sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Code
77,702 Commits 60 Branches 1,145 Tags 452 MiB
de9a4ca831
Commit Graph

173 Commits

Author SHA1 Message Date
Matthias Dieter Wallnöfer
83f78a30a0 s4:ldap.py/passwords.py - just use objectclass "user" for users 
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Thu Nov  4 21:09:00 UTC 2010 on sn-devel-104
 2010-11-04 21:09:00 +00:00
Andrew Bartlett
28f1228b01 s4-dsdb Fix urgent_replication test not to set an invalid userAccountControl 
A userAccountControl value of 0 or 1 is invalid, you must include one of
the account types.

Andrew Bartlett
 2010-11-04 11:30:04 +00:00
Jelmer Vernooij
fea02db10f urgent_replication: Fix syntax error. 2010-11-04 11:30:04 +00:00
Jelmer Vernooij
4bf6a3e72c urgent_replication: Fix formatting 2010-11-03 19:13:36 +00:00
Stefan Metzmacher
54d4ba7103 s4:dsdb/tests/python/sam.py: test with member: <SID=...> 
metze
 2010-11-03 18:31:16 +00:00
Matthias Dieter Wallnöfer
53d9d4ee0e s4:sam.py - assign valid values when performing the special-attributes constraint checks 
The problem is that s4 per construction does the checks in a different order. It
first checks for validity (pre-operation trigger in samldb LDB module) and then
for the schema (post-operation trigger in objectclass_attrs LDB module).
constraints (post-operation trigger
 2010-11-03 17:48:18 +00:00
Jelmer Vernooij
0baa1fb4e4 pydsdb: Import testtools before subunit for those that don't have 
testtools installed.

Also, cleanup some imports.

Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Wed Nov  3 17:47:55 UTC 2010 on sn-devel-104
 2010-11-03 17:47:54 +00:00
Matthias Dieter Wallnöfer
9d4eeaeb19 s4:objectclass LDB module - the structural objectclass has always to be specified 
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Wed Nov  3 16:20:55 UTC 2010 on sn-devel-104
 2010-11-03 16:20:55 +00:00
Nadezhda Ivanova
3f4380993e s4-tests: Tests for the dSHeuristics attribute value restrictions 
Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Wed Nov  3 13:58:42 UTC 2010 on sn-devel-104
 2010-11-03 13:58:42 +00:00
Matthias Dieter Wallnöfer
8770c8fe2f s4:samldb LDB module - the "sAMAccountName" cannot be substituted by nothing 
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Mon Nov  1 14:36:24 UTC 2010 on sn-devel-104
 2010-11-01 14:36:24 +00:00
Matthias Dieter Wallnöfer
2f9480407d s4:sam.py - additional testing for "servicePrincipalName" updates 2010-11-01 14:53:25 +01:00
Matthias Dieter Wallnöfer
02547de5f9 s4:ldap.py/sam.py - simplify the objectclass specifications 
- For user accounts we only need to specify "user" ("person" is an inherited
  objectclass)
- Don't use the brackets when we have only one objectclass specified
 2010-11-01 12:34:51 +01:00
Matthias Dieter Wallnöfer
6f2001efa5 s4:sam.py - test "objectSid" modification lockdown 2010-11-01 12:34:51 +01:00
Matthias Dieter Wallnöfer
dac6f1662e s4:sam.py - test the "sAMAccountName" attribute 
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sun Oct 31 21:02:48 UTC 2010 on sn-devel-104
 2010-10-31 21:02:48 +00:00
Matthias Dieter Wallnöfer
11687316b4 s4:sam.py - add a test for the "dNSHostName" - "servicePrincipalName" update mechanism 2010-10-31 18:44:06 +00:00
Matthias Dieter Wallnöfer
c0ebf5d743 s4:sam.py - add a short double swap "primaryGroupID" test 
It's not really meaningful but can happen.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Oct 30 18:15:31 UTC 2010 on sn-devel-104
 2010-10-30 18:15:31 +00:00
Matthias Dieter Wallnöfer
c664f010d3 s4:sam.py - enhance "member" tests 2010-10-30 17:32:17 +00:00
Nadezhda Ivanova
5bc2b8f0a4 s4-ldb: Added the correct extended check for read access to nTSecurityDescriptor 
It does not depend on READ_PROPERTY, but on SECURITY_PRIVILEGE and READ_CONTROL

Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Wed Oct 27 13:18:50 UTC 2010 on sn-devel-104
 2010-10-27 13:18:50 +00:00
Matthias Dieter Wallnöfer
1b68910d65 s4:ldap.py - add a test for attribute ranges - still very basic 
And partially outcommented.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Tue Oct 26 18:53:12 UTC 2010 on sn-devel-104
 2010-10-26 18:53:12 +00:00
Matthias Dieter Wallnöfer
dd25f4b83b s4:sam.py - enhance users and groups test 2010-10-26 18:12:00 +00:00
Matthias Dieter Wallnöfer
a839422fc5 s4:ldap.py - enhance and activate the "description" attribute test 
It tests only the "description" attribute in particular since it behaves
differently from all others.
 2010-10-26 18:12:00 +00:00
Matthias Dieter Wallnöfer
c3fa990f21 s4:ldap.py - prove the denied multi-valued replace requests 
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Mon Oct 25 11:49:19 UTC 2010 on sn-devel-104
 2010-10-25 11:49:19 +00:00
Matthias Dieter Wallnöfer
d7ca757b31 s4:objectclass LDB module - implement the "isCriticalSystemObject" subtree delete protection 
MS-ADTS 3.1.1.5.5.7.2

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Oct 16 11:24:09 UTC 2010 on sn-devel-104
 2010-10-16 11:24:09 +00:00
Matthias Dieter Wallnöfer
bf657db3c4 s4:sam.py - tests for "userAccountControl" attribute 
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Wed Oct 13 17:31:29 UTC 2010 on sn-devel-104
 2010-10-13 17:31:29 +00:00
Matthias Dieter Wallnöfer
36c1ed215d s4:sam.py - add a test for the group type changing behaviour 
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Wed Oct 13 14:17:31 UTC 2010 on sn-devel-104
 2010-10-13 14:17:31 +00:00
Matthias Dieter Wallnöfer
09ce56d957 s4:ldap.py - test the "isCriticalSystemObject" behaviour 2010-10-13 13:35:21 +00:00
Matthias Dieter Wallnöfer
584ac76a4f s4:ldap.py - split it up and move SAM related stuff to sam.py 
ldap.py would still need some additional split-up but it's a start.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Fri Oct  8 14:05:18 UTC 2010 on sn-devel-104
 2010-10-08 14:05:17 +00:00
Matthias Dieter Wallnöfer
24282adb9a s4:ldap.py - test allowed system flags restriction 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-10-03 16:50:06 +00:00
Matthias Dieter Wallnöfer
4e8206eb4c s4:urgent_replication.py - fix up the system flags handling 
And relax some more object creations due to the enforced system flags rules.
 2010-10-03 16:50:06 +00:00
Matthias Dieter Wallnöfer
a095a08e25 s4:deletetest.py - enhance the tests 
- Integrate the ldap.py delete protection testing code and enhance it
- Demonstrate the DISALLOW_MOVE_ON_DELETE system flag

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-10-03 15:23:19 +00:00
Matthias Dieter Wallnöfer
b2385e3725 s4:ldap.py - remove the delete tests 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-10-03 15:23:19 +00:00
Matthias Dieter Wallnöfer
bb81760e82 s4:ldap.py - delete the right object after test completition 2010-10-03 12:05:13 +02:00
Matthias Dieter Wallnöfer
f9244a15c7 s4:ldap.py - fix "system only" test 
A part was missing
 2010-10-03 12:05:13 +02:00
Kamen Mazdrashki
657d4d8812 s4-test-dsdb_schema_info.py: Get rid of global module variables 2010-10-03 01:24:57 +03:00
Kamen Mazdrashki
83a15155eb s4-test-dsdb_schema_info.py: Simplify connection SamDB 
by using samba.tests.connect_samdb() helper
 2010-10-03 01:24:57 +03:00
Nadezhda Ivanova
93ba17285d s4-tests: Added tests for search checks on attributes 
The ACL reach tests are in the knowfail because aclread module is not
enabled by default
 2010-09-26 15:36:09 -07:00
Kamen Mazdrashki
04826b65f6 s4-sec_descriptor.py: Fix usage of 'paged_search' module for remote LDB connections 2010-09-26 02:25:12 +03:00
Kamen Mazdrashki
7a7068f2ed s4-ldap_schema.py: Remove unused LDB connection to GC port 2010-09-26 02:25:11 +03:00
Kamen Mazdrashki
8780d2934b s4-dsdb_schema_info.py: Fix usage of 'paged_search' module for remote LDB connections 2010-09-26 02:25:11 +03:00
Matthias Dieter Wallnöfer
9123bcbf77 s4:ldap.py - add tests for the "dsServiceName", "serverName", "dnsHostName" and "ldapServiceName" rootDSE attributes 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-09-24 09:25:43 +10:00
Matthias Dieter Wallnöfer
679eb33e79 s4:samldb LDB module - it isn't allowed to create user/computer accounts with a primary group specified 
It can only be changed afterwards. We allow a "relax"ed exception for the
provision state since we need this for the guest account.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-09-24 09:25:42 +10:00
Matthias Dieter Wallnöfer
c03ec03212 s4:ldap.py - test default primary groups on modify operations 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-09-24 09:25:42 +10:00
Matthias Dieter Wallnöfer
72bb8c3fb3 s4:ldap.py - enhance SAM user/groups behaviour test regarding default primary groups 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2010-09-24 09:25:42 +10:00
Nadezhda Ivanova
aa57fd8224 s4-ldap: Fixed a problem with NC's having a parentGUID attribute 
NC's other than default NC had a parentGUID, due to an incorrect check of whether
the object has a parent. Fixed by checking object's instanceType instead.
 2010-09-21 09:10:54 -07:00
Matthias Dieter Wallnöfer
4a2941535d s4:ldap.py - tests the primary group detection by the "userAccountControl" 2010-09-12 19:23:06 +02:00
Andrew Bartlett
ba52834dd9 s4:auth Remove system_session_anon() from python bindings 2010-08-18 09:50:44 +10:00
Nadezhda Ivanova
38e41728c5 s4-tests: Added tests for acl checks on search requests 2010-08-17 17:05:42 +03:00
Matthias Dieter Wallnöfer
af3c6a4242 s4:passwords.py - proof the most important extended error codes 2010-08-15 19:42:40 +02:00
Matthias Dieter Wallnöfer
6dc0c07a51 s4:passwords.py - another special password test 
This looks like a password change but it's rather a password set operation.
 2010-08-15 19:42:39 +02:00
Matthias Dieter Wallnöfer
a9b055291c s4:passwords.py - test the error code when there doesn't exist any password yet 
After the creation of a user object we don't have any password yet.
 2010-08-14 18:48:19 +02:00
Matthias Dieter Wallnöfer
c335c5f54a s4:passwords.py - perform testing of wrong old passwords on change operations 2010-08-14 18:48:19 +02:00
Matthias Dieter Wallnöfer
bc702a394d s4:ldap.py - comment a test part which fails with another error code on Windows 2010-08-07 14:22:42 +02:00
Matthias Dieter Wallnöfer
8243272fa0 s4:ldap.py - test the new "systemFlags" constraint 2010-08-07 14:22:42 +02:00
Matthias Dieter Wallnöfer
e009d02bd5 s4:ldap.py - test for an invalid "objectCategory" attribute 2010-08-07 14:22:42 +02:00
Matthias Dieter Wallnöfer
299b59b7c3 s4:ldap.py - proof for the impossibility to add a LSA-specific object over LDAP 2010-08-07 14:22:42 +02:00
Matthias Dieter Wallnöfer
89c71a8f06 s4:urgent_replication.py - relax also here the add of a secrets object 2010-08-07 14:22:42 +02:00
Matthias Dieter Wallnöfer
e4b32cb0d4 s4:ldap.py - remove superflous spaces 
Sorry, forgot to delete them in the last commit
 2010-08-01 22:12:04 +02:00
Matthias Dieter Wallnöfer
e92f447823 s4:ldap.py - additional "instanceType" checks 2010-08-01 21:30:30 +02:00
Matthias Dieter Wallnöfer
3f2a8d5081 s4:urgent_replication.py test - adapt the test for the harder delete restrictions 
Otherwise we are not able to delete the "test crossRef" object which points
to the default NC anymore.
 2010-08-01 18:50:57 +02:00
Matthias Dieter Wallnöfer
ea5c40428f s4:ldap.py - perform tests on the additional delete constraint checks 2010-08-01 18:50:57 +02:00
Matthias Dieter Wallnöfer
542396ccd9 s4:ldap.py - add a test for "CN=System" object rename behaviour 2010-08-01 14:00:10 +02:00
Matthias Dieter Wallnöfer
81cc92c5af s4:ldap.py - performs some "systemFlags" testing 2010-08-01 09:36:01 +02:00
Nadezhda Ivanova
d35e9008a7 s4: Added acl search tests for anonymous connection. 
The tests make sure that we comply with dsHeuristics setting and
restrict anonymous access to rootDSE. They will be enabled when the
implementation is pushed. tests are verified against win2k8.
 2010-07-14 14:44:46 +03:00
Nadezhda Ivanova
0b2d965e4b s4: Reorganized dsHeuristics reset so the code can be reused 
Moved the setting of dsHeuristics to a method as soon we will have to set other
values as well in different tests
 2010-07-13 17:15:54 +03:00
Nadezhda Ivanova
10c60f2372 Added a test to prove by default users can change each other's pass if the old is known 2010-07-08 15:38:16 +03:00
Nadezhda Ivanova
d300085868 Changed passwords.py to use the correct account as acl checks now pass. 2010-07-05 00:20:37 +03:00
Nadezhda Ivanova
81240b13b3 s4-dsdb: Implementation of User-Change-Password and User-Force-Password-Change 
These CARs need to be checked on password change and password reset operations.
    Apparently the password attributes are not influenced by Write Property.
    Single detele operations and modifications of dBCSPwd are let through to the
    password_hash module. This is determined experimentally.
 2010-07-05 00:17:38 +03:00
Matthias Dieter Wallnöfer
f41d9eb8dc s4:dsdb/tests/python/ldap_schema.py - remove a now useless "schemaUpdateNow" request 
"schemaUpdateNow" on s4 is now a non-op and therefore not strictly needed anymore.
 2010-07-03 15:37:45 +02:00
Matthias Dieter Wallnöfer
465c601071 s4:urgent_replication.py test - remove unneeded "relax" control parameters 2010-07-03 15:30:20 +02:00
Matthias Dieter Wallnöfer
ec9fa906c7 s4:dsdb/tests/passwords.py - set and reset the "minPwdAge" properly 
After a patch proposal of Nadya and some reflection I think that it's really
worth to change all tests which need a "0" "minPwdAge" to set it manually and
reset the default afterwards.

So we can finally introduce the default "minPwdAge" on provision.

Patch proposal by: Nadya Ivanova
 2010-07-03 11:28:21 +02:00
Nadezhda Ivanova
86cde0a7dc Tests for user-change-password and force-password-change access rights 2010-07-02 16:38:05 +03:00
Matthias Dieter Wallnöfer
c2e2f783d0 s4:dsdb/tests/python/passwords.py - add the right result codes for user password changes 
They will be enabled once the ACL modules supports it. It was my fault to not
import them earlier.
 2010-07-01 17:23:01 +02:00
Stefan Metzmacher
14f8953aa4 s4:dsdb: move dsdb python tests from lib/ldb/ to dsdb/ 
metze
 2010-06-30 11:10:28 +02:00