コード例 #1
0
 def test_change_password_target_pdc(self):
     self.require(ad_admin=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     locator = Locator()
     pdc = locator.locate(domain, role='pdc')
     user = self._create_user(client, 'test-usr-4', server=pdc)
     principal = 'test-usr-4@%s' % domain
     client.set_password(principal, 'Pass123', server=pdc)
     mods = []
     ctrl = AD_USERCTRL_NORMAL_ACCOUNT
     mods.append(('replace', 'userAccountControl', [str(ctrl)]))
     mods.append(('replace', 'pwdLastSet', ['0']))
     client.modify(user, mods, server=pdc)
     client.change_password(principal, 'Pass123', 'Pass456', server=pdc)
     creds = Creds(domain)
     creds.acquire('test-usr-4', 'Pass456', server=pdc)
     assert_raises(ADError,
                   creds.acquire,
                   'test-usr-4',
                   'Pass321',
                   server=pdc)
     self._delete_obj(client, user, server=pdc)
コード例 #2
0
 def test_acquire_multi(self):
     self.require(ad_user=True)
     domain = self.domain()
     principal = self.ad_user_account()
     password = self.ad_user_password()
     creds1 = ADCreds(domain)
     creds1.acquire(principal, password)
     ccache1 = creds1._ccache_name()
     config1 = creds1._config_name()
     assert ccache1 == os.environ['KRB5CCNAME']
     assert config1 == os.environ['KRB5_CONFIG']
     creds2 = ADCreds(domain)
     creds2.acquire(principal, password)
     ccache2 = creds2._ccache_name()
     config2 = creds2._config_name()
     assert ccache2 == os.environ['KRB5CCNAME']
     assert config2 == os.environ['KRB5_CONFIG']
     assert ccache1 != ccache2
     assert config1 != config2
     activate(creds1)
     assert os.environ['KRB5CCNAME'] == ccache1
     assert os.environ['KRB5_CONFIG'] == config1
     activate(creds2)
     assert os.environ['KRB5CCNAME'] == ccache2
     assert os.environ['KRB5_CONFIG'] == config2
コード例 #3
0
ファイル: test_creds.py プロジェクト: geertj/python-ad
 def test_acquire_multi(self):
     self.require(ad_user=True)
     domain = self.domain()
     principal = self.ad_user_account()
     password = self.ad_user_password()
     creds1 = ADCreds(domain)
     creds1.acquire(principal, password)
     ccache1 = creds1._ccache_name()
     config1 = creds1._config_name()
     assert ccache1 == os.environ['KRB5CCNAME']
     assert config1 == os.environ['KRB5_CONFIG']
     creds2 = ADCreds(domain)
     creds2.acquire(principal, password)
     ccache2 = creds2._ccache_name()
     config2 = creds2._config_name()
     assert ccache2 == os.environ['KRB5CCNAME']
     assert config2 == os.environ['KRB5_CONFIG']
     assert ccache1 != ccache2
     assert config1 != config2
     activate(creds1)
     assert os.environ['KRB5CCNAME'] == ccache1
     assert os.environ['KRB5_CONFIG'] == config1
     activate(creds2)
     assert os.environ['KRB5CCNAME'] == ccache2
     assert os.environ['KRB5_CONFIG'] == config2
コード例 #4
0
 def test_naming_contexts(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     naming_contexts = client.naming_contexts()
     assert len(naming_contexts) >= 3
コード例 #5
0
ファイル: test_client.py プロジェクト: geertj/python-ad
 def test_naming_contexts(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     naming_contexts = client.naming_contexts()
     assert len(naming_contexts) >= 3
コード例 #6
0
 def test_delete(self):
     self.require(ad_admin=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     dn = self._create_user(client, 'test-usr')
     client.delete(dn)
コード例 #7
0
ファイル: test_client.py プロジェクト: geertj/python-ad
 def test_search(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     result = client.search('(objectClass=user)')
     assert len(result) > 1
コード例 #8
0
ファイル: test_client.py プロジェクト: geertj/python-ad
 def test_delete(self):
     self.require(ad_admin=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     dn = self._create_user(client, 'test-usr')
     client.delete(dn)
コード例 #9
0
 def test_search(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     result = client.search('(objectClass=user)')
     assert len(result) > 1
コード例 #10
0
 def test_forest(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     forest = client.forest()
     assert forest
     assert forest.isupper()
コード例 #11
0
 def test_search_configuration(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     base = client.configuration_base()
     result = client.search('(objectClass=*)', base=base, scope='base')
     assert len(result) == 1
コード例 #12
0
ファイル: test_client.py プロジェクト: geertj/python-ad
 def test_forest(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     forest = client.forest()
     assert forest
     assert forest.isupper()
コード例 #13
0
ファイル: test_client.py プロジェクト: geertj/python-ad
 def test_search_configuration(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     base = client.configuration_base()
     result = client.search('(objectClass=*)', base=base, scope='base')
     assert len(result) == 1
コード例 #14
0
ファイル: test_client.py プロジェクト: geertj/python-ad
 def test_domains(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     domains = client.domains()
     for domain in domains:
         assert domain
         assert domain.isupper()
コード例 #15
0
 def test_domains(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     domains = client.domains()
     for domain in domains:
         assert domain
         assert domain.isupper()
コード例 #16
0
 def test_modify(self):
     self.require(ad_admin=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     user = self._create_user(client, 'test-usr')
     mods = []
     mods.append(('replace', 'sAMAccountName', ['test-usr-2']))
     client.modify(user, mods)
     self._delete_obj(client, user)
コード例 #17
0
ファイル: test_client.py プロジェクト: geertj/python-ad
 def test_search_all_domains(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     domains = client.domains()
     for domain in domains:
         base = client.dn_from_domain_name(domain)
         result = client.search('(objectClass=*)', base=base, scope='base')
         assert len(result) == 1
コード例 #18
0
ファイル: test_client.py プロジェクト: geertj/python-ad
 def test_modify(self):
     self.require(ad_admin=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     user = self._create_user(client, 'test-usr')
     mods = []
     mods.append(('replace', 'sAMAccountName', ['test-usr-2']))
     client.modify(user, mods)
     self._delete_obj(client, user)
コード例 #19
0
 def test_search_all_domains(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     domains = client.domains()
     for domain in domains:
         base = client.dn_from_domain_name(domain)
         result = client.search('(objectClass=*)', base=base, scope='base')
         assert len(result) == 1
コード例 #20
0
 def test_search_gc(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     result = client.search('(objectClass=user)', scheme='gc')
     assert len(result) > 1
     for res in result:
         dn, attrs = res
         # accountExpires is always set, but is not a GC attribute
         assert 'accountExpires' not in attrs
コード例 #21
0
ファイル: test_client.py プロジェクト: geertj/python-ad
 def test_search_gc(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     client = Client(domain)
     result = client.search('(objectClass=user)', scheme='gc')
     assert len(result) > 1
     for res in result:
         dn, attrs = res
         # accountExpires is always set, but is not a GC attribute
         assert 'accountExpires' not in attrs
コード例 #22
0
 def test_search_rootdse(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     locator = Locator()
     server = locator.locate(domain)
     client = Client(domain)
     result = client.search(base='', scope='base', server=server)
     assert len(result) == 1
     dns, attrs = result[0]
     assert attrs.has_key('supportedControl')
     assert attrs.has_key('supportedSASLMechanisms')
コード例 #23
0
ファイル: test_client.py プロジェクト: geertj/python-ad
 def test_modrdn(self):
     self.require(ad_admin=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     result = client.search('(&(objectClass=user)(sAMAccountName=test-usr))')
     if result:
         client.delete(result[0][0])
     user = self._create_user(client, 'test-usr')
     client.modrdn(user, 'cn=test-usr2')
     result = client.search('(&(objectClass=user)(cn=test-usr2))')
     assert len(result) == 1
コード例 #24
0
ファイル: test_client.py プロジェクト: geertj/python-ad
 def test_search_rootdse(self):
     self.require(ad_user=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_user_account(), self.ad_user_password())
     activate(creds)
     locator = Locator()
     server = locator.locate(domain)
     client = Client(domain)
     result = client.search(base='', scope='base', server=server)
     assert len(result) == 1
     dns, attrs = result[0]
     assert attrs.has_key('supportedControl')
     assert attrs.has_key('supportedSASLMechanisms')
コード例 #25
0
 def test_modrdn(self):
     self.require(ad_admin=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     result = client.search(
         '(&(objectClass=user)(sAMAccountName=test-usr))')
     if result:
         client.delete(result[0][0])
     user = self._create_user(client, 'test-usr')
     client.modrdn(user, 'cn=test-usr2')
     result = client.search('(&(objectClass=user)(cn=test-usr2))')
     assert len(result) == 1
コード例 #26
0
 def test_paged_results(self):
     self.require(ad_admin=True, expensive=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     users = []
     for i in range(2000):
         user = self._create_user(client, 'test-usr-%04d' % i)
         users.append(user)
     result = client.search('(cn=test-usr-*)')
     assert len(result) == 2000
     for user in users:
         self._delete_obj(client, user)
コード例 #27
0
ファイル: test_client.py プロジェクト: geertj/python-ad
 def test_paged_results(self):
     self.require(ad_admin=True, expensive=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     users = []
     for i in range(2000):
         user = self._create_user(client, 'test-usr-%04d' % i)
         users.append(user)
     result = client.search('(cn=test-usr-*)')
     assert len(result) == 2000
     for user in users:
         self._delete_obj(client, user)
コード例 #28
0
ファイル: test_client.py プロジェクト: geertj/python-ad
 def test_set_password(self):
     self.require(ad_admin=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     user = self._create_user(client, 'test-usr-1')
     principal = 'test-usr-1@%s' % domain
     client.set_password(principal, 'Pass123')
     mods = []
     ctrl = AD_USERCTRL_NORMAL_ACCOUNT
     mods.append(('replace', 'userAccountControl', [str(ctrl)]))
     client.modify(user, mods)
     creds = Creds(domain)
     creds.acquire('test-usr-1', 'Pass123')
     assert_raises(ADError, creds.acquire, 'test-usr-1', 'Pass321')
     self._delete_obj(client, user)
コード例 #29
0
 def test_set_password(self):
     self.require(ad_admin=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     user = self._create_user(client, 'test-usr-1')
     principal = 'test-usr-1@%s' % domain
     client.set_password(principal, 'Pass123')
     mods = []
     ctrl = AD_USERCTRL_NORMAL_ACCOUNT
     mods.append(('replace', 'userAccountControl', [str(ctrl)]))
     client.modify(user, mods)
     creds = Creds(domain)
     creds.acquire('test-usr-1', 'Pass123')
     assert_raises(ADError, creds.acquire, 'test-usr-1', 'Pass321')
     self._delete_obj(client, user)
コード例 #30
0
 def test_incremental_retrieval_of_multivalued_attributes(self):
     self.require(ad_admin=True, expensive=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     user = self._create_user(client, 'test-usr')
     groups = []
     for i in range(2000):
         group = self._create_group(client, 'test-grp-%04d' % i)
         self._add_user_to_group(client, user, group)
         groups.append(group)
     result = client.search('(sAMAccountName=test-usr)')
     assert len(result) == 1
     dn, attrs = result[0]
     assert attrs.has_key('memberOf')
     assert len(attrs['memberOf']) == 2000
     self._delete_obj(client, user)
     for group in groups:
         self._delete_group(client, group)
コード例 #31
0
ファイル: test_client.py プロジェクト: geertj/python-ad
 def test_incremental_retrieval_of_multivalued_attributes(self):
     self.require(ad_admin=True, expensive=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     user = self._create_user(client, 'test-usr')
     groups = []
     for i in range(2000):
         group = self._create_group(client, 'test-grp-%04d' % i)
         self._add_user_to_group(client, user, group)
         groups.append(group)
     result = client.search('(sAMAccountName=test-usr)')
     assert len(result) == 1
     dn, attrs = result[0]
     assert attrs.has_key('memberOf')
     assert len(attrs['memberOf']) == 2000
     self._delete_obj(client, user)
     for group in groups:
         self._delete_group(client, group)
コード例 #32
0
ファイル: test_client.py プロジェクト: geertj/python-ad
 def test_rename(self):
     self.require(ad_admin=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     result = client.search('(&(objectClass=user)(sAMAccountName=test-usr))')
     if result:
         client.delete(result[0][0])
     user = self._create_user(client, 'test-usr')
     client.rename(user, 'cn=test-usr2')
     result = client.search('(&(objectClass=user)(cn=test-usr2))')
     assert len(result) == 1
     user = result[0][0]
     ou = self._create_ou(client, 'test-ou')
     client.rename(user, 'cn=test-usr', ou)
     newdn = 'cn=test-usr,%s' % ou
     result = client.search('(&(objectClass=user)(cn=test-usr))')
     assert len(result) == 1
     assert result[0][0].lower() == newdn.lower()
コード例 #33
0
 def test_rename(self):
     self.require(ad_admin=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     result = client.search(
         '(&(objectClass=user)(sAMAccountName=test-usr))')
     if result:
         client.delete(result[0][0])
     user = self._create_user(client, 'test-usr')
     client.rename(user, 'cn=test-usr2')
     result = client.search('(&(objectClass=user)(cn=test-usr2))')
     assert len(result) == 1
     user = result[0][0]
     ou = self._create_ou(client, 'test-ou')
     client.rename(user, 'cn=test-usr', ou)
     newdn = 'cn=test-usr,%s' % ou
     result = client.search('(&(objectClass=user)(cn=test-usr))')
     assert len(result) == 1
     assert result[0][0].lower() == newdn.lower()
コード例 #34
0
ファイル: test_client.py プロジェクト: geertj/python-ad
 def test_change_password_target_pdc(self):
     self.require(ad_admin=True)
     domain = self.domain()
     creds = Creds(domain)
     creds.acquire(self.ad_admin_account(), self.ad_admin_password())
     activate(creds)
     client = Client(domain)
     locator = Locator()
     pdc = locator.locate(domain, role='pdc')
     user = self._create_user(client, 'test-usr-4', server=pdc)
     principal = 'test-usr-4@%s' % domain
     client.set_password(principal, 'Pass123', server=pdc)
     mods = []
     ctrl = AD_USERCTRL_NORMAL_ACCOUNT
     mods.append(('replace', 'userAccountControl', [str(ctrl)]))
     mods.append(('replace', 'pwdLastSet', ['0']))
     client.modify(user, mods, server=pdc)
     client.change_password(principal, 'Pass123', 'Pass456', server=pdc)
     creds = Creds(domain)
     creds.acquire('test-usr-4', 'Pass456', server=pdc)
     assert_raises(ADError, creds.acquire, 'test-usr-4', 'Pass321',
                          server=pdc)
     self._delete_obj(client, user, server=pdc)