search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s4:test for "primaryGroupToken"
[Samba/fernandojvsilva.git] / source4 / lib / ldb / tests / python / ldap.py
blob00fb30768990aaa6b7ee0e1c219e6e3073875a3a
1 #!/usr/bin/python
2 # -*- coding: utf-8 -*-
3 # This is a port of the original in testprogs/ejs/ldap.js
4
5 import getopt
6 import optparse
7 import sys
8 import time
9
10 sys.path.append("bin/python")
11 sys.path.append("../lib/subunit/python")
12
13 import samba.getopt as options
14
15 from samba.auth import system_session
16 from ldb import SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE, LdbError
17 from ldb import ERR_NO_SUCH_OBJECT, ERR_ATTRIBUTE_OR_VALUE_EXISTS
18 from ldb import ERR_ENTRY_ALREADY_EXISTS, ERR_UNWILLING_TO_PERFORM
19 from ldb import ERR_NOT_ALLOWED_ON_NON_LEAF, ERR_OTHER, ERR_INVALID_DN_SYNTAX
20 from ldb import Message, Dn
21 from samba import Ldb
22 from subunit import SubunitTestRunner
23 from samba import param
24 from samba import glue
25 import unittest
26
27 parser = optparse.OptionParser("ldap [options] <host>")
28 sambaopts = options.SambaOptions(parser)
29 parser.add_option_group(sambaopts)
30 parser.add_option_group(options.VersionOptions(parser))
31 # use command line creds if available
32 credopts = options.CredentialsOptions(parser)
33 parser.add_option_group(credopts)
34 opts, args = parser.parse_args()
35
36 if len(args) < 1:
37 parser.print_usage()
38 sys.exit(1)
39
40 host = args[0]
41
42 lp = sambaopts.get_loadparm()
43 creds = credopts.get_credentials(lp)
44
45 class BasicTests(unittest.TestCase):
46 def delete_force(self, ldb, dn):
47 try:
48 ldb.delete(dn)
49 except LdbError, (num, _):
50 self.assertEquals(num, ERR_NO_SUCH_OBJECT)
51
52 def find_basedn(self, ldb):
53 res = ldb.search(base="", expression="", scope=SCOPE_BASE,
54 attrs=["defaultNamingContext"])
55 self.assertEquals(len(res), 1)
56 return res[0]["defaultNamingContext"][0]
57
58 def find_configurationdn(self, ldb):
59 res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["configurationNamingContext"])
60 self.assertEquals(len(res), 1)
61 return res[0]["configurationNamingContext"][0]
62
63 def find_schemadn(self, ldb):
64 res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["schemaNamingContext"])
65 self.assertEquals(len(res), 1)
66 return res[0]["schemaNamingContext"][0]
67
68 def setUp(self):
69 self.ldb = ldb
70 self.gc_ldb = gc_ldb
71 self.base_dn = self.find_basedn(ldb)
72 self.configuration_dn = self.find_configurationdn(ldb)
73 self.schema_dn = self.find_schemadn(ldb)
74
75 print "baseDN: %s\n" % self.base_dn
76
77 self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
78 self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn)
79 self.delete_force(self.ldb, "cn=ldaptestuser2,cn=users," + self.base_dn)
80 self.delete_force(self.ldb, "cn=ldaptestgroup2,cn=users," + self.base_dn)
81 self.delete_force(self.ldb, "cn=ldaptestutf8user èùéìòà ,cn=users," + self.base_dn)
82 self.delete_force(self.ldb, "cn=ldaptestutf8user2 èùéìòà ,cn=users," + self.base_dn)
83 self.delete_force(self.ldb, "cn=parentguidtest,cn=users," + self.base_dn)
84 self.delete_force(self.ldb, "cn=parentguidtest,cn=testotherusers," + self.base_dn)
85 self.delete_force(self.ldb, "cn=testotherusers," + self.base_dn)
86
87 def test_group_add_invalid_member(self):
88 """Testing group add with invalid member"""
89 try:
90 self.ldb.add({
91 "dn": "cn=ldaptestgroup,cn=uSers," + self.base_dn,
92 "objectclass": "group",
93 "member": "cn=ldaptestuser,cn=useRs," + self.base_dn})
94 self.fail()
95 except LdbError, (num, _):
96 self.assertEquals(num, ERR_NO_SUCH_OBJECT)
97
98 def test_parentGUID(self):
99 """Test parentGUID behaviour"""
100 print "Testing parentGUID behaviour\n"
101
102 self.ldb.add({
103 "dn": "cn=parentguidtest,cn=users," + self.base_dn,
104 "objectclass":"user",
105 "samaccountname":"parentguidtest"});
106 res1 = ldb.search(base="cn=parentguidtest,cn=users," + self.base_dn, scope=SCOPE_BASE,
107 attrs=["parentGUID"]);
108 res2 = ldb.search(base="cn=users," + self.base_dn,scope=SCOPE_BASE,
109 attrs=["objectGUID"]);
110 self.assertEquals(res1[0]["parentGUID"], res2[0]["objectGUID"]);
111
112 """Test parentGUID behaviour"""
113 print "Testing parentGUID behaviour on rename\n"
114
115 self.ldb.add({
116 "dn": "cn=testotherusers," + self.base_dn,
117 "objectclass":"container"});
118 res1 = ldb.search(base="cn=testotherusers," + self.base_dn,scope=SCOPE_BASE,
119 attrs=["objectGUID"]);
120 ldb.rename("cn=parentguidtest,cn=users," + self.base_dn,
121 "cn=parentguidtest,cn=testotherusers," + self.base_dn);
122 res2 = ldb.search(base="cn=parentguidtest,cn=testotherusers," + self.base_dn,
123 scope=SCOPE_BASE,
124 attrs=["parentGUID"]);
125 self.assertEquals(res1[0]["objectGUID"], res2[0]["parentGUID"]);
126 ldb.delete("cn=parentguidtest,cn=testotherusers," + self.base_dn)
127 ldb.delete("cn=testotherusers," + self.base_dn)
128
129 def test_groupType(self):
130 """Test groupType behaviour (should appear to be casted to a 32 bit signed integer before comparsion)"""
131 print "Testing groupType behaviour\n"
132
133 res1 = ldb.search(base=self.base_dn, scope=SCOPE_SUBTREE,
134 attrs=["groupType"], expression="groupType=2147483653");
135
136 res2 = ldb.search(base=self.base_dn, scope=SCOPE_SUBTREE,
137 attrs=["groupType"], expression="groupType=-2147483643");
138
139 self.assertEquals(len(res1), len(res2))
140
141 self.assertTrue(res1.count > 0)
142
143 self.assertEquals(res1[0]["groupType"][0], "-2147483643")
144
145 def test_primary_group_token(self):
146 """Test the primary group token behaviour (hidden-generated-readonly attribute on groups)"""
147 print "Testing primary group token behaviour\n"
148
149 ldb.add({
150 "dn": "cn=ldaptestuser,cn=uSers," + self.base_dn,
151 "objectclass": ["user", "person"],
152 "cN": "LDAPtestUSER",
153 "givenname": "ldap",
154 "sn": "testy"})
155
156 ldb.add({
157 "dn": "cn=ldaptestgroup,cn=uSers," + self.base_dn,
158 "objectclass": "group",
159 "member": "cn=ldaptestuser,cn=useRs," + self.base_dn})
160
161 res1 = ldb.search("cn=ldaptestuser, cn=users," + self.base_dn,
162 scope=SCOPE_BASE, attrs=["primaryGroupToken"])
163 self.assertTrue(len(res1) == 1)
164 self.assertFalse("primaryGroupToken" in res1[0])
165
166 res1 = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn,
167 scope=SCOPE_BASE)
168 self.assertTrue(len(res1) == 1)
169 self.assertFalse("primaryGroupToken" in res1[0])
170
171 res1 = ldb.search("cn=ldaptestgroup,cn=users," + self.base_dn,
172 scope=SCOPE_BASE, attrs=["primaryGroupToken", "objectSID"])
173 self.assertTrue(len(res1) == 1)
174 primary_group_token = int(res1[0]["primaryGroupToken"][0])
175
176 rid = glue.dom_sid_to_rid(ldb.schema_format_value("objectSID", res1[0]["objectSID"][0]))
177 self.assertEquals(primary_group_token, rid)
178
179 # Has to wait until we support read-only generated attributes correctly
180 # m = Message()
181 # m.dn = Dn(ldb, "cn=ldaptestgroup,cn=users," + self.base_dn)
182 # m["primaryGroupToken"] = "100"
183 # try:
184 # ldb.modify(m)
185 # self.fail()
186 # except LdbError, (num, msg):
187 # print msg
188
189 self.delete_force(self.ldb, "cn=ldaptestgroup,cn=users," + self.base_dn)
190 self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
191
192 def test_all(self):
193 """Basic tests"""
194
195 self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
196
197 print "Testing user add"
198 ldb.add({
199 "dn": "cn=ldaptestuser,cn=uSers," + self.base_dn,
200 "objectclass": ["user", "person"],
201 "cN": "LDAPtestUSER",
202 "givenname": "ldap",
203 "sn": "testy"})
204
205 ldb.add({
206 "dn": "cn=ldaptestgroup,cn=uSers," + self.base_dn,
207 "objectclass": "group",
208 "member": "cn=ldaptestuser,cn=useRs," + self.base_dn})
209
210 self.delete_force(ldb, "cn=ldaptestcomputer,cn=computers," + self.base_dn)
211 ldb.add({
212 "dn": "cn=ldaptestcomputer,cn=computers," + self.base_dn,
213 "objectclass": "computer",
214 "cN": "LDAPtestCOMPUTER"})
215
216 self.delete_force(self.ldb, "cn=ldaptest2computer,cn=computers," + self.base_dn)
217 ldb.add({"dn": "cn=ldaptest2computer,cn=computers," + self.base_dn,
218 "objectClass": "computer",
219 "cn": "LDAPtest2COMPUTER",
220 "userAccountControl": "4096",
221 "displayname": "ldap testy"})
222
223 self.delete_force(self.ldb, "cn=ldaptestcomputer3,cn=computers," + self.base_dn)
224 try:
225 ldb.add({"dn": "cn=ldaptestcomputer3,cn=computers," + self.base_dn,
226 "objectClass": "computer",
227 "cn": "LDAPtest2COMPUTER"
228 })
229 self.fail()
230 except LdbError, (num, _):
231 self.assertEquals(num, ERR_INVALID_DN_SYNTAX)
232
233 self.delete_force(self.ldb, "cn=ldaptestcomputer3,cn=computers," + self.base_dn)
234 try:
235 ldb.add({"dn": "cn=ldaptestcomputer3,cn=computers," + self.base_dn,
236 "objectClass": "computer",
237 "cn": "ldaptestcomputer3",
238 "sAMAccountType": "805306368"
239 })
240 self.fail()
241 except LdbError, (num, _):
242 self.assertEquals(num, ERR_UNWILLING_TO_PERFORM)
243
244 self.delete_force(self.ldb, "cn=ldaptestcomputer3,cn=computers," + self.base_dn)
245 try:
246 ldb.add({"dn": "cn=ldaptestcomputer3,cn=computers," + self.base_dn,
247 "objectClass": "computer",
248 "cn": "ldaptestcomputer3",
249 "userAccountControl": "0"
250 })
251 self.fail()
252 except LdbError, (num, _):
253 self.assertEquals(num, ERR_UNWILLING_TO_PERFORM)
254
255 self.delete_force(self.ldb, "cn=ldaptestuser7,cn=users," + self.base_dn)
256 try:
257 ldb.add({"dn": "cn=ldaptestuser7,cn=users," + self.base_dn,
258 "objectClass": "user",
259 "cn": "LDAPtestuser7",
260 "userAccountControl": "0"
261 })
262 self.fail()
263 except LdbError, (num, _):
264 self.assertEquals(num, ERR_UNWILLING_TO_PERFORM)
265
266 self.delete_force(self.ldb, "cn=ldaptestuser7,cn=users," + self.base_dn)
267
268 ldb.add({"dn": "cn=ldaptestuser7,cn=users," + self.base_dn,
269 "objectClass": "user",
270 "cn": "LDAPtestuser7",
271 "userAccountControl": "2"
272 })
273
274 self.delete_force(self.ldb, "cn=ldaptestuser7,cn=users," + self.base_dn)
275
276 self.delete_force(self.ldb, "cn=ldaptestcomputer3,cn=computers," + self.base_dn)
277 ldb.add({"dn": "cn=ldaptestcomputer3,cn=computers," + self.base_dn,
278 "objectClass": "computer",
279 "cn": "LDAPtestCOMPUTER3"
280 })
281
282 print "Testing ldb.search for (&(cn=ldaptestcomputer3)(objectClass=user))";
283 res = ldb.search(self.base_dn, expression="(&(cn=ldaptestcomputer3)(objectClass=user))");
284 self.assertEquals(len(res), 1, "Found only %d for (&(cn=ldaptestcomputer3)(objectClass=user))" % len(res))
285
286 self.assertEquals(str(res[0].dn), ("CN=ldaptestcomputer3,CN=Computers," + self.base_dn));
287 self.assertEquals(res[0]["cn"][0], "ldaptestcomputer3");
288 self.assertEquals(res[0]["name"][0], "ldaptestcomputer3");
289 self.assertEquals(res[0]["objectClass"][0], "top");
290 self.assertEquals(res[0]["objectClass"][1], "person");
291 self.assertEquals(res[0]["objectClass"][2], "organizationalPerson");
292 self.assertEquals(res[0]["objectClass"][3], "user");
293 self.assertEquals(res[0]["objectClass"][4], "computer");
294 self.assertTrue("objectGUID" in res[0])
295 self.assertTrue("whenCreated" in res[0])
296 self.assertEquals(res[0]["objectCategory"][0], ("CN=Computer,CN=Schema,CN=Configuration," + self.base_dn));
297 self.assertEquals(int(res[0]["primaryGroupID"][0]), 513);
298 self.assertEquals(int(res[0]["sAMAccountType"][0]), 805306368);
299 self.assertEquals(int(res[0]["userAccountControl"][0]), 546);
300
301 self.delete_force(self.ldb, "cn=ldaptestcomputer3,cn=computers," + self.base_dn)
302
303 print "Testing attribute or value exists behaviour"
304 try:
305 ldb.modify_ldif("""
306 dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
307 changetype: modify
308 replace: servicePrincipalName
309 servicePrincipalName: host/ldaptest2computer
310 servicePrincipalName: host/ldaptest2computer
311 servicePrincipalName: cifs/ldaptest2computer
312 """)
313 self.fail()
314 except LdbError, (num, msg):
315 self.assertEquals(num, ERR_ATTRIBUTE_OR_VALUE_EXISTS)
316
317 ldb.modify_ldif("""
318 dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
319 changetype: modify
320 replace: servicePrincipalName
321 servicePrincipalName: host/ldaptest2computer
322 servicePrincipalName: cifs/ldaptest2computer
323 """)
324 try:
325 ldb.modify_ldif("""
326 dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
327 changetype: modify
328 add: servicePrincipalName
329 servicePrincipalName: host/ldaptest2computer
330 """)
331 self.fail()
332 except LdbError, (num, msg):
333 self.assertEquals(num, ERR_ATTRIBUTE_OR_VALUE_EXISTS)
334
335 print "Testing ranged results"
336 ldb.modify_ldif("""
337 dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
338 changetype: modify
339 replace: servicePrincipalName
340 """)
341
342 ldb.modify_ldif("""
343 dn: cn=ldaptest2computer,cn=computers,""" + self.base_dn + """
344 changetype: modify
345 add: servicePrincipalName
346 servicePrincipalName: host/ldaptest2computer0
347 servicePrincipalName: host/ldaptest2computer1
348 servicePrincipalName: host/ldaptest2computer2
349 servicePrincipalName: host/ldaptest2computer3
350 servicePrincipalName: host/ldaptest2computer4
351 servicePrincipalName: host/ldaptest2computer5
352 servicePrincipalName: host/ldaptest2computer6
353 servicePrincipalName: host/ldaptest2computer7
354 servicePrincipalName: host/ldaptest2computer8
355 servicePrincipalName: host/ldaptest2computer9
356 servicePrincipalName: host/ldaptest2computer10
357 servicePrincipalName: host/ldaptest2computer11
358 servicePrincipalName: host/ldaptest2computer12
359 servicePrincipalName: host/ldaptest2computer13
360 servicePrincipalName: host/ldaptest2computer14
361 servicePrincipalName: host/ldaptest2computer15
362 servicePrincipalName: host/ldaptest2computer16
363 servicePrincipalName: host/ldaptest2computer17
364 servicePrincipalName: host/ldaptest2computer18
365 servicePrincipalName: host/ldaptest2computer19
366 servicePrincipalName: host/ldaptest2computer20
367 servicePrincipalName: host/ldaptest2computer21
368 servicePrincipalName: host/ldaptest2computer22
369 servicePrincipalName: host/ldaptest2computer23
370 servicePrincipalName: host/ldaptest2computer24
371 servicePrincipalName: host/ldaptest2computer25
372 servicePrincipalName: host/ldaptest2computer26
373 servicePrincipalName: host/ldaptest2computer27
374 servicePrincipalName: host/ldaptest2computer28
375 servicePrincipalName: host/ldaptest2computer29
376 """)
377
378 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE,
379 attrs=["servicePrincipalName;range=0-*"])
380 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
381 #print len(res[0]["servicePrincipalName;range=0-*"])
382 self.assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30)
383
384 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-19"])
385 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
386 # print res[0]["servicePrincipalName;range=0-19"].length
387 self.assertEquals(len(res[0]["servicePrincipalName;range=0-19"]), 20)
388
389
390 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-30"])
391 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
392 self.assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30)
393
394 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=0-40"])
395 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
396 self.assertEquals(len(res[0]["servicePrincipalName;range=0-*"]), 30)
397
398 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=30-40"])
399 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
400 self.assertEquals(len(res[0]["servicePrincipalName;range=30-*"]), 0)
401
402
403 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=10-40"])
404 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
405 self.assertEquals(len(res[0]["servicePrincipalName;range=10-*"]), 20)
406 # pos_11 = res[0]["servicePrincipalName;range=10-*"][18]
407
408 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=11-40"])
409 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
410 self.assertEquals(len(res[0]["servicePrincipalName;range=11-*"]), 19)
411 # print res[0]["servicePrincipalName;range=11-*"][18]
412 # print pos_11
413 # self.assertEquals((res[0]["servicePrincipalName;range=11-*"][18]), pos_11)
414
415 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName;range=11-15"])
416 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
417 self.assertEquals(len(res[0]["servicePrincipalName;range=11-15"]), 5)
418 # self.assertEquals(res[0]["servicePrincipalName;range=11-15"][4], pos_11)
419
420 res = ldb.search(self.base_dn, expression="(cn=ldaptest2computer))", scope=SCOPE_SUBTREE, attrs=["servicePrincipalName"])
421 self.assertEquals(len(res), 1, "Could not find (cn=ldaptest2computer)")
422 # print res[0]["servicePrincipalName"][18]
423 # print pos_11
424 self.assertEquals(len(res[0]["servicePrincipalName"]), 30)
425 # self.assertEquals(res[0]["servicePrincipalName"][18], pos_11)
426
427 self.delete_force(self.ldb, "cn=ldaptestuser2,cn=users," + self.base_dn)
428 ldb.add({
429 "dn": "cn=ldaptestuser2,cn=useRs," + self.base_dn,
430 "objectClass": ["person", "user"],
431 "cn": "LDAPtestUSER2",
432 "givenname": "testy",
433 "sn": "ldap user2"})
434
435 print "Testing Ambigious Name Resolution"
436 # Testing ldb.search for (&(anr=ldap testy)(objectClass=user))
437 res = ldb.search(expression="(&(anr=ldap testy)(objectClass=user))")
438 self.assertEquals(len(res), 3, "Found only %d of 3 for (&(anr=ldap testy)(objectClass=user))" % len(res))
439
440 # Testing ldb.search for (&(anr=testy ldap)(objectClass=user))
441 res = ldb.search(expression="(&(anr=testy ldap)(objectClass=user))")
442 self.assertEquals(len(res), 2, "Found only %d of 2 for (&(anr=testy ldap)(objectClass=user))" % len(res))
443
444 # Testing ldb.search for (&(anr=ldap)(objectClass=user))
445 res = ldb.search(expression="(&(anr=ldap)(objectClass=user))")
446 self.assertEquals(len(res), 4, "Found only %d of 4 for (&(anr=ldap)(objectClass=user))" % len(res))
447
448 # Testing ldb.search for (&(anr==ldap)(objectClass=user))
449 res = ldb.search(expression="(&(anr==ldap)(objectClass=user))")
450 self.assertEquals(len(res), 1, "Could not find (&(anr==ldap)(objectClass=user)). Found only %d for (&(anr=ldap)(objectClass=user))" % len(res))
451
452 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
453 self.assertEquals(res[0]["cn"][0], "ldaptestuser")
454 self.assertEquals(str(res[0]["name"]), "ldaptestuser")
455
456 # Testing ldb.search for (&(anr=testy)(objectClass=user))
457 res = ldb.search(expression="(&(anr=testy)(objectClass=user))")
458 self.assertEquals(len(res), 2, "Found only %d for (&(anr=testy)(objectClass=user))" % len(res))
459
460 # Testing ldb.search for (&(anr=testy ldap)(objectClass=user))
461 res = ldb.search(expression="(&(anr=testy ldap)(objectClass=user))")
462 self.assertEquals(len(res), 2, "Found only %d for (&(anr=testy ldap)(objectClass=user))" % len(res))
463
464 # Testing ldb.search for (&(anr==testy ldap)(objectClass=user))
465 # this test disabled for the moment, as anr with == tests are not understood
466 # res = ldb.search(expression="(&(anr==testy ldap)(objectClass=user))")
467 # self.assertEquals(len(res), 1, "Found only %d for (&(anr==testy ldap)(objectClass=user))" % len(res))
468
469 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
470 self.assertEquals(res[0]["cn"][0], "ldaptestuser")
471 self.assertEquals(res[0]["name"][0], "ldaptestuser")
472
473 # Testing ldb.search for (&(anr==testy ldap)(objectClass=user))
474 # res = ldb.search(expression="(&(anr==testy ldap)(objectClass=user))")
475 # self.assertEquals(len(res), 1, "Could not find (&(anr==testy ldap)(objectClass=user))")
476
477 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
478 self.assertEquals(res[0]["cn"][0], "ldaptestuser")
479 self.assertEquals(res[0]["name"][0], "ldaptestuser")
480
481 # Testing ldb.search for (&(anr=testy ldap user)(objectClass=user))
482 res = ldb.search(expression="(&(anr=testy ldap user)(objectClass=user))")
483 self.assertEquals(len(res), 1, "Could not find (&(anr=testy ldap user)(objectClass=user))")
484
485 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + self.base_dn))
486 self.assertEquals(str(res[0]["cn"]), "ldaptestuser2")
487 self.assertEquals(str(res[0]["name"]), "ldaptestuser2")
488
489 # Testing ldb.search for (&(anr==testy ldap user2)(objectClass=user))
490 # res = ldb.search(expression="(&(anr==testy ldap user2)(objectClass=user))")
491 # self.assertEquals(len(res), 1, "Could not find (&(anr==testy ldap user2)(objectClass=user))")
492
493 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + self.base_dn))
494 self.assertEquals(str(res[0]["cn"]), "ldaptestuser2")
495 self.assertEquals(str(res[0]["name"]), "ldaptestuser2")
496
497 # Testing ldb.search for (&(anr==ldap user2)(objectClass=user))
498 # res = ldb.search(expression="(&(anr==ldap user2)(objectClass=user))")
499 # self.assertEquals(len(res), 1, "Could not find (&(anr==ldap user2)(objectClass=user))")
500
501 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser2,CN=Users," + self.base_dn))
502 self.assertEquals(str(res[0]["cn"]), "ldaptestuser2")
503 self.assertEquals(str(res[0]["name"]), "ldaptestuser2")
504
505 # Testing ldb.search for (&(anr==not ldap user2)(objectClass=user))
506 # res = ldb.search(expression="(&(anr==not ldap user2)(objectClass=user))")
507 # self.assertEquals(len(res), 0, "Must not find (&(anr==not ldap user2)(objectClass=user))")
508
509 # Testing ldb.search for (&(anr=not ldap user2)(objectClass=user))
510 res = ldb.search(expression="(&(anr=not ldap user2)(objectClass=user))")
511 self.assertEquals(len(res), 0, "Must not find (&(anr=not ldap user2)(objectClass=user))")
512
513 # Testing ldb.search for (&(anr="testy ldap")(objectClass=user)) (ie, with quotes)
514 # res = ldb.search(expression="(&(anr==\"testy ldap\")(objectClass=user))")
515 # self.assertEquals(len(res), 0, "Found (&(anr==\"testy ldap\")(objectClass=user))")
516
517 print "Testing Group Modifies"
518 ldb.modify_ldif("""
519 dn: cn=ldaptestgroup,cn=users,""" + self.base_dn + """
520 changetype: modify
521 add: member
522 member: cn=ldaptestuser2,cn=users,""" + self.base_dn + """
523 member: cn=ldaptestcomputer,cn=computers,""" + self.base_dn + """
524 """)
525
526 self.delete_force(ldb, "cn=ldaptestuser3,cn=users," + self.base_dn)
527
528 print "Testing adding non-existent user to a group"
529 try:
530 ldb.modify_ldif("""
531 dn: cn=ldaptestgroup,cn=users,""" + self.base_dn + """
532 changetype: modify
533 add: member
534 member: cn=ldaptestuser3,cn=users,""" + self.base_dn + """
535 """)
536 self.fail()
537 except LdbError, (num, _):
538 self.assertEquals(num, ERR_NO_SUCH_OBJECT)
539
540 print "Testing Renames"
541
542 attrs = ["objectGUID", "objectSid"]
543 print "Testing ldb.search for (&(cn=ldaptestUSer2)(objectClass=user))"
544 res_user = ldb.search(self.base_dn, expression="(&(cn=ldaptestUSer2)(objectClass=user))", scope=SCOPE_SUBTREE, attrs=attrs)
545 self.assertEquals(len(res_user), 1, "Could not find (&(cn=ldaptestUSer2)(objectClass=user))")
546
547 #Check rename works with extended/alternate DN forms
548 ldb.rename("<SID=" + ldb.schema_format_value("objectSID", res_user[0]["objectSID"][0]) + ">" , "cn=ldaptestuser3,cn=users," + self.base_dn)
549
550 ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=users," + self.base_dn)
551
552 ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestUSER3,cn=users," + self.base_dn)
553
554 print "Testing ldb.search for (&(cn=ldaptestuser3)(objectClass=user))"
555 res = ldb.search(expression="(&(cn=ldaptestuser3)(objectClass=user))")
556 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser3)(objectClass=user))")
557
558 self.assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
559 self.assertEquals(str(res[0]["cn"]), "ldaptestUSER3")
560 self.assertEquals(str(res[0]["name"]), "ldaptestUSER3")
561
562 #"Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=*))(objectClass=user))"
563 res = ldb.search(expression="(&(&(cn=ldaptestuser3)(userAccountControl=*))(objectClass=user))")
564 self.assertEquals(len(res), 1, "(&(&(cn=ldaptestuser3)(userAccountControl=*))(objectClass=user))")
565
566 self.assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
567 self.assertEquals(str(res[0]["cn"]), "ldaptestUSER3")
568 self.assertEquals(str(res[0]["name"]), "ldaptestUSER3")
569
570 #"Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))"
571 res = ldb.search(expression="(&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))")
572 self.assertEquals(len(res), 1, "(&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))")
573
574 self.assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
575 self.assertEquals(str(res[0]["cn"]), "ldaptestUSER3")
576 self.assertEquals(str(res[0]["name"]), "ldaptestUSER3")
577
578 #"Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))"
579 res = ldb.search(expression="(&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))")
580 self.assertEquals(len(res), 0, "(&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))")
581
582 # This is a Samba special, and does not exist in real AD
583 # print "Testing ldb.search for (dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")"
584 # res = ldb.search("(dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")")
585 # if (res.error != 0 || len(res) != 1) {
586 # print "Could not find (dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")"
587 # self.assertEquals(len(res), 1)
588 # }
589 # self.assertEquals(res[0].dn, ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
590 # self.assertEquals(res[0].cn, "ldaptestUSER3")
591 # self.assertEquals(res[0].name, "ldaptestUSER3")
592
593 print "Testing ldb.search for (distinguishedName=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")"
594 res = ldb.search(expression="(distinguishedName=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")")
595 self.assertEquals(len(res), 1, "Could not find (dn=CN=ldaptestUSER3,CN=Users," + self.base_dn + ")")
596 self.assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + self.base_dn))
597 self.assertEquals(str(res[0]["cn"]), "ldaptestUSER3")
598 self.assertEquals(str(res[0]["name"]), "ldaptestUSER3")
599
600 # ensure we cannot add it again
601 try:
602 ldb.add({"dn": "cn=ldaptestuser3,cn=userS," + self.base_dn,
603 "objectClass": ["person", "user"],
604 "cn": "LDAPtestUSER3"})
605 self.fail()
606 except LdbError, (num, _):
607 self.assertEquals(num, ERR_ENTRY_ALREADY_EXISTS)
608
609 # rename back
610 ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser2,cn=users," + self.base_dn)
611
612 # ensure we cannnot rename it twice
613 try:
614 ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn,
615 "cn=ldaptestuser2,cn=users," + self.base_dn)
616 self.fail()
617 except LdbError, (num, _):
618 self.assertEquals(num, ERR_NO_SUCH_OBJECT)
619
620 # ensure can now use that name
621 ldb.add({"dn": "cn=ldaptestuser3,cn=users," + self.base_dn,
622 "objectClass": ["person", "user"],
623 "cn": "LDAPtestUSER3"})
624
625 # ensure we now cannnot rename
626 try:
627 ldb.rename("cn=ldaptestuser2,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=users," + self.base_dn)
628 self.fail()
629 except LdbError, (num, _):
630 self.assertEquals(num, ERR_ENTRY_ALREADY_EXISTS)
631 try:
632 ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser3,cn=configuration," + self.base_dn)
633 self.fail()
634 except LdbError, (num, _):
635 self.assertTrue(num in (71, 64))
636
637 ldb.rename("cn=ldaptestuser3,cn=users," + self.base_dn, "cn=ldaptestuser5,cn=users," + self.base_dn)
638
639 ldb.delete("cn=ldaptestuser5,cn=users," + self.base_dn)
640
641 self.delete_force(ldb, "cn=ldaptestgroup2,cn=users," + self.base_dn)
642
643 ldb.rename("cn=ldaptestgroup,cn=users," + self.base_dn, "cn=ldaptestgroup2,cn=users," + self.base_dn)
644
645 print "Testing subtree Renames"
646
647 ldb.add({"dn": "cn=ldaptestcontainer," + self.base_dn,
648 "objectClass": "container"})
649
650 self.delete_force(self.ldb, "cn=ldaptestuser4,cn=ldaptestcontainer," + self.base_dn)
651 ldb.add({"dn": "CN=ldaptestuser4,CN=ldaptestcontainer," + self.base_dn,
652 "objectClass": ["person", "user"],
653 "cn": "LDAPtestUSER4"})
654
655 ldb.modify_ldif("""
656 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
657 changetype: modify
658 add: member
659 member: cn=ldaptestuser4,cn=ldaptestcontainer,""" + self.base_dn + """
660 """)
661
662 print "Testing ldb.rename of cn=ldaptestcontainer," + self.base_dn + " to cn=ldaptestcontainer2," + self.base_dn
663 ldb.rename("CN=ldaptestcontainer," + self.base_dn, "CN=ldaptestcontainer2," + self.base_dn)
664
665 print "Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user))"
666 res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))")
667 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser4)(objectClass=user))")
668
669 print "Testing subtree ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + self.base_dn
670 try:
671 res = ldb.search("cn=ldaptestcontainer," + self.base_dn,
672 expression="(&(cn=ldaptestuser4)(objectClass=user))",
673 scope=SCOPE_SUBTREE)
674 self.fail(res)
675 except LdbError, (num, _):
676 self.assertEquals(num, ERR_NO_SUCH_OBJECT)
677
678 print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in (just renamed from) cn=ldaptestcontainer," + self.base_dn
679 try:
680 res = ldb.search("cn=ldaptestcontainer," + self.base_dn,
681 expression="(&(cn=ldaptestuser4)(objectClass=user))", scope=SCOPE_ONELEVEL)
682 self.fail()
683 except LdbError, (num, _):
684 self.assertEquals(num, ERR_NO_SUCH_OBJECT)
685
686 print "Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in renamed container"
687 res = ldb.search("cn=ldaptestcontainer2," + self.base_dn, expression="(&(cn=ldaptestuser4)(objectClass=user))", scope=SCOPE_SUBTREE)
688 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser4)(objectClass=user)) under cn=ldaptestcontainer2," + self.base_dn)
689
690 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn))
691 self.assertEquals(res[0]["memberOf"][0].upper(), ("CN=ldaptestgroup2,CN=Users," + self.base_dn).upper())
692
693 time.sleep(4)
694
695 print "Testing ldb.search for (&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn + ")(objectclass=group)) to check subtree renames and linked attributes"
696 res = ldb.search(self.base_dn, expression="(&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn + ")(objectclass=group))", scope=SCOPE_SUBTREE)
697 self.assertEquals(len(res), 1, "Could not find (&(member=CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn + ")(objectclass=group)), perhaps linked attributes are not consistant with subtree renames?")
698
699 print "Testing ldb.rename (into itself) of cn=ldaptestcontainer2," + self.base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer2," + self.base_dn
700 try:
701 ldb.rename("cn=ldaptestcontainer2," + self.base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer2," + self.base_dn)
702 self.fail()
703 except LdbError, (num, _):
704 self.assertEquals(num, ERR_UNWILLING_TO_PERFORM)
705
706 print "Testing ldb.rename (into non-existent container) of cn=ldaptestcontainer2," + self.base_dn + " to cn=ldaptestcontainer,cn=ldaptestcontainer3," + self.base_dn
707 try:
708 ldb.rename("cn=ldaptestcontainer2," + self.base_dn, "cn=ldaptestcontainer,cn=ldaptestcontainer3," + self.base_dn)
709 self.fail()
710 except LdbError, (num, _):
711 self.assertTrue(num in (ERR_UNWILLING_TO_PERFORM, ERR_OTHER))
712
713 print "Testing delete (should fail, not a leaf node) of renamed cn=ldaptestcontainer2," + self.base_dn
714 try:
715 ldb.delete("cn=ldaptestcontainer2," + self.base_dn)
716 self.fail()
717 except LdbError, (num, _):
718 self.assertEquals(num, ERR_NOT_ALLOWED_ON_NON_LEAF)
719
720 print "Testing base ldb.search for CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn
721 res = ldb.search(expression="(objectclass=*)", base=("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn), scope=SCOPE_BASE)
722 self.assertEquals(len(res), 1)
723 res = ldb.search(expression="(cn=ldaptestuser40)", base=("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn), scope=SCOPE_BASE)
724 self.assertEquals(len(res), 0)
725
726 print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + self.base_dn
727 res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))", base=("cn=ldaptestcontainer2," + self.base_dn), scope=SCOPE_ONELEVEL)
728 # FIXME: self.assertEquals(len(res), 0)
729
730 print "Testing one-level ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in cn=ldaptestcontainer2," + self.base_dn
731 res = ldb.search(expression="(&(cn=ldaptestuser4)(objectClass=user))", base=("cn=ldaptestcontainer2," + self.base_dn), scope=SCOPE_SUBTREE)
732 # FIXME: self.assertEquals(len(res), 0)
733
734 print "Testing delete of subtree renamed "+("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn)
735 ldb.delete(("CN=ldaptestuser4,CN=ldaptestcontainer2," + self.base_dn))
736 print "Testing delete of renamed cn=ldaptestcontainer2," + self.base_dn
737 ldb.delete("cn=ldaptestcontainer2," + self.base_dn)
738
739 self.delete_force(self.ldb, "cn=ldaptestutf8user èùéìòà ,cn=users," + self.base_dn)
740 ldb.add({"dn": "cn=ldaptestutf8user èùéìòà ,cn=users," + self.base_dn, "objectClass": "user"})
741
742 self.delete_force(self.ldb, "cn=ldaptestutf8user2 èùéìòà ,cn=users," + self.base_dn)
743 ldb.add({"dn": "cn=ldaptestutf8user2 èùéìòà ,cn=users," + self.base_dn, "objectClass": "user"})
744
745 print "Testing ldb.search for (&(cn=ldaptestuser)(objectClass=user))"
746 res = ldb.search(expression="(&(cn=ldaptestuser)(objectClass=user))")
747 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser)(objectClass=user))")
748
749 self.assertEquals(str(res[0].dn), ("CN=ldaptestuser,CN=Users," + self.base_dn))
750 self.assertEquals(str(res[0]["cn"]), "ldaptestuser")
751 self.assertEquals(str(res[0]["name"]), "ldaptestuser")
752 self.assertEquals(set(res[0]["objectClass"]), set(["top", "person", "organizationalPerson", "user"]))
753 self.assertTrue("objectGUID" in res[0])
754 self.assertTrue("whenCreated" in res[0])
755 self.assertEquals(str(res[0]["objectCategory"]), ("CN=Person,CN=Schema,CN=Configuration," + self.base_dn))
756 self.assertEquals(int(res[0]["sAMAccountType"][0]), 805306368)
757 self.assertEquals(int(res[0]["userAccountControl"][0]), 546)
758 self.assertEquals(res[0]["memberOf"][0].upper(), ("CN=ldaptestgroup2,CN=Users," + self.base_dn).upper())
759 self.assertEquals(len(res[0]["memberOf"]), 1)
760
761 print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + self.base_dn + "))"
762 res2 = ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + self.base_dn + "))")
763 self.assertEquals(len(res2), 1, "Could not find (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + self.base_dn + "))")
764
765 self.assertEquals(res[0].dn, res2[0].dn)
766
767 print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon))"
768 res3 = ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=PerSon))")
769 self.assertEquals(len(res3), 1, "Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)): matched %d" % len(res3))
770
771 self.assertEquals(res[0].dn, res3[0].dn)
772
773 if gc_ldb is not None:
774 print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog"
775 res3gc = gc_ldb.search(expression="(&(cn=ldaptestuser)(objectCategory=PerSon))")
776 self.assertEquals(len(res3gc), 1)
777
778 self.assertEquals(res[0].dn, res3gc[0].dn)
779
780 print "Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in with 'phantom root' control"
781
782 res3control = gc_ldb.search(self.base_dn, expression="(&(cn=ldaptestuser)(objectCategory=PerSon))", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:2"])
783 self.assertEquals(len(res3control), 1, "Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog")
784
785 self.assertEquals(res[0].dn, res3control[0].dn)
786
787 ldb.delete(res[0].dn)
788
789 print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectClass=user))"
790 res = ldb.search(expression="(&(cn=ldaptestcomputer)(objectClass=user))")
791 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestuser)(objectClass=user))")
792
793 self.assertEquals(str(res[0].dn), ("CN=ldaptestcomputer,CN=Computers," + self.base_dn))
794 self.assertEquals(str(res[0]["cn"]), "ldaptestcomputer")
795 self.assertEquals(str(res[0]["name"]), "ldaptestcomputer")
796 self.assertEquals(set(res[0]["objectClass"]), set(["top", "person", "organizationalPerson", "user", "computer"]))
797 self.assertTrue("objectGUID" in res[0])
798 self.assertTrue("whenCreated" in res[0])
799 self.assertEquals(str(res[0]["objectCategory"]), ("CN=Computer,CN=Schema,CN=Configuration," + self.base_dn))
800 self.assertEquals(int(res[0]["primaryGroupID"][0]), 513)
801 self.assertEquals(int(res[0]["sAMAccountType"][0]), 805306368)
802 self.assertEquals(int(res[0]["userAccountControl"][0]), 546)
803 self.assertEquals(res[0]["memberOf"][0].upper(), ("CN=ldaptestgroup2,CN=Users," + self.base_dn).upper())
804 self.assertEquals(len(res[0]["memberOf"]), 1)
805
806 print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))"
807 res2 = ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))")
808 self.assertEquals(len(res2), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))")
809
810 self.assertEquals(res[0].dn, res2[0].dn)
811
812 if gc_ldb is not None:
813 print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + ")) in Global Catlog"
814 res2gc = gc_ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + "))")
815 self.assertEquals(len(res2gc), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + self.base_dn + ")) in Global Catlog")
816
817 self.assertEquals(res[0].dn, res2gc[0].dn)
818
819 print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER))"
820 res3 = ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=compuTER))")
821 self.assertEquals(len(res3), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER))")
822
823 self.assertEquals(res[0].dn, res3[0].dn)
824
825 if gc_ldb is not None:
826 print "Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog"
827 res3gc = gc_ldb.search(expression="(&(cn=ldaptestcomputer)(objectCategory=compuTER))")
828 self.assertEquals(len(res3gc), 1, "Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog")
829
830 self.assertEquals(res[0].dn, res3gc[0].dn)
831
832 print "Testing ldb.search for (&(cn=ldaptestcomp*r)(objectCategory=compuTER))"
833 res4 = ldb.search(expression="(&(cn=ldaptestcomp*r)(objectCategory=compuTER))")
834 self.assertEquals(len(res4), 1, "Could not find (&(cn=ldaptestcomp*r)(objectCategory=compuTER))")
835
836 self.assertEquals(res[0].dn, res4[0].dn)
837
838 print "Testing ldb.search for (&(cn=ldaptestcomput*)(objectCategory=compuTER))"
839 res5 = ldb.search(expression="(&(cn=ldaptestcomput*)(objectCategory=compuTER))")
840 self.assertEquals(len(res5), 1, "Could not find (&(cn=ldaptestcomput*)(objectCategory=compuTER))")
841
842 self.assertEquals(res[0].dn, res5[0].dn)
843
844 print "Testing ldb.search for (&(cn=*daptestcomputer)(objectCategory=compuTER))"
845 res6 = ldb.search(expression="(&(cn=*daptestcomputer)(objectCategory=compuTER))")
846 self.assertEquals(len(res6), 1, "Could not find (&(cn=*daptestcomputer)(objectCategory=compuTER))")
847
848 self.assertEquals(res[0].dn, res6[0].dn)
849
850 ldb.delete("<GUID=" + ldb.schema_format_value("objectGUID", res[0]["objectGUID"][0]) + ">")
851
852 print "Testing ldb.search for (&(cn=ldaptest2computer)(objectClass=user))"
853 res = ldb.search(expression="(&(cn=ldaptest2computer)(objectClass=user))")
854 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptest2computer)(objectClass=user))")
855
856 self.assertEquals(str(res[0].dn), "CN=ldaptest2computer,CN=Computers," + self.base_dn)
857 self.assertEquals(str(res[0]["cn"]), "ldaptest2computer")
858 self.assertEquals(str(res[0]["name"]), "ldaptest2computer")
859 self.assertEquals(list(res[0]["objectClass"]), ["top", "person", "organizationalPerson", "user", "computer"])
860 self.assertTrue("objectGUID" in res[0])
861 self.assertTrue("whenCreated" in res[0])
862 self.assertEquals(res[0]["objectCategory"][0], "CN=Computer,CN=Schema,CN=Configuration," + self.base_dn)
863 self.assertEquals(int(res[0]["sAMAccountType"][0]), 805306369)
864 self.assertEquals(int(res[0]["userAccountControl"][0]), 4096)
865
866 ldb.delete("<SID=" + ldb.schema_format_value("objectSID", res[0]["objectSID"][0]) + ">")
867
868 attrs = ["cn", "name", "objectClass", "objectGUID", "objectSID", "whenCreated", "nTSecurityDescriptor", "memberOf", "allowedAttributes", "allowedAttributesEffective"]
869 print "Testing ldb.search for (&(cn=ldaptestUSer2)(objectClass=user))"
870 res_user = ldb.search(self.base_dn, expression="(&(cn=ldaptestUSer2)(objectClass=user))", scope=SCOPE_SUBTREE, attrs=attrs)
871 self.assertEquals(len(res_user), 1, "Could not find (&(cn=ldaptestUSer2)(objectClass=user))")
872
873 self.assertEquals(str(res_user[0].dn), ("CN=ldaptestuser2,CN=Users," + self.base_dn))
874 self.assertEquals(str(res_user[0]["cn"]), "ldaptestuser2")
875 self.assertEquals(str(res_user[0]["name"]), "ldaptestuser2")
876 self.assertEquals(list(res_user[0]["objectClass"]), ["top", "person", "organizationalPerson", "user"])
877 self.assertTrue("objectSid" in res_user[0])
878 self.assertTrue("objectGUID" in res_user[0])
879 self.assertTrue("whenCreated" in res_user[0])
880 self.assertTrue("nTSecurityDescriptor" in res_user[0])
881 self.assertTrue("allowedAttributes" in res_user[0])
882 self.assertTrue("allowedAttributesEffective" in res_user[0])
883 self.assertEquals(res_user[0]["memberOf"][0].upper(), ("CN=ldaptestgroup2,CN=Users," + self.base_dn).upper())
884
885 ldaptestuser2_sid = res_user[0]["objectSid"][0]
886 ldaptestuser2_guid = res_user[0]["objectGUID"][0]
887
888 attrs = ["cn", "name", "objectClass", "objectGUID", "objectSID", "whenCreated", "nTSecurityDescriptor", "member", "allowedAttributes", "allowedAttributesEffective"]
889 print "Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group))"
890 res = ldb.search(self.base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs)
891 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group))")
892
893 self.assertEquals(str(res[0].dn), ("CN=ldaptestgroup2,CN=Users," + self.base_dn))
894 self.assertEquals(str(res[0]["cn"]), "ldaptestgroup2")
895 self.assertEquals(str(res[0]["name"]), "ldaptestgroup2")
896 self.assertEquals(list(res[0]["objectClass"]), ["top", "group"])
897 self.assertTrue("objectGUID" in res[0])
898 self.assertTrue("objectSid" in res[0])
899 self.assertTrue("whenCreated" in res[0])
900 self.assertTrue("nTSecurityDescriptor" in res[0])
901 self.assertTrue("allowedAttributes" in res[0])
902 self.assertTrue("allowedAttributesEffective" in res[0])
903 memberUP = []
904 for m in res[0]["member"]:
905 memberUP.append(m.upper())
906 self.assertTrue(("CN=ldaptestuser2,CN=Users," + self.base_dn).upper() in memberUP)
907
908 res = ldb.search(self.base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs, controls=["extended_dn:1:1"])
909 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group))")
910
911 print res[0]["member"]
912 memberUP = []
913 for m in res[0]["member"]:
914 memberUP.append(m.upper())
915 print ("<GUID=" + ldb.schema_format_value("objectGUID", ldaptestuser2_guid) + ">;<SID=" + ldb.schema_format_value("objectSid", ldaptestuser2_sid) + ">;CN=ldaptestuser2,CN=Users," + self.base_dn).upper()
916
917 self.assertTrue(("<GUID=" + ldb.schema_format_value("objectGUID", ldaptestuser2_guid) + ">;<SID=" + ldb.schema_format_value("objectSid", ldaptestuser2_sid) + ">;CN=ldaptestuser2,CN=Users," + self.base_dn).upper() in memberUP)
918
919 print "Testing Linked attribute behaviours"
920 ldb.modify_ldif("""
921 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
922 changetype: modify
923 replace: member
924 member: CN=ldaptestuser2,CN=Users,""" + self.base_dn + """
925 member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
926 """)
927
928 ldb.modify_ldif("""
929 dn: <GUID=""" + ldb.schema_format_value("objectGUID", res[0]["objectGUID"][0]) + """>
930 changetype: modify
931 replace: member
932 member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
933 """)
934
935 ldb.modify_ldif("""
936 dn: <SID=""" + ldb.schema_format_value("objectSid", res[0]["objectSid"][0]) + """>
937 changetype: modify
938 delete: member
939 """)
940
941 ldb.modify_ldif("""
942 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
943 changetype: modify
944 add: member
945 member: <GUID=""" + ldb.schema_format_value("objectGUID", res[0]["objectGUID"][0]) + """>
946 member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
947 """)
948
949 ldb.modify_ldif("""
950 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
951 changetype: modify
952 replace: member
953 """)
954
955 ldb.modify_ldif("""
956 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
957 changetype: modify
958 add: member
959 member: <SID=""" + ldb.schema_format_value("objectSid", res_user[0]["objectSid"][0]) + """>
960 member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
961 """)
962
963 ldb.modify_ldif("""
964 dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """
965 changetype: modify
966 delete: member
967 member: CN=ldaptestutf8user èùéìòà,CN=Users,""" + self.base_dn + """
968 """)
969
970 res = ldb.search(self.base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs)
971 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group))")
972
973 self.assertEquals(str(res[0].dn), ("CN=ldaptestgroup2,CN=Users," + self.base_dn))
974 self.assertEquals(res[0]["member"][0], ("CN=ldaptestuser2,CN=Users," + self.base_dn))
975 self.assertEquals(len(res[0]["member"]), 1)
976
977 ldb.delete(("CN=ldaptestuser2,CN=Users," + self.base_dn))
978
979 time.sleep(4)
980
981 attrs = ["cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member"]
982 print "Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete"
983 res = ldb.search(self.base_dn, expression="(&(cn=ldaptestgroup2)(objectClass=group))", scope=SCOPE_SUBTREE, attrs=attrs)
984 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete")
985
986 self.assertEquals(str(res[0].dn), ("CN=ldaptestgroup2,CN=Users," + self.base_dn))
987 self.assertTrue("member" not in res[0])
988
989 print "Testing ldb.search for (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))"
990 res = ldb.search(expression="(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))")
991 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))")
992
993 self.assertEquals(str(res[0].dn), ("CN=ldaptestutf8user èùéìòà,CN=Users," + self.base_dn))
994 self.assertEquals(str(res[0]["cn"]), "ldaptestutf8user èùéìòà")
995 self.assertEquals(str(res[0]["name"]), "ldaptestutf8user èùéìòà")
996 self.assertEquals(list(res[0]["objectClass"]), ["top", "person", "organizationalPerson", "user"])
997 self.assertTrue("objectGUID" in res[0])
998 self.assertTrue("whenCreated" in res[0])
999
1000 ldb.delete(res[0].dn)
1001
1002 print "Testing ldb.search for (&(cn=ldaptestutf8user2*)(objectClass=user))"
1003 res = ldb.search(expression="(&(cn=ldaptestutf8user2*)(objectClass=user))")
1004 self.assertEquals(len(res), 1, "Could not find (&(cn=ldaptestutf8user2*)(objectClass=user))")
1005
1006 ldb.delete(res[0].dn)
1007
1008 ldb.delete(("CN=ldaptestgroup2,CN=Users," + self.base_dn))
1009
1010 print "Testing ldb.search for (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))"
1011 res = ldb.search(expression="(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))")
1012
1013 #FIXME: self.assert len(res) == 1, "Could not find (expect space collapse, win2k3 fails) (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))"
1014
1015 print "Testing that we can't get at the configuration DN from the main search base"
1016 res = ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
1017 self.assertEquals(len(res), 0)
1018
1019 print "Testing that we can get at the configuration DN from the main search base on the LDAP port with the 'phantom root' search_options control"
1020 res = ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:2"])
1021 self.assertTrue(len(res) > 0)
1022
1023 if gc_ldb is not None:
1024 print "Testing that we can get at the configuration DN from the main search base on the GC port with the search_options control == 0"
1025
1026 res = gc_ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["search_options:1:0"])
1027 self.assertTrue(len(res) > 0)
1028
1029 print "Testing that we do find configuration elements in the global catlog"
1030 res = gc_ldb.search(self.base_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
1031 self.assertTrue(len(res) > 0)
1032
1033 print "Testing that we do find configuration elements and user elements at the same time"
1034 res = gc_ldb.search(self.base_dn, expression="(|(objectClass=crossRef)(objectClass=person))", scope=SCOPE_SUBTREE, attrs=["cn"])
1035 self.assertTrue(len(res) > 0)
1036
1037 print "Testing that we do find configuration elements in the global catlog, with the configuration basedn"
1038 res = gc_ldb.search(self.configuration_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
1039 self.assertTrue(len(res) > 0)
1040
1041 print "Testing that we can get at the configuration DN on the main LDAP port"
1042 res = ldb.search(self.configuration_dn, expression="objectClass=crossRef", scope=SCOPE_SUBTREE, attrs=["cn"])
1043 self.assertTrue(len(res) > 0)
1044
1045 print "Testing objectCategory canonacolisation"
1046 res = ldb.search(self.configuration_dn, expression="objectCategory=ntDsDSA", scope=SCOPE_SUBTREE, attrs=["cn"])
1047 self.assertTrue(len(res) > 0, "Didn't find any records with objectCategory=ntDsDSA")
1048 self.assertTrue(len(res) != 0)
1049
1050 res = ldb.search(self.configuration_dn, expression="objectCategory=CN=ntDs-DSA," + self.schema_dn, scope=SCOPE_SUBTREE, attrs=["cn"])
1051 self.assertTrue(len(res) > 0, "Didn't find any records with objectCategory=CN=ntDs-DSA," + self.schema_dn)
1052 self.assertTrue(len(res) != 0)
1053
1054 print "Testing objectClass attribute order on "+ self.base_dn
1055 res = ldb.search(expression="objectClass=domain", base=self.base_dn,
1056 scope=SCOPE_BASE, attrs=["objectClass"])
1057 self.assertEquals(len(res), 1)
1058
1059 self.assertEquals(list(res[0]["objectClass"]), ["top", "domain", "domainDNS"])
1060
1061 # check enumeration
1062
1063 print "Testing ldb.search for objectCategory=person"
1064 res = ldb.search(self.base_dn, expression="objectCategory=person", scope=SCOPE_SUBTREE, attrs=["cn"])
1065 self.assertTrue(len(res) > 0)
1066
1067 print "Testing ldb.search for objectCategory=person with domain scope control"
1068 res = ldb.search(self.base_dn, expression="objectCategory=person", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"])
1069 self.assertTrue(len(res) > 0)
1070
1071 print "Testing ldb.search for objectCategory=user"
1072 res = ldb.search(self.base_dn, expression="objectCategory=user", scope=SCOPE_SUBTREE, attrs=["cn"])
1073 self.assertTrue(len(res) > 0)
1074
1075 print "Testing ldb.search for objectCategory=user with domain scope control"
1076 res = ldb.search(self.base_dn, expression="objectCategory=user", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"])
1077 self.assertTrue(len(res) > 0)
1078
1079 print "Testing ldb.search for objectCategory=group"
1080 res = ldb.search(self.base_dn, expression="objectCategory=group", scope=SCOPE_SUBTREE, attrs=["cn"])
1081 self.assertTrue(len(res) > 0)
1082
1083 print "Testing ldb.search for objectCategory=group with domain scope control"
1084 res = ldb.search(self.base_dn, expression="objectCategory=group", scope=SCOPE_SUBTREE, attrs=["cn"], controls=["domain_scope:1"])
1085 self.assertTrue(len(res) > 0)
1086
1087
1088 class BaseDnTests(unittest.TestCase):
1089 def setUp(self):
1090 self.ldb = ldb
1091
1092 def test_rootdse_attrs(self):
1093 """Testing for all rootDSE attributes"""
1094 res = self.ldb.search(scope=SCOPE_BASE, attrs=[])
1095 self.assertEquals(len(res), 1)
1096
1097 def test_highestcommittedusn(self):
1098 """Testing for highestCommittedUSN"""
1099 res = self.ldb.search("", scope=SCOPE_BASE, attrs=["highestCommittedUSN"])
1100 self.assertEquals(len(res), 1)
1101 self.assertTrue(int(res[0]["highestCommittedUSN"][0]) != 0)
1102
1103 def test_netlogon(self):
1104 """Testing for netlogon via LDAP"""
1105 res = self.ldb.search("", scope=SCOPE_BASE, attrs=["netlogon"])
1106 self.assertEquals(len(res), 0)
1107
1108 def test_netlogon_highestcommitted_usn(self):
1109 """Testing for netlogon and highestCommittedUSN via LDAP"""
1110 res = self.ldb.search("", scope=SCOPE_BASE,
1111 attrs=["netlogon", "highestCommittedUSN"])
1112 self.assertEquals(len(res), 0)
1113
1114 class SchemaTests(unittest.TestCase):
1115 def delete_force(self, ldb, dn):
1116 try:
1117 ldb.delete(dn)
1118 except LdbError, (num, _):
1119 self.assertEquals(num, ERR_NO_SUCH_OBJECT)
1120
1121 def find_schemadn(self, ldb):
1122 res = ldb.search(base="", expression="", scope=SCOPE_BASE, attrs=["schemaNamingContext"])
1123 self.assertEquals(len(res), 1)
1124 return res[0]["schemaNamingContext"][0]
1125
1126 def find_basedn(self, ldb):
1127 res = ldb.search(base="", expression="", scope=SCOPE_BASE,
1128 attrs=["defaultNamingContext"])
1129 self.assertEquals(len(res), 1)
1130 return res[0]["defaultNamingContext"][0]
1131
1132 def setUp(self):
1133 self.ldb = ldb
1134 self.schema_dn = self.find_schemadn(ldb)
1135 self.base_dn = self.find_basedn(ldb)
1136
1137 def test_generated_schema(self):
1138 """Testing we can read the generated schema via LDAP"""
1139 res = self.ldb.search("cn=aggregate,"+self.schema_dn, scope=SCOPE_BASE,
1140 attrs=["objectClasses", "attributeTypes", "dITContentRules"])
1141 self.assertEquals(len(res), 1)
1142 self.assertTrue("dITContentRules" in res[0])
1143 self.assertTrue("objectClasses" in res[0])
1144 self.assertTrue("attributeTypes" in res[0])
1145
1146 def test_generated_schema_is_operational(self):
1147 """Testing we don't get the generated schema via LDAP by default"""
1148 res = self.ldb.search("cn=aggregate,"+self.schema_dn, scope=SCOPE_BASE,
1149 attrs=["*"])
1150 self.assertEquals(len(res), 1)
1151 self.assertFalse("dITContentRules" in res[0])
1152 self.assertFalse("objectClasses" in res[0])
1153 self.assertFalse("attributeTypes" in res[0])
1154
1155 def test_schemaUpdateNow(self):
1156 """Testing schemaUpdateNow"""
1157 class_name = "test-class" + time.strftime("%s", time.gmtime())
1158 class_ldap_display_name = class_name.replace("-", "")
1159 object_name = "obj" + time.strftime("%s", time.gmtime())
1160
1161 ldif = """
1162 dn: CN=%s,%s""" % (class_name, self.schema_dn) + """
1163 lDAPDisplayName: """ + class_ldap_display_name + """
1164 objectClass: top
1165 objectClass: classSchema
1166 adminDescription: """ + class_name + """
1167 adminDisplayName: """ + class_name + """
1168 cn: """ + class_name + """
1169 objectCategory: CN=Class-Schema,""" + self.schema_dn + """
1170 defaultObjectCategory: CN=%s,%s""" % (class_name, self.schema_dn) + """
1171 distinguishedName: CN=%s,%s""" % (class_name, self.schema_dn) + """
1172 governsID: 1.2.840.""" + time.strftime("%s", time.gmtime())[3:] + """.1.5.9939
1173 instanceType: 4
1174 name: """ + class_name + """
1175 objectClassCategory: 1
1176 subClassOf: organizationalPerson
1177 systemFlags: 16
1178 rDNAttID: cn
1179 systemMustContain: cn
1180 systemOnly: FALSE
1181 """
1182 self.ldb.add_ldif(ldif)
1183 ldif = """
1184 dn:
1185 changetype: modify
1186 add: schemaUpdateNow
1187 schemaUpdateNow: 1
1188 """
1189 self.ldb.modify_ldif(ldif)
1190 ldif = """
1191 dn: CN=%s,CN=Users,%s"""% (object_name, self.base_dn) + """
1192 objectClass: organizationalPerson
1193 objectClass: person
1194 objectClass: """ + class_ldap_display_name + """
1195 objectClass: top
1196 cn: """ + object_name + """
1197 instanceType: 4
1198 objectCategory: CN=%s,%s"""% (class_name, self.schema_dn) + """
1199 distinguishedName: CN=%s,CN=Users,%s"""% (object_name, self.base_dn) + """
1200 name: """ + object_name + """
1201 """
1202 self.ldb.add_ldif(ldif)
1203 # Search for created objectClass
1204 res = []
1205 res = self.ldb.search("cn=%s,%s" % (class_name, self.schema_dn), scope=SCOPE_BASE, attrs=["*"])
1206 self.assertNotEqual(res, [])
1207
1208 res = []
1209 res = self.ldb.search("cn=%s,cn=Users,%s" % (object_name, self.base_dn), scope=SCOPE_BASE, attrs=["*"])
1210 self.assertNotEqual(res, [])
1211 # Delete the object
1212 self.delete_force(self.ldb, "cn=%s,cn=Users,%s" % (object_name, self.base_dn))
1213
1214 if not "://" in host:
1215 host = "ldap://%s" % host
1216
1217 ldb = Ldb(host, credentials=creds, session_info=system_session(), lp=lp)
1218 gc_ldb = Ldb("%s:3268" % host, credentials=creds,
1219 session_info=system_session(), lp=lp)
1220
1221 runner = SubunitTestRunner()
1222 rc = 0
1223 if not runner.run(unittest.makeSuite(BaseDnTests)).wasSuccessful():
1224 rc = 1
1225 if not runner.run(unittest.makeSuite(BasicTests)).wasSuccessful():
1226 rc = 1
1227 if not runner.run(unittest.makeSuite(SchemaTests)).wasSuccessful():
1228 rc = 1
1229 sys.exit(rc)
fernandojvsilva's samba4 branch