2007-01-25 15:39:13 +03:00
#!/bin/sh
2007-07-12 10:15:47 +04:00
if [ $# -lt 2 ] ; then
cat <<EOF
Usage: test_ldb.sh PROTOCOL SERVER [ OPTIONS]
EOF
exit 1;
fi
2007-01-25 15:39:13 +03:00
p = $1
2007-03-05 16:51:05 +03:00
SERVER = $2
2007-07-12 10:15:47 +04:00
PREFIX = $3
2007-03-05 16:51:05 +03:00
shift 2
2007-01-25 15:39:13 +03:00
options = " $* "
2008-04-16 16:52:29 +04:00
. ` dirname $0 ` /subunit.sh
2007-01-25 15:39:13 +03:00
check( ) {
name = " $1 "
shift
cmdline = " $* "
echo " test: $name "
$cmdline
status = $?
if [ x$status = x0 ] ; then
echo " success: $name "
else
echo " failure: $name "
failed = ` expr $failed + 1`
fi
return $status
}
2011-04-15 06:41:22 +04:00
export PATH = " $BINDIR : $PATH "
2009-02-03 18:23:13 +03:00
2012-01-26 02:42:27 +04:00
ldbsearch = " $VALGRIND ldbsearch "
2009-02-03 18:23:13 +03:00
check "RootDSE" $ldbsearch $CONFIGURATION $options --basedn= '' -H $p ://$SERVER -s base DUMMY = x dnsHostName highestCommittedUSN || failed = ` expr $failed + 1`
2014-11-21 16:11:54 +03:00
check "RootDSE (full)" $ldbsearch $CONFIGURATION $options --basedn= '' -H $p ://$SERVER -s base '(objectClass=*)' || failed = ` expr $failed + 1`
check "RootDSE (extended)" $ldbsearch $CONFIGURATION $options --basedn= '' -H $p ://$SERVER -s base '(objectClass=*)' --extended-dn || failed = ` expr $failed + 1`
2015-07-20 02:46:36 +03:00
if [ x$p = x"ldaps" ] ; then
testit_expect_failure "RootDSE over SSLv3 should fail" $ldbsearch $CONFIGURATION $options --basedn= '' -H $p ://$SERVER -s base DUMMY = x dnsHostName highestCommittedUSN --option= 'tlspriority=NONE:+VERS-SSL3.0:+MAC-ALL:+CIPHER-ALL:+RSA:+SIGN-ALL:+COMP-NULL' && failed = ` expr $failed + 1`
fi
2007-01-25 15:39:13 +03:00
echo "Getting defaultNamingContext"
2009-02-03 18:23:13 +03:00
BASEDN = ` $ldbsearch $CONFIGURATION $options --basedn= '' -H $p ://$SERVER -s base DUMMY = x defaultNamingContext | grep defaultNamingContext | awk '{print $2}' `
2007-01-25 15:39:13 +03:00
echo " BASEDN is $BASEDN "
2009-02-03 18:23:13 +03:00
check "Listing Users" $ldbsearch $options $CONFIGURATION -H $p ://$SERVER '(objectclass=user)' sAMAccountName || failed = ` expr $failed + 1`
2007-01-25 15:39:13 +03:00
2009-02-03 18:23:13 +03:00
check "Listing Users (sorted)" $ldbsearch -S $options $CONFIGURATION -H $p ://$SERVER '(objectclass=user)' sAMAccountName || failed = ` expr $failed + 1`
2007-07-12 10:15:47 +04:00
2009-02-03 18:23:13 +03:00
check "Listing Groups" $ldbsearch $options $CONFIGURATION -H $p ://$SERVER '(objectclass=group)' sAMAccountName || failed = ` expr $failed + 1`
2007-01-25 15:39:13 +03:00
2009-02-03 18:23:13 +03:00
nentries = ` $ldbsearch $options -H $p ://$SERVER $CONFIGURATION '(|(|(&(!(groupType:1.2.840.113556.1.4.803:=1))(groupType:1.2.840.113556.1.4.803:=2147483648)(groupType:1.2.840.113556.1.4.804:=10))(samAccountType=805306368))(samAccountType=805306369))' sAMAccountName | grep sAMAccountName | wc -l`
2007-01-25 15:39:13 +03:00
echo " Found $nentries entries "
if [ $nentries -lt 10 ] ; then
echo "Should have found at least 10 entries"
failed = ` expr $failed + 1`
fi
echo "Check rootDSE for Controls"
2009-02-03 18:23:13 +03:00
nentries = ` $ldbsearch $options $CONFIGURATION -H $p ://$SERVER -s base -b "" '(objectclass=*)' | grep -i supportedControl | wc -l`
2007-01-25 15:39:13 +03:00
if [ $nentries -lt 4 ] ; then
echo "Should have found at least 4 entries"
failed = ` expr $failed + 1`
fi
echo "Test Paged Results Control"
2009-02-03 18:23:13 +03:00
nentries = ` $ldbsearch $options $CONFIGURATION -H $p ://$SERVER --controls= paged_results:1:5 '(objectclass=user)' | grep sAMAccountName | wc -l`
2007-01-25 15:39:13 +03:00
if [ $nentries -lt 1 ] ; then
echo "Paged Results Control test returned 0 items"
failed = ` expr $failed + 1`
fi
echo "Test Server Sort Control"
2009-02-03 18:23:13 +03:00
nentries = ` $ldbsearch $options $CONFIGURATION -H $p ://$SERVER --controls= server_sort:1:0:sAMAccountName '(objectclass=user)' | grep sAMAccountName | wc -l`
2007-01-25 15:39:13 +03:00
if [ $nentries -lt 1 ] ; then
echo "Server Sort Control test returned 0 items"
failed = ` expr $failed + 1`
fi
echo "Test Extended DN Control"
2009-02-03 18:23:13 +03:00
nentries = ` $ldbsearch $options $CONFIGURATION -H $p ://$SERVER --controls= extended_dn:1 '(objectclass=user)' | grep sAMAccountName | wc -l`
2007-11-29 10:00:04 +03:00
if [ $nentries -lt 1 ] ; then
echo "Extended DN Control test returned 0 items"
failed = ` expr $failed + 1`
fi
2009-02-03 18:23:13 +03:00
nentries = ` $ldbsearch $options $CONFIGURATION -H $p ://$SERVER --controls= extended_dn:1:0 '(objectclass=user)' | grep sAMAccountName | wc -l`
2007-01-25 15:39:13 +03:00
if [ $nentries -lt 1 ] ; then
2007-11-29 10:00:04 +03:00
echo "Extended DN Control test returned 0 items"
failed = ` expr $failed + 1`
fi
2009-02-03 18:23:13 +03:00
nentries = ` $ldbsearch $options $CONFIGURATION -H $p ://$SERVER --controls= extended_dn:1:1 '(objectclass=user)' | grep sAMAccountName | wc -l`
2007-11-29 10:00:04 +03:00
if [ $nentries -lt 1 ] ; then
2007-01-25 15:39:13 +03:00
echo "Extended DN Control test returned 0 items"
failed = ` expr $failed + 1`
fi
2007-08-15 17:14:38 +04:00
echo "Test Domain scope Control"
2009-02-03 18:23:13 +03:00
nentries = ` $ldbsearch $options $CONFIGURATION -H $p ://$SERVER --controls= domain_scope:1 '(objectclass=user)' | grep sAMAccountName | wc -l`
2007-08-15 17:14:38 +04:00
if [ $nentries -lt 1 ] ; then
echo "Extended Domain scope Control test returned 0 items"
failed = ` expr $failed + 1`
fi
2007-01-25 15:39:13 +03:00
echo "Test Attribute Scope Query Control"
2009-02-03 18:23:13 +03:00
nentries = ` $ldbsearch $options $CONFIGURATION -H $p ://$SERVER --controls= asq:1:member -s base -b " CN=Administrators,CN=Builtin, $BASEDN " | grep sAMAccountName | wc -l`
2007-01-25 15:39:13 +03:00
if [ $nentries -lt 1 ] ; then
echo "Attribute Scope Query test returned 0 items"
failed = ` expr $failed + 1`
fi
2007-08-27 05:46:09 +04:00
echo "Test Search Options Control"
2009-02-03 18:23:13 +03:00
nentries = ` $ldbsearch $options $CONFIGURATION -H $p ://$SERVER --controls= search_options:1:2 '(objectclass=crossRef)' | grep crossRef | wc -l`
2007-08-27 05:46:09 +04:00
if [ $nentries -lt 1 ] ; then
echo "Search Options Control Query test returned 0 items"
failed = ` expr $failed + 1`
fi
2008-01-16 00:58:07 +03:00
echo "Test Search Options Control with Domain Scope Control"
2009-02-03 18:23:13 +03:00
nentries = ` $ldbsearch $options $CONFIGURATION -H $p ://$SERVER --controls= search_options:1:2,domain_scope:1 '(objectclass=crossRef)' | grep crossRef | wc -l`
2008-01-16 00:58:07 +03:00
if [ $nentries -lt 1 ] ; then
echo "Search Options Control Query test returned 0 items"
failed = ` expr $failed + 1`
fi
2012-06-26 14:23:41 +04:00
wellknown_object_test( )
(
guid = $1
object = $2
failed = 0
2008-10-02 20:49:11 +04:00
basedns = " <WKGUID= ${ guid } , ${ BASEDN } > <wkGuId= ${ guid } , ${ BASEDN } > "
for dn in ${ basedns } ; do
echo " Test ${ dn } => ${ object } "
2009-02-03 18:23:13 +03:00
r = ` $ldbsearch $options $CONFIGURATION -H $p ://$SERVER '(objectClass=*)' -b " ${ dn } " | grep 'dn: ' `
2008-10-02 20:49:11 +04:00
n = ` echo " ${ r } " | grep 'dn: ' | wc -l`
c = ` echo " ${ r } " | grep " ${ object } " | wc -l`
if [ $n -lt 1 ] ; then
echo "Object not found by WKGUID"
failed = ` expr $failed + 1`
continue
fi
if [ $c -lt 1 ] ; then
echo " Wrong object found by WKGUID: [ ${ r } ] "
failed = ` expr $failed + 1`
continue
fi
done
return $failed
2012-06-26 14:23:41 +04:00
)
2008-10-02 20:49:11 +04:00
2008-10-04 04:08:39 +04:00
wellknown_object_test 22B70C67D56E4EFB91E9300FCA3DC1AA ForeignSecurityPrincipals
2008-10-02 20:49:11 +04:00
st = $?
if [ x" $st " != x"0" ] ; then
failed = ` expr $failed + $st `
fi
2008-10-04 04:08:39 +04:00
wellknown_object_test 2FBAC1870ADE11D297C400C04FD8D5CD Infrastructure
2008-10-02 20:49:11 +04:00
st = $?
if [ x" $st " != x"0" ] ; then
failed = ` expr $failed + $st `
fi
2008-10-04 04:08:39 +04:00
wellknown_object_test AB1D30F3768811D1ADED00C04FD8D5CD System
2008-10-02 20:49:11 +04:00
st = $?
if [ x" $st " != x"0" ] ; then
failed = ` expr $failed + $st `
fi
2008-10-04 04:08:39 +04:00
wellknown_object_test A361B2FFFFD211D1AA4B00C04FD7D83A Domain Controllers
2008-10-02 20:49:11 +04:00
st = $?
if [ x" $st " != x"0" ] ; then
failed = ` expr $failed + $st `
fi
2008-10-04 04:08:39 +04:00
wellknown_object_test AA312825768811D1ADED00C04FD8D5CD Computers
2008-10-02 20:49:11 +04:00
st = $?
if [ x" $st " != x"0" ] ; then
failed = ` expr $failed + $st `
fi
2008-10-04 04:08:39 +04:00
wellknown_object_test A9D1CA15768811D1ADED00C04FD8D5CD Users
2008-10-02 20:49:11 +04:00
st = $?
if [ x" $st " != x"0" ] ; then
failed = ` expr $failed + $st `
fi
2007-08-27 05:46:09 +04:00
2008-10-02 21:31:56 +04:00
echo " Getting HEX GUID/SID of $BASEDN "
2009-02-03 18:23:13 +03:00
HEXDN = ` $ldbsearch $CONFIGURATION $options -b " $BASEDN " -H $p ://$SERVER -s base "(objectClass=*)" --controls= extended_dn:1:0 distinguishedName | grep 'distinguishedName: ' | cut -d ' ' -f2-`
2008-10-02 21:31:56 +04:00
HEXGUID = ` echo " $HEXDN " | cut -d ';' -f1`
echo " HEXGUID[ $HEXGUID ] "
echo " Getting STR GUID/SID of $BASEDN "
2009-02-03 18:23:13 +03:00
STRDN = ` $ldbsearch $CONFIGURATION $options -b " $BASEDN " -H $p ://$SERVER -s base "(objectClass=*)" --controls= extended_dn:1:1 distinguishedName | grep 'distinguishedName: ' | cut -d ' ' -f2-`
2008-10-02 21:31:56 +04:00
echo " STRDN: $STRDN "
STRGUID = ` echo " $STRDN " | cut -d ';' -f1`
echo " STRGUID[ $STRGUID ] "
2008-12-16 11:12:06 +03:00
echo " Getting STR GUID/SID of $BASEDN "
2009-02-03 18:23:13 +03:00
STRDN = ` $ldbsearch $CONFIGURATION $options -b " $BASEDN " -H $p ://$SERVER -s base "(objectClass=*)" --controls= extended_dn:1:1 | grep 'dn: ' | cut -d ' ' -f2-`
2008-12-16 11:12:06 +03:00
echo " STRDN: $STRDN "
STRSID = ` echo " $STRDN " | cut -d ';' -f2`
2008-10-02 21:31:56 +04:00
echo " STRSID[ $STRSID ] "
2008-12-16 11:12:06 +03:00
SPECIALDNS = " $HEXGUID $STRGUID $STRSID "
2008-10-02 21:31:56 +04:00
for SPDN in $SPECIALDNS ; do
echo " Search for $SPDN "
2009-02-03 18:23:13 +03:00
nentries = ` $ldbsearch $options $CONFIGURATION -H $p ://$SERVER -s base -b " $SPDN " '(objectClass=*)' | grep " dn: $BASEDN " | wc -l`
2008-10-02 21:31:56 +04:00
if [ $nentries -lt 1 ] ; then
echo "Special search returned 0 items"
failed = ` expr $failed + 1`
fi
done
2009-09-20 08:05:59 +04:00
echo "Search using OIDs instead of names"
nentries1 = ` $ldbsearch $options $CONFIGURATION -H $p ://$SERVER '(objectClass=user)' name | grep "^name: " | wc -l`
nentries2 = ` $ldbsearch $options $CONFIGURATION -H $p ://$SERVER '(2.5.4.0=1.2.840.113556.1.5.9)' name | grep "^name: " | wc -l`
if [ $nentries1 -lt 1 ] ; then
echo " Error: Searching user via (objectClass=user): ' $nentries1 ' < 1 "
failed = ` expr $failed + 1`
fi
if [ $nentries2 -lt 1 ] ; then
echo " Error: Searching user via (2.5.4.0=1.2.840.113556.1.5.9) ' $nentries2 ' < 1 "
failed = ` expr $failed + 1`
fi
if [ x" $nentries1 " != x" $nentries2 " ] ; then
echo " Error: Searching user with OIDS[ $nentries1 ] doesn't return the same as STRINGS[ $nentries2 ] "
failed = ` expr $failed + 1`
fi
2007-01-25 15:39:13 +03:00
exit $failed