Esempio n. 1
0
 def test_change_password_target_pdc(self):
     self.require(ad_admin=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     locator = Locator()
     pdc = locator.locate(domain, role='pdc')
     user = self._create_user(client, 'test-usr-4', server=pdc)
     principal = 'test-usr-4@%s' % domain
     client.set_password(principal, 'Pass123', server=pdc)
     mods = []
     ctrl = AD_USERCTRL_NORMAL_ACCOUNT
     mods.append(('replace', 'userAccountControl', [str(ctrl)]))
     mods.append(('replace', 'pwdLastSet', ['0']))
     client.modify(user, mods, server=pdc)
     client.change_password(principal, 'Pass123', 'Pass456', server=pdc)
     creds = Creds(domain)
     creds.acquire('test-usr-4', 'Pass456', server=pdc)
     assert_raises(ADError,
                   creds.acquire,
                   'test-usr-4',
                   'Pass321',
                   server=pdc)
     self._delete_obj(client, user, server=pdc)
Esempio n. 2
0
 def test_search(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     result = client.search('(objectClass=user)')
     assert len(result) > 1
Esempio n. 3
0
 def test_set_password(self):
     self.require(ad_admin=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     user = self._create_user(client, 'test-usr-1')
     principal = 'test-usr-1@%s' % domain
     client.set_password(principal, 'Pass123')
     mods = []
     ctrl = AD_USERCTRL_NORMAL_ACCOUNT
     mods.append(('replace', 'userAccountControl', [str(ctrl)]))
     client.modify(user, mods)
     creds = Creds(domain)
     creds.acquire('test-usr-1', 'Pass123')
     assert_raises(ADError, creds.acquire, 'test-usr-1', 'Pass321')
     self._delete_obj(client, user)
Esempio n. 4
0
 def test_naming_contexts(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     naming_contexts = client.naming_contexts()
     assert len(naming_contexts) >= 3
Esempio n. 5
0
 def test_delete(self):
     self.require(ad_admin=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     dn = self._create_user(client, 'test-usr')
     client.delete(dn)
Esempio n. 6
0
 def test_search_configuration(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     base = client.configuration_base()
     result = client.search('(objectClass=*)', base=base, scope='base')
     assert len(result) == 1
Esempio n. 7
0
 def test_forest(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     forest = client.forest()
     assert forest
     assert forest.isupper()
Esempio n. 8
0
 def test_domains(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     domains = client.domains()
     for domain in domains:
         assert domain
         assert domain.isupper()
Esempio n. 9
0
 def test_modify(self):
     self.require(ad_admin=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     user = self._create_user(client, 'test-usr')
     mods = []
     mods.append(('replace', 'sAMAccountName', ['test-usr-2']))
     client.modify(user, mods)
     self._delete_obj(client, user)
Esempio n. 10
0
 def test_search_all_domains(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     domains = client.domains()
     for domain in domains:
         base = client.dn_from_domain_name(domain)
         result = client.search('(objectClass=*)', base=base, scope='base')
         assert len(result) == 1
Esempio n. 11
0
def factory(cls):
    """Create an instance of a class, creating it using the system specific
    rules."""
    from ad.core.locate import Locator
    from ad.core.creds import Creds
    if issubclass(cls, Locator):
        return _singleton(Locator)
    elif issubclass(cls, Creds):
        domain = detect_domain()
        return Creds(domain)
    else:
        return cls()
Esempio n. 12
0
 def test_search_gc(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     result = client.search('(objectClass=user)', scheme='gc')
     assert len(result) > 1
     for res in result:
         dn, attrs = res
         # accountExpires is always set, but is not a GC attribute
         assert 'accountExpires' not in attrs
Esempio n. 13
0
 def test_search_rootdse(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     locator = Locator()
     server = locator.locate(domain)
     client = Client(domain)
     result = client.search(base='', scope='base', server=server)
     assert len(result) == 1
     dns, attrs = result[0]
     assert attrs.has_key('supportedControl')
     assert attrs.has_key('supportedSASLMechanisms')
Esempio n. 14
0
 def test_paged_results(self):
     self.require(ad_admin=True, expensive=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     users = []
     for i in range(2000):
         user = self._create_user(client, 'test-usr-%04d' % i)
         users.append(user)
     result = client.search('(cn=test-usr-*)')
     assert len(result) == 2000
     for user in users:
         self._delete_obj(client, user)
Esempio n. 15
0
 def test_modrdn(self):
     self.require(ad_admin=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     result = client.search(
         '(&(objectClass=user)(sAMAccountName=test-usr))')
     if result:
         client.delete(result[0][0])
     user = self._create_user(client, 'test-usr')
     client.modrdn(user, 'cn=test-usr2')
     result = client.search('(&(objectClass=user)(cn=test-usr2))')
     assert len(result) == 1
Esempio n. 16
0
 def test_incremental_retrieval_of_multivalued_attributes(self):
     self.require(ad_admin=True, expensive=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     user = self._create_user(client, 'test-usr')
     groups = []
     for i in range(2000):
         group = self._create_group(client, 'test-grp-%04d' % i)
         self._add_user_to_group(client, user, group)
         groups.append(group)
     result = client.search('(sAMAccountName=test-usr)')
     assert len(result) == 1
     dn, attrs = result[0]
     assert attrs.has_key('memberOf')
     assert len(attrs['memberOf']) == 2000
     self._delete_obj(client, user)
     for group in groups:
         self._delete_group(client, group)
Esempio n. 17
0
 def test_rename(self):
     self.require(ad_admin=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     result = client.search(
         '(&(objectClass=user)(sAMAccountName=test-usr))')
     if result:
         client.delete(result[0][0])
     user = self._create_user(client, 'test-usr')
     client.rename(user, 'cn=test-usr2')
     result = client.search('(&(objectClass=user)(cn=test-usr2))')
     assert len(result) == 1
     user = result[0][0]
     ou = self._create_ou(client, 'test-ou')
     client.rename(user, 'cn=test-usr', ou)
     newdn = 'cn=test-usr,%s' % ou
     result = client.search('(&(objectClass=user)(cn=test-usr))')
     assert len(result) == 1
     assert result[0][0].lower() == newdn.lower()