1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00

s4:dsdb/tests: let password_lockout.py use creds and other_ldb as function arguments

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Stefan Metzmacher 2016-02-05 08:37:53 +01:00 committed by Andrew Bartlett
parent a37eef6b7d
commit 2c4612243a

View File

@ -507,12 +507,10 @@ lockoutThreshold: """ + str(lockoutThreshold) + """
self.creds3 = insta_creds(username="testuser3", userpass="thatsAcomplPASS1")
self.ldb3 = self._readd_user(self.creds3)
def _test_userPassword_lockout_with_clear_change(self, method):
def _test_userPassword_lockout_with_clear_change(self, creds, other_ldb, method):
print "Performs a password cleartext change operation on 'userPassword'"
# Notice: This works only against Windows if "dSHeuristics" has been set
# properly
creds = self.creds2
other_ldb = self.ldb3
username = creds.get_username()
userpass = creds.get_password()
userdn = "cn=%s,cn=users,%s" % (username, self.base_dn)
@ -893,19 +891,22 @@ userPassword: thatsAcomplPASS2XYZ
msDSUserAccountControlComputed=0)
def test_userPassword_lockout_with_clear_change_ldap_userAccountControl(self):
self._test_userPassword_lockout_with_clear_change("ldap_userAccountControl")
self._test_userPassword_lockout_with_clear_change(self.creds2,
self.ldb3,
"ldap_userAccountControl")
def test_userPassword_lockout_with_clear_change_ldap_lockoutTime(self):
self._test_userPassword_lockout_with_clear_change("ldap_lockoutTime")
self._test_userPassword_lockout_with_clear_change(self.creds2,
self.ldb3,
"ldap_lockoutTime")
def test_userPassword_lockout_with_clear_change_samr(self):
self._test_userPassword_lockout_with_clear_change("samr")
self._test_userPassword_lockout_with_clear_change(self.creds2,
self.ldb3,
"samr")
def test_unicodePwd_lockout_with_clear_change(self):
def _test_unicodePwd_lockout_with_clear_change(self, creds, other_ldb):
print "Performs a password cleartext change operation on 'unicodePwd'"
creds = self.creds2
other_ldb = self.ldb3
username = creds.get_username()
userpass = creds.get_password()
userdn = "cn=%s,cn=users,%s" % (username, self.base_dn)
@ -1276,8 +1277,10 @@ unicodePwd:: """ + base64.b64encode(new_utf16) + """
dsdb.UF_NORMAL_ACCOUNT,
msDSUserAccountControlComputed=0)
def _test_login_lockout(self, use_kerberos):
creds = self.creds2
def test_unicodePwd_lockout_with_clear_change(self):
return self._test_unicodePwd_lockout_with_clear_change(self.creds2, self.ldb3)
def _test_login_lockout(self, creds, use_kerberos):
username = creds.get_username()
userpass = creds.get_password()
userdn = "cn=%s,cn=users,%s" % (username, self.base_dn)
@ -1586,12 +1589,12 @@ unicodePwd:: """ + base64.b64encode(new_utf16) + """
msDSUserAccountControlComputed=0)
def test_login_lockout_ntlm(self):
self._test_login_lockout(DONT_USE_KERBEROS)
self._test_login_lockout(self.creds2, DONT_USE_KERBEROS)
def test_login_lockout_kerberos(self):
self._test_login_lockout(MUST_USE_KERBEROS)
self._test_login_lockout(self.creds2, MUST_USE_KERBEROS)
def _test_multiple_logon(self, use_kerberos):
def _test_multiple_logon(self, creds, use_kerberos):
# Test the happy case in which a user logs on correctly, then
# logs on correctly again, so that the bad password and
# lockout times are both zero the second time. The lastlogon
@ -1600,7 +1603,6 @@ unicodePwd:: """ + base64.b64encode(new_utf16) + """
# Open a second LDB connection with the user credentials. Use the
# command line credentials for informations like the domain, the realm
# and the workstation.
creds = self.creds2
username = creds.get_username()
userdn = "cn=%s,cn=users,%s" % (username, self.base_dn)
creds2 = insta_creds(template=creds)
@ -1662,10 +1664,10 @@ unicodePwd:: """ + base64.b64encode(new_utf16) + """
msDSUserAccountControlComputed=0)
def test_multiple_logon_ntlm(self):
self._test_multiple_logon(DONT_USE_KERBEROS)
self._test_multiple_logon(self.creds2, DONT_USE_KERBEROS)
def test_multiple_logon_kerberos(self):
self._test_multiple_logon(MUST_USE_KERBEROS)
self._test_multiple_logon(self.creds2, MUST_USE_KERBEROS)
def tearDown(self):
super(PasswordTests, self).tearDown()