diff options
| author | Joseph Sutton <josephsutton@catalyst.net.nz> | 2021-03-30 13:28:32 +1300 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2021-04-07 09:18:30 +0000 |
| commit | 3e531bb885c90c6d8f10570eda1be20ac44a7c9b (patch) | |
| tree | 88b6602a09a51919f5816a77b7063b2914da1156 /auth | |
| parent | 4d5fb7d279ef899307a560da2bed037cda609f10 (diff) | |
| download | samba-3e531bb885c90c6d8f10570eda1be20ac44a7c9b.tar.gz | |
auth/credentials: Add test for binding with a domain SID
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10319
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Diffstat (limited to 'auth')
| -rwxr-xr-x | auth/credentials/tests/bind.py | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/auth/credentials/tests/bind.py b/auth/credentials/tests/bind.py index 8bee6f96c62..b26be4f0f79 100755 --- a/auth/credentials/tests/bind.py +++ b/auth/credentials/tests/bind.py @@ -53,6 +53,7 @@ creds_user1 = create_credential(lp, creds) creds_user2 = create_credential(lp, creds) creds_user3 = create_credential(lp, creds) creds_user4 = create_credential(lp, creds) +creds_user5 = create_credential(lp, creds) class BindTests(samba.tests.TestCase): @@ -169,7 +170,8 @@ unicodePwd:: """ + base64.b64encode(u"\"P@ssw0rd\"".encode('utf-16-le')).decode( self.ldb.newuser(username=self.username, password=self.password) ldb_res = self.ldb.search(base=self.domain_dn, scope=SCOPE_SUBTREE, - expression="(samAccountName=%s)" % self.username) + expression="(samAccountName=%s)" % self.username, + attrs=["objectSid"]) self.assertEqual(len(ldb_res), 1) user_dn = ldb_res[0]["dn"] self.addCleanup(delete_force, self.ldb, user_dn) @@ -198,6 +200,17 @@ unicodePwd:: """ + base64.b64encode(u"\"P@ssw0rd\"".encode('utf-16-le')).decode( lp=lp, ldap_only=True) res = ldb_user3.search(base="", expression="", scope=SCOPE_BASE, attrs=["*"]) + # do a simple bind and search with the user account SID + creds_user5.set_bind_dn(self.ldb.schema_format_value("objectSid", ldb_res[0]["objectSid"][0]).decode('utf8')) + creds_user5.set_password(self.password) + print("BindTest with: " + creds_user5.get_bind_dn()) + try: + ldb_user5 = samba.tests.connect_samdb(host, credentials=creds_user5, + lp=lp, ldap_only=True) + except: + self.fail("Failed to connect with user account SID") + res = ldb_user5.search(base="", expression="", scope=SCOPE_BASE, attrs=["*"]) + def test_user_account_bind_no_domain(self): # create user self.ldb.newuser(username=self.username, password=self.password) |