def test_acquire_multi(self): self.require(ad_user=True) domain = self.domain() principal = self.ad_user_account() password = self.ad_user_password() creds1 = ADCreds(domain) creds1.acquire(principal, password) ccache1 = creds1._ccache_name() config1 = creds1._config_name() assert ccache1 == os.environ['KRB5CCNAME'] assert config1 == os.environ['KRB5_CONFIG'] creds2 = ADCreds(domain) creds2.acquire(principal, password) ccache2 = creds2._ccache_name() config2 = creds2._config_name() assert ccache2 == os.environ['KRB5CCNAME'] assert config2 == os.environ['KRB5_CONFIG'] assert ccache1 != ccache2 assert config1 != config2 activate(creds1) assert os.environ['KRB5CCNAME'] == ccache1 assert os.environ['KRB5_CONFIG'] == config1 activate(creds2) assert os.environ['KRB5CCNAME'] == ccache2 assert os.environ['KRB5_CONFIG'] == config2
def test_acquire_keytab(self): self.require(ad_user=True) domain = self.domain() creds = ADCreds(domain) principal = self.ad_user_account() password = self.ad_user_password() creds.acquire(principal, password) os.environ['PATH'] = '/usr/kerberos/sbin:/usr/kerberos/bin:%s' % \ os.environ['PATH'] fullprinc = creds.principal() child = pexpect.spawn('kvno %s' % fullprinc) child.expect('kvno =') kvno = int(child.readline()) child.expect(pexpect.EOF) child = pexpect.spawn('ktutil') child.expect('ktutil:') child.sendline('addent -password -p %s -k %d -e rc4-hmac' % (fullprinc, kvno)) child.expect('Password for.*:') child.sendline(password) child.expect('ktutil:') keytab = self.tempfile(remove=True) child.sendline('wkt %s' % keytab) child.expect('ktutil:') child.sendline('quit') child.expect(pexpect.EOF) creds.release() creds.acquire(principal, keytab=keytab) child = pexpect.spawn('klist') pattern = '.*krbtgt/%s@%s' % (domain.upper(), domain.upper()) assert child.expect([pattern]) == 0
def test_acquire_keytab(self, conf): conf.require(ad_user=True) domain = conf.domain() creds = ADCreds(domain) principal = conf.ad_user_account() password = conf.ad_user_password() creds.acquire(principal, password) os.environ['PATH'] = '/usr/kerberos/sbin:/usr/kerberos/bin:%s' % \ os.environ['PATH'] fullprinc = creds.principal() child = pexpect.spawn('kvno %s' % fullprinc) child.expect('kvno =') kvno = int(child.readline()) child.expect(pexpect.EOF) child = pexpect.spawn('ktutil') child.expect('ktutil:') child.sendline('addent -password -p %s -k %d -e rc4-hmac' % (fullprinc, kvno)) child.expect('Password for.*:') child.sendline(password) child.expect('ktutil:') keytab = conf.tempfile(remove=True) child.sendline('wkt %s' % keytab) child.expect('ktutil:') child.sendline('quit') child.expect(pexpect.EOF) creds.release() creds.acquire(principal, keytab=keytab) child = pexpect.spawn('klist') pattern = '.*krbtgt/%s@%s' % (domain.upper(), domain.upper()) assert child.expect([pattern]) == 0
def test_change_password_target_pdc(self): self.require(ad_admin=True) domain = self.domain() creds = Creds(domain) creds.acquire(self.ad_admin_account(), self.ad_admin_password()) activate(creds) client = Client(domain) locator = Locator() pdc = locator.locate(domain, role='pdc') user = self._create_user(client, 'test-usr-4', server=pdc) principal = 'test-usr-4@%s' % domain client.set_password(principal, 'Pass123', server=pdc) mods = [] ctrl = AD_USERCTRL_NORMAL_ACCOUNT mods.append(('replace', 'userAccountControl', [str(ctrl)])) mods.append(('replace', 'pwdLastSet', ['0'])) client.modify(user, mods, server=pdc) client.change_password(principal, 'Pass123', 'Pass456', server=pdc) creds = Creds(domain) creds.acquire('test-usr-4', 'Pass456', server=pdc) assert_raises(ADError, creds.acquire, 'test-usr-4', 'Pass321', server=pdc) self._delete_obj(client, user, server=pdc)
def test_acquire_multi(self, conf): conf.require(ad_user=True) domain = conf.domain() principal = conf.ad_user_account() password = conf.ad_user_password() creds1 = ADCreds(domain) creds1.acquire(principal, password) ccache1 = creds1._ccache_name() config1 = creds1._config_name() assert ccache1 == os.environ['KRB5CCNAME'] assert config1 == os.environ['KRB5_CONFIG'] creds2 = ADCreds(domain) creds2.acquire(principal, password) ccache2 = creds2._ccache_name() config2 = creds2._config_name() assert ccache2 == os.environ['KRB5CCNAME'] assert config2 == os.environ['KRB5_CONFIG'] assert ccache1 != ccache2 assert config1 != config2 activate(creds1) assert os.environ['KRB5CCNAME'] == ccache1 assert os.environ['KRB5_CONFIG'] == config1 activate(creds2) assert os.environ['KRB5CCNAME'] == ccache2 assert os.environ['KRB5_CONFIG'] == config2
def test_add(self): self.require(ad_admin=True) domain = self.domain() creds = Creds(domain) creds.acquire(self.ad_admin_account(), self.ad_admin_password()) activate(creds) client = Client(domain) user = self._create_user(client, 'test-usr') self._delete_obj(client, user)
def test_delete(self): self.require(ad_admin=True) domain = self.domain() creds = Creds(domain) creds.acquire(self.ad_admin_account(), self.ad_admin_password()) activate(creds) client = Client(domain) dn = self._create_user(client, 'test-usr') client.delete(dn)
def test_naming_contexts(self): self.require(ad_user=True) domain = self.domain() creds = Creds(domain) creds.acquire(self.ad_user_account(), self.ad_user_password()) activate(creds) client = Client(domain) naming_contexts = client.naming_contexts() assert len(naming_contexts) >= 3
def test_naming_contexts(self, conf): conf.require(ad_user=True) domain = conf.domain() creds = Creds(domain) creds.acquire(conf.ad_user_account(), conf.ad_user_password()) activate(creds) client = Client(domain) naming_contexts = client.naming_contexts() assert len(naming_contexts) >= 3
def test_search(self): self.require(ad_user=True) domain = self.domain() creds = Creds(domain) creds.acquire(self.ad_user_account(), self.ad_user_password()) activate(creds) client = Client(domain) result = client.search('(objectClass=user)') assert len(result) > 1
def test_add(self, conf): conf.require(ad_admin=True) domain = conf.domain() creds = Creds(domain) creds.acquire(conf.ad_admin_account(), conf.ad_admin_password()) activate(creds) client = Client(domain) user = utils.create_user(client, 'test-usr') delete_obj(client, user)
def test_delete(self, conf): conf.require(ad_admin=True) domain = conf.domain() creds = Creds(domain) creds.acquire(conf.ad_admin_account(), conf.ad_admin_password()) activate(creds) client = Client(domain) dn = utils.create_user(client, 'test-usr') client.delete(dn)
def test_search_configuration(self): self.require(ad_user=True) domain = self.domain() creds = Creds(domain) creds.acquire(self.ad_user_account(), self.ad_user_password()) activate(creds) client = Client(domain) base = client.configuration_base() result = client.search('(objectClass=*)', base=base, scope='base') assert len(result) == 1
def test_forest(self, conf): conf.require(ad_user=True) domain = conf.domain() creds = Creds(domain) creds.acquire(conf.ad_user_account(), conf.ad_user_password()) activate(creds) client = Client(domain) forest = client.forest() assert forest assert forest.isupper()
def test_search(self, conf): pytest.skip('test disabled: hanging') conf.require(ad_user=True) domain = conf.domain() creds = Creds(domain) creds.acquire(conf.ad_user_account(), conf.ad_user_password()) activate(creds) client = Client(domain) result = client.search('(objectClass=user)') assert len(result) > 1
def test_forest(self): self.require(ad_user=True) domain = self.domain() creds = Creds(domain) creds.acquire(self.ad_user_account(), self.ad_user_password()) activate(creds) client = Client(domain) forest = client.forest() assert forest assert forest.isupper()
def test_search_schema(self, conf): conf.require(ad_user=True) domain = conf.domain() creds = Creds(domain) creds.acquire(conf.ad_user_account(), conf.ad_user_password()) activate(creds) client = Client(domain) base = client.schema_base() result = client.search('(objectClass=*)', base=base, scope='base') assert len(result) == 1
def test_search_configuration(self, conf): conf.require(ad_user=True) domain = conf.domain() creds = Creds(domain) creds.acquire(conf.ad_user_account(), conf.ad_user_password()) activate(creds) client = Client(domain) base = client.configuration_base() result = client.search('(objectClass=*)', base=base, scope='base') assert len(result) == 1
def test_search_schema(self): self.require(ad_user=True) domain = self.domain() creds = Creds(domain) creds.acquire(self.ad_user_account(), self.ad_user_password()) activate(creds) client = Client(domain) base = client.schema_base() result = client.search('(objectClass=*)', base=base, scope='base') assert len(result) == 1
def test_domains(self, conf): conf.require(ad_user=True) domain = conf.domain() creds = Creds(domain) creds.acquire(conf.ad_user_account(), conf.ad_user_password()) activate(creds) client = Client(domain) domains = client.domains() for domain in domains: assert domain assert domain.isupper()
def test_search_server(self, conf): conf.require(ad_user=True) domain = conf.domain() creds = Creds(domain) creds.acquire(conf.ad_user_account(), conf.ad_user_password()) activate(creds) locator = Locator() server = locator.locate(domain) client = Client(domain) result = client.search('(objectClass=user)', server=server) assert len(result) > 1
def test_domains(self): self.require(ad_user=True) domain = self.domain() creds = Creds(domain) creds.acquire(self.ad_user_account(), self.ad_user_password()) activate(creds) client = Client(domain) domains = client.domains() for domain in domains: assert domain assert domain.isupper()
def test_search_all_domains(self, conf): conf.require(ad_user=True) domain = conf.domain() creds = Creds(domain) creds.acquire(conf.ad_user_account(), conf.ad_user_password()) activate(creds) client = Client(domain) domains = client.domains() for domain in domains: base = client.dn_from_domain_name(domain) result = client.search('(objectClass=*)', base=base, scope='base') assert len(result) == 1
def test_acquire_password(self, conf): conf.require(ad_user=True) domain = conf.domain() creds = ADCreds(domain) principal = conf.ad_user_account() password = conf.ad_user_password() creds.acquire(principal, password) principal = '%s@%s' % (principal, domain) assert creds.principal().lower() == principal.lower() child = pexpect.spawn('klist') pattern = '.*krbtgt/%s@%s' % (domain.upper(), domain.upper()) assert child.expect([pattern]) == 0
def test_acquire_password(self): self.require(ad_user=True) domain = self.domain() creds = ADCreds(domain) principal = self.ad_user_account() password = self.ad_user_password() creds.acquire(principal, password) principal = '%s@%s' % (principal, domain) assert creds.principal().lower() == principal.lower() child = pexpect.spawn('klist') pattern = '.*krbtgt/%s@%s' % (domain.upper(), domain.upper()) assert child.expect([pattern]) == 0
def test_modify(self): self.require(ad_admin=True) domain = self.domain() creds = Creds(domain) creds.acquire(self.ad_admin_account(), self.ad_admin_password()) activate(creds) client = Client(domain) user = self._create_user(client, 'test-usr') mods = [] mods.append(('replace', 'sAMAccountName', ['test-usr-2'])) client.modify(user, mods) self._delete_obj(client, user)
def test_modify(self, conf): conf.require(ad_admin=True) domain = conf.domain() creds = Creds(domain) creds.acquire(conf.ad_admin_account(), conf.ad_admin_password()) activate(creds) client = Client(domain) user = utils.create_user(client, 'test-usr') mods = [] mods.append(('replace', 'sAMAccountName', ['test-usr-2'])) client.modify(user, mods) delete_obj(client, user)
def test_search_all_domains(self): self.require(ad_user=True) domain = self.domain() creds = Creds(domain) creds.acquire(self.ad_user_account(), self.ad_user_password()) activate(creds) client = Client(domain) domains = client.domains() for domain in domains: base = client.dn_from_domain_name(domain) result = client.search('(objectClass=*)', base=base, scope='base') assert len(result) == 1
def test_search_gc(self): self.require(ad_user=True) domain = self.domain() creds = Creds(domain) creds.acquire(self.ad_user_account(), self.ad_user_password()) activate(creds) client = Client(domain) result = client.search('(objectClass=user)', scheme='gc') assert len(result) > 1 for res in result: dn, attrs = res # accountExpires is always set, but is not a GC attribute assert 'accountExpires' not in attrs
def test_search_gc(self, conf): conf.require(ad_user=True) domain = conf.domain() creds = Creds(domain) creds.acquire(conf.ad_user_account(), conf.ad_user_password()) activate(creds) client = Client(domain) result = client.search('(objectClass=user)', scheme='gc') assert len(result) > 1 for res in result: dn, attrs = res # accountExpires is always set, but is not a GC attribute assert 'accountExpires' not in attrs
def test_search_rootdse(self, conf): conf.require(ad_user=True) domain = conf.domain() creds = Creds(domain) creds.acquire(conf.ad_user_account(), conf.ad_user_password()) activate(creds) locator = Locator() server = locator.locate(domain) client = Client(domain) result = client.search(base='', scope='base', server=server) assert len(result) == 1 dns, attrs = result[0] assert 'supportedControl' in attrs assert 'supportedSASLMechanisms' in attrs
def test_cleanup_files(self, conf): conf.require(ad_user=True) domain = conf.domain() principal = conf.ad_user_account() password = conf.ad_user_password() creds = ADCreds(domain) creds.acquire(principal, password) ccache = creds._ccache_name() config = creds._config_name() assert os.access(ccache, os.R_OK) assert os.access(config, os.R_OK) creds.release() assert not os.access(ccache, os.R_OK) assert not os.access(config, os.R_OK)
def test_modrdn(self, conf): conf.require(ad_admin=True) domain = conf.domain() creds = Creds(domain) creds.acquire(conf.ad_admin_account(), conf.ad_admin_password()) activate(creds) client = Client(domain) result = client.search('(&(objectClass=user)(sAMAccountName=test-usr))') if result: client.delete(result[0][0]) user = utils.create_user(client, 'test-usr') client.modrdn(user, 'cn=test-usr2') result = client.search('(&(objectClass=user)(cn=test-usr2))') assert len(result) == 1
def test_search_rootdse(self): self.require(ad_user=True) domain = self.domain() creds = Creds(domain) creds.acquire(self.ad_user_account(), self.ad_user_password()) activate(creds) locator = Locator() server = locator.locate(domain) client = Client(domain) result = client.search(base='', scope='base', server=server) assert len(result) == 1 dns, attrs = result[0] assert attrs.has_key('supportedControl') assert attrs.has_key('supportedSASLMechanisms')
def test_cleanup_files(self): self.require(ad_user=True) domain = self.domain() principal = self.ad_user_account() password = self.ad_user_password() creds = ADCreds(domain) creds.acquire(principal, password) ccache = creds._ccache_name() config = creds._config_name() assert os.access(ccache, os.R_OK) assert os.access(config, os.R_OK) creds.release() assert not os.access(ccache, os.R_OK) assert not os.access(config, os.R_OK)
def test_paged_results(self, conf): conf.require(ad_admin=True, expensive=True) domain = conf.domain() creds = Creds(domain) creds.acquire(conf.ad_admin_account(), conf.ad_admin_password()) activate(creds) client = Client(domain) users = [] for i in range(2000): user = utils.create_user(client, 'test-usr-%04d' % i) users.append(user) result = client.search('(cn=test-usr-*)') assert len(result) == 2000 for user in users: delete_obj(client, user)
def test_modrdn(self): self.require(ad_admin=True) domain = self.domain() creds = Creds(domain) creds.acquire(self.ad_admin_account(), self.ad_admin_password()) activate(creds) client = Client(domain) result = client.search( '(&(objectClass=user)(sAMAccountName=test-usr))') if result: client.delete(result[0][0]) user = self._create_user(client, 'test-usr') client.modrdn(user, 'cn=test-usr2') result = client.search('(&(objectClass=user)(cn=test-usr2))') assert len(result) == 1
def test_paged_results(self): self.require(ad_admin=True, expensive=True) domain = self.domain() creds = Creds(domain) creds.acquire(self.ad_admin_account(), self.ad_admin_password()) activate(creds) client = Client(domain) users = [] for i in range(2000): user = self._create_user(client, 'test-usr-%04d' % i) users.append(user) result = client.search('(cn=test-usr-*)') assert len(result) == 2000 for user in users: self._delete_obj(client, user)
def test_cleanup_environment(self): self.require(ad_user=True) domain = self.domain() principal = self.ad_user_account() password = self.ad_user_password() ccorig = os.environ.get('KRB5CCNAME') cforig = os.environ.get('KRB5_CONFIG') creds = ADCreds(domain) creds.acquire(principal, password) ccache = creds._ccache_name() config = creds._config_name() assert ccache != ccorig assert config != cforig creds.release() assert os.environ.get('KRB5CCNAME') == ccorig assert os.environ.get('KRB5_CONFIG') == cforig
def test_cleanup_environment(self, conf): conf.require(ad_user=True) domain = conf.domain() principal = conf.ad_user_account() password = conf.ad_user_password() ccorig = os.environ.get('KRB5CCNAME') cforig = os.environ.get('KRB5_CONFIG') creds = ADCreds(domain) creds.acquire(principal, password) ccache = creds._ccache_name() config = creds._config_name() assert ccache != ccorig assert config != cforig creds.release() assert os.environ.get('KRB5CCNAME') == ccorig assert os.environ.get('KRB5_CONFIG') == cforig
def test_set_password(self, conf): conf.require(ad_admin=True) domain = conf.domain() creds = Creds(domain) creds.acquire(conf.ad_admin_account(), conf.ad_admin_password()) activate(creds) client = Client(domain) user = utils.create_user(client, 'test-usr-1') principal = 'test-usr-1@%s' % domain client.set_password(principal, 'Pass123') mods = [] ctrl = AD_USERCTRL_NORMAL_ACCOUNT mods.append(('replace', 'userAccountControl', [str(ctrl)])) client.modify(user, mods) creds = Creds(domain) creds.acquire('test-usr-1', 'Pass123') assert_raises(ADError, creds.acquire, 'test-usr-1', 'Pass321') delete_obj(client, user)
def test_set_password(self): self.require(ad_admin=True) domain = self.domain() creds = Creds(domain) creds.acquire(self.ad_admin_account(), self.ad_admin_password()) activate(creds) client = Client(domain) user = self._create_user(client, 'test-usr-1') principal = 'test-usr-1@%s' % domain client.set_password(principal, 'Pass123') mods = [] ctrl = AD_USERCTRL_NORMAL_ACCOUNT mods.append(('replace', 'userAccountControl', [str(ctrl)])) client.modify(user, mods) creds = Creds(domain) creds.acquire('test-usr-1', 'Pass123') assert_raises(ADError, creds.acquire, 'test-usr-1', 'Pass321') self._delete_obj(client, user)
def test_change_password(self, conf): conf.require(ad_admin=True) domain = conf.domain() creds = Creds(domain) creds.acquire(conf.ad_admin_account(), conf.ad_admin_password()) activate(creds) client = Client(domain) user = utils.create_user(client, 'test-usr-3') principal = 'test-usr-3@%s' % domain client.set_password(principal, 'Pass123') mods = [] ctrl = AD_USERCTRL_NORMAL_ACCOUNT mods.append(('replace', 'userAccountControl', [str(ctrl)])) mods.append(('replace', 'pwdLastSet', ['0'])) client.modify(user, mods) client.change_password(principal, 'Pass123', 'Pass456') creds = Creds(domain) creds.acquire('test-usr-3', 'Pass456') assert_raises(ADError, creds.acquire, 'test-usr-3', 'Pass321') delete_obj(client, user)
def test_change_password(self): self.require(ad_admin=True) domain = self.domain() creds = Creds(domain) creds.acquire(self.ad_admin_account(), self.ad_admin_password()) activate(creds) client = Client(domain) user = self._create_user(client, 'test-usr-3') principal = 'test-usr-3@%s' % domain client.set_password(principal, 'Pass123') mods = [] ctrl = AD_USERCTRL_NORMAL_ACCOUNT mods.append(('replace', 'userAccountControl', [str(ctrl)])) mods.append(('replace', 'pwdLastSet', ['0'])) client.modify(user, mods) client.change_password(principal, 'Pass123', 'Pass456') creds = Creds(domain) creds.acquire('test-usr-3', 'Pass456') assert_raises(ADError, creds.acquire, 'test-usr-3', 'Pass321') self._delete_obj(client, user)
def test_release_multi(self, conf): conf.require(ad_user=True) domain = conf.domain() principal = conf.ad_user_account() password = conf.ad_user_password() ccorig = os.environ.get('KRB5CCNAME') cforig = os.environ.get('KRB5_CONFIG') creds1 = ADCreds(domain) creds1.acquire(principal, password) ccache1 = creds1._ccache_name() config1 = creds1._config_name() creds2 = ADCreds(domain) creds2.acquire(principal, password) ccache2 = creds2._ccache_name() config2 = creds2._config_name() creds1.release() assert os.environ['KRB5CCNAME'] == ccache2 assert os.environ['KRB5_CONFIG'] == config2 creds2.release() assert os.environ.get('KRB5CCNAME') == ccorig assert os.environ.get('KRB5_CONFIG') == cforig
def test_set_password_target_pdc(self): self.require(ad_admin=True) domain = self.domain() creds = Creds(domain) creds.acquire(self.ad_admin_account(), self.ad_admin_password()) activate(creds) client = Client(domain) locator = Locator() pdc = locator.locate(domain, role='pdc') user = self._create_user(client, 'test-usr-2', server=pdc) principal = 'test-usr-2@%s' % domain client.set_password(principal, 'Pass123', server=pdc) mods = [] ctrl = AD_USERCTRL_NORMAL_ACCOUNT mods.append(('replace', 'userAccountControl', [str(ctrl)])) client.modify(user, mods, server=pdc) creds = Creds(domain) creds.acquire('test-usr-2', 'Pass123', server=pdc) assert_raises(ADError, creds.acquire, 'test-usr-2','Pass321', server=pdc) self._delete_obj(client, user, server=pdc)
def test_incremental_retrieval_of_multivalued_attributes(self): self.require(ad_admin=True, expensive=True) domain = self.domain() creds = Creds(domain) creds.acquire(self.ad_admin_account(), self.ad_admin_password()) activate(creds) client = Client(domain) user = self._create_user(client, 'test-usr') groups = [] for i in range(2000): group = self._create_group(client, 'test-grp-%04d' % i) self._add_user_to_group(client, user, group) groups.append(group) result = client.search('(sAMAccountName=test-usr)') assert len(result) == 1 dn, attrs = result[0] assert attrs.has_key('memberOf') assert len(attrs['memberOf']) == 2000 self._delete_obj(client, user) for group in groups: self._delete_group(client, group)
def test_incremental_retrieval_of_multivalued_attributes(self, conf): conf.require(ad_admin=True, expensive=True) domain = conf.domain() creds = Creds(domain) creds.acquire(conf.ad_admin_account(), conf.ad_admin_password()) activate(creds) client = Client(domain) user = utils.create_user(client, 'test-usr') groups = [] for i in range(2000): group = utils.create_group(client, 'test-grp-%04d' % i) utils.add_user_to_group(client, user, group) groups.append(group) result = client.search('(sAMAccountName=test-usr)') assert len(result) == 1 dn, attrs = result[0] assert 'memberOf' in attrs assert len(attrs['memberOf']) == 2000 delete_obj(client, user) for group in groups: utils.delete_group(client, group)
def test_rename(self, conf): conf.require(ad_admin=True) domain = conf.domain() creds = Creds(domain) creds.acquire(conf.ad_admin_account(), conf.ad_admin_password()) activate(creds) client = Client(domain) result = client.search('(&(objectClass=user)(sAMAccountName=test-usr))') if result: client.delete(result[0][0]) user = utils.create_user(client, 'test-usr') client.rename(user, 'cn=test-usr2') result = client.search('(&(objectClass=user)(cn=test-usr2))') assert len(result) == 1 user = result[0][0] ou = utils.create_ou(client, 'test-ou') client.rename(user, 'cn=test-usr', ou) newdn = 'cn=test-usr,%s' % ou result = client.search('(&(objectClass=user)(cn=test-usr))') assert len(result) == 1 assert result[0][0].lower() == newdn.lower()
def test_release_multi(self): self.require(ad_user=True) domain = self.domain() principal = self.ad_user_account() password = self.ad_user_password() ccorig = os.environ.get('KRB5CCNAME') cforig = os.environ.get('KRB5_CONFIG') creds1 = ADCreds(domain) creds1.acquire(principal, password) ccache1 = creds1._ccache_name() config1 = creds1._config_name() creds2 = ADCreds(domain) creds2.acquire(principal, password) ccache2 = creds2._ccache_name() config2 = creds2._config_name() creds1.release() assert os.environ['KRB5CCNAME'] == ccache2 assert os.environ['KRB5_CONFIG'] == config2 creds2.release() assert os.environ.get('KRB5CCNAME') == ccorig assert os.environ.get('KRB5_CONFIG') == cforig
def test_rename(self): self.require(ad_admin=True) domain = self.domain() creds = Creds(domain) creds.acquire(self.ad_admin_account(), self.ad_admin_password()) activate(creds) client = Client(domain) result = client.search( '(&(objectClass=user)(sAMAccountName=test-usr))') if result: client.delete(result[0][0]) user = self._create_user(client, 'test-usr') client.rename(user, 'cn=test-usr2') result = client.search('(&(objectClass=user)(cn=test-usr2))') assert len(result) == 1 user = result[0][0] ou = self._create_ou(client, 'test-ou') client.rename(user, 'cn=test-usr', ou) newdn = 'cn=test-usr,%s' % ou result = client.search('(&(objectClass=user)(cn=test-usr))') assert len(result) == 1 assert result[0][0].lower() == newdn.lower()