1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
# Test that ldap referral entiries are created and formatted correctly
#
# Copyright (C) Andrew Bartlett 2019
#
# Based on Unit tests for the notification control
# Copyright (C) Stefan Metzmacher 2016
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import optparse
import os
import sys
import samba
from samba.auth import system_session
import samba.getopt as options
from samba import ldb
from samba.samdb import SamDB
import samba.tests
from samba.tests.subunitrun import SubunitOptions
sys.path.insert(0, "bin/python")
parser = optparse.OptionParser("ldap_referrals.py [options]")
sambaopts = options.SambaOptions(parser)
parser.add_option_group(sambaopts)
parser.add_option_group(options.VersionOptions(parser))
# use command line creds if available
credopts = options.CredentialsOptions(parser)
parser.add_option_group(credopts)
subunitopts = SubunitOptions(parser)
parser.add_option_group(subunitopts)
opts, args = parser.parse_args()
lp = sambaopts.get_loadparm()
creds = credopts.get_credentials(lp)
class LdapReferralTest(samba.tests.TestCase):
# The referral entries for an ldap request should have the ldap scheme
# i.e. then should all start with "ldap://"
def test_ldap_search(self):
server = os.environ["SERVER"]
url = "ldap://{0}".format(server)
db = SamDB(
url, credentials=creds, session_info=system_session(lp), lp=lp)
res = db.search(
base=db.domain_dn(),
expression="(objectClass=nonexistent)",
scope=ldb.SCOPE_SUBTREE,
attrs=["objectGUID", "samAccountName"])
referrals = res.referals
for referral in referrals:
self.assertTrue(
referral.startswith("ldap://"),
"{0} does not start with ldap://".format(referral))
# The referral entries for an ldaps request should have the ldaps scheme
# i.e. then should all start with "ldaps://"
def test_ldaps_search(self):
server = os.environ["SERVER"]
url = "ldaps://{0}".format(server)
db = SamDB(
url, credentials=creds, session_info=system_session(lp), lp=lp)
res = db.search(
base=db.domain_dn(),
expression="(objectClass=nonexistent)",
scope=ldb.SCOPE_SUBTREE,
attrs=["objectGUID", "samAccountName"])
referrals = res.referals
for referral in referrals:
self.assertTrue(
referral.startswith("ldaps://"),
"{0} does not start with ldaps://".format(referral))
|