summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
Diffstat (limited to 'source4')
-rwxr-xr-xsource4/dsdb/tests/python/password_lockout.py24
-rwxr-xr-xsource4/dsdb/tests/python/sam.py48
-rwxr-xr-xsource4/dsdb/tests/python/user_account_control.py60
3 files changed, 85 insertions, 47 deletions
diff --git a/source4/dsdb/tests/python/password_lockout.py b/source4/dsdb/tests/python/password_lockout.py
index be688475af2..72455acd04f 100755
--- a/source4/dsdb/tests/python/password_lockout.py
+++ b/source4/dsdb/tests/python/password_lockout.py
@@ -1069,9 +1069,9 @@ unicodePwd:: """ + base64.b64encode(new_utf16).decode('utf8') + """
logonCount=0,
lastLogon=0,
lastLogonTimestamp=('absent', None),
- userAccountControl=dsdb.UF_NORMAL_ACCOUNT |
- dsdb.UF_ACCOUNTDISABLE |
- dsdb.UF_PASSWD_NOTREQD,
+ userAccountControl=(dsdb.UF_NORMAL_ACCOUNT |
+ dsdb.UF_ACCOUNTDISABLE |
+ dsdb.UF_PASSWD_NOTREQD),
msDSUserAccountControlComputed=dsdb.UF_PASSWORD_EXPIRED)
# SAMR doesn't have any impact if dsdb.UF_LOCKOUT isn't present.
@@ -1084,9 +1084,9 @@ unicodePwd:: """ + base64.b64encode(new_utf16).decode('utf8') + """
logonCount=0,
lastLogon=0,
lastLogonTimestamp=('absent', None),
- userAccountControl=dsdb.UF_NORMAL_ACCOUNT |
- dsdb.UF_ACCOUNTDISABLE |
- dsdb.UF_PASSWD_NOTREQD,
+ userAccountControl=(dsdb.UF_NORMAL_ACCOUNT |
+ dsdb.UF_ACCOUNTDISABLE |
+ dsdb.UF_PASSWD_NOTREQD),
msDSUserAccountControlComputed=dsdb.UF_PASSWORD_EXPIRED)
# Tests a password change when we don't have any password yet with a
@@ -1114,9 +1114,9 @@ userPassword: thatsAcomplPASS2
logonCount=0,
lastLogon=0,
lastLogonTimestamp=('absent', None),
- userAccountControl=dsdb.UF_NORMAL_ACCOUNT |
- dsdb.UF_ACCOUNTDISABLE |
- dsdb.UF_PASSWD_NOTREQD,
+ userAccountControl=(dsdb.UF_NORMAL_ACCOUNT |
+ dsdb.UF_ACCOUNTDISABLE |
+ dsdb.UF_PASSWD_NOTREQD),
msDSUserAccountControlComputed=dsdb.UF_PASSWORD_EXPIRED)
badPwdCount = int(res[0]["badPwdCount"][0])
badPasswordTime = int(res[0]["badPasswordTime"][0])
@@ -1139,9 +1139,9 @@ userPassword: """ + userpass + """
logonCount=0,
lastLogon=0,
lastLogonTimestamp=('absent', None),
- userAccountControl=dsdb.UF_NORMAL_ACCOUNT |
- dsdb.UF_ACCOUNTDISABLE |
- dsdb.UF_PASSWD_NOTREQD,
+ userAccountControl=(dsdb.UF_NORMAL_ACCOUNT |
+ dsdb.UF_ACCOUNTDISABLE |
+ dsdb.UF_PASSWD_NOTREQD),
msDSUserAccountControlComputed=0)
# Enables the user account
diff --git a/source4/dsdb/tests/python/sam.py b/source4/dsdb/tests/python/sam.py
index 58d5edb7b1f..9a5e2535096 100755
--- a/source4/dsdb/tests/python/sam.py
+++ b/source4/dsdb/tests/python/sam.py
@@ -219,19 +219,22 @@ class SamTests(samba.tests.TestCase):
ldb.add({
"dn": "cn=ldaptestuser,cn=users," + self.base_dn,
"objectclass": "computer",
- "userAccountControl": str(UF_WORKSTATION_TRUST_ACCOUNT | UF_PASSWD_NOTREQD)})
+ "userAccountControl": str(UF_WORKSTATION_TRUST_ACCOUNT |
+ UF_PASSWD_NOTREQD)})
res1 = ldb.search("cn=ldaptestuser,cn=users," + self.base_dn,
scope=SCOPE_BASE, attrs=["primaryGroupID"])
self.assertTrue(len(res1) == 1)
- self.assertEquals(res1[0]["primaryGroupID"][0], str(DOMAIN_RID_DOMAIN_MEMBERS))
+ self.assertEquals(res1[0]["primaryGroupID"][0],
+ str(DOMAIN_RID_DOMAIN_MEMBERS))
delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
ldb.add({
"dn": "cn=ldaptestuser,cn=users," + self.base_dn,
"objectclass": "computer",
- "userAccountControl": str(UF_SERVER_TRUST_ACCOUNT | UF_PASSWD_NOTREQD)})
+ "userAccountControl": str(UF_SERVER_TRUST_ACCOUNT |
+ UF_PASSWD_NOTREQD)})
res1 = ldb.search("cn=ldaptestuser,cn=users," + self.base_dn,
scope=SCOPE_BASE, attrs=["primaryGroupID"])
@@ -246,7 +249,9 @@ class SamTests(samba.tests.TestCase):
ldb.add({
"dn": "cn=ldaptestuser,cn=users," + self.base_dn,
"objectclass": "computer",
- "userAccountControl": str(UF_PARTIAL_SECRETS_ACCOUNT | UF_WORKSTATION_TRUST_ACCOUNT | UF_PASSWD_NOTREQD)})
+ "userAccountControl": str(UF_PARTIAL_SECRETS_ACCOUNT |
+ UF_WORKSTATION_TRUST_ACCOUNT |
+ UF_PASSWD_NOTREQD)})
res1 = ldb.search("cn=ldaptestuser,cn=users," + self.base_dn,
scope=SCOPE_BASE, attrs=["primaryGroupID"])
@@ -264,7 +269,9 @@ class SamTests(samba.tests.TestCase):
m = Message()
m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
- m["userAccountControl"] = MessageElement(str(UF_NORMAL_ACCOUNT | UF_PASSWD_NOTREQD), FLAG_MOD_REPLACE,
+ m["userAccountControl"] = MessageElement(str(UF_NORMAL_ACCOUNT |
+ UF_PASSWD_NOTREQD),
+ FLAG_MOD_REPLACE,
"userAccountControl")
ldb.modify(m)
@@ -289,7 +296,9 @@ class SamTests(samba.tests.TestCase):
m = Message()
m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
- m["userAccountControl"] = MessageElement(str(UF_WORKSTATION_TRUST_ACCOUNT | UF_PASSWD_NOTREQD), FLAG_MOD_REPLACE,
+ m["userAccountControl"] = MessageElement(str(UF_WORKSTATION_TRUST_ACCOUNT |
+ UF_PASSWD_NOTREQD),
+ FLAG_MOD_REPLACE,
"userAccountControl")
ldb.modify(m)
@@ -300,7 +309,9 @@ class SamTests(samba.tests.TestCase):
m = Message()
m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
- m["userAccountControl"] = MessageElement(str(UF_SERVER_TRUST_ACCOUNT | UF_PASSWD_NOTREQD), FLAG_MOD_REPLACE,
+ m["userAccountControl"] = MessageElement(str(UF_SERVER_TRUST_ACCOUNT |
+ UF_PASSWD_NOTREQD),
+ FLAG_MOD_REPLACE,
"userAccountControl")
ldb.modify(m)
@@ -314,7 +325,10 @@ class SamTests(samba.tests.TestCase):
# we have a fallback in the assertion)
m = Message()
m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
- m["userAccountControl"] = MessageElement(str(UF_PARTIAL_SECRETS_ACCOUNT | UF_WORKSTATION_TRUST_ACCOUNT | UF_PASSWD_NOTREQD), FLAG_MOD_REPLACE,
+ m["userAccountControl"] = MessageElement(str(UF_PARTIAL_SECRETS_ACCOUNT |
+ UF_WORKSTATION_TRUST_ACCOUNT |
+ UF_PASSWD_NOTREQD),
+ FLAG_MOD_REPLACE,
"userAccountControl")
ldb.modify(m)
@@ -676,7 +690,9 @@ class SamTests(samba.tests.TestCase):
m = Message()
m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
- m["userAccountControl"] = MessageElement(str(UF_NORMAL_ACCOUNT | UF_PASSWD_NOTREQD), FLAG_MOD_ADD,
+ m["userAccountControl"] = MessageElement(str(UF_NORMAL_ACCOUNT |
+ UF_PASSWD_NOTREQD),
+ FLAG_MOD_ADD,
"userAccountControl")
try:
ldb.modify(m)
@@ -1914,7 +1930,10 @@ class SamTests(samba.tests.TestCase):
ldb.add({
"dn": "cn=ldaptestuser,cn=users," + self.base_dn,
"objectclass": "user",
- "userAccountControl": str(UF_NORMAL_ACCOUNT | UF_PASSWD_NOTREQD | UF_LOCKOUT | UF_PASSWORD_EXPIRED)})
+ "userAccountControl": str(UF_NORMAL_ACCOUNT |
+ UF_PASSWD_NOTREQD |
+ UF_LOCKOUT |
+ UF_PASSWORD_EXPIRED)})
res1 = ldb.search("cn=ldaptestuser,cn=users," + self.base_dn,
scope=SCOPE_BASE,
@@ -2199,7 +2218,10 @@ class SamTests(samba.tests.TestCase):
ldb.add({
"dn": "cn=ldaptestcomputer,cn=computers," + self.base_dn,
"objectclass": "computer",
- "userAccountControl": str(UF_NORMAL_ACCOUNT | UF_PASSWD_NOTREQD | UF_LOCKOUT | UF_PASSWORD_EXPIRED)})
+ "userAccountControl": str(UF_NORMAL_ACCOUNT |
+ UF_PASSWD_NOTREQD |
+ UF_LOCKOUT |
+ UF_PASSWORD_EXPIRED)})
res1 = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
scope=SCOPE_BASE,
@@ -2464,7 +2486,9 @@ class SamTests(samba.tests.TestCase):
ldb.add({
"dn": "cn=ldaptestuser2,cn=users," + self.base_dn,
"objectclass": "user",
- "userAccountControl": str(UF_NORMAL_ACCOUNT | UF_PASSWD_NOTREQD | UF_ACCOUNTDISABLE)})
+ "userAccountControl": str(UF_NORMAL_ACCOUNT |
+ UF_PASSWD_NOTREQD |
+ UF_ACCOUNTDISABLE)})
res1 = ldb.search("cn=ldaptestuser2,cn=users," + self.base_dn,
scope=SCOPE_BASE,
diff --git a/source4/dsdb/tests/python/user_account_control.py b/source4/dsdb/tests/python/user_account_control.py
index dd3276add98..fc5a962b3d9 100755
--- a/source4/dsdb/tests/python/user_account_control.py
+++ b/source4/dsdb/tests/python/user_account_control.py
@@ -233,7 +233,8 @@ class UserAccountControlTests(samba.tests.TestCase):
m = ldb.Message()
m.dn = res[0].dn
- m["userAccountControl"] = ldb.MessageElement(str(samba.dsdb.UF_WORKSTATION_TRUST_ACCOUNT |samba.dsdb.UF_PARTIAL_SECRETS_ACCOUNT),
+ m["userAccountControl"] = ldb.MessageElement(str(samba.dsdb.UF_WORKSTATION_TRUST_ACCOUNT |
+ samba.dsdb.UF_PARTIAL_SECRETS_ACCOUNT),
ldb.FLAG_MOD_REPLACE, "userAccountControl")
try:
self.samdb.modify(m)
@@ -296,7 +297,8 @@ class UserAccountControlTests(samba.tests.TestCase):
m = ldb.Message()
m.dn = res[0].dn
- m["userAccountControl"] = ldb.MessageElement(str(samba.dsdb.UF_WORKSTATION_TRUST_ACCOUNT |samba.dsdb.UF_PARTIAL_SECRETS_ACCOUNT),
+ m["userAccountControl"] = ldb.MessageElement(str(samba.dsdb.UF_WORKSTATION_TRUST_ACCOUNT |
+ samba.dsdb.UF_PARTIAL_SECRETS_ACCOUNT),
ldb.FLAG_MOD_REPLACE, "userAccountControl")
try:
self.samdb.modify(m)
@@ -342,11 +344,15 @@ class UserAccountControlTests(samba.tests.TestCase):
scope=SCOPE_SUBTREE,
attrs=["userAccountControl"])
- self.assertEqual(int(res[0]["userAccountControl"][0]), UF_NORMAL_ACCOUNT |UF_ACCOUNTDISABLE |UF_PASSWD_NOTREQD)
+ self.assertEqual(int(res[0]["userAccountControl"][0]), (UF_NORMAL_ACCOUNT |
+ UF_ACCOUNTDISABLE |
+ UF_PASSWD_NOTREQD))
m = ldb.Message()
m.dn = res[0].dn
- m["userAccountControl"] = ldb.MessageElement(str(UF_WORKSTATION_TRUST_ACCOUNT |UF_PARTIAL_SECRETS_ACCOUNT |UF_TRUSTED_FOR_DELEGATION),
+ m["userAccountControl"] = ldb.MessageElement(str(UF_WORKSTATION_TRUST_ACCOUNT |
+ UF_PARTIAL_SECRETS_ACCOUNT |
+ UF_TRUSTED_FOR_DELEGATION),
ldb.FLAG_MOD_REPLACE, "userAccountControl")
try:
self.admin_samdb.modify(m)
@@ -357,7 +363,8 @@ class UserAccountControlTests(samba.tests.TestCase):
m = ldb.Message()
m.dn = res[0].dn
- m["userAccountControl"] = ldb.MessageElement(str(UF_WORKSTATION_TRUST_ACCOUNT |UF_PARTIAL_SECRETS_ACCOUNT),
+ m["userAccountControl"] = ldb.MessageElement(str(UF_WORKSTATION_TRUST_ACCOUNT |
+ UF_PARTIAL_SECRETS_ACCOUNT),
ldb.FLAG_MOD_REPLACE, "userAccountControl")
self.admin_samdb.modify(m)
@@ -366,7 +373,8 @@ class UserAccountControlTests(samba.tests.TestCase):
scope=SCOPE_SUBTREE,
attrs=["userAccountControl"])
- self.assertEqual(int(res[0]["userAccountControl"][0]), UF_WORKSTATION_TRUST_ACCOUNT |UF_PARTIAL_SECRETS_ACCOUNT)
+ self.assertEqual(int(res[0]["userAccountControl"][0]), (UF_WORKSTATION_TRUST_ACCOUNT |
+ UF_PARTIAL_SECRETS_ACCOUNT))
m = ldb.Message()
m.dn = res[0].dn
m["userAccountControl"] = ldb.MessageElement(str(UF_ACCOUNTDISABLE),
@@ -417,7 +425,7 @@ class UserAccountControlTests(samba.tests.TestCase):
for bit in bits:
m = ldb.Message()
m.dn = res[0].dn
- m["userAccountControl"] = ldb.MessageElement(str(bit |UF_PASSWD_NOTREQD),
+ m["userAccountControl"] = ldb.MessageElement(str(bit | UF_PASSWD_NOTREQD),
ldb.FLAG_MOD_REPLACE, "userAccountControl")
try:
self.samdb.modify(m)
@@ -491,7 +499,7 @@ class UserAccountControlTests(samba.tests.TestCase):
m = ldb.Message()
m.dn = res[0].dn
- m["userAccountControl"] = ldb.MessageElement(str(bit |UF_PASSWD_NOTREQD),
+ m["userAccountControl"] = ldb.MessageElement(str(bit | UF_PASSWD_NOTREQD),
ldb.FLAG_MOD_REPLACE, "userAccountControl")
try:
self.admin_samdb.modify(m)
@@ -517,17 +525,23 @@ class UserAccountControlTests(samba.tests.TestCase):
attrs=["userAccountControl"])
if bit in ignored_bits:
- self.assertEqual(int(res[0]["userAccountControl"][0]), UF_NORMAL_ACCOUNT |UF_PASSWD_NOTREQD, "Bit 0x%08x shouldn't stick" % bit)
+ self.assertEqual(int(res[0]["userAccountControl"][0]),
+ UF_NORMAL_ACCOUNT | UF_PASSWD_NOTREQD,
+ "Bit 0x%08x shouldn't stick" % bit)
else:
if bit in account_types:
- self.assertEqual(int(res[0]["userAccountControl"][0]), bit |UF_PASSWD_NOTREQD, "Bit 0x%08x didn't stick" % bit)
+ self.assertEqual(int(res[0]["userAccountControl"][0]),
+ bit | UF_PASSWD_NOTREQD,
+ "Bit 0x%08x didn't stick" % bit)
else:
- self.assertEqual(int(res[0]["userAccountControl"][0]), bit |UF_NORMAL_ACCOUNT |UF_PASSWD_NOTREQD, "Bit 0x%08x didn't stick" % bit)
+ self.assertEqual(int(res[0]["userAccountControl"][0]),
+ bit | UF_NORMAL_ACCOUNT | UF_PASSWD_NOTREQD,
+ "Bit 0x%08x didn't stick" % bit)
try:
m = ldb.Message()
m.dn = res[0].dn
- m["userAccountControl"] = ldb.MessageElement(str(bit |UF_PASSWD_NOTREQD |UF_ACCOUNTDISABLE),
+ m["userAccountControl"] = ldb.MessageElement(str(bit | UF_PASSWD_NOTREQD | UF_ACCOUNTDISABLE),
ldb.FLAG_MOD_REPLACE, "userAccountControl")
self.samdb.modify(m)
@@ -542,28 +556,28 @@ class UserAccountControlTests(samba.tests.TestCase):
if bit in account_types:
self.assertEqual(int(res[0]["userAccountControl"][0]),
- bit |UF_ACCOUNTDISABLE |UF_PASSWD_NOTREQD,
+ bit | UF_ACCOUNTDISABLE | UF_PASSWD_NOTREQD,
"bit 0X%08x should have been added (0X%08x vs 0X%08x)"
% (bit, int(res[0]["userAccountControl"][0]),
- bit |UF_ACCOUNTDISABLE |UF_PASSWD_NOTREQD))
+ bit | UF_ACCOUNTDISABLE | UF_PASSWD_NOTREQD))
elif bit in ignored_bits:
self.assertEqual(int(res[0]["userAccountControl"][0]),
- UF_NORMAL_ACCOUNT |UF_ACCOUNTDISABLE |UF_PASSWD_NOTREQD,
+ UF_NORMAL_ACCOUNT | UF_ACCOUNTDISABLE | UF_PASSWD_NOTREQD,
"bit 0X%08x should have been added (0X%08x vs 0X%08x)"
% (bit, int(res[0]["userAccountControl"][0]),
- UF_NORMAL_ACCOUNT |UF_ACCOUNTDISABLE |UF_PASSWD_NOTREQD))
+ UF_NORMAL_ACCOUNT | UF_ACCOUNTDISABLE | UF_PASSWD_NOTREQD))
else:
self.assertEqual(int(res[0]["userAccountControl"][0]),
- bit |UF_NORMAL_ACCOUNT |UF_ACCOUNTDISABLE |UF_PASSWD_NOTREQD,
+ bit | UF_NORMAL_ACCOUNT | UF_ACCOUNTDISABLE | UF_PASSWD_NOTREQD,
"bit 0X%08x should have been added (0X%08x vs 0X%08x)"
% (bit, int(res[0]["userAccountControl"][0]),
- bit |UF_NORMAL_ACCOUNT |UF_ACCOUNTDISABLE |UF_PASSWD_NOTREQD))
+ bit | UF_NORMAL_ACCOUNT | UF_ACCOUNTDISABLE | UF_PASSWD_NOTREQD))
try:
m = ldb.Message()
m.dn = res[0].dn
- m["userAccountControl"] = ldb.MessageElement(str(UF_PASSWD_NOTREQD |UF_ACCOUNTDISABLE),
+ m["userAccountControl"] = ldb.MessageElement(str(UF_PASSWD_NOTREQD | UF_ACCOUNTDISABLE),
ldb.FLAG_MOD_REPLACE, "userAccountControl")
self.samdb.modify(m)
if bit in priv_to_remove_bits:
@@ -584,15 +598,15 @@ class UserAccountControlTests(samba.tests.TestCase):
if bit in priv_to_remove_bits:
if bit in account_types:
self.assertEqual(int(res[0]["userAccountControl"][0]),
- bit |UF_ACCOUNTDISABLE |UF_PASSWD_NOTREQD,
+ bit | UF_ACCOUNTDISABLE | UF_PASSWD_NOTREQD,
"bit 0X%08x should not have been removed" % bit)
else:
self.assertEqual(int(res[0]["userAccountControl"][0]),
- bit |UF_NORMAL_ACCOUNT |UF_ACCOUNTDISABLE |UF_PASSWD_NOTREQD,
+ bit | UF_NORMAL_ACCOUNT | UF_ACCOUNTDISABLE | UF_PASSWD_NOTREQD,
"bit 0X%08x should not have been removed" % bit)
else:
self.assertEqual(int(res[0]["userAccountControl"][0]),
- UF_NORMAL_ACCOUNT |UF_ACCOUNTDISABLE |UF_PASSWD_NOTREQD,
+ UF_NORMAL_ACCOUNT | UF_ACCOUNTDISABLE | UF_PASSWD_NOTREQD,
"bit 0X%08x should have been removed" % bit)
def test_uac_bits_unrelated_modify_normal(self):
@@ -693,7 +707,7 @@ class UserAccountControlTests(samba.tests.TestCase):
computername = self.computernames[0]
self.add_computer_ldap(computername,
- others={"userAccountControl": [str(UF_WORKSTATION_TRUST_ACCOUNT |UF_PARTIAL_SECRETS_ACCOUNT)]},
+ others={"userAccountControl": [str(UF_WORKSTATION_TRUST_ACCOUNT | UF_PARTIAL_SECRETS_ACCOUNT)]},
samdb=self.admin_samdb)
res = self.admin_samdb.search("%s" % self.base_dn,
expression="(&(objectClass=computer)(samAccountName=%s$))" % computername,
View Lorry Controller Status