2 exec smbscript "$0" ${1+"$@"}
4 test certin LDAP behaviours
8 var gc_ldb = ldb_init();
10 var options = GetOptions(ARGV,
13 "POPT_COMMON_CREDENTIALS");
14 if (options == undefined) {
15 println("Failed to parse options");
19 libinclude("base.js");
21 if (options.ARGV.length != 1) {
22 println("Usage: ldap.js <HOST>");
26 var host = options.ARGV[0];
28 function basic_tests(ldb, gc_ldb, base_dn, configuration_dn, schema_dn)
30 println("Running basic tests");
32 ldb.del("cn=ldaptestuser,cn=users," + base_dn);
35 dn: cn=ldaptestuser,cn=uSers," + base_dn + "
41 ok = ldb.del("cn=ldaptestuser,cn=users," + base_dn);
44 assert(ok.error == 0);
47 dn: cn=ldaptestuser,cn=uSers," + base_dn + "
54 assert(ok.error == 0);
59 dn: cn=ldaptestcomputer,cn=computers," + base_dn + "
64 ok = ldb.del("cn=ldaptestcomputer,cn=computers," + base_dn);
67 assert(ok.error == 0);
70 dn: cn=ldaptestcomputer,cn=computers," + base_dn + "
76 assert(ok.error == 0);
81 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
84 userAccountControl: 4096
87 ok = ldb.del("cn=ldaptest2computer,cn=computers," + base_dn);
90 assert(ok.error == 0);
93 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
96 userAccountControl: 4096
100 assert(ok.error == 0);
105 dn: cn=ldaptest2computer,cn=computers," + base_dn + "
107 replace: servicePrincipalName
108 servicePrincipalName: host/ldaptest2computer
109 servicePrincipalName: host/ldaptest2computer
110 servicePrincipalName: cifs/ldaptest2computer
113 //LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
114 if (ok.error != 20) {
115 println("Expected error LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS, got :" + ok.errstr);
116 assert(ok.error == 20);
120 dn: cn=ldaptestuser2,cn=useRs," + base_dn + "
126 ok = ldb.del("cn=ldaptestuser2,cn=users," + base_dn);
129 assert(ok.error == 0);
132 dn: cn=ldaptestuser2,cn=useRs," + base_dn + "
139 assert(ok.error == 0);
143 ok = ldb.del("cn=ldaptestuser3,cn=users," + base_dn);
145 println("Testing Renames");
147 ok = ldb.rename("cn=ldaptestuser2,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn);
149 println("Could not rename cn=ldaptestuser2,cn=users," + base_dn + " into cn=ldaptestuser3,cn=users," + base_dn + ": " + ok.errstr);
150 assert(ok.error == 0);
153 // ensure we cannot add it again
155 dn: cn=ldaptestuser3,cn=userS," + base_dn + "
160 //LDB_ERR_ENTRY_ALREADY_EXISTS
161 if (ok.error != 68) {
162 println("expected error LDB_ERR_ENTRY_ALREADY_EXISTS, got: " + ok.errstr);
163 assert(ok.error == 68);
167 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser2,cn=users," + base_dn);
170 assert(ok.error == 0);
173 // ensure we cannnot rename it twice
174 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser2,cn=users," + base_dn);
175 //LDB_ERR_NO_SUCH_OBJECT
176 assert(ok.error == 32);
178 // ensure can now use that name
180 dn: cn=ldaptestuser3,cn=users," + base_dn + "
186 // ensure we now cannnot rename
187 ok = ldb.rename("cn=ldaptestuser2,cn=users," + base_dn, "cn=ldaptestuser3,cn=users," + base_dn);
188 //LDB_ERR_ENTRY_ALREADY_EXISTS
189 if (ok.error != 68) {
190 println("expected error LDB_ERR_ENTRY_ALREADY_EXISTS, got: " + ok.errstr);
191 assert(ok.error == 68);
193 assert(ok.error == 68);
194 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser3,cn=configuration," + base_dn);
195 if (ok.error != 71 && ok.error != 64) {
196 println("expected error LDB_ERR_ENTRY_ALREADY_EXISTS or LDAP_NAMING_VIOLATION, got: " + ok.errstr);
197 assert(ok.error == 71 || ok.error == 64);
199 assert(ok.error == 71 || ok.error == 64);
201 ok = ldb.rename("cn=ldaptestuser3,cn=users," + base_dn, "cn=ldaptestuser5,cn=users," + base_dn);
204 assert(ok.error == 0);
207 ok = ldb.del("cn=ldaptestuser5,cn=users," + base_dn);
209 println("Testing subtree Renames");
212 dn: cn=ldaptestcontainer," + base_dn + "
213 objectClass: container
217 dn: CN=ldaptestuser4,CN=ldaptestcontainer," + base_dn + "
223 ok = ldb.del("cn=ldaptestuser4,cn=ldaptestcontainer," + base_dn);
226 assert(ok.error == 0);
229 dn: CN=ldaptestuser4,CN=ldaptestcontainer," + base_dn + "
236 assert(ok.error == 0);
240 println("Testing ldb.rename of cn=ldaptestcontainer," + base_dn + " to cn=ldaptestcontainer2," + base_dn);
241 ok = ldb.rename("CN=ldaptestcontainer," + base_dn, "CN=ldaptestcontainer2," + base_dn);
244 assert(ok.error == 0);
247 println("Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user))");
248 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))");
249 if (res.error != 0 || res.msgs.length != 1) {
250 println("Could not find (&(cn=ldaptestuser4)(objectClass=user))");
251 assert(res.error == 0);
252 assert(res.msgs.length == 1);
255 assert(res.msgs[0].dn == ("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn));
257 println("Testing ldb.search for (&(cn=ldaptestuser4)(objectClass=user)) in renamed container");
258 var res = ldb.search("(&(cn=ldaptestuser4)(objectClass=user))", "cn=ldaptestcontainer2," + base_dn, ldb.SCOPE_SUBTREE);
259 if (res.error != 0 || res.msgs.length != 1) {
260 println("Could not find (&(cn=ldaptestuser4)(objectClass=user)) under cn=ldaptestcontainer2," + base_dn);
261 assert(res.error == 0);
262 assert(res.msgs.length == 1);
265 assert(res.msgs[0].dn == ("CN=ldaptestuser4,CN=ldaptestcontainer2," + base_dn));
267 println("Testing delete (should fail, not a leaf node) of renamed cn=ldaptestcontainer2," + base_dn);
268 ok = ldb.del("cn=ldaptestcontainer2," + base_dn);
269 if (ok.error != 66) { /* LDB_ERR_NOT_ALLOWED_ON_NON_LEAF */
271 assert(ok.error == 66);
273 println("Testing delete of subtree renamed "+res.msgs[0].dn);
274 ok = ldb.del(res.msgs[0].dn);
277 assert(ok.error == 0);
279 println("Testing delete of renamed cn=ldaptestcontainer2," + base_dn);
280 ok = ldb.del("cn=ldaptestcontainer2," + base_dn);
283 assert(ok.error == 0);
287 dn: cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn + "
291 ok = ldb.del("cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn);
294 assert(ok.error == 0);
297 dn: cn=ldaptestutf8user èùéìòà ,cn=users," + base_dn + "
302 assert(ok.error == 0);
307 dn: cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn + "
311 ok = ldb.del("cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn);
314 assert(ok.error == 0);
317 dn: cn=ldaptestutf8user2 èùéìòà ,cn=users," + base_dn + "
322 assert(ok.error == 0);
326 println("Testing ldb.search for (&(cn=ldaptestuser)(objectClass=user))");
327 var res = ldb.search("(&(cn=ldaptestuser)(objectClass=user))");
328 if (res.error != 0 || res.msgs.length != 1) {
329 println("Could not find (&(cn=ldaptestuser)(objectClass=user))");
330 assert(res.error == 0);
331 assert(res.msgs.length == 1);
334 assert(res.msgs[0].dn == ("CN=ldaptestuser,CN=Users," + base_dn));
335 assert(res.msgs[0].cn == "ldaptestuser");
336 assert(res.msgs[0].name == "ldaptestuser");
337 assert(res.msgs[0].objectClass[0] == "top");
338 assert(res.msgs[0].objectClass[1] == "person");
339 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
340 assert(res.msgs[0].objectClass[3] == "user");
341 assert(res.msgs[0].objectGUID != undefined);
342 assert(res.msgs[0].whenCreated != undefined);
343 assert(res.msgs[0].objectCategory == ("CN=Person,CN=Schema,CN=Configuration," + base_dn));
344 assert(res.msgs[0].sAMAccountType == 805306368);
345 // assert(res[0].userAccountControl == 546);
347 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
348 var res2 = ldb.search("(&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
349 if (res2.error != 0 || res2.msgs.length != 1) {
350 println("Could not find (&(cn=ldaptestuser)(objectCategory=cn=person,cn=schema,cn=configuration," + base_dn + "))");
351 assert(res2.error == 0);
352 assert(res2.msgs.length == 1);
355 assert(res.msgs[0].dn == res2.msgs[0].dn);
357 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon))");
358 var res3 = ldb.search("(&(cn=ldaptestuser)(objectCategory=PerSon))");
359 if (res3.error != 0) {
360 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)): " + res3.errstr);
361 assert(res3.error == 0);
362 } else if (res3.msgs.length != 1) {
363 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)): matched " + res3.msgs.length);
364 assert(res3.msgs.length == 1);
367 assert(res.msgs[0].dn == res3.msgs[0].dn);
369 if (gc_ldb != undefined) {
370 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog");
371 var res3gc = gc_ldb.search("(&(cn=ldaptestuser)(objectCategory=PerSon))");
372 if (res3gc.error != 0) {
373 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog: " + res3gc.errstr);
374 assert(res3gc.error == 0);
375 } else if (res3gc.msgs.length != 1) {
376 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog: matched " + res3gc.msgs.length);
377 assert(res3gc.msgs.length == 1);
380 assert(res.msgs[0].dn == res3gc.msgs[0].dn);
383 println("Testing ldb.search for (&(cn=ldaptestuser)(objectCategory=PerSon)) in with 'phantom root' control");
384 var attrs = new Array("cn");
385 var controls = new Array("search_options:1:2");
386 var res3control = gc_ldb.search("(&(cn=ldaptestuser)(objectCategory=PerSon))", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
387 if (res3control.error != 0 || res3control.msgs.length != 1) {
388 println("Could not find (&(cn=ldaptestuser)(objectCategory=PerSon)) in Global Catalog");
389 assert(res3control.error == 0);
390 assert(res3control.msgs.length == 1);
393 assert(res.msgs[0].dn == res3control.msgs[0].dn);
395 ok = ldb.del(res.msgs[0].dn);
398 assert(ok.error == 0);
401 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectClass=user))");
402 var res = ldb.search("(&(cn=ldaptestcomputer)(objectClass=user))");
403 if (res.error != 0 || res.msgs.length != 1) {
404 println("Could not find (&(cn=ldaptestuser)(objectClass=user))");
405 assert(res.error == 0);
406 assert(res.msgs.length == 1);
409 assert(res.msgs[0].dn == ("CN=ldaptestcomputer,CN=Computers," + base_dn));
410 assert(res.msgs[0].cn == "ldaptestcomputer");
411 assert(res.msgs[0].name == "ldaptestcomputer");
412 assert(res.msgs[0].objectClass[0] == "top");
413 assert(res.msgs[0].objectClass[1] == "person");
414 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
415 assert(res.msgs[0].objectClass[3] == "user");
416 assert(res.msgs[0].objectClass[4] == "computer");
417 assert(res.msgs[0].objectGUID != undefined);
418 assert(res.msgs[0].whenCreated != undefined);
419 assert(res.msgs[0].objectCategory == ("CN=Computer,CN=Schema,CN=Configuration," + base_dn));
420 assert(res.msgs[0].primaryGroupID == 513);
421 // assert(res.msgs[0].sAMAccountType == 805306368);
422 // assert(res.msgs[0].userAccountControl == 546);
424 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
425 var res2 = ldb.search("(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
426 if (res2.error != 0 || res2.msgs.length != 1) {
427 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
428 assert(res2.error == 0);
429 assert(res2.msgs.length == 1);
432 assert(res.msgs[0].dn == res2.msgs[0].dn);
434 if (gc_ldb != undefined) {
435 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + ")) in Global Catlog");
436 var res2gc = gc_ldb.search("(&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + "))");
437 if (res2gc.error != 0 || res2gc.msgs.length != 1) {
438 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=cn=computer,cn=schema,cn=configuration," + base_dn + ")) in Global Catlog");
439 assert(res2gc.error == 0);
440 assert(res2gc.msgs.length == 1);
443 assert(res.msgs[0].dn == res2gc.msgs[0].dn);
446 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER))");
447 var res3 = ldb.search("(&(cn=ldaptestcomputer)(objectCategory=compuTER))");
448 if (res3.error != 0 || res3.msgs.length != 1) {
449 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER))");
450 assert(res3.error == 0);
451 assert(res3.msgs.length == 1);
454 assert(res.msgs[0].dn == res3.msgs[0].dn);
456 if (gc_ldb != undefined) {
457 println("Testing ldb.search for (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog");
458 var res3gc = gc_ldb.search("(&(cn=ldaptestcomputer)(objectCategory=compuTER))");
459 if (res3gc.error != 0 || res3gc.msgs.length != 1) {
460 println("Could not find (&(cn=ldaptestcomputer)(objectCategory=compuTER)) in Global Catalog");
461 assert(res3gc.error == 0);
462 assert(res3gc.msgs.length == 1);
465 assert(res.msgs[0].dn == res3gc.msgs[0].dn);
468 println("Testing ldb.search for (&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
469 var res4 = ldb.search("(&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
470 if (res4.error != 0 || res4.msgs.length != 1) {
471 println("Could not find (&(cn=ldaptestcomp*r)(objectCategory=compuTER))");
472 assert(res4.error == 0);
473 assert(res4.msgs.length == 1);
476 assert(res.msgs[0].dn == res4.msgs[0].dn);
478 println("Testing ldb.search for (&(cn=ldaptestcomput*)(objectCategory=compuTER))");
479 var res5 = ldb.search("(&(cn=ldaptestcomput*)(objectCategory=compuTER))");
480 if (res5.error != 0 || res5.msgs.length != 1) {
481 println("Could not find (&(cn=ldaptestcomput*)(objectCategory=compuTER))");
482 assert(res5.error == 0);
483 assert(res5.msgs.length == 1);
486 assert(res.msgs[0].dn == res5.msgs[0].dn);
488 println("Testing ldb.search for (&(cn=*daptestcomputer)(objectCategory=compuTER))");
489 var res6 = ldb.search("(&(cn=*daptestcomputer)(objectCategory=compuTER))");
490 if (res6.error != 0 || res6.msgs.length != 1) {
491 println("Could not find (&(cn=*daptestcomputer)(objectCategory=compuTER))");
492 assert(res6.error == 0);
493 assert(res6.msgs.length == 1);
496 assert(res.msgs[0].dn == res6.msgs[0].dn);
498 ok = ldb.del(res.msgs[0].dn);
501 assert(ok.error == 0);
504 println("Testing ldb.search for (&(cn=ldaptest2computer)(objectClass=user))");
505 var res = ldb.search("(&(cn=ldaptest2computer)(objectClass=user))");
506 if (res.error != 0 || res.msgs.length != 1) {
507 println("Could not find (&(cn=ldaptest2computer)(objectClass=user))");
508 assert(res.error == 0);
509 assert(res.msgs.length == 1);
512 assert(res.msgs[0].dn == ("CN=ldaptest2computer,CN=Computers," + base_dn));
513 assert(res.msgs[0].cn == "ldaptest2computer");
514 assert(res.msgs[0].name == "ldaptest2computer");
515 assert(res.msgs[0].objectClass[0] == "top");
516 assert(res.msgs[0].objectClass[1] == "person");
517 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
518 assert(res.msgs[0].objectClass[3] == "user");
519 assert(res.msgs[0].objectClass[4] == "computer");
520 assert(res.msgs[0].objectGUID != undefined);
521 assert(res.msgs[0].whenCreated != undefined);
522 assert(res.msgs[0].objectCategory == "cn=Computer,cn=Schema,cn=Configuration," + base_dn);
523 assert(res.msgs[0].sAMAccountType == 805306369);
524 // assert(res.msgs[0].userAccountControl == 4098);
527 var attrs = new Array("cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor");
528 println("Testing ldb.search for (&(cn=ldaptestUSer2)(objectClass=user))");
529 var res = ldb.search("(&(cn=ldaptestUSer2)(objectClass=user))", base_dn, ldb.SCOPE_SUBTREE, attrs);
530 if (res.error != 0 || res.msgs.length != 1) {
531 println("Could not find (&(cn=ldaptestUSer2)(objectClass=user))");
532 assert(res.error == 0);
533 assert(res.msgs.length == 1);
536 assert(res.msgs[0].dn == ("CN=ldaptestuser2,CN=Users," + base_dn));
537 assert(res.msgs[0].cn == "ldaptestuser2");
538 assert(res.msgs[0].name == "ldaptestuser2");
539 assert(res.msgs[0].objectClass[0] == "top");
540 assert(res.msgs[0].objectClass[1] == "person");
541 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
542 assert(res.msgs[0].objectClass[3] == "user");
543 assert(res.msgs[0].objectGUID != undefined);
544 assert(res.msgs[0].whenCreated != undefined);
545 assert(res.msgs[0].nTSecurityDescriptor != undefined);
548 ok = ldb.del(res.msgs[0].dn);
551 assert(ok.error == 0);
554 println("Testing ldb.search for (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
555 var res = ldb.search("(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
557 if (res.error != 0 || res.msgs.length != 1) {
558 println("Could not find (&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
559 assert(res.error == 0);
560 assert(res.msgs.length == 1);
563 assert(res.msgs[0].dn == ("CN=ldaptestutf8user èùéìòà,CN=Users," + base_dn));
564 assert(res.msgs[0].cn == "ldaptestutf8user èùéìòà");
565 assert(res.msgs[0].name == "ldaptestutf8user èùéìòà");
566 assert(res.msgs[0].objectClass[0] == "top");
567 assert(res.msgs[0].objectClass[1] == "person");
568 assert(res.msgs[0].objectClass[2] == "organizationalPerson");
569 assert(res.msgs[0].objectClass[3] == "user");
570 assert(res.msgs[0].objectGUID != undefined);
571 assert(res.msgs[0].whenCreated != undefined);
573 ok = ldb.del(res.msgs[0].dn);
576 assert(ok.error == 0);
579 println("Testing ldb.search for (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))");
580 var res = ldb.search("(&(cn=ldaptestutf8user ÈÙÉÌÒÀ)(objectClass=user))");
582 if (res.error != 0 || res.msgs.length != 1) {
583 println("Could not find (expect space collapse, win2k3 fails) (&(cn=ldaptestutf8user2 ÈÙÉÌÒÀ)(objectClass=user))");
585 assert(res.msgs[0].dn == ("cn=ldaptestutf8user2 èùéìòà,cn=users," + base_dn));
586 assert(res.msgs[0].cn == "ldaptestutf8user2 èùéìòà");
589 println("Testing that we can't get at the configuration DN from the main search base");
590 var attrs = new Array("cn");
591 var res = ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs);
592 assert(res.error == 0);
593 if (res.msgs.length != 0) {
594 println("Got configuration DN " + res.msgs[0].dn + " which should not be able to be seen from main search base");
596 assert(res.msgs.length == 0);
598 println("Testing that we can get at the configuration DN from the main search base on the LDAP port with the 'phantom root' search_options control");
599 var attrs = new Array("cn");
600 var controls = new Array("search_options:1:2");
601 var res = ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
602 assert(res.error == 0);
603 assert(res.msgs.length > 0);
605 if (gc_ldb != undefined) {
606 println("Testing that we can get at the configuration DN from the main search base on the GC port with the search_options control == 0");
607 var attrs = new Array("cn");
608 var controls = new Array("search_options:1:0");
609 var res = gc_ldb.search("objectClass=crossRef", base_dn, gc_ldb.SCOPE_SUBTREE, attrs, controls);
610 assert(res.error == 0);
611 assert(res.msgs.length > 0);
613 println("Testing that we do find configuration elements in the global catlog");
614 var attrs = new Array("cn");
615 var res = gc_ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs);
616 assert(res.error == 0);
617 assert (res.msgs.length > 0);
619 println("Testing that we do find configuration elements and user elements at the same time");
620 var attrs = new Array("cn");
621 var res = gc_ldb.search("(|(objectClass=crossRef)(objectClass=person))", base_dn, ldb.SCOPE_SUBTREE, attrs);
622 assert(res.error == 0);
623 assert (res.msgs.length > 0);
625 println("Testing that we do find configuration elements in the global catlog, with the configuration basedn");
626 var attrs = new Array("cn");
627 var res = gc_ldb.search("objectClass=crossRef", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
628 assert(res.error == 0);
629 assert (res.msgs.length > 0);
632 println("Testing that we can get at the configuration DN on the main LDAP port");
633 var attrs = new Array("cn");
634 var res = ldb.search("objectClass=crossRef", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
635 assert(res.error == 0);
636 assert (res.msgs.length > 0);
638 println("Testing objectCategory canonacolisation");
639 var attrs = new Array("cn");
640 var res = ldb.search("objectCategory=ntDsDSA", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
641 assert(res.error == 0);
642 if (res.msgs.length == 0) {
643 println("Didn't find any records with objectCategory=ntDsDSA");
645 assert(res.msgs.length != 0);
647 var attrs = new Array("cn");
648 var res = ldb.search("objectCategory=CN=ntDs-DSA," + schema_dn, configuration_dn, ldb.SCOPE_SUBTREE, attrs);
649 assert(res.error == 0);
650 if (res.msgs.length == 0) {
651 println("Didn't find any records with objectCategory=CN=ntDs-DSA," + schema_dn);
653 assert(res.msgs.length != 0);
655 println("Testing objectClass attribute order on "+ base_dn);
656 var attrs = new Array("objectClass");
657 var res = ldb.search("objectClass=domain", base_dn, ldb.SCOPE_BASE, attrs);
658 assert(res.error == 0);
659 assert(res.msgs.length == 1);
661 assert(res.msgs[0].objectClass[0] == "top");
662 assert(res.msgs[0].objectClass[1] == "domain");
663 assert(res.msgs[0].objectClass[2] == "domainDNS");
667 var attrs = new Array("cn");
668 println("Testing ldb.search for objectCategory=person");
669 var res = ldb.search("objectCategory=person", base_dn, ldb.SCOPE_SUBTREE, attrs);
670 assert(res.error == 0);
671 assert(res.msgs.length > 0);
673 var attrs = new Array("cn");
674 var controls = new Array("domain_scope:1");
675 println("Testing ldb.search for objectCategory=person with domain scope control");
676 var res = ldb.search("objectCategory=person", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
677 assert(res.error == 0);
678 assert(res.msgs.length > 0);
680 var attrs = new Array("cn");
681 println("Testing ldb.search for objectCategory=user");
682 var res = ldb.search("objectCategory=user", base_dn, ldb.SCOPE_SUBTREE, attrs);
683 assert(res.error == 0);
684 assert(res.msgs.length > 0);
686 var attrs = new Array("cn");
687 var controls = new Array("domain_scope:1");
688 println("Testing ldb.search for objectCategory=user with domain scope control");
689 var res = ldb.search("objectCategory=user", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
690 assert(res.error == 0);
691 assert(res.msgs.length > 0);
693 var attrs = new Array("cn");
694 println("Testing ldb.search for objectCategory=group");
695 var res = ldb.search("objectCategory=group", base_dn, ldb.SCOPE_SUBTREE, attrs);
696 assert(res.error == 0);
697 assert(res.msgs.length > 0);
699 var attrs = new Array("cn");
700 var controls = new Array("domain_scope:1");
701 println("Testing ldb.search for objectCategory=group with domain scope control");
702 var res = ldb.search("objectCategory=group", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
703 assert(res.error == 0);
704 assert(res.msgs.length > 0);
708 function basedn_tests(ldb, gc_ldb)
710 println("Testing for all rootDSE attributes");
711 var attrs = new Array();
712 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
713 assert(res.error == 0);
714 assert(res.msgs.length == 1);
716 println("Testing for highestCommittedUSN");
717 var attrs = new Array("highestCommittedUSN");
718 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
719 assert(res.error == 0);
720 assert(res.msgs.length == 1);
721 assert(res.msgs[0].highestCommittedUSN != undefined);
722 assert(res.msgs[0].highestCommittedUSN != 0);
724 println("Testing for netlogon via LDAP");
725 var attrs = new Array("netlogon");
726 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
727 assert(res.error == 0);
728 assert(res.msgs.length == 0);
730 println("Testing for netlogon and highestCommittedUSN via LDAP");
731 var attrs = new Array("netlogon", "highestCommittedUSN");
732 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
733 assert(res.error == 0);
734 assert(res.msgs.length == 0);
737 function find_basedn(ldb)
739 var attrs = new Array("defaultNamingContext");
740 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
741 assert(res.error == 0);
742 assert(res.msgs.length == 1);
743 return res.msgs[0].defaultNamingContext;
746 function find_configurationdn(ldb)
748 var attrs = new Array("configurationNamingContext");
749 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
750 assert(res.error == 0);
751 assert(res.msgs.length == 1);
752 return res.msgs[0].configurationNamingContext;
755 function find_schemadn(ldb)
757 var attrs = new Array("schemaNamingContext");
758 var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
759 assert(res.error == 0);
760 assert(res.msgs.length == 1);
761 return res.msgs[0].schemaNamingContext;
764 /* use command line creds if available */
765 ldb.credentials = options.get_credentials();
766 gc_ldb.credentials = options.get_credentials();
768 var ok = ldb.connect("ldap://" + host);
769 var base_dn = find_basedn(ldb);
770 var configuration_dn = find_configurationdn(ldb);
771 var schema_dn = find_schemadn(ldb);
773 printf("baseDN: %s\n", base_dn);
775 var ok = gc_ldb.connect("ldap://" + host + ":3268");
780 basic_tests(ldb, gc_ldb, base_dn, configuration_dn, schema_dn)
782 basedn_tests(ldb, gc_ldb)