def test_change_password_target_pdc(self):
self.require(ad_admin=True)
domain = self.domain()
creds = Creds(domain)
creds.acquire(self.ad_admin_account(), self.ad_admin_password())
activate(creds)
client = Client(domain)
locator = Locator()
pdc = locator.locate(domain, role='pdc')
user = self._create_user(client, 'test-usr-4', server=pdc)
principal = 'test-usr-4@%s' % domain
client.set_password(principal, 'Pass123', server=pdc)
mods = []
ctrl = AD_USERCTRL_NORMAL_ACCOUNT
mods.append(('replace', 'userAccountControl', [str(ctrl)]))
mods.append(('replace', 'pwdLastSet', ['0']))
client.modify(user, mods, server=pdc)
client.change_password(principal, 'Pass123', 'Pass456', server=pdc)
creds = Creds(domain)
creds.acquire('test-usr-4', 'Pass456', server=pdc)
assert_raises(ADError,
creds.acquire,
'test-usr-4',
'Pass321',
server=pdc)
self._delete_obj(client, user, server=pdc)
def test_search_server(self):
self.require(ad_user=True)
domain = self.domain()
creds = Creds(domain)
creds.acquire(self.ad_user_account(), self.ad_user_password())
activate(creds)
locator = Locator()
server = locator.locate(domain)
client = Client(domain)
result = client.search('(objectClass=user)', server=server)
assert len(result) > 1
def test_search_server(self):
self.require(ad_user=True)
domain = self.domain()
creds = Creds(domain)
creds.acquire(self.ad_user_account(), self.ad_user_password())
activate(creds)
locator = Locator()
server = locator.locate(domain)
client = Client(domain)
result = client.search('(objectClass=user)', server=server)
assert len(result) > 1
def test_search_rootdse(self):
self.require(ad_user=True)
domain = self.domain()
creds = Creds(domain)
creds.acquire(self.ad_user_account(), self.ad_user_password())
activate(creds)
locator = Locator()
server = locator.locate(domain)
client = Client(domain)
result = client.search(base='', scope='base', server=server)
assert len(result) == 1
dns, attrs = result[0]
assert attrs.has_key('supportedControl')
assert attrs.has_key('supportedSASLMechanisms')
def test_search_rootdse(self):
self.require(ad_user=True)
domain = self.domain()
creds = Creds(domain)
creds.acquire(self.ad_user_account(), self.ad_user_password())
activate(creds)
locator = Locator()
server = locator.locate(domain)
client = Client(domain)
result = client.search(base='', scope='base', server=server)
assert len(result) == 1
dns, attrs = result[0]
assert attrs.has_key('supportedControl')
assert attrs.has_key('supportedSASLMechanisms')
def test_set_password_target_pdc(self):
self.require(ad_admin=True)
domain = self.domain()
creds = Creds(domain)
creds.acquire(self.ad_admin_account(), self.ad_admin_password())
activate(creds)
client = Client(domain)
locator = Locator()
pdc = locator.locate(domain, role='pdc')
user = self._create_user(client, 'test-usr-2', server=pdc)
principal = 'test-usr-2@%s' % domain
client.set_password(principal, 'Pass123', server=pdc)
mods = []
ctrl = AD_USERCTRL_NORMAL_ACCOUNT
mods.append(('replace', 'userAccountControl', [str(ctrl)]))
client.modify(user, mods, server=pdc)
creds = Creds(domain)
creds.acquire('test-usr-2', 'Pass123', server=pdc)
assert_raises(ADError, creds.acquire, 'test-usr-2','Pass321',
server=pdc)
self._delete_obj(client, user, server=pdc)
