diff options
author | Stefan Metzmacher <metze@samba.org> | 2022-03-04 21:53:06 +0100 |
---|---|---|
committer | Jule Anger <janger@samba.org> | 2022-03-16 14:27:11 +0000 |
commit | 50954766056e974f0ca4eb244e8c76e8c731a223 (patch) | |
tree | fca8fb452702952be6cc3ef73c8bcd9c30ce9501 | |
parent | 275f57f3796d7e74a2a9b69de51be53b89814f06 (diff) | |
download | samba-50954766056e974f0ca4eb244e8c76e8c731a223.tar.gz |
dsdb/tests: prepare BasePasswordTestCase for simple bind tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13879
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 0b1fbc9d56e2a25e3f1527ee5bc54880bdc65fc6)
-rw-r--r-- | source4/dsdb/tests/python/password_lockout_base.py | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/source4/dsdb/tests/python/password_lockout_base.py b/source4/dsdb/tests/python/password_lockout_base.py index 0951ed8594f..f311502da3c 100644 --- a/source4/dsdb/tests/python/password_lockout_base.py +++ b/source4/dsdb/tests/python/password_lockout_base.py @@ -6,6 +6,7 @@ from samba.credentials import Credentials, DONT_USE_KERBEROS, MUST_USE_KERBEROS from ldb import SCOPE_BASE, LdbError from ldb import ERR_CONSTRAINT_VIOLATION from ldb import ERR_INVALID_CREDENTIALS +from ldb import SUCCESS as LDB_SUCCESS from ldb import Message, MessageElement, Dn from ldb import FLAG_MOD_REPLACE from samba import gensec, dsdb @@ -213,11 +214,17 @@ class BasePasswordTestCase(PasswordTestCase): FLAG_MOD_REPLACE, "lockOutObservationWindow") self.ldb.modify(m) - def _readd_user(self, creds, lockOutObservationWindow=0): + def _readd_user(self, creds, lockOutObservationWindow=0, simple=False): username = creds.get_username() userpass = creds.get_password() userdn = "cn=%s,cn=users,%s" % (username, self.base_dn) + if simple: + creds.set_bind_dn(userdn) + ldap_url = self.host_url_ldaps + else: + ldap_url = self.host_url + delete_force(self.ldb, userdn) self.ldb.add({ "dn": userdn, @@ -248,10 +255,10 @@ userPassword: """ + userpass + """ self._check_account_initial(userdn) # Fail once to get a badPasswordTime - self.assertLoginFailure(self.host_url, fail_creds, self.lp) + self.assertLoginFailure(ldap_url, fail_creds, self.lp) # Succeed to reset everything to 0 - ldb = self.assertLoginSuccess(self.host_url, creds, self.lp) + ldb = self.assertLoginSuccess(ldap_url, creds, self.lp) return ldb @@ -362,10 +369,17 @@ lockoutThreshold: """ + str(lockoutThreshold) + """ userpass="thatsAcomplPASS0", kerberos_state=DONT_USE_KERBEROS) self.lockout1ntlm_ldb = self._readd_user(self.lockout1ntlm_creds) + self.lockout1simple_creds = self.insta_creds(self.template_creds, + username="lockout1simple", + userpass="thatsAcomplPASS0", + kerberos_state=DONT_USE_KERBEROS) + self.lockout1simple_ldb = self._readd_user(self.lockout1simple_creds, + simple=True) def delete_ldb_connections(self): del self.lockout1krb5_ldb del self.lockout1ntlm_ldb + del self.lockout1simple_ldb del self.ldb def tearDown(self): |