tests: Add test for setting min/maxPwdAge

Currently setting maxPwdAge doesn't work at all. While we're adding a test, we might as well assert that minPwdAge can't be greater than maxPwdAge as well. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13873 Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
author: Tim Beale <timbeale@catalyst.net.nz> 2019-04-01 16:32:27 +1300
committer: Andrew Bartlett <abartlet@samba.org> 2019-04-05 07:01:15 +0000
commit: d247a600845fdc6bf232496e8db56cd1d95a3022 (patch)
tree: 4b59d8ef701f2c74db11775c95663ddc8571eccd /python/samba
parent: 2da9d7d130cce12f3da9df60d250345ba2eaa455 (diff)
download: samba-d247a600845fdc6bf232496e8db56cd1d95a3022.tar.gz
1 files changed, 38 insertions, 0 deletions
diff --git a/python/samba/tests/samba_tool/passwordsettings.py b/python/samba/tests/samba_tool/passwordsettings.py
index e29c76c730d..43264b64608 100644
--- a/python/samba/tests/samba_tool/passwordsettings.py
+++ b/python/samba/tests/samba_tool/passwordsettings.py
@@ -444,3 +444,41 @@ class PwdSettingsCmdTestCase(SambaToolCmdTest):
         self.assertCmdSuccess(result, out, err)
         self.assertEquals(err, "", "Shouldn't be any error messages")
         self.assertIn("Minimum password length: %u" % new_len, out)
+
+    def test_domain_passwordsettings_pwdage(self):
+        """Checks the 'set' command for the domain password age (non-PSO)"""
+
+        # check we can set the domain max password age
+        max_pwd_age = self.ldb.get_maxPwdAge()
+        self.addCleanup(self.ldb.set_maxPwdAge, max_pwd_age)
+        max_pwd_args = "--max-pwd-age=270"
+        (result, out, err) = self.runsublevelcmd("domain", ("passwordsettings",
+                                                 "set"), max_pwd_args,
+                                                 "-H", self.server,
+                                                 self.user_auth)
+        self.assertCmdSuccess(result, out, err)
+        self.assertEquals(err, "", "Shouldn't be any error messages")
+        self.assertIn("successful", out)
+        self.assertNotEquals(max_pwd_age, self.ldb.get_maxPwdAge())
+
+        # check we can't set the domain min password age to more than the max
+        min_pwd_age = self.ldb.get_minPwdAge()
+        self.addCleanup(self.ldb.set_minPwdAge, min_pwd_age)
+        min_pwd_args = "--min-pwd-age=271"
+        (result, out, err) = self.runsublevelcmd("domain", ("passwordsettings",
+                                                 "set"), min_pwd_args,
+                                                 "-H", self.server,
+                                                 self.user_auth)
+        self.assertCmdFail(result, "minPwdAge > maxPwdAge should be rejected")
+        self.assertIn("Maximum password age", err)
+
+        # check we can set the domain min password age to less than the max
+        min_pwd_args = "--min-pwd-age=269"
+        (result, out, err) = self.runsublevelcmd("domain", ("passwordsettings",
+                                                 "set"), min_pwd_args,
+                                                 "-H", self.server,
+                                                 self.user_auth)
+        self.assertCmdSuccess(result, out, err)
+        self.assertEquals(err, "", "Shouldn't be any error messages")
+        self.assertIn("successful", out)
+        self.assertNotEquals(min_pwd_age, self.ldb.get_minPwdAge())
author	Tim Beale <timbeale@catalyst.net.nz>	2019-04-01 16:32:27 +1300
committer	Andrew Bartlett <abartlet@samba.org>	2019-04-05 07:01:15 +0000
commit	d247a600845fdc6bf232496e8db56cd1d95a3022 (patch)
tree	4b59d8ef701f2c74db11775c95663ddc8571eccd /python/samba
parent	2da9d7d130cce12f3da9df60d250345ba2eaa455 (diff)
download	samba-d247a600845fdc6bf232496e8db56cd1d95a3022.tar.gz