1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

s4/test: Expand BindTest

The test now binds with user@realm, domain\user, user dn, computer dn

Autobuild-User: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
Autobuild-Date: Thu Nov 11 16:15:30 UTC 2010 on sn-devel-104
This commit is contained in:
Anatoliy Atanasov 2010-11-08 08:11:11 +02:00
parent 4574d497ce
commit 9cdb0b5cee

View File

@ -7,6 +7,8 @@ import sys
import base64
import re
import os
import copy
import time
sys.path.append("bin/python")
import samba
@ -44,37 +46,44 @@ host = args[0]
lp = sambaopts.get_loadparm()
creds = credopts.get_credentials(lp)
creds.set_gensec_features(creds.get_gensec_features() | gensec.FEATURE_SEAL)
creds_machine = creds
creds_machine = copy.deepcopy(creds)
creds_user1 = copy.deepcopy(creds)
creds_user2 = copy.deepcopy(creds)
creds_user3 = copy.deepcopy(creds)
class BindTests(samba.tests.TestCase):
info_dc = None
def setUp(self):
super(BindTests, self).setUp()
# fetch rootDSEs
if self.info_dc is None:
res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["*"])
self.assertEquals(len(res), 1)
BindTests.info_dc = res[0]
# cache some of RootDSE props
self.schema_dn = self.info_dc["schemaNamingContext"][0]
self.domain_dn = self.info_dc["defaultNamingContext"][0]
self.config_dn = self.info_dc["configurationNamingContext"][0]
self.computer_dn = "CN=centos53,CN=Computers,%s" % self.domain_dn
self.password = "P@ssw0rd"
self.username = "BindTestUser_" + time.strftime("%s", time.gmtime())
def delete_force(self, ldb, dn):
try:
ldb.delete(dn)
except LdbError, (num, _):
self.assertEquals(num, ERR_NO_SUCH_OBJECT)
def find_basedn(self, ldb):
res = ldb.search(base="", expression="", scope=SCOPE_BASE,
attrs=["defaultNamingContext"])
self.assertEquals(len(res), 1)
return res[0]["defaultNamingContext"][0]
def setUp(self):
super(BindTests, self).setUp()
self.base_dn = self.find_basedn(ldb)
def tearDown(self):
super(BindTests, self).tearDown()
def test_computer_account_bind(self):
# create a computer acocount for the test
self.user_dn = "CN=centos53,CN=Computers,%s" % self.base_dn
self.password = "P@ssw0rd"
self.acc_name = "centos53$"
self.delete_force(ldb, self.user_dn)
self.delete_force(ldb, self.computer_dn)
ldb.add_ldif("""
dn: """ + self.user_dn + """
dn: """ + self.computer_dn + """
cn: CENTOS53
displayName: CENTOS53$
name: CENTOS53
@ -92,17 +101,48 @@ operatingSystemVersion: 5.2 (3790)
operatingSystem: Windows Server 2003
""")
ldb.modify_ldif("""
dn: """ + self.user_dn + """
dn: """ + self.computer_dn + """
changetype: modify
replace: unicodePwd
unicodePwd:: """ + base64.b64encode("\"P@ssw0rd\"".encode('utf-16-le')) + """
""")
# do a simple bind and search with the machine account
creds_machine.set_bind_dn(self.user_dn)
creds_machine.set_bind_dn(self.computer_dn)
creds_machine.set_password(self.password)
print "BindTest with: " + creds_machine.get_bind_dn()
ldb_machine = SamDB(host, credentials=creds_machine, session_info=system_session(), lp=lp)
self.find_basedn(ldb_machine)
res = ldb_machine.search(base="", expression="", scope=SCOPE_BASE, attrs=["*"])
def test_user_account_bind(self):
# create user
ldb.newuser(username=self.username, password=self.password)
ldb_res = ldb.search(base=self.domain_dn,
scope=SCOPE_SUBTREE,
expression="(samAccountName=%s)" % self.username)
self.assertEquals(len(ldb_res), 1)
user_dn = ldb_res[0]["dn"]
# do a simple bind and search with the user account in format user@realm
creds_user1.set_bind_dn(self.username + "@" + creds.get_realm())
creds_user1.set_password(self.password)
print "BindTest with: " + creds_user1.get_bind_dn()
ldb_user1 = SamDB(host, credentials=creds_user1, session_info=system_session(), lp=lp)
res = ldb_user1.search(base="", expression="", scope=SCOPE_BASE, attrs=["*"])
# do a simple bind and search with the user account in format domain\user
creds_user2.set_bind_dn(creds.get_domain() + "\\" + self.username)
creds_user2.set_password(self.password)
print "BindTest with: " + creds_user2.get_bind_dn()
ldb_user2 = SamDB(host, credentials=creds_user2, lp=lp)
res = ldb_user2.search(base="", expression="", scope=SCOPE_BASE, attrs=["*"])
# do a simple bind and search with the user account DN
creds_user3.set_bind_dn(str(user_dn))
creds_user3.set_password(self.password)
print "BindTest with: " + creds_user3.get_bind_dn()
ldb_user3 = SamDB(host, credentials=creds_user3, session_info=system_session(), lp=lp)
res = ldb_user3.search(base="", expression="", scope=SCOPE_BASE, attrs=["*"])
if not "://" in host:
host = "ldap://%s" % host