self.user_pass = "samba123@"
self.configuration_dn = self.ldb_admin.get_config_basedn().get_linearized()
self.sd_utils = sd_utils.SDUtils(self.ldb_admin)
+ self.addCleanup(self.delete_admin_connection)
#used for anonymous login
self.creds_tmp = Credentials()
self.creds_tmp.set_username("")
else:
self.fail()
+ def delete_admin_connection(self):
+ del self.sd_utils
+ del self.ldb_admin
+
#tests on ldap add operations
class AclAddTests(AclTests):
delete_force(self.ldb_admin, self.get_user_dn(self.regular_user))
delete_force(self.ldb_admin, self.get_user_dn("test_add_anonymous"))
+ del self.ldb_notowner
+ del self.ldb_owner
+ del self.ldb_user
+
# Make sure top OU is deleted (and so everything under it)
def assert_top_ou_deleted(self):
res = self.ldb_admin.search(self.base_dn,
delete_force(self.ldb_admin, self.get_user_dn("test_modify_user2"))
delete_force(self.ldb_admin, self.get_user_dn("test_anonymous"))
+ del self.ldb_user
+ del self.ldb_user2
+ del self.ldb_user3
+
def test_modify_u1(self):
"""5 Modify one attribute if you have DS_WRITE_PROPERTY for it"""
mod = "(OA;;WP;bf967953-0de6-11d0-a285-00aa003049e2;;%s)" % str(self.user_sid)
delete_force(self.ldb_admin, self.get_user_dn("search_u3"))
delete_force(self.ldb_admin, self.get_user_dn("group1"))
+ del self.ldb_user
+ del self.ldb_user2
+ del self.ldb_user3
+
def test_search_anonymous1(self):
"""Verify access of rootDSE with the correct request"""
anonymous = SamDB(url=ldaphost, credentials=self.creds_tmp, lp=lp)
delete_force(self.ldb_admin, self.get_user_dn(self.regular_user))
delete_force(self.ldb_admin, self.get_user_dn("test_anonymous"))
+ del self.ldb_user
+
def test_delete_u1(self):
"""User is prohibited by default to delete another User object"""
# Create user that we try to delete
delete_force(self.ldb_admin, "%s,%s" % (self.ou1, self.base_dn))
delete_force(self.ldb_admin, self.get_user_dn(self.regular_user))
+ del self.ldb_user
+
def test_rename_u1(self):
"""Regular user fails to rename 'User object' within single OU"""
# Create OU structure
delete_force(self.ldb_admin, self.get_user_dn(self.user_with_wp))
delete_force(self.ldb_admin, self.get_user_dn(self.user_with_pc))
+ del self.ldb_user
+ del self.ldb_user2
+
def test_change_password1(self):
"""Try a password change operation without any CARs given"""
#users have change password by default - remove for negative testing
delete_force(self.ldb_admin, "CN=ext_group1,OU=ext_ou1," + self.base_dn)
delete_force(self.ldb_admin, "ou=ext_ou1," + self.base_dn)
+ del self.ldb_user1
+ del self.ldb_user2
+ del self.ldb_user3
+
def test_ntSecurityDescriptor(self):
#create empty ou
self.ldb_admin.create_ou("ou=ext_ou1," + self.base_dn)
delete_force(self.ldb_admin, self.new_dn_ou)
delete_force(self.ldb_admin, self.ou1 + self.base_dn)
+ del self.ldb_user
+
def GUID_string(self, guid):
return ldb.schema_format_value("objectGUID", guid)
delete_force(self.ldb_admin, "cn=%s,cn=computers,%s" % (self.computername, self.base_dn))
delete_force(self.ldb_admin, self.get_user_dn(self.test_user))
+ del self.ldb_user1
+
def replace_spn(self, _ldb, dn, spn):
print "Setting spn %s on %s" % (spn, dn)
res = self.ldb_admin.search(dn, expression="(objectClass=*)",