NON_LEAF, LDB_ERR_OTHER, LDB_ERR_INVALID_DN_SYNTAX)
20 from subunit import SubunitTestRunner
21 from samba import param
24 parser = optparse.OptionParser("ldap [options] <host>")
25 sambaopts = options.SambaOptions(parser)
26 parser.add_option_group(sambaopts)
27 parser.add_option_group(options.VersionOptions(parser))
28 # use command line creds if available
29 credopts = options.CredentialsOptions(parser)
30 parser.add_option_group(credopts)
31 opts, args = parser.parse_args()
39 lp = sambaopts.get_loadparm()
40 creds = credopts.get_credentials(lp)
42 class BasicTests(unittest.TestCase):
43 def delete_force(self, ldb, dn):
46 except LdbError, (num, _):
47 self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
49 def find_basedn(self, ldb):
50 res = ldb.search(base="", expression="", scope=SCOPE_BASE,
51 attrs=["defaultNamingContext"])
52 self.assertEquals(len(res), 1)
53 return res[0]["defaultNamingContext"][0]
55 def find_configurationdn(self, ldb):
56 res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["configurationNamingContext"])
57 self.assertEquals(len(res), 1)
58 return res[0]["configurationNamingContext"][0]
60 def find_schemadn(self, ldb):
61 res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["schemaNamingContext"])
62 self.assertEquals(len(res), 1)
63 return res[0]["schemaNamingContext"][0]
68 self.base_dn = self.find_basedn(ldb)
69 self.configuration_dn = self.find_configurationdn(ldb)
70 self.schema_dn = self.find_schemadn(ldb)
72 print "baseDN: %s\n" % self.base_dn
74 self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
75 self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn)
77 def test_group_add_invalid_member(self):
78 """Testing group add with invalid member"""
81 "dn": "cn=ldaptestgroup,cn=uSers," + self.base_dn,
82 "objectclass": "group",
83 "member": "cn=ldaptestuser,cn=useRs," + self.base_dn})
85 except LdbError, (num, _):
86 self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
91 self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
93 print "Testing user add"
95 "dn": "cn=ldaptestuser,cn=uSers," + self.base_dn,
96 "objectclass": ["user", "person"],
102 "dn": "cn=ldaptestgroup,cn=uSers," + self.base_dn,
103 "objectclass": "group",
104 "member": "cn=ldaptestuser,cn=useRs," + self.base_dn})
106 self.delete_force(ldb, "cn=ldaptestcomputer,cn=computers," + self.base_dn)
108 "dn": "cn=ldaptestcomputer,cn=computers," + self.base_dn,
109 "objectclass": "computer",
110 "cN": "LDAPtestCOMPUTER"})
112 self.delete_force(self.ldb, "cn=ldaptest2computer,cn=computers," + self.base_dn)
113 ldb.add({"dn": "cn=ldaptest2computer,cn=computers," + self.base_dn,
114 "objectClass": "computer",
115 "cn": "LDAPtest2COMPUTER",
116 "userAccountControl": "4096",
117 "displayname": "ldap testy"})
119 self.delete_force(self.ldb, "cn=ldaptestcomputer3,cn=computers," + self.base_dn)
121 ldb.add({"dn": "cn=ldaptestcomputer3,cn=computers," + self.base_dn,
122 "objectClass": "computer",
123 "cn": "LDAPtest2COMPUTER"
126 except LdbError, (num, _):
127 self.assertEquals(num, LDB_ERR_INVALID_DN_SYNTAX)
129 self.delete_force(self.ldb, "cn=ldaptestcomputer3,cn=computers," + self.base_dn)
131 ldb.add({"dn": "cn=ldaptestcomputer3,cn=computers," + self.base_dn,
132 "objectClass": "computer",
133 "cn": "ldaptestcomputer3",
134 "sAMAccountType": "805306368"
137 except LdbError, (num, _):
138 self.assertEquals(num, LDB_ERR_UNWILLING_TO_PERFORM)
140 self.delete_force(self.ldb, "cn=ldaptestcomputer3,cn=computers," + self.base_dn)
142 ldb.add({"dn": "cn=ldaptestcomputer3,cn=computers," + self.base_dn,
143 "objectClass": "computer",
144 "cn": "ldaptestcomputer3",
145 "userAccountControl": "0"
148 except LdbError, (num, _):
149 self.assertEquals(num, LDB_ERR_UNWILLING_TO_PERFORM)
151 self.delete_force(self.ldb, "cn=ldaptestuser7,cn=users," + self.base_dn)
153 ldb.add({"dn": "cn=ldaptestuser7,cn=users," + self.base_dn,
154 "objectClass": "user",
155 "cn": "LDAPtestuser7",
156 "userAccountControl": "0"
159 except LdbError, (num, _):
160 self.assertEquals(num, LDB_ERR_UNWILLING_TO_PERFORM)
162 self.delete_force(self.ldb, "cn=ldaptestuser7,cn=users," + self.base_dn)
164 ldb.add({"dn": "cn=ldaptestuser7,cn=users," + self.base_dn,
165 "objectClass": "user",
166 "cn": "LDAPtestuser7",
167 "userAccountControl": "2"
170 self.delete_force(self.ldb, "cn=ldaptestuser7,cn=users," + self.base_dn)
172 self.delete_force(self.ldb, "cn=ldaptestcomputer3,cn=computers," + self.base_dn)
173 ldb.add({"dn": "cn=ldaptestcomputer3,cn=computers," + self.base_dn,
174 "objectClass": "computer",
175 "cn": "LDAPtestCOMPUTER3"
178 print "Testing ldb.search for (&(cn=ldaptestcomputer3)(objectClass=user))";
179 res = ldb.search(self.base_dn, expression="(&(cn=ldaptestcomputer3)(objectClass=user))");
180 self.assertEquals(len(res), 1, "Found only %d for (&(cn=ldaptestcomputer3)(objectClass=user))" % len(res))
182 self.assertEquals(str(res[0].dn), ("CN=ldaptestcomputer3,CN=Computers," + self.base_dn));
183 self.assertEquals(res[0]["cn"][0], "ldaptestcomputer3");
184 self.assertEquals(res[0]["name"][0], "ldaptestcomputer3");
185 self.assertEquals(res[0]["objectClass"][0], "top");
186 self.assertEquals(res[0]["objectClass"][1], "person");
187 self.assertEquals(res[0]["objectClass"][2], "organizationalPerson");
188 self.assertEquals(res[0]["objectClass"][3], "user");
189 self.assertEquals(res[0]["objectClass"][4], "computer");
190 self.assertTrue("objectGUID" in res[0])
191 self.assertTrue("whenCreated" in res[0])
192 self.assertEquals(res[0]["objectCategory"][0], ("CN=Computer,CN=Schema,CN=Configuration," + self.base_dn));
193 self.assertEquals(int(res[0]["primaryGroupID"][0]), 513);
194 self.assertEquals(int(res[0]["sAMAccountType"][0]), 805306368);
195 self.assertEquals(int(res[0]["userAccountControl"][0]), 546);
197 self.delete_force(self.ldb, "cn=ldaptestcomputer3,cn=computers," + self.base_dn)
199 print "Testing attribute or value exists behaviour"
202 dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
204 replace: servicePrincipalName
205 servicePrincipalName: host/ldaptest2computer
206 servicePrincipalName: host/ldaptest2computer
207 servicePrincipalName: cifs/ldaptest2computer
210 except LdbError, (num, msg):
211 self.assertEquals(num, LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS)
214 dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
216 replace: servicePrincipalName
217 servicePrincipalName: host/ldaptest2computer
218 servicePrincipalName: cifs/ldaptest2computer
222 dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
224 add: servicePrincipalName
225 servicePrincipalName: host/ldaptest2computer
228 except LdbError, (num, msg):
229 self.assertEquals(num, LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS)
231 print "Testing ranged results"
233 dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
235 replace: servicePrincipalName
239 dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
241 add: servicePrincipalName
242 servicePrincipalName: host/ldaptest2computer0
243 servicePrincipalName: host/ldaptest2computer1
244 servicePrincipalName: host/ldaptest2computer2
245 servicePrincipalName: host/ldaptest2computer3
246 servicePrincipalName: host/ldaptest2computer4
247 servicePrincipalName: host/ldaptest2computer5
248 servicePrincipalName: host/ldaptest2computer6
249 servicePrincipalName: host/ldaptest2computer7
250 servicePrincipalName: host/ldaptest2computer8
251 servicePrincipalName: host/ldaptest2computer9
252 servicePrincipalName: host/ldaptest2computer10
253 servicePrincipalName: host/ldaptest2computer11
254 servicePrincipalName: host/ldaptest2computer12
255 servicePrincipalName: host/ldaptest2computer13
256 servicePrincipalName: host/ldaptest2computer14
257 servicePrincipalName: host/ldaptest2computer15
258 servicePrincipalName: host/ldaptest2computer16
259 servicePrincipalName: host/ldaptest2computer17
260 servicePrincipalName: host/ldaptest2computer18
261 servicePrincipalName: host/ldaptest2computer19
262 servicePrincipalName: host/ldaptest2computer20
263 servicePrincipalName: host/ldaptest2computer21
264 servicePrincipalName: host/ldaptest2computer22
265 servicePrincipalName: host/ldaptest2computer23
266 servicePrincipalName: host/ldaptest2computer24
267 servicePrincipalName: host/ldaptest2computer25
268 servicePrincipalName: host/ldaptest2computer26
269 servicePrincipalName: host/ldaptest2computer27
270 servicePrincipalName: host/ldaptest2computer28
271 servicePrincipalName: host/ldaptest2computer29
274 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE,
275 attrs=["servicePrincipalName;range=0-*"])
276 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
277 #print len(res[0]["servicePrincipalName;range=0-*"])
278 self.assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30)
280 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-19"])
281 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
282 # print res[0]["servicePrincipalName;range=0-19"].length
283 self.assertEquals(len(res[0]["servicePrincipalName;range=0-19"]), 20)
286 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-30"])
287 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
288 self.assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30)
290 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-40"])
291 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
292 self.assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30)
294 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=30-40"])
295 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
296 self.assertEquals(len(res[0]["servicePrincipalName;range=30-*"]), 0)
299 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=10-40"])
300 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
301 self.assertEquals(len(res[0]["servicePrincipalName;range=10-*"]), 20)
302 # pos_11 = res[0]["servicePrincipalName;range=10-*"][18]
304 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=11-40"])
305 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
306 self.assertEquals(len(res[0]["servicePrincipalName;range=11-*"]), 19)
307 # print res[0]["servicePrincipalName;range=11-*"][18]
309 # self.assertEquals((res[0]["servicePrincipalName;range=11-*"][18]), pos_11)
311 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=11-15"])
312 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
313 self.assertEquals(len(res[0]["servicePrincipalName;range=11-15"]), 5)
314 # self.assertEquals(res[0]["servicePrincipalName;range=11-15"][4], pos_11)
316 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName"])
317 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
318 # print res[0]["servicePrincipalName"][18]
320 self.assertEquals(len(res[0]["servicePrincipalName"]), 30)
321 # self.assertEquals(res[0]["servicePrincipalName"][18], pos_11)
323 self.delete_force(self.ldb, "cn=ldaptestuser2,cn=users," + self.base_dn)
325 "dn": "cn=ldaptestuser2,cn=useRs," + self.base_dn,
326 "objectClass": ["person", "user"],
327 "cn": "LDAPtestUSER2",
328 "givenname": "testy",
331 print "Testing Ambigious Name Resolution"
332 # Testing ldb.search for (&(anr=ldap testy)(objectClass=user))
333 res = ldb.search(expression="(&(anr=ldap testy)(objectClass=user))")
334 self.assertEquals(len(res), 3, "Found only %d of 3 for (&(anr=ldap testy)(objectClass=user))" % len(res))
336 # Testing ldb.search for (&(anr=testy ldap)(objectClass=user))
337 res = ldb.search(expression="(&(anr=testy ldap)(objectClass=user))")
338 self.assertEquals(len(res), 2, "Found only %d of 2 for (&(anr=testy ldap)(objectClass=user))" % len(res))
340 # Testing ldb.search for (&(anr=ldap)(objectClass=user))
341 res = ldb.search(expression="(&(anr=ldap)(objectClass=user))")
342 self.assertEquals(len(res), 4, "Found only %d of 4 for (&(anr=ldap)(objectClass=user))" % len(res))
344 # Testing ldb.search for (&(anr==ldap)(objectClass=user))
345 res = ldb.search(expression="(&(anr==ldap)(objectClass=user))")
346 self.assertEquals(len(res), 1, "Could not find (&(anr==ldap)(objectClass=user)). Found only %d for (&(anr=ldap)(objectClass=user))" % len(res))
348 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
349 self.assertEquals(res[0]["cn"][0], "ldaptestuser")
350 self.assertEquals(res[0]["name"], "ldaptestuser")
352 # Testing ldb.search for (&(anr=testy)(objectClass=user))
353 res = ldb.search(expression="(&(anr=testy)(objectClass=user))")
354 self.assertEquals(len(res), 2, "Found only %d for (&(anr=testy)(objectClass=user))" % len(res))
356 # Testing ldb.search for (&(anr=testy ldap)(objectClass=user))
357 res = ldb.search(expression="(&(anr=testy ldap)(objectClass=user))")
358 self.assertEquals(len(res), 2, "Found only %d for (&(anr=testy ldap)(objectClass=user))" % len(res))
360 # Testing ldb.search for (&(anr==testy ldap)(objectClass=user))
361 # this test disabled for the moment, as anr with == tests are not understood
362 # res = ldb.search(expression="(&(anr==testy ldap)(objectClass=user))")
363 # self.assertEquals(len(res), 1, "Found only %d for (&(anr==testy ldap)(objectClass=user))" % len(res))
365 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
366 self.assertEquals(res[0]["cn"][0], "ldaptestuser")
367 self.assertEquals(res[0]["name"][0], "ldaptestuser")
369 # Testing ldb.search for (&(anr==testy ldap)(objectClass=user))
370 # res = ldb.search(expression="(&(anr==testy ldap)(objectClass=user))")
371 # self.assertEquals(len(res), 1, "Could not find (&(anr==testy ldap)(objectClass=user))")
373 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
374 self.assertEquals(res[0]["cn"][0], "ldaptestuser")
375 self.assertEquals(res[0]["name"][0], "ldaptestuser")
377 # Testing ldb.search for (&(anr=testy ldap user)(objectClass=user))
378 res = ldb.search(expression="(&(anr=testy ldap user)(objectClass=user))")
379 self.assertEquals(len(res), 1, "Could not find (&(anr=testy ldap user)(objectClass=user))")
381 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + self.base_dn))
382 self.assertEquals(res[0]["cn"], "ldaptestuser2")
383 self.assertEquals(res[0]["name"], "ldaptestuser2")
385 # Testing ldb.search for (&(anr==testy ldap user2)(objectClass=user))
386 # res = ldb.search(expression="(&(anr==testy ldap user2)(objectClass=user))")
387 # self.assertEquals(len(res), 1, "Could not find (&(anr==testy ldap user2)(objectClass=user))")
389 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + self.base_dn))
390 self.assertEquals(res[0]["cn"], "ldaptestuser2")
391 self.assertEquals(res[0]["name"], "ldaptestuser2")
393 # Testing ldb.search for (&(anr==ldap user2)(objectClass=user))
394 # res = ldb.search(expression="(&(anr==ldap user2)(objectClass=user))")
395 # self.assertEquals(len(res), 1, "Could not find (&(anr==ldap user2)(objectClass=user))")
397 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + self.base_dn))
398 self.assertEquals(res[0]["cn"], "ldaptestuser2")
399 self.assertEquals(res[0]["name"], "ldaptestuser2")
401 # Testing ldb.search for (&(anr==not ldap user2)(objectClass=user))
402 # res = ldb.search(expression="(&(anr==not ldap user2)(objectClass=user))")
403 # self.assertEquals(len(res), 0, "Must not find (&(anr==not ldap user2)(objectClass=user))")
405 # Testing ldb.search for (&(anr=not ldap user2)(objectClass=user))
406 res = ldb.search(expression="(&(anr=not ldap user2)(objectClass=user))")
407 self.assertEquals(len(res), 0, "Must not find (&(anr=not ldap user2)(objectClass=user))")
409 # Testing ldb.search for (&(anr="testy ldap")(objectClass=user)) (ie, with quotes)
410 # res = ldb.search(expression="(&(anr==\"testy ldap\")(objectClass=user))")
411 # self.assertEquals(len(res), 0, "Found (&(anr==\"testy ldap\")(objectClass=user))")
413 print "Testing Group Modifies"
415 dn: cn=ldaptestgroup,cn=users,""" + self.base_dn + """
418 member: cn=ldaptestuser2,cn=users,""" + self.base_dn + """
419 member: cn=ldaptestcomputer,cn=computers,""" + self.base_dn + """
422 self.delete_force(ldb, "cn=ldaptestuser3,cn=users," + self.base_dn)
424 print "Testing adding non-existent user to a group"
427 dn: cn=ldaptestgroup,cn=users,""" + self.base_dn + """
430 member: cn=ldaptestuser3,cn=users,""" + self.base_dn + """
433 except LdbError, (num, _):
434 self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
436 print "Testing Renames"
438 ldb.rename("cn=ldaptestuser2,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=users," + self.base_dn)
440 ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=users," + self.base_dn)
442 ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestUSER3,cn=users," + self.base_dn)
444 print "Testing ldb.search for (&(cn=ldaptestuser3)(objectClass=user))"
445 res = ldb.search(expression="(&(cn=ldaptestuser3)(objectClass=user))")
446 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser3)(objectClass=user))")
448 self.assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
449 self.assertEquals(res[0]["cn"], "ldaptestUSER3")
450 self.assertEquals(res[0]["name"], "ldaptestUSER3")
452 #"Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=*))(objectClass=user))"
453 res = ldb.search(expression="(&(&(cn=ldaptestuser3)(userAccountControl=*))(objectClass=user))")
454 self.assertEquals(len(res), 1, "(&(&(cn=ldaptestuser3)(userAccountControl=*))(objectClass=user))")
456 self.assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
457 self.assertEquals(res[0]["cn"], "ldaptestUSER3")
458 self.assertEquals(res[0]["name"], "ldaptestUSER3")
460 #"Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))"
461 res = ldb.search(expression="(&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))")
462 self.assertEquals(len(res), 1, "(&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))")
464 self.assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
465 self.assertEquals(res[0]["cn"], "ldaptestUSER3")
466 self.assertEquals(res[0]["name"], "ldaptestUSER3")
468 #"Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))"
469 res = ldb.search(expression="(&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))")
470 self.assertEquals(len(res), 0, "(&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))")
472 # This is a Samba special, and does not exist in real AD
473 # print "Testing ldb.search for (dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")"
474 # res = ldb.search("(dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")")
475 # if (res.error != 0 || len(res) != 1) {
476 # print "Could not find (dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")"
477 # self.assertEquals(len(res), 1)
479 # self.assertEquals(res[0].dn, ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
480 # self.assertEquals(res[0].cn, "ldaptestUSER3")
481 # self.assertEquals(res[0].name, "ldaptestUSER3")
483 print "Testing ldb.search for (distinguishedName=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")"
484 res = ldb.search(expression="(distinguishedName=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")")
485 self.assertEquals(len(res), 1, "Could not find (dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")")
486 self.assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
487 self.assertEquals(res[0]["cn"], "ldaptestUSER3")
488 self.assertEquals(res[0]["name"], "ldaptestUSER3")
490 # ensure we cannot add it again
492 ldb.add({"dn": "cn=ldaptestuser3,cn=userS," + self.base_dn,
493 "objectClass": ["person", "user"],
494 "cn": "LDAPtestUSER3"})
496 except LdbError, (num, _):
497 self.assertEquals(num, LDB_ERR_ENTRY_ALREADY_EXISTS)
500 ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser2,cn=users," + self.base_dn)
502 # ensure we cannnot rename it twice
504 ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn,
505 "cn=ldaptestuser2,cn=users," + self.base_dn)
507 except LdbError, (num, _):
508 self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
510 # ensure can now use that name
511 ldb.add({"dn": "cn=ldaptestuser3,cn=users," + self.base_dn,
512 "objectClass": ["person", "user"],
513 "cn": "LDAPtestUSER3"})
515 # ensure we now cannnot rename
517 ldb.rename("cn=ldaptestuser2,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=users," + self.base_dn)
519 except LdbError, (num, _):
520 self.assertEquals(num, LDB_ERR_ENTRY_ALREADY_EXISTS)
522 ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=configuration," + self.base_dn)
524 except LdbError, (num, _):
525 self.assertTrue(num in (71, 64))
527 ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser5,cn=users," + self.base_dn)
529 ldb.delete("cn=ldaptestuser5,cn=users," + self.base_dn)
531 self.delete_force(ldb, "cn=ldaptestgroup2,cn=users," + self.base_dn)
533 ldb.rename("cn=ldaptestgroup,cn=users," + self.base_dn, "cn=ldaptestgroup2,cn=users," + self.base_dn)
535 print "Testing subtree Renames"
537 ldb.add({"dn": "cn=ldaptestcontainer," + self.base_dn,
538 "objectClass": "container"})
540 self.delete_force(self.ldb, "cn=ldaptestuser4,cn=ldaptestcontainer," + self.base_dn)
541 ldb.add({"dn": "CN=ldaptestuser4,CN=ldaptestcontainer," + self.base_dn,
542 "objectClass": ["person", "user"],
543 "cn": "LDAPtestUSER4"})
546 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
549 member: cn=ldaptestuser4,cn=ldaptestcontainer,""" + self.base_dn + """
552 print "Testing ldb.rename of cn=ldaptestcontainer," + self.base_dn + " to cn=ldaptestcontainer2," + self.base_dn
553 ldb.rename("CN=ldaptestcontainer," + self.base_dn, "CN=ldaptestcontainer2," + self.base_dn)
555 print "Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user))"
556 res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))")
557 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser4)(objectClass=user))")
559 print "Testing subtree ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + self.base_dn
561 ldb.search("cn=ldaptestcontainer," + self.base_dn,
562 expression="(&(cn=ldaptestuser4)(objectClass=user))",
565 except LdbError, (num, _):
566 self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
568 print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + self.base_dn
570 res = ldb.search("cn=ldaptestcontainer," + self.base_dn,
571 expression="(&(cn=ldaptestuser4)(objectClass=user))", scope=SCOPE_ONELEVEL)
573 except LdbError, (num, _):
574 self.assertEquals(num, LDB_ERR_NO_SUCH_OBJECT)
576 print "Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in renamed container"
577 res = ldb.search("cn=ldaptestcontainer2," + self.base_dn, expression="(&(cn=ldaptestuser4)(objectClass=user))", scope=SCOPE_SUBTREE)
578 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser4)(objectClass=user)) under cn=ldaptestcontainer2," + self.base_dn)
580 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn))
581 self.assertEquals(res[0]["memberOf"][0].upper(), ("CN=ldaptestgroup2,CN=Users," + self.base_dn).upper())
585 print "Testing ldb.search for (&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn + ")(objectclass=group)) to check subtree renames and linked attributes"
586 res = ldb.search(self.base_dn, expression="(&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn + ")(objectclass=group))", scope=SCOPE_SUBTREE)
587 self.assertEquals(len(res), 1, "Could not find (&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn + ")(objectclass=group)), perhaps linked attributes are not conistant with subtree renames?")
589 print "Testing ldb.rename (into itself) of cn=ldaptestcontainer2," + self.base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer2," + self.base_dn
591 ldb.rename("cn=ldaptestcontainer2," + self.base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer2," + self.base_dn)
593 except LdbError, (num, _):
594 self.assertEquals(num, LDB_ERR_UNWILLING_TO_PERFORM)
596 print "Testing ldb.rename (into non-existent container) of cn=ldaptestcontainer2," + self.base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer3," + self.base_dn
598 ldb.rename("cn=ldaptestcontainer2," + self.base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer3," + self.base_dn)
600 except LdbError, (num, _):
601 self.assertTrue(num in (LDB_ERR_UNWILLING_TO_PERFORM, LDB_ERR_OTHER))
603 print "Testing delete (should fail, not a leaf node) of renamed cn=ldaptestcontainer2," + self.base_dn
605 ldb.delete("cn=ldaptestcontainer2," + self.base_dn)
607 except LdbError, (num, _):
608 self.assertEquals(num, LDB_ERR_NOT_ALLOWED_ON_NON_LEAF)
610 print "Testing base ldb.search for CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn
611 res = ldb.search(expression="(objectclass=*)", base=("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn), scope=SCOPE_BASE)
612 self.assertEquals(len(res), 1)
613 res = ldb.search(expression="(cn=ldaptestuser40)", base=("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn), scope=SCOPE_BASE)
614 self.assertEquals(len(res), 0)
616 print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + self.base_dn
617 res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))", base=("cn=ldaptestcontainer2," + self.base_dn), scope=SCOPE_ONELEVEL)
618 # FIXME: self.assertEquals(len(res), 0)
620 print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + self.base_dn
621 res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))", base=("cn=ldaptestcontainer2," + self.base_dn), scope=SCOPE_SUBTREE)
622 # FIXME: self.assertEquals(len(res), 0)
624 print "Testing delete of subtree renamed "+("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn)
625 ldb.delete(("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn))
626 print "Testing delete of renamed cn=ldaptestcontainer2," + self.base_dn
627 ldb.delete("cn=ldaptestcontainer2," + self.base_dn)
629 self.delete_force(self.ldb, "cn=ldaptestutf8user èùéìòà ,cn=users," + self.base_dn)
630 ldb.add({"dn": "cn=ldaptestutf8user èùéìòà ,cn=users," + self.base_dn, "objectClass": "user"})
632 self.delete_force(self.ldb, "cn=ldaptestutf8user2 èùéìòà ,cn=users," + self.base_dn)
633 ldb.add({"dn": "cn=ldaptestutf8user2 èùéìòà ,cn=users," + self.base_dn, "objectClass": "user"})
635 print "Testing ldb.search for (&(cn=ldaptestuser)(objectClass=user))"
636 res = ldb.search(expression="(&(cn=ldaptestuser)(objectClass=user))")
637 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser)(objectClass=user))")
639 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
640 self.assertEquals(res[0]["cn"], "ldaptestuser")
641 self.assertEquals(res[0]["name"], "ldaptestuser")
642 self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"])
643 self.assertTrue("objectGUID" in res[0])
644 self.assertTrue("whenCreated" in res[0])
645 self.assertEquals(res[0]["objectCategory"], ("CN=Person,CN=Schema,CN=Configuration," + self.base_dn))
646 self.assertEquals(int(res[0]["sAMAccountType"][0]), 805306368)
647 self.assertEquals(int(res[0]["userAccountControl"][0]), 546)
648 self.assertEquals(res[0]["memberOf"][0].upper(), ("CN=ldaptestgroup2,CN=Users," + self.base_dn).upper())
649 self.assertEquals(len(res[0]["memberOf"]), 1)
651 print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + self.base_dn + "))"
652 res2 = ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + self.base_dn + "))")
653 self.assertEquals(len(res2), 1, "Could not find (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + self.base_dn + "))")
655 self.assertEquals(res[0].dn, res2[0].dn)
657 print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon))"
658 res3 = ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=PerSon))")
659 self.assertEquals(len(res3), 1, "Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)): matched %d" % len(res3))
661 self.assertEquals(res[0].dn, res3[0].dn)
663 if gc_ldb is not None:
664 print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog"
665 res3gc = gc_ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=PerSon))")
666 self.assertEquals(len(res3gc), 1)
668 self.assertEquals(res[0].dn, res3gc[0].dn)
670 print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in with 'phantom root' control"
672 res3control = gc_ldb.search(self.base_dn, expression="(&(cn=ldaptestuser)(objectCategory=PerSon))", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:2"])
673 self.assertEquals(len(res3control), 1, "Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog")
675 self.assertEquals(res[0].dn, res3control[0].dn)
677 ldb.delete(res[0].dn)
679 print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectClass=user))"
680 res = ldb.search(expression="(&(cn=ldaptestcomputer)(objectClass=user))")
681 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser)(objectClass=user))")
683 self.assertEquals(str(res[0].dn), ("CN=ldaptestcomputer,CN=Computers," + self.base_dn))
684 self.assertEquals(res[0]["cn"], "ldaptestcomputer")
685 self.assertEquals(res[0]["name"], "ldaptestcomputer")
686 self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user", "computer"])
687 self.assertTrue("objectGUID" in res[0])
688 self.assertTrue("whenCreated" in res[0])
689 self.assertEquals(res[0]["objectCategory"], ("CN=Computer,CN=Schema,CN=Configuration," + self.base_dn))
690 self.assertEquals(int(res[0]["primaryGroupID"][0]), 513)
691 self.assertEquals(int(res[0]["sAMAccountType"][0]), 805306368)
692 self.assertEquals(int(res[0]["userAccountControl"][0]), 546)
693 self.assertEquals(res[0]["memberOf"][0].upper(), ("CN=ldaptestgroup2,CN=Users," + self.base_dn).upper())
694 self.assertEquals(len(res[0]["memberOf"]), 1)
696 print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))"
697 res2 = ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))")
698 self.assertEquals(len(res2), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))")
700 self.assertEquals(res[0].dn, res2[0].dn)
702 if gc_ldb is not None:
703 print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + ")) in Global Catlog"
704 res2gc = gc_ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))")
705 self.assertEquals(len(res2gc), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + ")) in Global Catlog")
707 self.assertEquals(res[0].dn, res2gc[0].dn)
709 print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER))"
710 res3 = ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=compuTER))")
711 self.assertEquals(len(res3), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER))")
713 self.assertEquals(res[0].dn, res3[0].dn)
715 if gc_ldb is not None:
716 print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog"
717 res3gc = gc_ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=compuTER))")
718 self.assertEquals(len(res3gc), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog")
720 self.assertEquals(res[0].dn, res3gc[0].dn)
722 print "Testing ldb.search for (&(cn=ldaptestcomp*r)(objectCategory=compuTER))"
723 res4 = ldb.search(expression="(&(cn=ldaptestcomp*r)(objectCategory=compuTER))")
724 self.assertEquals(len(res4), 1, "Could not find (&(cn=ldaptestcomp*r)(objectCategory=compuTER))")
726 self.assertEquals(res[0].dn, res4[0].dn)
728 print "Testing ldb.search for (&(cn=ldaptestcomput*)(objectCategory=compuTER))"
729 res5 = ldb.search(expression="(&(cn=ldaptestcomput*)(objectCategory=compuTER))")
730 self.assertEquals(len(res5), 1, "Could not find (&(cn=ldaptestcomput*)(objectCategory=compuTER))")
732 self.assertEquals(res[0].dn, res5[0].dn)
734 print "Testing ldb.search for (&(cn=*daptestcomputer)(objectCategory=compuTER))"
735 res6 = ldb.search(expression="(&(cn=*daptestcomputer)(objectCategory=compuTER))")
736 self.assertEquals(len(res6), 1, "Could not find (&(cn=*daptestcomputer)(objectCategory=compuTER))")
738 self.assertEquals(res[0].dn, res6[0].dn)
740 ldb.delete(res[0].dn)
742 print "Testing ldb.search for (&(cn=ldaptest2computer)(objectClass=user))"
743 res = ldb.search(expression="(&(cn=ldaptest2computer)(objectClass=user))")
744 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptest2computer)(objectClass=user))")
746 self.assertEquals(res[0].dn, ("CN=ldaptest2computer,CN=Computers," + self.base_dn))
747 self.assertEquals(res[0]["cn"], "ldaptest2computer")
748 self.assertEquals(res[0]["name"], "ldaptest2computer")
749 self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user", "computer"])
750 self.assertTrue("objectGUID" in res[0])
751 self.assertTrue("whenCreated" in res[0])
752 self.assertEquals(res[0]["objectCategory"][0], "CN=Computer,CN=Schema,CN=Configuration," + self.base_dn)
753 self.assertEquals(int(res[0]["sAMAccountType"][0]), 805306369)
754 self.assertEquals(int(res[0]["userAccountControl"][0]), 4096)
756 ldb.delete(res[0].dn)
758 attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "memberOf"]
759 print "Testing ldb.search for (&(cn=ldaptestUSer2)(objectClass=user))"
760 res = ldb.search(self.base_dn, expression="(&(cn=ldaptestUSer2)(objectClass=user))", scope=SCOPE_SUBTREE, attrs=attrs)
761 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestUSer2)(objectClass=user))")
763 self.assertEquals(res[0].dn, ("CN=ldaptestuser2,CN=Users," + self.base_dn))
764 self.assertEquals(res[0]["cn"], "ldaptestuser2")
765 self.assertEquals(res[0]["name"], "ldaptestuser2")
766 self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"])
767 self.assertTrue("objectGUID" in res[0])
768 self.assertTrue("whenCreated" in res[0])
769 self.assertTrue("nTSecurityDescriptor" in res[0])
770 self.assertEquals(res[0]["memberOf"][0].upper(), ("CN=ldaptestgroup2,CN=Users," + self.base_dn).upper())
772 attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member"]
773 print "Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group))"
774 res = ldb.search(self.base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs)
775 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group))")
777 self.assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + self.base_dn))
778 self.assertEquals(res[0]["cn"], "ldaptestgroup2")
779 self.assertEquals(res[0]["name"], "ldaptestgroup2")
780 self.assertEquals(res[0]["objectClass"], ["top", "group"])
781 self.assertTrue("objectGuid" not in res[0])
782 self.assertTrue("whenCreated" in res[0])
783 self.assertTrue("nTSecurityDescriptor" in res[0])
784 self.assertEquals(res[0]["member"][0].upper(), ("CN=ldaptestuser2,CN=Users," + self.base_dn).upper())
787 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
790 member: CN=ldaptestuser2,CN=Users,""" + self.base_dn + """
791 member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
794 print "Testing Linked attribute behaviours"
796 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
802 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
805 member: CN=ldaptestuser2,CN=Users,""" + self.base_dn + """
806 member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
810 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
816 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
819 member: CN=ldaptestuser2,CN=Users,""" + self.base_dn + """
820 member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
824 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
827 member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
830 res = ldb.search(self.base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs)
831 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group))")
833 self.assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + self.base_dn))
834 self.assertEquals(res[0]["member"][0], ("CN=ldaptestuser2,CN=Users," + self.base_dn))
835 self.assertEquals(len(res[0]["member"]), 1)
837 ldb.delete(("CN=ldaptestuser2,CN=Users," + self.base_dn))
841 attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member"]
842 print "Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete"
843 res = ldb.search(self.base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs)
844 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete")
846 self.assertEquals(res[0].dn, ("CN=ldaptestgroup2,CN=Users," + self.base_dn))
847 self.assertTrue("member" not in res[0])
849 print "Testing ldb.search for (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))"
850 res = ldb.search(expression="(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))")
851 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))")
853 self.assertEquals(res[0].dn, ("CN=ldaptestutf8user èùéìòà,CN=Users," + self.base_dn))
854 self.assertEquals(res[0]["cn"], "ldaptestutf8user èùéìòà")
855 self.assertEquals(res[0]["name"], "ldaptestutf8user èùéìòà")
856 self.assertEquals(res[0]["objectClass"], ["top", "person", "organizationalPerson", "user"])
857 self.assertTrue("objectGUID" in res[0])
858 self.assertTrue("whenCreated" in res[0])
860 ldb.delete(res[0].dn)
862 print "Testing ldb.search for (&(cn=ldaptestutf8user2*)(objectClass=user))"
863 res = ldb.search(expression="(&(cn=ldaptestutf8user2*)(objectClass=user))")
864 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestutf8user2*)(objectClass=user))")
866 ldb.delete(res[0].dn)
868 ldb.delete(("CN=ldaptestgroup2,CN=Users," + self.base_dn))
870 print "Testing ldb.search for (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))"
871 res = ldb.search(expression="(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))")
873 #FIXME: self.assert len(res) == 1, "Could not find (expect space collapse, win2k3 fails) (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))"
875 print "Testing that we can't get at the configuration DN from the main search base"
876 res = ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
877 self.assertEquals(len(res), 0)
879 print "Testing that we can get at the configuration DN from the main search base on the LDAP port with the 'phantom root' search_options control"
880 res = ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:2"])
881 self.assertTrue(len(res) > 0)
883 if gc_ldb is not None:
884 print "Testing that we can get at the configuration DN from the main search base on the GC port with the search_options control == 0"
886 res = gc_ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:0"])
887 self.assertTrue(len(res) > 0)
889 print "Testing that we do find configuration elements in the global catlog"
890 res = gc_ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
891 self.assertTrue(len(res) > 0)
893 print "Testing that we do find configuration elements and user elements at the same time"
894 res = gc_ldb.search(self.base_dn, expression="(|(objectClass=crossRef)(objectClass=person))", scope=SCOPE_SUBTREE, attrs=["cn"])
895 self.assertTrue(len(res) > 0)
897 print "Testing that we do find configuration elements in the global catlog, with the configuration basedn"
898 res = gc_ldb.search(self.configuration_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
899 self.assertTrue(len(res) > 0)
901 print "Testing that we can get at the configuration DN on the main LDAP port"
902 res = ldb.search(self.configuration_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
903 self.assertTrue(len(res) > 0)
905 print "Testing objectCategory canonacolisation"
906 res = ldb.search(self.configuration_dn, expression="objectCategory=ntDsDSA", scope=SCOPE_SUBTREE, attrs=["cn"])
907 self.assertTrue(len(res) > 0, "Didn't find any records with objectCategory=ntDsDSA")
908 self.assertTrue(len(res) != 0)
910 res = ldb.search(self.configuration_dn, expression="objectCategory=CN=ntDs-DSA," + self.schema_dn, scope=SCOPE_SUBTREE, attrs=["cn"])
911 self.assertTrue(len(res) > 0, "Didn't find any records with objectCategory=CN=ntDs-DSA," + self.schema_dn)
912 self.assertTrue(len(res) != 0)
914 print "Testing objectClass attribute order on "+ self.base_dn
915 res = ldb.search(expression="objectClass=domain", base=self.base_dn,
916 scope=SCOPE_BASE, attrs=["objectClass"])
917 self.assertEquals(len(res), 1)
919 self.assertEquals(res[0]["objectClass"], ["top", "domain", "domainDNS"])
923 print "Testing ldb.search for objectCategory=person"
924 res = ldb.search(self.base_dn, expression="objectCategory=person", scope=SCOPE_SUBTREE, attrs=["cn"])
925 self.assertTrue(len(res) > 0)
927 print "Testing ldb.search for objectCategory=person with domain scope control"
928 res = ldb.search(self.base_dn, expression="objectCategory=person", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"])
929 self.assertTrue(len(res) > 0)
931 print "Testing ldb.search for objectCategory=user"
932 res = ldb.search(self.base_dn, expression="objectCategory=user", scope=SCOPE_SUBTREE, attrs=["cn"])
933 self.assertTrue(len(res) > 0)
935 print "Testing ldb.search for objectCategory=user with domain scope control"
936 res = ldb.search(self.base_dn, expression="objectCategory=user", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"])
937 self.assertTrue(len(res) > 0)
939 print "Testing ldb.search for objectCategory=group"
940 res = ldb.search(self.base_dn, expression="objectCategory=group", scope=SCOPE_SUBTREE, attrs=["cn"])
941 self.assertTrue(len(res) > 0)
943 print "Testing ldb.search for objectCategory=group with domain scope control"
944 res = ldb.search(self.base_dn, expression="objectCategory=group", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"])
945 self.assertTrue(len(res) > 0)
948 class BaseDnTests(unittest.TestCase):
952 def test_rootdse_attrs(self):
953 """Testing for all rootDSE attributes"""
954 res = self.ldb.search(scope=SCOPE_BASE, attrs=[])
955 self.assertEquals(len(res), 1)
957 def test_highestcommittedusn(self):
958 """Testing for highestCommittedUSN"""
959 res = self.ldb.search("", scope=SCOPE_BASE, attrs=["highestCommittedUSN"])
960 self.assertEquals(len(res), 1)
961 self.assertTrue(int(res[0]["highestCommittedUSN"][0]) != 0)
963 def test_netlogon(self):
964 """Testing for netlogon via LDAP"""
965 res = self.ldb.search("", scope=SCOPE_BASE, attrs=["netlogon"])
966 self.assertEquals(len(res), 0)
968 def test_netlogon_highestcommitted_usn(self):
969 """Testing for netlogon and highestCommittedUSN via LDAP"""
970 res = self.ldb.search("", scope=SCOPE_BASE,
971 attrs=["netlogon", "highestCommittedUSN"])
972 self.assertEquals(len(res), 0)
974 class SchemaTests(unittest.TestCase):
975 def find_schemadn(self, ldb):
976 res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["schemaNamingContext"])
977 self.assertEquals(len(res), 1)
978 return res[0]["schemaNamingContext"][0]
982 self.schema_dn = self.find_schemadn(ldb)
984 def test_generated_schema(self):
985 """Testing we can read the generated schema via LDAP"""
986 res = self.ldb.search("cn=aggregate,"+self.schema_dn, scope=SCOPE_BASE,
987 attrs=["objectClasses", "attributeTypes", "dITContentRules"])
988 self.assertEquals(len(res), 1)
989 self.assertTrue("dITContentRules" in res[0])
990 self.assertTrue("objectClasses" in res[0])
991 self.assertTrue("attributeTypes" in res[0])
993 def test_generated_schema_is_operational(self):
994 """Testing we don't get the generated schema via LDAP by default"""
995 res = self.ldb.search("cn=aggregate,"+self.schema_dn, scope=SCOPE_BASE,
997 self.assertEquals(len(res), 1)
998 self.assertFalse("dITContentRules" in res[0])
999 self.assertFalse("objectClasses" in res[0])
1000 self.assertFalse("attributeTypes" in res[0])
1002 if not "://" in host:
1003 host = "ldap://%s" % host
1005 ldb = Ldb(host, credentials=creds, session_info=system_session(), lp=lp)
1006 gc_ldb = Ldb("%s:3268" % host, credentials=creds,
1007 session_info=system_session(), lp=lp)
1009 runner = SubunitTestRunner()
1011 if not runner.run(unittest.makeSuite(BaseDnTests)).wasSuccessful():
1013 if not runner.run(unittest.makeSuite(BasicTests)).wasSuccessful():
1015 if not runner.run(unittest.makeSuite(SchemaTests)).wasSuccessful():