ldap.js

samba最新软件

        var attrs = new Array("cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "memberOf");
	println("Testing ldb.search for (&(cn=ldaptestUSer2)(objectClass=user))");
	var res = ldb.search("(&(cn=ldaptestUSer2)(objectClass=user))", base_dn, ldb.SCOPE_SUBTREE, attrs);
	if (res.error != 0 || res.msgs.length != 1) {
		println("Could not find (&(cn=ldaptestUSer2)(objectClass=user))");
		assert(res.error == 0);
		assert(res.msgs.length == 1);
	}

	assert(res.msgs[0].dn == ("CN=ldaptestuser2,CN=Users," + base_dn));
	assert(res.msgs[0].cn == "ldaptestuser2");
	assert(res.msgs[0].name == "ldaptestuser2");
	assert(res.msgs[0].objectClass[0] == "top");
	assert(res.msgs[0].objectClass[1] == "person");
	assert(res.msgs[0].objectClass[2] == "organizationalPerson");
	assert(res.msgs[0].objectClass[3] == "user");
	assert(res.msgs[0].objectGUID != undefined);
	assert(res.msgs[0].whenCreated != undefined);
	assert(res.msgs[0].nTSecurityDescriptor != undefined);
	assert(res.msgs[0].memberOf[0] == ("CN=ldaptestgroup2,CN=Users," + base_dn));

        var attrs = new Array("cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member");
	println("Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group))");
	var res = ldb.search("(&(cn=ldaptestgroup2)(objectClass=group))", base_dn, ldb.SCOPE_SUBTREE, attrs);
	if (res.error != 0 || res.msgs.length != 1) {
		println("Could not find (&(cn=ldaptestgroup2)(objectClass=group))");
		assert(res.error == 0);
		assert(res.msgs.length == 1);
	}

	assert(res.msgs[0].dn == ("CN=ldaptestgroup2,CN=Users," + base_dn));
	assert(res.msgs[0].cn == "ldaptestgroup2");
	assert(res.msgs[0].name == "ldaptestgroup2");
	assert(res.msgs[0].objectClass[0] == "top");
	assert(res.msgs[0].objectClass[1] == "group");
	assert(res.msgs[0].objectGUID != undefined);
	assert(res.msgs[0].whenCreated != undefined);
	assert(res.msgs[0].nTSecurityDescriptor != undefined);
	assert(res.msgs[0].member[0] == ("CN=ldaptestuser2,CN=Users," + base_dn));
	assert(res.msgs[0].member.length == 1);

	ok = ldb.modify("
dn: cn=ldaptestgroup2,cn=users," + base_dn + "
changetype: modify
replace: member
member: CN=ldaptestuser2,CN=Users," + base_dn + "
member: CN=ldaptestutf8user 猫霉茅矛貌脿,CN=Users," + base_dn + "
");
	if (ok.error != 0) {
		println("Failure testing replace of linked attributes");
		println(ok.errstr);
		assert(ok.error == 0);
	}
	
	println("Testing Linked attribute behaviours");
	ok = ldb.modify("
dn: cn=ldaptestgroup2,cn=users," + base_dn + "
changetype: modify
delete: member
");
	if (ok.error != 0) {
		println("Failure testing delete of linked attributes");
		println(ok.errstr);
		assert(ok.error == 0);
	}
	
	ok = ldb.modify("
dn: cn=ldaptestgroup2,cn=users," + base_dn + "
changetype: modify
add: member
member: CN=ldaptestuser2,CN=Users," + base_dn + "
member: CN=ldaptestutf8user 猫霉茅矛貌脿,CN=Users," + base_dn + "
");
	if (ok.error != 0) {
		println("Failure testing add of linked attributes");
		println(ok.errstr);
		assert(ok.error == 0);
	}
	
	ok = ldb.modify("
dn: cn=ldaptestgroup2,cn=users," + base_dn + "
changetype: modify
replace: member
");
	if (ok.error != 0) {
		println("Failure testing replace of linked attributes");
		println(ok.errstr);
		assert(ok.error == 0);
	}
	
	ok = ldb.modify("
dn: cn=ldaptestgroup2,cn=users," + base_dn + "
changetype: modify
add: member
member: CN=ldaptestuser2,CN=Users," + base_dn + "
member: CN=ldaptestutf8user 猫霉茅矛貌脿,CN=Users," + base_dn + "
");
	if (ok.error != 0) {
		println("Failure testing add of linked attributes");
		println(ok.errstr);
		assert(ok.error == 0);
	}
	
	ok = ldb.modify("
dn: cn=ldaptestgroup2,cn=users," + base_dn + "
changetype: modify
delete: member
member: CN=ldaptestutf8user 猫霉茅矛貌脿,CN=Users," + base_dn + "
");
	if (ok.error != 0) {
		println("Failure testing replace of linked attributes");
		println(ok.errstr);
		assert(ok.error == 0);
	}
	
	var res = ldb.search("(&(cn=ldaptestgroup2)(objectClass=group))", base_dn, ldb.SCOPE_SUBTREE, attrs);
	if (res.error != 0 || res.msgs.length != 1) {
		println("Could not find (&(cn=ldaptestgroup2)(objectClass=group))");
		assert(res.error == 0);
		assert(res.msgs.length == 1);
	}

	assert(res.msgs[0].dn == ("CN=ldaptestgroup2,CN=Users," + base_dn));
	assert(res.msgs[0].member[0] == ("CN=ldaptestuser2,CN=Users," + base_dn));
	assert(res.msgs[0].member.length == 1);

	ok = ldb.del(("CN=ldaptestuser2,CN=Users," + base_dn));
	if (ok.error != 0) {
		println(ok.errstr);
		assert(ok.error == 0);
	}

        var attrs = new Array("cn", "name", "objectClass", "objectGUID", "whenCreated", "nTSecurityDescriptor", "member");
	println("Testing ldb.search for (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete");
	var res = ldb.search("(&(cn=ldaptestgroup2)(objectClass=group))", base_dn, ldb.SCOPE_SUBTREE, attrs);
	if (res.error != 0 || res.msgs.length != 1) {
		println("Could not find (&(cn=ldaptestgroup2)(objectClass=group)) to check linked delete");
		assert(res.error == 0);
		assert(res.msgs.length == 1);
	}

	assert(res.msgs[0].dn == ("CN=ldaptestgroup2,CN=Users," + base_dn));
	assert(res.msgs[0].member == undefined);

	println("Testing ldb.search for (&(cn=ldaptestutf8user 脠脵脡脤脪脌)(objectClass=user))");
	var res = ldb.search("(&(cn=ldaptestutf8user 脠脵脡脤脪脌)(objectClass=user))");

	if (res.error != 0 || res.msgs.length != 1) {
		println("Could not find (&(cn=ldaptestutf8user 脠脵脡脤脪脌)(objectClass=user))");
		assert(res.error == 0);
		assert(res.msgs.length == 1);
	}

	assert(res.msgs[0].dn == ("CN=ldaptestutf8user 猫霉茅矛貌脿,CN=Users," + base_dn));
	assert(res.msgs[0].cn == "ldaptestutf8user 猫霉茅矛貌脿");
	assert(res.msgs[0].name == "ldaptestutf8user 猫霉茅矛貌脿");
	assert(res.msgs[0].objectClass[0] == "top");
	assert(res.msgs[0].objectClass[1] == "person");
	assert(res.msgs[0].objectClass[2] == "organizationalPerson");
	assert(res.msgs[0].objectClass[3] == "user");
	assert(res.msgs[0].objectGUID != undefined);
	assert(res.msgs[0].whenCreated != undefined);

	ok = ldb.del(res.msgs[0].dn);
	if (ok.error != 0) {
		println(ok.errstr);
		assert(ok.error == 0);
	}

	println("Testing ldb.search for (&(cn=ldaptestutf8user2*)(objectClass=user))");
	var res = ldb.search("(&(cn=ldaptestutf8user2*)(objectClass=user))");
	if (res.error != 0 || res.msgs.length != 1) {
		println("Could not find (&(cn=ldaptestutf8user2*)(objectClass=user))");
		assert(res.error == 0);
		assert(res.msgs.length == 1);
	}

	ok = ldb.del(res.msgs[0].dn);
	if (ok.error != 0) {
		println(ok.errstr);
		assert(ok.error == 0);
	}

	ok = ldb.del(("CN=ldaptestgroup2,CN=Users," + base_dn))
	if (ok.error != 0) {
		println(ok.errstr);
		assert(ok.error == 0);
	}

	println("Testing ldb.search for (&(cn=ldaptestutf8user2 脠脵脡脤脪脌)(objectClass=user))");
	var res = ldb.search("(&(cn=ldaptestutf8user 脠脵脡脤脪脌)(objectClass=user))");

	if (res.error != 0 || res.msgs.length != 1) {
		println("Could not find (expect space collapse, win2k3 fails) (&(cn=ldaptestutf8user2 脠脵脡脤脪脌)(objectClass=user))");
	} else {
		assert(res.msgs[0].dn == ("cn=ldaptestutf8user2 猫霉茅矛貌脿,cn=users," + base_dn));
		assert(res.msgs[0].cn == "ldaptestutf8user2 猫霉茅矛貌脿");
	}

	println("Testing that we can't get at the configuration DN from the main search base");
	var attrs = new Array("cn");
	var res = ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs);
	assert(res.error == 0);
	if (res.msgs.length != 0) {
		println("Got configuration DN " + res.msgs[0].dn + " which should not be able to be seen from main search base");
	}
	assert(res.msgs.length == 0);

	println("Testing that we can get at the configuration DN from the main search base on the LDAP port with the 'phantom root' search_options control");
	var attrs = new Array("cn");
	var controls = new Array("search_options:1:2");
	var res = ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
	assert(res.error == 0);
	assert(res.msgs.length > 0);

	if (gc_ldb != undefined) {
		println("Testing that we can get at the configuration DN from the main search base on the GC port with the search_options control == 0");
		var attrs = new Array("cn");
		var controls = new Array("search_options:1:0");
		var res = gc_ldb.search("objectClass=crossRef", base_dn, gc_ldb.SCOPE_SUBTREE, attrs, controls);
		assert(res.error == 0);
		assert(res.msgs.length > 0);

		println("Testing that we do find configuration elements in the global catlog");
		var attrs = new Array("cn");
		var res = gc_ldb.search("objectClass=crossRef", base_dn, ldb.SCOPE_SUBTREE, attrs);
		assert(res.error == 0);
		assert (res.msgs.length > 0);
	
		println("Testing that we do find configuration elements and user elements at the same time");
		var attrs = new Array("cn");
		var res = gc_ldb.search("(|(objectClass=crossRef)(objectClass=person))", base_dn, ldb.SCOPE_SUBTREE, attrs);
		assert(res.error == 0);
		assert (res.msgs.length > 0);

		println("Testing that we do find configuration elements in the global catlog, with the configuration basedn");
		var attrs = new Array("cn");
		var res = gc_ldb.search("objectClass=crossRef", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
		assert(res.error == 0);
		assert (res.msgs.length > 0);
	}

	println("Testing that we can get at the configuration DN on the main LDAP port");
	var attrs = new Array("cn");
	var res = ldb.search("objectClass=crossRef", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
	assert(res.error == 0);
	assert (res.msgs.length > 0);

	println("Testing objectCategory canonacolisation");
	var attrs = new Array("cn");
	var res = ldb.search("objectCategory=ntDsDSA", configuration_dn, ldb.SCOPE_SUBTREE, attrs);
	assert(res.error == 0);
	if (res.msgs.length == 0) {
		println("Didn't find any records with objectCategory=ntDsDSA");
	}
	assert(res.msgs.length != 0);
	
	var attrs = new Array("cn");
	var res = ldb.search("objectCategory=CN=ntDs-DSA," + schema_dn, configuration_dn, ldb.SCOPE_SUBTREE, attrs);
	assert(res.error == 0);
	if (res.msgs.length == 0) {
		println("Didn't find any records with objectCategory=CN=ntDs-DSA," + schema_dn);
	}
	assert(res.msgs.length != 0);
	
	println("Testing objectClass attribute order on "+ base_dn);
	var attrs = new Array("objectClass");
	var res = ldb.search("objectClass=domain", base_dn, ldb.SCOPE_BASE, attrs);
	assert(res.error == 0);
	assert(res.msgs.length == 1);

	assert(res.msgs[0].objectClass[0] == "top");
	assert(res.msgs[0].objectClass[1] == "domain");
	assert(res.msgs[0].objectClass[2] == "domainDNS");

//  check enumeration

 	var attrs = new Array("cn");
	println("Testing ldb.search for objectCategory=person");
	var res = ldb.search("objectCategory=person", base_dn, ldb.SCOPE_SUBTREE, attrs);
	assert(res.error == 0);
	assert(res.msgs.length > 0);

 	var attrs = new Array("cn");
	var controls = new Array("domain_scope:1");
	println("Testing ldb.search for objectCategory=person with domain scope control");
	var res = ldb.search("objectCategory=person", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
	assert(res.error == 0);
	assert(res.msgs.length > 0);
 
	var attrs = new Array("cn");
	println("Testing ldb.search for objectCategory=user");
	var res = ldb.search("objectCategory=user", base_dn, ldb.SCOPE_SUBTREE, attrs);
	assert(res.error == 0);
	assert(res.msgs.length > 0);

 	var attrs = new Array("cn");
	var controls = new Array("domain_scope:1");
	println("Testing ldb.search for objectCategory=user with domain scope control");
	var res = ldb.search("objectCategory=user", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
	assert(res.error == 0);
	assert(res.msgs.length > 0);
	
 	var attrs = new Array("cn");
	println("Testing ldb.search for objectCategory=group");
	var res = ldb.search("objectCategory=group", base_dn, ldb.SCOPE_SUBTREE, attrs);
	assert(res.error == 0);
	assert(res.msgs.length > 0);

 	var attrs = new Array("cn");
	var controls = new Array("domain_scope:1");
	println("Testing ldb.search for objectCategory=group with domain scope control");
	var res = ldb.search("objectCategory=group", base_dn, ldb.SCOPE_SUBTREE, attrs, controls);
	assert(res.error == 0);
	assert(res.msgs.length > 0);
	
}

function basedn_tests(ldb, gc_ldb)
{
	println("Testing for all rootDSE attributes");
	var attrs = new Array();
	var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
	assert(res.error == 0);
	assert(res.msgs.length == 1);

	println("Testing for highestCommittedUSN");
	var attrs = new Array("highestCommittedUSN");
	var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
	assert(res.error == 0);
	assert(res.msgs.length == 1);
	assert(res.msgs[0].highestCommittedUSN != undefined);
	assert(res.msgs[0].highestCommittedUSN != 0);

	println("Testing for netlogon via LDAP");
	var attrs = new Array("netlogon");
	var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
	assert(res.error == 0);
	assert(res.msgs.length == 0);

	println("Testing for netlogon and highestCommittedUSN via LDAP");
	var attrs = new Array("netlogon", "highestCommittedUSN");
	var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
	assert(res.error == 0);
	assert(res.msgs.length == 0);
}

function find_basedn(ldb)
{
    var attrs = new Array("defaultNamingContext");
    var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
    assert(res.error == 0);
    assert(res.msgs.length == 1);
    return res.msgs[0].defaultNamingContext;
}

function find_configurationdn(ldb)
{
    var attrs = new Array("configurationNamingContext");
    var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
    assert(res.error == 0);
    assert(res.msgs.length == 1);
    return res.msgs[0].configurationNamingContext;
}

function find_schemadn(ldb)
{
    var attrs = new Array("schemaNamingContext");
    var res = ldb.search("", "", ldb.SCOPE_BASE, attrs);
    assert(res.error == 0);
    assert(res.msgs.length == 1);
    return res.msgs[0].schemaNamingContext;
}

/* use command line creds if available */
ldb.credentials = options.get_credentials();
gc_ldb.credentials = options.get_credentials();

var ok = ldb.connect("ldap://" + host);
var base_dn = find_basedn(ldb);

var configuration_dn = find_configurationdn(ldb);
var schema_dn = find_schemadn(ldb);

println("baseDN: %s\n", base_dn);

var ok = gc_ldb.connect("ldap://" + host + ":3268");
if (!ok) {
	gc_ldb = undefined;
}

basic_tests(ldb, gc_ldb, base_dn, configuration_dn, schema_dn)

basedn_tests(ldb, gc_ldb)

return 0;