sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-26 10:04:02 +03:00
Code

s4:dsdb/tests: add pwdLastSet tests

Browse Source 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9654

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jun 27 08:52:48 CEST 2016 on sn-devel-144
This commit is contained in:
Stefan Metzmacher 2016-05-27 16:52:00 +02:00 committed by Andrew Bartlett
parent f77c82d950
commit e0777da00b
1 changed files with 210 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

210
source4/dsdb/tests/python/sam.py
View File

@ -5,6 +5,7 @@
import optparse
import sys
import os
import time
sys.path.insert(0, "bin/python")
import samba
@ -1414,6 +1415,215 @@ class SamTests(samba.tests.TestCase):
delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn)
def test_pwdLastSet(self):
"""Test the pwdLastSet behaviour"""
print "Testing pwdLastSet behaviour\n"
ldb.add({
"dn": "cn=ldaptestuser,cn=users," + self.base_dn,
"objectclass": "user",
"pwdLastSet": "0"})
res1 = ldb.search("cn=ldaptestuser,cn=users," + self.base_dn,
scope=SCOPE_BASE,
attrs=["sAMAccountType", "userAccountControl", "pwdLastSet"])
self.assertTrue(len(res1) == 1)
self.assertEqual(int(res1[0]["sAMAccountType"][0]),
ATYPE_NORMAL_ACCOUNT)
self.assertEqual(int(res1[0]["userAccountControl"][0]),
UF_NORMAL_ACCOUNT | UF_ACCOUNTDISABLE | UF_PASSWD_NOTREQD)
self.assertEqual(int(res1[0]["pwdLastSet"][0]), 0)
delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
ldb.add({
"dn": "cn=ldaptestuser,cn=users," + self.base_dn,
"objectclass": "user",
"pwdLastSet": "-1"})
res1 = ldb.search("cn=ldaptestuser,cn=users," + self.base_dn,
scope=SCOPE_BASE,
attrs=["sAMAccountType", "userAccountControl", "pwdLastSet"])
self.assertTrue(len(res1) == 1)
self.assertEqual(int(res1[0]["sAMAccountType"][0]),
ATYPE_NORMAL_ACCOUNT)
self.assertEqual(int(res1[0]["userAccountControl"][0]),
UF_NORMAL_ACCOUNT | UF_ACCOUNTDISABLE | UF_PASSWD_NOTREQD)
self.assertNotEqual(int(res1[0]["pwdLastSet"][0]), 0)
lastset = int(res1[0]["pwdLastSet"][0])
delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
try:
ldb.add({
"dn": "cn=ldaptestuser,cn=users," + self.base_dn,
"objectclass": "user",
"pwdLastSet": str(1)})
self.fail()
except LdbError, (num, msg):
self.assertEquals(num, ERR_OTHER)
self.assertTrue('00000057' in msg)
try:
ldb.add({
"dn": "cn=ldaptestuser,cn=users," + self.base_dn,
"objectclass": "user",
"pwdLastSet": str(lastset)})
self.fail()
except LdbError, (num, msg):
self.assertEquals(num, ERR_OTHER)
self.assertTrue('00000057' in msg)
ldb.add({
"dn": "cn=ldaptestuser,cn=users," + self.base_dn,
"objectclass": "user"})
res1 = ldb.search("cn=ldaptestuser,cn=users," + self.base_dn,
scope=SCOPE_BASE,
attrs=["sAMAccountType", "userAccountControl", "pwdLastSet"])
self.assertTrue(len(res1) == 1)
self.assertEqual(int(res1[0]["sAMAccountType"][0]),
ATYPE_NORMAL_ACCOUNT)
self.assertEqual(int(res1[0]["userAccountControl"][0]),
UF_NORMAL_ACCOUNT | UF_ACCOUNTDISABLE | UF_PASSWD_NOTREQD)
self.assertEqual(int(res1[0]["pwdLastSet"][0]), 0)
m = Message()
m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
m["pls1"] = MessageElement(str(0),
FLAG_MOD_REPLACE,
"pwdLastSet")
ldb.modify(m)
m = Message()
m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
m["pls1"] = MessageElement(str(0),
FLAG_MOD_DELETE,
"pwdLastSet")
m["pls2"] = MessageElement(str(0),
FLAG_MOD_ADD,
"pwdLastSet")
ldb.modify(m)
m = Message()
m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
m["pls1"] = MessageElement(str(-1),
FLAG_MOD_REPLACE,
"pwdLastSet")
ldb.modify(m)
res1 = ldb.search("cn=ldaptestuser,cn=users," + self.base_dn,
scope=SCOPE_BASE,
attrs=["sAMAccountType", "userAccountControl", "pwdLastSet"])
self.assertTrue(len(res1) == 1)
self.assertEqual(int(res1[0]["sAMAccountType"][0]),
ATYPE_NORMAL_ACCOUNT)
self.assertEqual(int(res1[0]["userAccountControl"][0]),
UF_NORMAL_ACCOUNT | UF_ACCOUNTDISABLE | UF_PASSWD_NOTREQD)
self.assertGreater(int(res1[0]["pwdLastSet"][0]), lastset)
lastset = int(res1[0]["pwdLastSet"][0])
try:
m = Message()
m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
m["pls1"] = MessageElement(str(0),
FLAG_MOD_DELETE,
"pwdLastSet")
m["pls2"] = MessageElement(str(0),
FLAG_MOD_ADD,
"pwdLastSet")
ldb.modify(m)
self.fail()
except LdbError, (num, msg):
self.assertEquals(num, ERR_NO_SUCH_ATTRIBUTE)
self.assertTrue('00002085' in msg)
try:
m = Message()
m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
m["pls1"] = MessageElement(str(-1),
FLAG_MOD_DELETE,
"pwdLastSet")
m["pls2"] = MessageElement(str(0),
FLAG_MOD_ADD,
"pwdLastSet")
ldb.modify(m)
self.fail()
except LdbError, (num, msg):
self.assertEquals(num, ERR_NO_SUCH_ATTRIBUTE)
self.assertTrue('00002085' in msg)
m = Message()
m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
m["pls1"] = MessageElement(str(lastset),
FLAG_MOD_DELETE,
"pwdLastSet")
m["pls2"] = MessageElement(str(-1),
FLAG_MOD_ADD,
"pwdLastSet")
time.sleep(0.2)
ldb.modify(m)
res1 = ldb.search("cn=ldaptestuser,cn=users," + self.base_dn,
scope=SCOPE_BASE,
attrs=["sAMAccountType", "userAccountControl", "pwdLastSet"])
self.assertTrue(len(res1) == 1)
self.assertEqual(int(res1[0]["sAMAccountType"][0]),
ATYPE_NORMAL_ACCOUNT)
self.assertEqual(int(res1[0]["userAccountControl"][0]),
UF_NORMAL_ACCOUNT | UF_ACCOUNTDISABLE | UF_PASSWD_NOTREQD)
self.assertEqual(int(res1[0]["pwdLastSet"][0]), lastset)
try:
m = Message()
m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
m["pls1"] = MessageElement(str(lastset),
FLAG_MOD_DELETE,
"pwdLastSet")
m["pls2"] = MessageElement(str(lastset),
FLAG_MOD_ADD,
"pwdLastSet")
ldb.modify(m)
self.fail()
except LdbError, (num, msg):
self.assertEquals(num, ERR_OTHER)
self.assertTrue('00000057' in msg)
m = Message()
m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
m["pls1"] = MessageElement(str(lastset),
FLAG_MOD_DELETE,
"pwdLastSet")
m["pls2"] = MessageElement(str(0),
FLAG_MOD_ADD,
"pwdLastSet")
ldb.modify(m)
res1 = ldb.search("cn=ldaptestuser,cn=users," + self.base_dn,
scope=SCOPE_BASE,
attrs=["sAMAccountType", "userAccountControl", "pwdLastSet"])
self.assertTrue(len(res1) == 1)
self.assertEqual(int(res1[0]["sAMAccountType"][0]),
ATYPE_NORMAL_ACCOUNT)
self.assertEqual(int(res1[0]["userAccountControl"][0]),
UF_NORMAL_ACCOUNT | UF_ACCOUNTDISABLE | UF_PASSWD_NOTREQD)
uac = int(res1[0]["userAccountControl"][0])
self.assertEqual(int(res1[0]["pwdLastSet"][0]), 0)
m = Message()
m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
m["uac1"] = MessageElement(str(uac|UF_PASSWORD_EXPIRED),
FLAG_MOD_REPLACE,
"userAccountControl")
ldb.modify(m)
res1 = ldb.search("cn=ldaptestuser,cn=users," + self.base_dn,
scope=SCOPE_BASE,
attrs=["sAMAccountType", "userAccountControl", "pwdLastSet"])
self.assertTrue(len(res1) == 1)
self.assertEqual(int(res1[0]["sAMAccountType"][0]),
ATYPE_NORMAL_ACCOUNT)
self.assertEqual(int(res1[0]["userAccountControl"][0]),
UF_NORMAL_ACCOUNT | UF_ACCOUNTDISABLE | UF_PASSWD_NOTREQD)
self.assertEqual(int(res1[0]["pwdLastSet"][0]), 0)
delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
def test_userAccountControl(self):
"""Test the userAccountControl behaviour"""
print "Testing userAccountControl behaviour\n"