2 # -*- coding: utf-8 -*-
4 # Unix SMB/CIFS implementation.
5 # Copyright (C) Kamen Mazdrashki <kamenim@samba.org> 2010
7 # This program is free software; you can redistribute it and/or modify
8 # it under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 3 of the License, or
10 # (at your option) any later version.
12 # This program is distributed in the hope that it will be useful,
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with this program. If not, see <http://www.gnu.org/licenses/>.
23 # export DC1=dc1_dns_name
24 # export DC2=dc2_dns_name
25 # export SUBUNITRUN=$samba4srcdir/scripting/bin/subunitrun
26 # PYTHONPATH="$PYTHONPATH:$samba4srcdir/torture/drs/python" $SUBUNITRUN delete_object -U"$DOMAIN/$DC_USERNAME"%"$DC_PASSWORD"
33 sys
.path
.insert(0, "bin/python")
43 class DrsDeleteObjectTestCase(drs_base
.DrsBaseTestCase
):
46 super(DrsDeleteObjectTestCase
, self
).setUp()
49 super(DrsDeleteObjectTestCase
, self
).tearDown()
51 def _make_username(self
):
52 return "DrsDelObjUser_" + time
.strftime("%s", time
.gmtime())
54 def _check_user(self
, sam_ldb
, user_orig
, is_deleted
):
55 # search the user by guid as it may be deleted
56 guid_str
= self
._GUID
_string
(user_orig
["objectGUID"][0])
57 expression
= "(objectGUID=%s)" % guid_str
58 res
= sam_ldb
.search(base
=self
.domain_dn
,
59 expression
=expression
,
60 controls
=["show_deleted:1"])
61 self
.assertEquals(len(res
), 1)
63 # Deleted Object base DN
64 dodn
= self
._deleted
_objects
_dn
(sam_ldb
)
65 # now check properties of the user
66 name_orig
= user_orig
["cn"][0]
67 name_cur
= user_cur
["cn"][0]
69 self
.assertEquals(user_cur
["isDeleted"][0],"TRUE")
70 self
.assertTrue(not("objectCategory" in user_cur
))
71 self
.assertTrue(not("sAMAccountType" in user_cur
))
72 self
.assertTrue(dodn
in str(user_cur
["dn"]),
73 "User %s is deleted but it is not located under %s!" % (name_orig
, dodn
))
74 self
.assertEquals(name_cur
, name_orig
+ "\nDEL:" + guid_str
)
76 self
.assertTrue(not("isDeleted" in user_cur
))
77 self
.assertEquals(name_cur
, name_orig
)
78 self
.assertEquals(user_orig
["dn"], user_cur
["dn"])
79 self
.assertTrue(dodn
not in str(user_cur
["dn"]))
81 def test_NetReplicateCmd(self
):
82 """Triggers replication from DC1 to DC2
83 and vice versa so both DCs are synchronized
84 before test_ReplicateDeteleteObject test"""
85 # replicate Domain NC on DC2 from DC1
86 self
._net
_drs
_replicate
(DC
=self
.dnsname_dc2
, fromDC
=self
.dnsname_dc1
)
87 # replicate Domain NC on DC1 from DC2
88 self
._net
_drs
_replicate
(DC
=self
.dnsname_dc1
, fromDC
=self
.dnsname_dc2
)
90 def test_ReplicateDeteleteObject(self
):
91 """Verifies how a deleted-object is replicated between two DCs.
92 This test should verify that:
93 - deleted-object is replicated properly
94 TODO: We should verify that after replication,
95 object's state to conform to a deleted-object state
96 or tombstone -object, depending on DC's features
97 It will also be great if check replPropertyMetaData."""
98 # work-out unique username to test with
99 username
= self
._make
_username
()
102 self
.ldb_dc1
.newuser(username
=username
, password
="P@sswOrd!")
103 ldb_res
= self
.ldb_dc1
.search(base
=self
.domain_dn
,
105 expression
="(samAccountName=%s)" % username
)
106 self
.assertEquals(len(ldb_res
), 1)
107 user_orig
= ldb_res
[0]
108 user_dn
= ldb_res
[0]["dn"]
110 # check user info on DC1
111 print "Testing for %s with GUID %s" % (username
, self
._GUID
_string
(user_orig
["objectGUID"][0]))
112 self
._check
_user
(sam_ldb
=self
.ldb_dc1
, user_orig
=user_orig
, is_deleted
=False)
114 # trigger replication from DC1 to DC2
115 self
._net
_drs
_replicate
(DC
=self
.dnsname_dc2
, fromDC
=self
.dnsname_dc1
)
118 self
.ldb_dc1
.delete(user_dn
)
119 # check user info on DC1 - should be deleted
120 self
._check
_user
(sam_ldb
=self
.ldb_dc1
, user_orig
=user_orig
, is_deleted
=True)
121 # check user info on DC2 - should be valid user
123 self
._check
_user
(sam_ldb
=self
.ldb_dc2
, user_orig
=user_orig
, is_deleted
=False)
124 except self
.failureException
:
125 print ("Checking for not isDeleted user on %s failed, "
126 "probably because a replication took place. "
127 "Ideally we should block automatic replications during this test, "
128 "but until then, just ignore the error" % self
.dnsname_dc2
)
130 # trigger replication from DC2 to DC1
131 # to check if deleted object gets restored
132 self
._net
_drs
_replicate
(DC
=self
.dnsname_dc1
, fromDC
=self
.dnsname_dc2
)
133 # check user info on DC1 - should be deleted
134 self
._check
_user
(sam_ldb
=self
.ldb_dc1
, user_orig
=user_orig
, is_deleted
=True)
135 # check user info on DC2 - should be valid user
137 self
._check
_user
(sam_ldb
=self
.ldb_dc2
, user_orig
=user_orig
, is_deleted
=False)
138 except self
.failureException
:
139 print ("Checking for not isDeleted user on %s failed, "
140 "probably because a replication took place. "
141 "Ideally we should block automatic replications during this test, "
142 "but until then, just ignore the error" % self
.dnsname_dc2
)
144 # trigger replication from DC1 to DC2
145 # to check if deleted object is replicated
146 self
._net
_drs
_replicate
(DC
=self
.dnsname_dc2
, fromDC
=self
.dnsname_dc1
)
147 # check user info on DC1 - should be deleted
148 self
._check
_user
(sam_ldb
=self
.ldb_dc1
, user_orig
=user_orig
, is_deleted
=True)
149 # check user info on DC2 - should be deleted
150 self
._check
_user
(sam_ldb
=self
.ldb_dc2
, user_orig
=user_orig
, is_deleted
=True)