mirror of
https://github.com/samba-team/samba.git
synced 2025-08-02 00:22:11 +03:00
Fix formating of sources to be less than 80 lines
Signed-off-by: David Mulder <dmulder@suse.com> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Garming Sam <garming@samba.org> Autobuild-Date(master): Tue Nov 21 01:51:59 CET 2017 on sn-devel-144
This commit is contained in:
Garming Sam
Garming Sam
@ -50,13 +50,18 @@ GPO_getter(user_extensions)
|
|||||||
GPO_getter(machine_extensions)
|
GPO_getter(machine_extensions)
|
||||||
|
|
||||||
static PyGetSetDef GPO_setters[] = {
|
static PyGetSetDef GPO_setters[] = {
|
||||||
{discard_const_p(char, "ds_path"), (getter)GPO_get_ds_path, NULL, NULL, NULL},
|
{discard_const_p(char, "ds_path"), (getter)GPO_get_ds_path, NULL, NULL,
|
||||||
{discard_const_p(char, "file_sys_path"), (getter)GPO_get_file_sys_path, NULL, NULL, NULL},
|
NULL},
|
||||||
{discard_const_p(char, "display_name"), (getter)GPO_get_display_name, NULL, NULL, NULL},
|
{discard_const_p(char, "file_sys_path"), (getter)GPO_get_file_sys_path,
|
||||||
|
NULL, NULL, NULL},
|
||||||
|
{discard_const_p(char, "display_name"), (getter)GPO_get_display_name, NULL,
|
||||||
|
NULL, NULL},
|
||||||
{discard_const_p(char, "name"), (getter)GPO_get_name, NULL, NULL, NULL},
|
{discard_const_p(char, "name"), (getter)GPO_get_name, NULL, NULL, NULL},
|
||||||
{discard_const_p(char, "link"), (getter)GPO_get_link, NULL, NULL, NULL},
|
{discard_const_p(char, "link"), (getter)GPO_get_link, NULL, NULL, NULL},
|
||||||
{discard_const_p(char, "user_extensions"), (getter)GPO_get_user_extensions, NULL, NULL, NULL},
|
{discard_const_p(char, "user_extensions"), (getter)GPO_get_user_extensions,
|
||||||
{discard_const_p(char, "machine_extensions"), (getter)GPO_get_machine_extensions, NULL, NULL, NULL},
|
NULL, NULL, NULL},
|
||||||
|
{discard_const_p(char, "machine_extensions"),
|
||||||
|
(getter)GPO_get_machine_extensions, NULL, NULL, NULL},
|
||||||
{NULL}
|
{NULL}
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -72,15 +77,19 @@ static PyObject *py_gpo_get_unix_path(PyObject *self, PyObject *args,
|
|||||||
struct GROUP_POLICY_OBJECT *gpo_ptr \
|
struct GROUP_POLICY_OBJECT *gpo_ptr \
|
||||||
= (struct GROUP_POLICY_OBJECT *)pytalloc_get_ptr(self);
|
= (struct GROUP_POLICY_OBJECT *)pytalloc_get_ptr(self);
|
||||||
|
|
||||||
if (!PyArg_ParseTupleAndKeywords(args, kwds, "|s", discard_const_p(char *, kwlist), &cache_dir)) {
|
if (!PyArg_ParseTupleAndKeywords(args, kwds, "|s",
|
||||||
PyErr_SetString(PyExc_SystemError, "Failed to parse arguments to gpo_get_unix_path()");
|
discard_const_p(char *, kwlist),
|
||||||
|
&cache_dir)) {
|
||||||
|
PyErr_SetString(PyExc_SystemError,
|
||||||
|
"Failed to parse arguments to gpo_get_unix_path()");
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!cache_dir) {
|
if (!cache_dir) {
|
||||||
cache_dir = cache_path(GPO_CACHE_DIR);
|
cache_dir = cache_path(GPO_CACHE_DIR);
|
||||||
if (!cache_dir) {
|
if (!cache_dir) {
|
||||||
PyErr_SetString(PyExc_MemoryError, "Failed to determine gpo cache dir");
|
PyErr_SetString(PyExc_MemoryError,
|
||||||
|
"Failed to determine gpo cache dir");
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -92,7 +101,8 @@ static PyObject *py_gpo_get_unix_path(PyObject *self, PyObject *args,
|
|||||||
TALLOC_FREE(frame);
|
TALLOC_FREE(frame);
|
||||||
|
|
||||||
if (!NT_STATUS_IS_OK(status)) {
|
if (!NT_STATUS_IS_OK(status)) {
|
||||||
PyErr_SetString(PyExc_SystemError, "Failed to determine gpo unix path");
|
PyErr_SetString(PyExc_SystemError,
|
||||||
|
"Failed to determine gpo unix path");
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -145,8 +155,11 @@ static int py_ads_init(ADS *self, PyObject *args, PyObject *kwds)
|
|||||||
PyObject *lp_obj = NULL;
|
PyObject *lp_obj = NULL;
|
||||||
struct loadparm_context *lp_ctx = NULL;
|
struct loadparm_context *lp_ctx = NULL;
|
||||||
|
|
||||||
static const char *kwlist[] = {"ldap_server", "loadparm_context", "credentials", NULL};
|
static const char *kwlist[] = {"ldap_server", "loadparm_context",
|
||||||
if (!PyArg_ParseTupleAndKeywords(args, kwds, "sO|O", discard_const_p(char *, kwlist), &ldap_server, &lp_obj, &py_creds))
|
"credentials", NULL};
|
||||||
|
if (!PyArg_ParseTupleAndKeywords(args, kwds, "sO|O",
|
||||||
|
discard_const_p(char *, kwlist),
|
||||||
|
&ldap_server, &lp_obj, &py_creds))
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
if (py_creds) {
|
if (py_creds) {
|
||||||
@ -189,10 +202,13 @@ static PyObject* py_ads_connect(ADS *self)
|
|||||||
ADS_STATUS status;
|
ADS_STATUS status;
|
||||||
TALLOC_CTX *frame = talloc_stackframe();
|
TALLOC_CTX *frame = talloc_stackframe();
|
||||||
if (self->cli_creds) {
|
if (self->cli_creds) {
|
||||||
self->ads_ptr->auth.user_name = SMB_STRDUP(cli_credentials_get_username(self->cli_creds));
|
self->ads_ptr->auth.user_name =
|
||||||
self->ads_ptr->auth.flags |= ADS_AUTH_USER_CREDS;
|
SMB_STRDUP(cli_credentials_get_username(self->cli_creds));
|
||||||
self->ads_ptr->auth.password = SMB_STRDUP(cli_credentials_get_password(self->cli_creds));
|
self->ads_ptr->auth.flags |= ADS_AUTH_USER_CREDS;
|
||||||
self->ads_ptr->auth.realm = SMB_STRDUP(cli_credentials_get_realm(self->cli_creds));
|
self->ads_ptr->auth.password =
|
||||||
|
SMB_STRDUP(cli_credentials_get_password(self->cli_creds));
|
||||||
|
self->ads_ptr->auth.realm =
|
||||||
|
SMB_STRDUP(cli_credentials_get_realm(self->cli_creds));
|
||||||
|
|
||||||
status = ads_connect_user_creds(self->ads_ptr);
|
status = ads_connect_user_creds(self->ads_ptr);
|
||||||
if (!ADS_ERR_OK(status)) {
|
if (!ADS_ERR_OK(status)) {
|
||||||
@ -203,7 +219,8 @@ self->ads_ptr->auth.flags |= ADS_AUTH_USER_CREDS;
|
|||||||
} else {
|
} else {
|
||||||
char *passwd;
|
char *passwd;
|
||||||
|
|
||||||
if (asprintf(&(self->ads_ptr->auth.user_name), "%s$", lp_netbios_name()) == -1) {
|
if (asprintf(&(self->ads_ptr->auth.user_name), "%s$",
|
||||||
|
lp_netbios_name()) == -1) {
|
||||||
PyErr_SetString(PyExc_SystemError, "Failed to asprintf");
|
PyErr_SetString(PyExc_SystemError, "Failed to asprintf");
|
||||||
TALLOC_FREE(frame);
|
TALLOC_FREE(frame);
|
||||||
Py_RETURN_FALSE;
|
Py_RETURN_FALSE;
|
||||||
@ -214,9 +231,11 @@ self->ads_ptr->auth.flags |= ADS_AUTH_USER_CREDS;
|
|||||||
TALLOC_FREE(frame);
|
TALLOC_FREE(frame);
|
||||||
Py_RETURN_FALSE;
|
Py_RETURN_FALSE;
|
||||||
}
|
}
|
||||||
|
if (!(passwd =
|
||||||
if (!(passwd = secrets_fetch_machine_password(self->ads_ptr->server.workgroup, NULL, NULL))) {
|
secrets_fetch_machine_password(self->ads_ptr->server.workgroup,
|
||||||
PyErr_SetString(PyExc_SystemError, "Failed to fetch the machine account password");
|
NULL, NULL))) {
|
||||||
|
PyErr_SetString(PyExc_SystemError,
|
||||||
|
"Failed to fetch the machine account password");
|
||||||
TALLOC_FREE(frame);
|
TALLOC_FREE(frame);
|
||||||
Py_RETURN_FALSE;
|
Py_RETURN_FALSE;
|
||||||
}
|
}
|
||||||
@ -244,7 +263,8 @@ self->ads_ptr->auth.flags |= ADS_AUTH_USER_CREDS;
|
|||||||
void initgpo(void);
|
void initgpo(void);
|
||||||
|
|
||||||
/* Global methods aka do not need a special pyobject type */
|
/* Global methods aka do not need a special pyobject type */
|
||||||
static PyObject *py_gpo_get_sysvol_gpt_version(PyObject * self, PyObject * args)
|
static PyObject *py_gpo_get_sysvol_gpt_version(PyObject * self,
|
||||||
|
PyObject * args)
|
||||||
{
|
{
|
||||||
TALLOC_CTX *tmp_ctx = NULL;
|
TALLOC_CTX *tmp_ctx = NULL;
|
||||||
char *unix_path;
|
char *unix_path;
|
||||||
@ -272,7 +292,9 @@ static PyObject *py_gpo_get_sysvol_gpt_version(PyObject * self, PyObject * args)
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
static ADS_STATUS find_samaccount(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, const char *samaccountname, uint32_t *uac_ret, const char **dn_ret)
|
static ADS_STATUS find_samaccount(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx,
|
||||||
|
const char *samaccountname,
|
||||||
|
uint32_t *uac_ret, const char **dn_ret)
|
||||||
{
|
{
|
||||||
ADS_STATUS status;
|
ADS_STATUS status;
|
||||||
const char *attrs[] = { "userAccountControl", NULL };
|
const char *attrs[] = { "userAccountControl", NULL };
|
||||||
@ -287,7 +309,8 @@ static ADS_STATUS find_samaccount(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, const ch
|
|||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
status = ads_do_search_all(ads, ads->config.bind_path, LDAP_SCOPE_SUBTREE, filter, attrs, &res);
|
status = ads_do_search_all(ads, ads->config.bind_path, LDAP_SCOPE_SUBTREE,
|
||||||
|
filter, attrs, &res);
|
||||||
|
|
||||||
if (!ADS_ERR_OK(status)) {
|
if (!ADS_ERR_OK(status)) {
|
||||||
goto out;
|
goto out;
|
||||||
@ -343,8 +366,11 @@ static PyObject *py_ads_get_gpo_list(ADS *self, PyObject *args, PyObject *kwds)
|
|||||||
size_t i;
|
size_t i;
|
||||||
|
|
||||||
static const char *kwlist[] = {"samaccountname", NULL};
|
static const char *kwlist[] = {"samaccountname", NULL};
|
||||||
if (!PyArg_ParseTupleAndKeywords(args, kwds, "s", discard_const_p(char *, kwlist), &samaccountname)) {
|
if (!PyArg_ParseTupleAndKeywords(args, kwds, "s",
|
||||||
PyErr_SetString(PyExc_SystemError, "Failed to parse arguments to py_ads_get_gpo_list()");
|
discard_const_p(char *, kwlist),
|
||||||
|
&samaccountname)) {
|
||||||
|
PyErr_SetString(PyExc_SystemError,
|
||||||
|
"Failed to parse arguments to py_ads_get_gpo_list()");
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -370,7 +396,8 @@ static PyObject *py_ads_get_gpo_list(ADS *self, PyObject *args, PyObject *kwds)
|
|||||||
}
|
}
|
||||||
|
|
||||||
gpo_ctx = talloc_new(frame);
|
gpo_ctx = talloc_new(frame);
|
||||||
status = ads_get_gpo_list(self->ads_ptr, gpo_ctx, dn, flags, token, &gpo_list);
|
status = ads_get_gpo_list(self->ads_ptr, gpo_ctx, dn, flags, token,
|
||||||
|
&gpo_list);
|
||||||
if (!ADS_ERR_OK(status)) {
|
if (!ADS_ERR_OK(status)) {
|
||||||
TALLOC_FREE(frame);
|
TALLOC_FREE(frame);
|
||||||
PyErr_SetString(PyExc_SystemError, "Failed to fetch GPO list");
|
PyErr_SetString(PyExc_SystemError, "Failed to fetch GPO list");
|
||||||
@ -409,7 +436,8 @@ out:
|
|||||||
}
|
}
|
||||||
|
|
||||||
static PyMethodDef ADS_methods[] = {
|
static PyMethodDef ADS_methods[] = {
|
||||||
{ "connect", (PyCFunction)py_ads_connect, METH_NOARGS, "Connect to the LDAP server" },
|
{ "connect", (PyCFunction)py_ads_connect, METH_NOARGS,
|
||||||
|
"Connect to the LDAP server" },
|
||||||
{ "get_gpo_list", (PyCFunction)py_ads_get_gpo_list, METH_KEYWORDS, NULL },
|
{ "get_gpo_list", (PyCFunction)py_ads_get_gpo_list, METH_KEYWORDS, NULL },
|
||||||
{ NULL }
|
{ NULL }
|
||||||
};
|
};
|
||||||
@ -426,7 +454,8 @@ static PyTypeObject ads_ADSType = {
|
|||||||
};
|
};
|
||||||
|
|
||||||
static PyMethodDef py_gpo_methods[] = {
|
static PyMethodDef py_gpo_methods[] = {
|
||||||
{"gpo_get_sysvol_gpt_version", (PyCFunction) py_gpo_get_sysvol_gpt_version, METH_VARARGS, NULL},
|
{"gpo_get_sysvol_gpt_version", (PyCFunction) py_gpo_get_sysvol_gpt_version,
|
||||||
|
METH_VARARGS, NULL},
|
||||||
{NULL}
|
{NULL}
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -439,7 +468,8 @@ void initgpo(void)
|
|||||||
/* Instantiate the types */
|
/* Instantiate the types */
|
||||||
m = Py_InitModule3("gpo", py_gpo_methods, "libgpo python bindings");
|
m = Py_InitModule3("gpo", py_gpo_methods, "libgpo python bindings");
|
||||||
if (m == NULL) return;
|
if (m == NULL) return;
|
||||||
PyModule_AddObject(m, "version", PyString_FromString(SAMBA_VERSION_STRING));
|
PyModule_AddObject(m, "version",
|
||||||
|
PyString_FromString(SAMBA_VERSION_STRING));
|
||||||
|
|
||||||
if (PyType_Ready(&ads_ADSType) < 0)
|
if (PyType_Ready(&ads_ADSType) < 0)
|
||||||
return;
|
return;
|
||||||
|
|||||||
@ -44,7 +44,8 @@ except ImportError:
|
|||||||
|
|
||||||
class gp_log:
|
class gp_log:
|
||||||
''' Log settings overwritten by gpo apply
|
''' Log settings overwritten by gpo apply
|
||||||
The gp_log is an xml file that stores a history of gpo changes (and the original setting value).
|
The gp_log is an xml file that stores a history of gpo changes (and the
|
||||||
|
original setting value).
|
||||||
|
|
||||||
The log is organized like so:
|
The log is organized like so:
|
||||||
|
|
||||||
@ -69,19 +70,22 @@ class gp_log:
|
|||||||
</user>
|
</user>
|
||||||
</gp>
|
</gp>
|
||||||
|
|
||||||
Each guid value contains a list of extensions, which contain a list of attributes. The guid value
|
Each guid value contains a list of extensions, which contain a list of
|
||||||
represents a GPO. The attributes are the values of those settings prior to the application of
|
attributes. The guid value represents a GPO. The attributes are the values
|
||||||
the GPO.
|
of those settings prior to the application of the GPO.
|
||||||
The list of guids is enclosed within a user name, which represents the user the settings were
|
The list of guids is enclosed within a user name, which represents the user
|
||||||
applied to. This user may be the samaccountname of the local computer, which implies that these
|
the settings were applied to. This user may be the samaccountname of the
|
||||||
are machine policies.
|
local computer, which implies that these are machine policies.
|
||||||
The applylog keeps track of the order in which the GPOs were applied, so that they can be rolled
|
The applylog keeps track of the order in which the GPOs were applied, so
|
||||||
back in reverse, returning the machine to the state prior to policy application.
|
that they can be rolled back in reverse, returning the machine to the state
|
||||||
|
prior to policy application.
|
||||||
'''
|
'''
|
||||||
def __init__(self, user, gpostore, db_log=None):
|
def __init__(self, user, gpostore, db_log=None):
|
||||||
''' Initialize the gp_log
|
''' Initialize the gp_log
|
||||||
param user - the username (or machine name) that policies are being applied to
|
param user - the username (or machine name) that policies are
|
||||||
param gpostore - the GPOStorage obj which references the tdb which contains gp_logs
|
being applied to
|
||||||
|
param gpostore - the GPOStorage obj which references the tdb which
|
||||||
|
contains gp_logs
|
||||||
param db_log - (optional) a string to initialize the gp_log
|
param db_log - (optional) a string to initialize the gp_log
|
||||||
'''
|
'''
|
||||||
self._state = GPOSTATE.APPLY
|
self._state = GPOSTATE.APPLY
|
||||||
@ -100,10 +104,11 @@ class gp_log:
|
|||||||
''' Policy application state
|
''' Policy application state
|
||||||
param value - APPLY, ENFORCE, or UNAPPLY
|
param value - APPLY, ENFORCE, or UNAPPLY
|
||||||
|
|
||||||
The behavior of the gp_log depends on whether we are applying policy, enforcing policy,
|
The behavior of the gp_log depends on whether we are applying policy,
|
||||||
or unapplying policy. During an apply, old settings are recorded in the log. During an
|
enforcing policy, or unapplying policy. During an apply, old settings
|
||||||
enforce, settings are being applied but the gp_log does not change. During an unapply,
|
are recorded in the log. During an enforce, settings are being applied
|
||||||
additions to the log should be ignored (since function calls to apply settings are actually
|
but the gp_log does not change. During an unapply, additions to the log
|
||||||
|
should be ignored (since function calls to apply settings are actually
|
||||||
reverting policy), but removals from the log are allowed.
|
reverting policy), but removals from the log are allowed.
|
||||||
'''
|
'''
|
||||||
# If we're enforcing, but we've unapplied, apply instead
|
# If we're enforcing, but we've unapplied, apply instead
|
||||||
@ -118,7 +123,8 @@ class gp_log:
|
|||||||
|
|
||||||
def set_guid(self, guid):
|
def set_guid(self, guid):
|
||||||
''' Log to a different GPO guid
|
''' Log to a different GPO guid
|
||||||
param guid - guid value of the GPO from which we're applying policy
|
param guid - guid value of the GPO from which we're applying
|
||||||
|
policy
|
||||||
'''
|
'''
|
||||||
self.guid = self.user.find('guid[@value="%s"]' % guid)
|
self.guid = self.user.find('guid[@value="%s"]' % guid)
|
||||||
if self.guid is None:
|
if self.guid is None:
|
||||||
@ -136,7 +142,8 @@ class gp_log:
|
|||||||
''' Pop a GPO guid from the applylog
|
''' Pop a GPO guid from the applylog
|
||||||
return - last applied GPO guid
|
return - last applied GPO guid
|
||||||
|
|
||||||
Removes the GPO guid last added to the list, which is the most recently applied GPO.
|
Removes the GPO guid last added to the list, which is the most recently
|
||||||
|
applied GPO.
|
||||||
'''
|
'''
|
||||||
apply_log = self.user.find('applylog')
|
apply_log = self.user.find('applylog')
|
||||||
if apply_log is not None:
|
if apply_log is not None:
|
||||||
@ -152,7 +159,8 @@ class gp_log:
|
|||||||
''' Store an attribute in the gp_log
|
''' Store an attribute in the gp_log
|
||||||
param gp_ext_name - Name of the extension applying policy
|
param gp_ext_name - Name of the extension applying policy
|
||||||
param attribute - The attribute being modified
|
param attribute - The attribute being modified
|
||||||
param old_val - The value of the attribute prior to policy application
|
param old_val - The value of the attribute prior to policy
|
||||||
|
application
|
||||||
'''
|
'''
|
||||||
if self._state == GPOSTATE.UNAPPLY or self._state == GPOSTATE.ENFORCE:
|
if self._state == GPOSTATE.UNAPPLY or self._state == GPOSTATE.ENFORCE:
|
||||||
return None
|
return None
|
||||||
@ -171,7 +179,8 @@ class gp_log:
|
|||||||
''' Retrieve a stored attribute from the gp_log
|
''' Retrieve a stored attribute from the gp_log
|
||||||
param gp_ext_name - Name of the extension which applied policy
|
param gp_ext_name - Name of the extension which applied policy
|
||||||
param attribute - The attribute being retrieved
|
param attribute - The attribute being retrieved
|
||||||
return - The value of the attribute prior to policy application
|
return - The value of the attribute prior to policy
|
||||||
|
application
|
||||||
'''
|
'''
|
||||||
assert self.guid is not None, "gpo guid was not set"
|
assert self.guid is not None, "gpo guid was not set"
|
||||||
ext = self.guid.find('gp_ext[@name="%s"]' % gp_ext_name)
|
ext = self.guid.find('gp_ext[@name="%s"]' % gp_ext_name)
|
||||||
@ -182,9 +191,12 @@ class gp_log:
|
|||||||
return None
|
return None
|
||||||
|
|
||||||
def list(self, gp_extensions):
|
def list(self, gp_extensions):
|
||||||
''' Return a list of attributes, their previous values, and functions to set them
|
''' Return a list of attributes, their previous values, and functions
|
||||||
param gp_extensions - list of extension objects, for retrieving attr to func mappings
|
to set them
|
||||||
return - list of (attr, value, apply_func) tuples for unapplying policy
|
param gp_extensions - list of extension objects, for retrieving attr to
|
||||||
|
func mappings
|
||||||
|
return - list of (attr, value, apply_func) tuples for
|
||||||
|
unapplying policy
|
||||||
'''
|
'''
|
||||||
assert self.guid is not None, "gpo guid was not set"
|
assert self.guid is not None, "gpo guid was not set"
|
||||||
ret = []
|
ret = []
|
||||||
@ -194,15 +206,18 @@ class gp_log:
|
|||||||
exts = self.guid.findall('gp_ext')
|
exts = self.guid.findall('gp_ext')
|
||||||
if exts is not None:
|
if exts is not None:
|
||||||
for ext in exts:
|
for ext in exts:
|
||||||
ext_map = {val[0]: val[1] for (key, val) in data_maps[ext.attrib['name']].items()}
|
ext_map = {val[0]: val[1] for (key, val) in \
|
||||||
|
data_maps[ext.attrib['name']].items()}
|
||||||
attrs = ext.findall('attribute')
|
attrs = ext.findall('attribute')
|
||||||
for attr in attrs:
|
for attr in attrs:
|
||||||
ret.append((attr.attrib['name'], attr.text, ext_map[attr.attrib['name']]))
|
ret.append((attr.attrib['name'], attr.text,
|
||||||
|
ext_map[attr.attrib['name']]))
|
||||||
return ret
|
return ret
|
||||||
|
|
||||||
def delete(self, gp_ext_name, attribute):
|
def delete(self, gp_ext_name, attribute):
|
||||||
''' Remove an attribute from the gp_log
|
''' Remove an attribute from the gp_log
|
||||||
param gp_ext_name - name of extension from which to remove the attribute
|
param gp_ext_name - name of extension from which to remove the
|
||||||
|
attribute
|
||||||
param attribute - attribute to remove
|
param attribute - attribute to remove
|
||||||
'''
|
'''
|
||||||
assert self.guid is not None, "gpo guid was not set"
|
assert self.guid is not None, "gpo guid was not set"
|
||||||
@ -313,7 +328,8 @@ class inf_to_kdc_tdb(inf_to):
|
|||||||
|
|
||||||
def set_kdc_tdb(self, val):
|
def set_kdc_tdb(self, val):
|
||||||
old_val = self.gp_db.gpostore.get(self.attribute)
|
old_val = self.gp_db.gpostore.get(self.attribute)
|
||||||
self.logger.info('%s was changed from %s to %s' % (self.attribute, old_val, val))
|
self.logger.info('%s was changed from %s to %s' % (self.attribute,
|
||||||
|
old_val, val))
|
||||||
if val is not None:
|
if val is not None:
|
||||||
self.gp_db.gpostore.store(self.attribute, val)
|
self.gp_db.gpostore.store(self.attribute, val)
|
||||||
self.gp_db.store(str(self), self.attribute, old_val)
|
self.gp_db.store(str(self), self.attribute, old_val)
|
||||||
@ -323,40 +339,47 @@ class inf_to_kdc_tdb(inf_to):
|
|||||||
|
|
||||||
def mapper(self):
|
def mapper(self):
|
||||||
return { 'kdc:user_ticket_lifetime': (self.set_kdc_tdb, self.explicit),
|
return { 'kdc:user_ticket_lifetime': (self.set_kdc_tdb, self.explicit),
|
||||||
'kdc:service_ticket_lifetime': (self.set_kdc_tdb, self.mins_to_hours),
|
'kdc:service_ticket_lifetime': (self.set_kdc_tdb,
|
||||||
'kdc:renewal_lifetime': (self.set_kdc_tdb, self.days_to_hours),
|
self.mins_to_hours),
|
||||||
|
'kdc:renewal_lifetime': (self.set_kdc_tdb,
|
||||||
|
self.days_to_hours),
|
||||||
}
|
}
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return 'Kerberos Policy'
|
return 'Kerberos Policy'
|
||||||
|
|
||||||
class inf_to_ldb(inf_to):
|
class inf_to_ldb(inf_to):
|
||||||
'''This class takes the .inf file parameter (essentially a GPO file mapped to a GUID),
|
'''This class takes the .inf file parameter (essentially a GPO file mapped
|
||||||
hashmaps it to the Samba parameter, which then uses an ldb object to update the
|
to a GUID), hashmaps it to the Samba parameter, which then uses an ldb
|
||||||
parameter to Samba4. Not registry oriented whatsoever.
|
object to update the parameter to Samba4. Not registry oriented whatsoever.
|
||||||
'''
|
'''
|
||||||
|
|
||||||
def ch_minPwdAge(self, val):
|
def ch_minPwdAge(self, val):
|
||||||
old_val = self.ldb.get_minPwdAge()
|
old_val = self.ldb.get_minPwdAge()
|
||||||
self.logger.info('KDC Minimum Password age was changed from %s to %s' % (old_val, val))
|
self.logger.info('KDC Minimum Password age was changed from %s to %s' \
|
||||||
|
% (old_val, val))
|
||||||
self.gp_db.store(str(self), self.attribute, old_val)
|
self.gp_db.store(str(self), self.attribute, old_val)
|
||||||
self.ldb.set_minPwdAge(val)
|
self.ldb.set_minPwdAge(val)
|
||||||
|
|
||||||
def ch_maxPwdAge(self, val):
|
def ch_maxPwdAge(self, val):
|
||||||
old_val = self.ldb.get_maxPwdAge()
|
old_val = self.ldb.get_maxPwdAge()
|
||||||
self.logger.info('KDC Maximum Password age was changed from %s to %s' % (old_val, val))
|
self.logger.info('KDC Maximum Password age was changed from %s to %s' \
|
||||||
|
% (old_val, val))
|
||||||
self.gp_db.store(str(self), self.attribute, old_val)
|
self.gp_db.store(str(self), self.attribute, old_val)
|
||||||
self.ldb.set_maxPwdAge(val)
|
self.ldb.set_maxPwdAge(val)
|
||||||
|
|
||||||
def ch_minPwdLength(self, val):
|
def ch_minPwdLength(self, val):
|
||||||
old_val = self.ldb.get_minPwdLength()
|
old_val = self.ldb.get_minPwdLength()
|
||||||
self.logger.info('KDC Minimum Password length was changed from %s to %s' % (old_val, val))
|
self.logger.info(
|
||||||
|
'KDC Minimum Password length was changed from %s to %s' \
|
||||||
|
% (old_val, val))
|
||||||
self.gp_db.store(str(self), self.attribute, old_val)
|
self.gp_db.store(str(self), self.attribute, old_val)
|
||||||
self.ldb.set_minPwdLength(val)
|
self.ldb.set_minPwdLength(val)
|
||||||
|
|
||||||
def ch_pwdProperties(self, val):
|
def ch_pwdProperties(self, val):
|
||||||
old_val = self.ldb.get_pwdProperties()
|
old_val = self.ldb.get_pwdProperties()
|
||||||
self.logger.info('KDC Password Properties were changed from %s to %s' % (old_val, val))
|
self.logger.info('KDC Password Properties were changed from %s to %s' \
|
||||||
|
% (old_val, val))
|
||||||
self.gp_db.store(str(self), self.attribute, old_val)
|
self.gp_db.store(str(self), self.attribute, old_val)
|
||||||
self.ldb.set_pwdProperties(val)
|
self.ldb.set_pwdProperties(val)
|
||||||
|
|
||||||
@ -373,7 +396,8 @@ class inf_to_ldb(inf_to):
|
|||||||
'''ldap value : samba setter'''
|
'''ldap value : samba setter'''
|
||||||
return { "minPwdAge" : (self.ch_minPwdAge, self.days2rel_nttime),
|
return { "minPwdAge" : (self.ch_minPwdAge, self.days2rel_nttime),
|
||||||
"maxPwdAge" : (self.ch_maxPwdAge, self.days2rel_nttime),
|
"maxPwdAge" : (self.ch_maxPwdAge, self.days2rel_nttime),
|
||||||
# Could be none, but I like the method assignment in update_samba
|
# Could be none, but I like the method assignment in
|
||||||
|
# update_samba
|
||||||
"minPwdLength" : (self.ch_minPwdLength, self.explicit),
|
"minPwdLength" : (self.ch_minPwdLength, self.explicit),
|
||||||
"pwdProperties" : (self.ch_pwdProperties, self.explicit),
|
"pwdProperties" : (self.ch_pwdProperties, self.explicit),
|
||||||
|
|
||||||
@ -398,7 +422,8 @@ class gp_sec_ext(gp_ext):
|
|||||||
return "Security GPO extension"
|
return "Security GPO extension"
|
||||||
|
|
||||||
def list(self, rootpath):
|
def list(self, rootpath):
|
||||||
return os.path.join(rootpath, "MACHINE/Microsoft/Windows NT/SecEdit/GptTmpl.inf")
|
return os.path.join(rootpath,
|
||||||
|
"MACHINE/Microsoft/Windows NT/SecEdit/GptTmpl.inf")
|
||||||
|
|
||||||
def listmachpol(self, rootpath):
|
def listmachpol(self, rootpath):
|
||||||
return os.path.join(rootpath, "Machine/Registry.pol")
|
return os.path.join(rootpath, "Machine/Registry.pol")
|
||||||
@ -407,14 +432,27 @@ class gp_sec_ext(gp_ext):
|
|||||||
return os.path.join(rootpath, "User/Registry.pol")
|
return os.path.join(rootpath, "User/Registry.pol")
|
||||||
|
|
||||||
def apply_map(self):
|
def apply_map(self):
|
||||||
return {"System Access": {"MinimumPasswordAge": ("minPwdAge", inf_to_ldb),
|
return {"System Access": {"MinimumPasswordAge": ("minPwdAge",
|
||||||
"MaximumPasswordAge": ("maxPwdAge", inf_to_ldb),
|
inf_to_ldb),
|
||||||
"MinimumPasswordLength": ("minPwdLength", inf_to_ldb),
|
"MaximumPasswordAge": ("maxPwdAge",
|
||||||
"PasswordComplexity": ("pwdProperties", inf_to_ldb),
|
inf_to_ldb),
|
||||||
|
"MinimumPasswordLength": ("minPwdLength",
|
||||||
|
inf_to_ldb),
|
||||||
|
"PasswordComplexity": ("pwdProperties",
|
||||||
|
inf_to_ldb),
|
||||||
},
|
},
|
||||||
"Kerberos Policy": {"MaxTicketAge": ("kdc:user_ticket_lifetime", inf_to_kdc_tdb),
|
"Kerberos Policy": {"MaxTicketAge": (
|
||||||
"MaxServiceAge": ("kdc:service_ticket_lifetime", inf_to_kdc_tdb),
|
"kdc:user_ticket_lifetime",
|
||||||
"MaxRenewAge": ("kdc:renewal_lifetime", inf_to_kdc_tdb),
|
inf_to_kdc_tdb
|
||||||
|
),
|
||||||
|
"MaxServiceAge": (
|
||||||
|
"kdc:service_ticket_lifetime",
|
||||||
|
inf_to_kdc_tdb
|
||||||
|
),
|
||||||
|
"MaxRenewAge": (
|
||||||
|
"kdc:renewal_lifetime",
|
||||||
|
inf_to_kdc_tdb
|
||||||
|
),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -447,7 +485,8 @@ class gp_sec_ext(gp_ext):
|
|||||||
(att, setter) = current_section.get(key)
|
(att, setter) = current_section.get(key)
|
||||||
value = value.encode('ascii', 'ignore')
|
value = value.encode('ascii', 'ignore')
|
||||||
ret = True
|
ret = True
|
||||||
setter(self.logger, self.ldb, self.gp_db, self.lp, att, value).update_samba()
|
setter(self.logger, self.ldb, self.gp_db, self.lp, att,
|
||||||
|
value).update_samba()
|
||||||
self.gp_db.commit()
|
self.gp_db.commit()
|
||||||
return ret
|
return ret
|
||||||
|
|
||||||
@ -461,8 +500,10 @@ class gp_sec_ext(gp_ext):
|
|||||||
try:
|
try:
|
||||||
blist = afile.split('/')
|
blist = afile.split('/')
|
||||||
idx = afile.lower().split('/').index('machine')
|
idx = afile.lower().split('/').index('machine')
|
||||||
for case in [blist[idx].upper(), blist[idx].capitalize(), blist[idx].lower()]:
|
for case in [blist[idx].upper(), blist[idx].capitalize(),
|
||||||
bfile = '/'.join(blist[:idx]) + '/' + case + '/' + '/'.join(blist[idx+1:])
|
blist[idx].lower()]:
|
||||||
|
bfile = '/'.join(blist[:idx]) + '/' + case + '/' + \
|
||||||
|
'/'.join(blist[idx+1:])
|
||||||
try:
|
try:
|
||||||
return self.read_inf(bfile, conn)
|
return self.read_inf(bfile, conn)
|
||||||
except NTSTATUSError:
|
except NTSTATUSError:
|
||||||
|
|||||||
@ -64,8 +64,9 @@ def apply_gp(lp, creds, test_ldb, logger, store, gp_extensions):
|
|||||||
guid = gpo_obj.name
|
guid = gpo_obj.name
|
||||||
if guid == 'Local Policy':
|
if guid == 'Local Policy':
|
||||||
continue
|
continue
|
||||||
local_path = os.path.join(lp.get('realm').lower(), 'Policies', guid)
|
path = os.path.join(lp.get('realm').lower(), 'Policies', guid)
|
||||||
version = int(gpo.gpo_get_sysvol_gpt_version(os.path.join(lp.get("path", "sysvol"), local_path))[1])
|
local_path = os.path.join(lp.get("path", "sysvol"), path)
|
||||||
|
version = int(gpo.gpo_get_sysvol_gpt_version(local_path)[1])
|
||||||
if version != store.get_int(guid):
|
if version != store.get_int(guid):
|
||||||
logger.info('GPO %s has changed' % guid)
|
logger.info('GPO %s has changed' % guid)
|
||||||
gp_db.state(GPOSTATE.APPLY)
|
gp_db.state(GPOSTATE.APPLY)
|
||||||
@ -75,7 +76,7 @@ def apply_gp(lp, creds, test_ldb, logger, store, gp_extensions):
|
|||||||
store.start()
|
store.start()
|
||||||
try:
|
try:
|
||||||
for ext in gp_extensions:
|
for ext in gp_extensions:
|
||||||
ext.parse(ext.list(local_path), test_ldb, conn, gp_db, lp)
|
ext.parse(ext.list(path), test_ldb, conn, gp_db, lp)
|
||||||
except:
|
except:
|
||||||
logger.error('Failed to parse gpo %s' % guid)
|
logger.error('Failed to parse gpo %s' % guid)
|
||||||
store.cancel()
|
store.cancel()
|
||||||
@ -112,7 +113,8 @@ if __name__ == "__main__":
|
|||||||
parser.add_option_group(options.VersionOptions(parser))
|
parser.add_option_group(options.VersionOptions(parser))
|
||||||
credopts = options.CredentialsOptions(parser)
|
credopts = options.CredentialsOptions(parser)
|
||||||
parser.add_option('-H', '--url', dest='url', help='URL for the samdb')
|
parser.add_option('-H', '--url', dest='url', help='URL for the samdb')
|
||||||
parser.add_option('-X', '--unapply', help='Unapply Group Policy', action='store_true')
|
parser.add_option('-X', '--unapply', help='Unapply Group Policy',
|
||||||
|
action='store_true')
|
||||||
parser.add_option_group(credopts)
|
parser.add_option_group(credopts)
|
||||||
|
|
||||||
# Set the options and the arguments
|
# Set the options and the arguments
|
||||||
|
|||||||
@ -32,7 +32,8 @@ struct torture_suite *gpo_apply_suite(TALLOC_CTX *ctx)
|
|||||||
{
|
{
|
||||||
struct torture_suite *suite = torture_suite_create(ctx, "apply");
|
struct torture_suite *suite = torture_suite_create(ctx, "apply");
|
||||||
|
|
||||||
torture_suite_add_simple_test(suite, "gpo_param_from_gpo", torture_gpo_system_access_policies);
|
torture_suite_add_simple_test(suite, "gpo_param_from_gpo",
|
||||||
|
torture_gpo_system_access_policies);
|
||||||
|
|
||||||
suite->description = talloc_strdup(suite, "Group Policy apply tests");
|
suite->description = talloc_strdup(suite, "Group Policy apply tests");
|
||||||
|
|
||||||
@ -64,7 +65,9 @@ static int unix2nttime(char *sval)
|
|||||||
return (strtoll(sval, NULL, 10) * -1 / 60 / 60 / 24 / 10000000);
|
return (strtoll(sval, NULL, 10) * -1 / 60 / 60 / 24 / 10000000);
|
||||||
}
|
}
|
||||||
|
|
||||||
#define GPODIR "addom.samba.example.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE/Microsoft/Windows NT/SecEdit"
|
#define GPODIR "addom.samba.example.com/Policies/"\
|
||||||
|
"{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE/Microsoft/"\
|
||||||
|
"Windows NT/SecEdit"
|
||||||
#define GPOFILE "GptTmpl.inf"
|
#define GPOFILE "GptTmpl.inf"
|
||||||
#define GPTTMPL "[System Access]\n\
|
#define GPTTMPL "[System Access]\n\
|
||||||
MinimumPasswordAge = %d\n\
|
MinimumPasswordAge = %d\n\
|
||||||
@ -72,12 +75,14 @@ MaximumPasswordAge = %d\n\
|
|||||||
MinimumPasswordLength = %d\n\
|
MinimumPasswordLength = %d\n\
|
||||||
PasswordComplexity = %d\n\
|
PasswordComplexity = %d\n\
|
||||||
"
|
"
|
||||||
#define GPTINI "addom.samba.example.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI"
|
#define GPTINI "addom.samba.example.com/Policies/"\
|
||||||
|
"{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI"
|
||||||
|
|
||||||
bool torture_gpo_system_access_policies(struct torture_context *tctx)
|
bool torture_gpo_system_access_policies(struct torture_context *tctx)
|
||||||
{
|
{
|
||||||
int ret, vers = 0, i;
|
int ret, vers = 0, i;
|
||||||
const char *sysvol_path = NULL, *gpo_dir = NULL, *gpo_file = NULL, *gpt_file = NULL;
|
const char *sysvol_path = NULL, *gpo_dir = NULL;
|
||||||
|
const char *gpo_file = NULL, *gpt_file = NULL;
|
||||||
struct ldb_context *samdb = NULL;
|
struct ldb_context *samdb = NULL;
|
||||||
struct ldb_result *result;
|
struct ldb_result *result;
|
||||||
const char *attrs[] = {
|
const char *attrs[] = {
|
||||||
@ -96,7 +101,8 @@ bool torture_gpo_system_access_policies(struct torture_context *tctx)
|
|||||||
int pwdpropcases[] = { 0, 1, 1 };
|
int pwdpropcases[] = { 0, 1, 1 };
|
||||||
struct ldb_message *old_message = NULL;
|
struct ldb_message *old_message = NULL;
|
||||||
|
|
||||||
sysvol_path = lpcfg_path(lpcfg_service(tctx->lp_ctx, "sysvol"), lpcfg_default_service(tctx->lp_ctx), tctx);
|
sysvol_path = lpcfg_path(lpcfg_service(tctx->lp_ctx, "sysvol"),
|
||||||
|
lpcfg_default_service(tctx->lp_ctx), tctx);
|
||||||
torture_assert(tctx, sysvol_path, "Failed to fetch the sysvol path");
|
torture_assert(tctx, sysvol_path, "Failed to fetch the sysvol path");
|
||||||
|
|
||||||
/* Ensure the sysvol path exists */
|
/* Ensure the sysvol path exists */
|
||||||
@ -106,21 +112,27 @@ bool torture_gpo_system_access_policies(struct torture_context *tctx)
|
|||||||
|
|
||||||
/* Get the gpo update command */
|
/* Get the gpo update command */
|
||||||
gpo_update_cmd = lpcfg_gpo_update_command(tctx->lp_ctx);
|
gpo_update_cmd = lpcfg_gpo_update_command(tctx->lp_ctx);
|
||||||
torture_assert(tctx, gpo_update_cmd && gpo_update_cmd[0], "Failed to fetch the gpo update command");
|
torture_assert(tctx, gpo_update_cmd && gpo_update_cmd[0],
|
||||||
|
"Failed to fetch the gpo update command");
|
||||||
|
|
||||||
/* Open and read the samba db and store the initial password settings */
|
/* Open and read the samba db and store the initial password settings */
|
||||||
samdb = samdb_connect(tctx, tctx->ev, tctx->lp_ctx, system_session(tctx->lp_ctx), 0);
|
samdb = samdb_connect(tctx, tctx->ev, tctx->lp_ctx,
|
||||||
|
system_session(tctx->lp_ctx), 0);
|
||||||
torture_assert(tctx, samdb, "Failed to connect to the samdb");
|
torture_assert(tctx, samdb, "Failed to connect to the samdb");
|
||||||
|
|
||||||
ret = ldb_search(samdb, tctx, &result, ldb_get_default_basedn(samdb), LDB_SCOPE_BASE, attrs, NULL);
|
ret = ldb_search(samdb, tctx, &result, ldb_get_default_basedn(samdb),
|
||||||
torture_assert(tctx, ret == LDB_SUCCESS && result->count == 1, "Searching the samdb failed");
|
LDB_SCOPE_BASE, attrs, NULL);
|
||||||
|
torture_assert(tctx, ret == LDB_SUCCESS && result->count == 1,
|
||||||
|
"Searching the samdb failed");
|
||||||
|
|
||||||
old_message = result->msgs[0];
|
old_message = result->msgs[0];
|
||||||
|
|
||||||
for (i = 0; i < 3; i++) {
|
for (i = 0; i < 3; i++) {
|
||||||
/* Write out the sysvol */
|
/* Write out the sysvol */
|
||||||
if ( (fp = fopen(gpo_file, "w")) ) {
|
if ( (fp = fopen(gpo_file, "w")) ) {
|
||||||
fputs(talloc_asprintf(tctx, GPTTMPL, minpwdcases[i], maxpwdcases[i], pwdlencases[i], pwdpropcases[i]), fp);
|
fputs(talloc_asprintf(tctx, GPTTMPL, minpwdcases[i],
|
||||||
|
maxpwdcases[i], pwdlencases[i],
|
||||||
|
pwdpropcases[i]), fp);
|
||||||
fclose(fp);
|
fclose(fp);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -137,33 +149,41 @@ bool torture_gpo_system_access_policies(struct torture_context *tctx)
|
|||||||
fclose(fp);
|
fclose(fp);
|
||||||
}
|
}
|
||||||
if ( (fp = fopen(gpt_file, "w")) ) {
|
if ( (fp = fopen(gpt_file, "w")) ) {
|
||||||
char *data = talloc_asprintf(tctx, "[General]\nVersion=%d\n", ++vers);
|
char *data = talloc_asprintf(tctx, "[General]\nVersion=%d\n",
|
||||||
|
++vers);
|
||||||
fputs(data, fp);
|
fputs(data, fp);
|
||||||
fclose(fp);
|
fclose(fp);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Run the gpo update command */
|
/* Run the gpo update command */
|
||||||
ret = exec_wait(gpo_update_cmd);
|
ret = exec_wait(gpo_update_cmd);
|
||||||
torture_assert(tctx, ret == 0, "Failed to execute the gpo update command");
|
torture_assert(tctx, ret == 0,
|
||||||
|
"Failed to execute the gpo update command");
|
||||||
|
|
||||||
ret = ldb_search(samdb, tctx, &result, ldb_get_default_basedn(samdb), LDB_SCOPE_BASE, attrs, NULL);
|
ret = ldb_search(samdb, tctx, &result, ldb_get_default_basedn(samdb),
|
||||||
torture_assert(tctx, ret == LDB_SUCCESS && result->count == 1, "Searching the samdb failed");
|
LDB_SCOPE_BASE, attrs, NULL);
|
||||||
|
torture_assert(tctx, ret == LDB_SUCCESS && result->count == 1,
|
||||||
|
"Searching the samdb failed");
|
||||||
|
|
||||||
/* minPwdAge */
|
/* minPwdAge */
|
||||||
val = ldb_msg_find_ldb_val(result->msgs[0], attrs[0]);
|
val = ldb_msg_find_ldb_val(result->msgs[0], attrs[0]);
|
||||||
torture_assert(tctx, unix2nttime((char*)val->data) == minpwdcases[i], "The minPwdAge was not applied");
|
torture_assert(tctx, unix2nttime((char*)val->data) == minpwdcases[i],
|
||||||
|
"The minPwdAge was not applied");
|
||||||
|
|
||||||
/* maxPwdAge */
|
/* maxPwdAge */
|
||||||
val = ldb_msg_find_ldb_val(result->msgs[0], attrs[1]);
|
val = ldb_msg_find_ldb_val(result->msgs[0], attrs[1]);
|
||||||
torture_assert(tctx, unix2nttime((char*)val->data) == maxpwdcases[i], "The maxPwdAge was not applied");
|
torture_assert(tctx, unix2nttime((char*)val->data) == maxpwdcases[i],
|
||||||
|
"The maxPwdAge was not applied");
|
||||||
|
|
||||||
/* minPwdLength */
|
/* minPwdLength */
|
||||||
val = ldb_msg_find_ldb_val(result->msgs[0], attrs[2]);
|
val = ldb_msg_find_ldb_val(result->msgs[0], attrs[2]);
|
||||||
torture_assert(tctx, atoi((char*)val->data) == pwdlencases[i], "The minPwdLength was not applied");
|
torture_assert(tctx, atoi((char*)val->data) == pwdlencases[i],
|
||||||
|
"The minPwdLength was not applied");
|
||||||
|
|
||||||
/* pwdProperties */
|
/* pwdProperties */
|
||||||
val = ldb_msg_find_ldb_val(result->msgs[0], attrs[3]);
|
val = ldb_msg_find_ldb_val(result->msgs[0], attrs[3]);
|
||||||
torture_assert(tctx, atoi((char*)val->data) == pwdpropcases[i], "The pwdProperties were not applied");
|
torture_assert(tctx, atoi((char*)val->data) == pwdpropcases[i],
|
||||||
|
"The pwdProperties were not applied");
|
||||||
}
|
}
|
||||||
|
|
||||||
for (i = 0; i < old_message->num_elements; i++) {
|
for (i = 0; i < old_message->num_elements; i++) {
|
||||||
|
|||||||
Reference in New Issue
Block a user