python/samba/tests/samba_tool/rodc.py

   1 # Unix SMB/CIFS implementation.
   2 # Copyright (C) Catalyst IT Ltd. 2015
   3 #
   4 # This program is free software; you can redistribute it and/or modify
   5 # it under the terms of the GNU General Public License as published by
   6 # the Free Software Foundation; either version 3 of the License, or
   7 # (at your option) any later version.
   8 #
   9 # This program is distributed in the hope that it will be useful,
  10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 # GNU General Public License for more details.
  13 #
  14 # You should have received a copy of the GNU General Public License
  15 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  16 #
  17
  18 import os
  19 import ldb
  20 import samba
  21 from samba.samdb import SamDB
  22 from samba.tests import delete_force
  23 from samba.tests.samba_tool.base import SambaToolCmdTest
  24 from samba.credentials import Credentials
  25 from samba.auth import system_session
  26
  27 class RodcCmdTestCase(SambaToolCmdTest):
  28     def setUp(self):
  29         super(RodcCmdTestCase, self).setUp()
  30         self.lp = samba.param.LoadParm()
  31         self.lp.load(os.environ["SMB_CONF_PATH"])
  32         self.creds = Credentials()
  33         self.creds.set_username(os.environ["DC_USERNAME"])
  34         self.creds.set_password(os.environ["DC_PASSWORD"])
  35         self.creds.guess(self.lp)
  36         self.session = system_session()
  37         self.ldb = SamDB("ldap://" + os.environ["DC_SERVER"],
  38             session_info=self.session, credentials=self.creds,lp=self.lp)
  39
  40         self.base_dn = self.ldb.domain_dn()
  41
  42         self.ldb.newuser("sambatool1", "1qazXSW@")
  43         self.ldb.newuser("sambatool2", "2wsxCDE#")
  44         self.ldb.newuser("sambatool3", "3edcVFR$")
  45         self.ldb.newuser("sambatool4", "4rfvBGT%")
  46         self.ldb.newuser("sambatool5", "5tjbNHY*")
  47         self.ldb.newuser("sambatool6", "6yknMJU*")
  48
  49         self.ldb.add_remove_group_members("Allowed RODC Password Replication Group",
  50                                           ["sambatool1", "sambatool2", "sambatool3",
  51                                            "sambatool4", "sambatool5"],
  52                                           add_members_operation=True)
  53
  54     def tearDown(self):
  55         super(RodcCmdTestCase, self).tearDown()
  56         self.ldb.deleteuser("sambatool1")
  57         self.ldb.deleteuser("sambatool2")
  58         self.ldb.deleteuser("sambatool3")
  59         self.ldb.deleteuser("sambatool4")
  60         self.ldb.deleteuser("sambatool5")
  61         self.ldb.deleteuser("sambatool6")
  62         (result, out, err) = self.runsubcmd("drs", "replicate", "--local", "unused",
  63                                             os.environ["DC_SERVER"], self.base_dn)
  64
  65
  66     def test_single_by_account_name(self):
  67         (result, out, err) = self.runsubcmd("rodc", "preload", "sambatool1",
  68                                             "--server", os.environ["DC_SERVER"])
  69         self.assertCmdSuccess(result, out, err, "ensuring rodc prefetch ran successfully")
  70         self.assertEqual(out, "Replicating DN CN=sambatool1,CN=Users,%s\n" % self.base_dn)
  71         self.assertEqual(err, "")
  72
  73     def test_single_by_dn(self):
  74         (result, out, err) = self.runsubcmd("rodc", "preload", "cn=sambatool2,cn=users,%s" % self.base_dn,
  75                                             "--server", os.environ["DC_SERVER"])
  76         self.assertCmdSuccess(result, out, err, "ensuring rodc prefetch ran successfully")
  77         self.assertEqual(out, "Replicating DN CN=sambatool2,CN=Users,%s\n" % self.base_dn)
  78
  79     def test_multi_by_account_name(self):
  80         (result, out, err) = self.runsubcmd("rodc", "preload", "sambatool1", "sambatool2",
  81                                             "--server", os.environ["DC_SERVER"])
  82         self.assertCmdSuccess(result, out, err, "ensuring rodc prefetch ran successfully")
  83         self.assertEqual(out, "Replicating DN CN=sambatool1,CN=Users,%s\nReplicating DN CN=sambatool2,CN=Users,%s\n" % (self.base_dn, self.base_dn))
  84
  85     def test_multi_by_dn(self):
  86         (result, out, err) = self.runsubcmd("rodc", "preload", "cn=sambatool3,cn=users,%s" % self.base_dn, "cn=sambatool4,cn=users,%s" % self.base_dn,
  87                                             "--server", os.environ["DC_SERVER"])
  88         self.assertCmdSuccess(result, out, err, "ensuring rodc prefetch ran successfully")
  89         self.assertEqual(out, "Replicating DN CN=sambatool3,CN=Users,%s\nReplicating DN CN=sambatool4,CN=Users,%s\n" % (self.base_dn, self.base_dn))
  90
  91     def test_multi_in_file(self):
  92         tempf = os.path.join(self.tempdir, "accountlist")
  93         open(tempf, 'w').write("sambatool1\nsambatool2")
  94         (result, out, err) = self.runsubcmd("rodc", "preload", "--file", tempf,
  95                                             "--server", os.environ["DC_SERVER"])
  96         self.assertCmdSuccess(result, out, err, "ensuring rodc prefetch ran successfully")
  97         self.assertEqual(out, "Replicating DN CN=sambatool1,CN=Users,%s\nReplicating DN CN=sambatool2,CN=Users,%s\n" % (self.base_dn, self.base_dn))
  98         os.unlink(tempf)
  99
 100     def test_multi_with_missing_name_success(self):
 101         (result, out, err) = self.runsubcmd("rodc", "preload",
 102                                             "nonexistentuser1", "sambatool5",
 103                                             "nonexistentuser2",
 104                                             "--server", os.environ["DC_SERVER"],
 105                                             "--ignore-errors")
 106         self.assertCmdSuccess(result, out, err, "ensuring rodc prefetch ran successfully")
 107         self.assertTrue(out.startswith("Replicating DN CN=sambatool5,CN=Users,%s\n"
 108                                        % self.base_dn))
 109
 110     def test_multi_with_missing_name_failure(self):
 111         (result, out, err) = self.runsubcmd("rodc", "preload",
 112                                             "nonexistentuser1", "sambatool5",
 113                                             "nonexistentuser2",
 114                                             "--server", os.environ["DC_SERVER"])
 115         self.assertCmdFail(result, "ensuring rodc prefetch quit on missing user")
 116
 117     def test_multi_without_group_success(self):
 118         (result, out, err) = self.runsubcmd("rodc", "preload",
 119                                             "sambatool6", "sambatool5",
 120                                             "--server", os.environ["DC_SERVER"],
 121                                             "--ignore-errors")
 122         self.assertCmdSuccess(result, out, err, "ensuring rodc prefetch ran successfully")
 123         self.assertTrue(out.startswith("Replicating DN CN=sambatool6,CN=Users,%s\n"
 124                                        "Replicating DN CN=sambatool5,CN=Users,%s\n"
 125                                        % (self.base_dn, self.base_dn)))
 126
 127     def test_multi_without_group_failure(self):
 128         (result, out, err) = self.runsubcmd("rodc", "preload",
 129                                             "sambatool6", "sambatool5",
 130                                             "--server", os.environ["DC_SERVER"])
 131         self.assertCmdFail(result, "ensuring rodc prefetch quit on non-replicated user")