[SCM] Samba Shared Repository - branch master updated
Matthias Dieter Wallnöfer
mdw at samba.org
Mon Nov 1 08:37:02 MDT 2010
The branch, master has been updated
via 8770c8f s4:samldb LDB module - the "sAMAccountName" cannot be substituted by nothing
via 2f94804 s4:sam.py - additional testing for "servicePrincipalName" updates
via 1b2f4c1 s4:samldb LDB module - support now the full "servicePrincipalName" update trigger
via 3eb0311 s4:samldb LDB module - "sAMAccountName" checker
from 9b0f8a8 s4-ldb: use ldb_set_modules_dir() to load additional ldb modules
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 8770c8fe2fa1dbb5ecb1c2575187aed319356670
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Mon Nov 1 14:36:06 2010 +0100
s4:samldb LDB module - the "sAMAccountName" cannot be substituted by nothing
Autobuild-User: Matthias Dieter Wallnöfer <mdw at samba.org>
Autobuild-Date: Mon Nov 1 14:36:24 UTC 2010 on sn-devel-104
commit 2f9480407dced4e39aeae5681acfa5454fd8fda4
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Mon Nov 1 14:14:35 2010 +0100
s4:sam.py - additional testing for "servicePrincipalName" updates
commit 1b2f4c11a0893f999074b99ef875e33a7a99392d
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Mon Nov 1 13:31:52 2010 +0100
s4:samldb LDB module - support now the full "servicePrincipalName" update trigger
With "dNSHostName" and/or "sAMAccountName" updates
commit 3eb0311aa6c3ea09e46b71728eababe0d60c0aca
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Mon Nov 1 12:59:51 2010 +0100
s4:samldb LDB module - "sAMAccountName" checker
We need a "talloc_steal" for the retrieved "sAMAccountName" since the
memory is afterwards freed using the "talloc_free" call.
-----------------------------------------------------------------------
Summary of changes:
source4/dsdb/samdb/ldb_modules/samldb.c | 140 ++++++++++++++-----
source4/dsdb/tests/python/sam.py | 240 +++++++++++++++++++++++++++++--
2 files changed, 334 insertions(+), 46 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index 43602ce..13b173a 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -177,7 +177,10 @@ static int samldb_check_sAMAccountName(struct samldb_ctx *ac)
name = ldb_msg_find_attr_as_string(ac->msg, "sAMAccountName", NULL);
if (name == NULL) {
- return ldb_operr(ldb);
+ /* The "sAMAccountName" cannot be nothing */
+ ldb_set_errstring(ldb,
+ "samldb: Empty account names aren't allowed!");
+ return LDB_ERR_CONSTRAINT_VIOLATION;
}
ret = samdb_search_count(ldb, ac, NULL, "(sAMAccountName=%s)",
@@ -1384,12 +1387,15 @@ static int samldb_sam_accountname_check(struct samldb_ctx *ac)
if (ret != LDB_SUCCESS) {
return ret;
}
- sam_accountname = ldb_msg_find_attr_as_string(tmp_msg, "sAMAccountName",
- NULL);
+ sam_accountname = talloc_steal(ac,
+ ldb_msg_find_attr_as_string(tmp_msg, "sAMAccountName", NULL));
talloc_free(tmp_msg);
if (sam_accountname == NULL) {
- return ldb_operr(ldb);
+ /* The "sAMAccountName" cannot be nothing */
+ ldb_set_errstring(ldb,
+ "samldb: Empty account names aren't allowed!");
+ return LDB_ERR_UNWILLING_TO_PERFORM;
}
enc_str = ldb_binary_encode_string(ac, sam_accountname);
@@ -1510,15 +1516,16 @@ static int samldb_member_check(struct samldb_ctx *ac)
}
/* This trigger adapts the "servicePrincipalName" attributes if the
- * "dNSHostName" attribute changes */
+ * "dNSHostName" and/or "sAMAccountName" attribute change(s) */
static int samldb_service_principal_names_change(struct samldb_ctx *ac)
{
struct ldb_context *ldb = ldb_module_get_ctx(ac->module);
- struct ldb_message_element *el = NULL;
+ struct ldb_message_element *el = NULL, *el2 = NULL;
struct ldb_message *msg;
const char *attrs[] = { "servicePrincipalName", NULL };
struct ldb_result *res;
- const char *dns_hostname, *old_dns_hostname;
+ const char *dns_hostname = NULL, *old_dns_hostname = NULL,
+ *sam_accountname = NULL, *old_sam_accountname = NULL;
unsigned int i;
int ret;
@@ -1530,40 +1537,98 @@ static int samldb_service_principal_names_change(struct samldb_ctx *ac)
* write protected
*/
for (i = 0; i < ac->msg->num_elements; i++) {
- if (ldb_attr_cmp(ac->msg->elements[i].name,
- "dNSHostName") != 0) {
- continue;
- }
-
- if (LDB_FLAG_MOD_TYPE(ac->msg->elements[i].flags)
- != LDB_FLAG_MOD_DELETE) {
+ if ((ldb_attr_cmp(ac->msg->elements[i].name,
+ "dNSHostName") == 0) &&
+ (LDB_FLAG_MOD_TYPE(ac->msg->elements[i].flags)
+ != LDB_FLAG_MOD_DELETE)) {
el = &ac->msg->elements[i];
}
+ if ((ldb_attr_cmp(ac->msg->elements[i].name,
+ "sAMAccountName") == 0) &&
+ (LDB_FLAG_MOD_TYPE(ac->msg->elements[i].flags)
+ != LDB_FLAG_MOD_DELETE)) {
+ el2 = &ac->msg->elements[i];
+ }
}
- if (el == NULL) {
+ if ((el == NULL) && (el2 == NULL)) {
/* we are not affected */
return LDB_SUCCESS;
}
/* Create a temporary message for fetching the "dNSHostName" */
- msg = ldb_msg_new(ac->msg);
- if (msg == NULL) {
- return ldb_module_oom(ac->module);
+ if (el != NULL) {
+ msg = ldb_msg_new(ac->msg);
+ if (msg == NULL) {
+ return ldb_module_oom(ac->module);
+ }
+ ret = ldb_msg_add(msg, el, 0);
+ if (ret != LDB_SUCCESS) {
+ return ret;
+ }
+ dns_hostname = talloc_steal(ac,
+ ldb_msg_find_attr_as_string(msg, "dNSHostName", NULL));
+ talloc_free(msg);
+
+ old_dns_hostname = samdb_search_string(ldb, ac, ac->msg->dn,
+ "dNSHostName", NULL);
}
- ret = ldb_msg_add(msg, el, 0);
- if (ret != LDB_SUCCESS) {
- return ret;
+
+ /* Create a temporary message for fetching the "sAMAccountName" */
+ if (el2 != NULL) {
+ char *tempstr, *tempstr2;
+
+ msg = ldb_msg_new(ac->msg);
+ if (msg == NULL) {
+ return ldb_module_oom(ac->module);
+ }
+ ret = ldb_msg_add(msg, el2, 0);
+ if (ret != LDB_SUCCESS) {
+ return ret;
+ }
+ tempstr = talloc_strdup(ac,
+ ldb_msg_find_attr_as_string(msg, "sAMAccountName", NULL));
+ talloc_free(msg);
+
+ tempstr2 = talloc_strdup(ac,
+ samdb_search_string(ldb, ac, ac->msg->dn, "sAMAccountName", NULL));
+
+ /* The "sAMAccountName" needs some additional trimming: we need
+ * to remove the trailing "$"s if they exist. */
+ if ((tempstr != NULL) && (tempstr[0] != '\0') &&
+ (tempstr[strlen(tempstr) - 1] == '$')) {
+ tempstr[strlen(tempstr) - 1] = '\0';
+ }
+ if ((tempstr2 != NULL) && (tempstr2[0] != '\0') &&
+ (tempstr2[strlen(tempstr2) - 1] == '$')) {
+ tempstr2[strlen(tempstr2) - 1] = '\0';
+ }
+ sam_accountname = tempstr;
+ old_sam_accountname = tempstr2;
}
- dns_hostname = ldb_msg_find_attr_as_string(msg, "dNSHostName", "");
- talloc_free(msg);
- old_dns_hostname = samdb_search_string(ldb, ac, ac->msg->dn,
- "dNSHostName", NULL);
- if ((old_dns_hostname == NULL) || (strcasecmp(old_dns_hostname,
- dns_hostname) == 0)) {
- /* Well, if there's no old DNS hostname then we cannot do this.
- * And if old and new DNS name do match we are also finished
- * here. */
+ if (old_dns_hostname == NULL) {
+ /* we cannot change when the old name is unknown */
+ dns_hostname = NULL;
+ }
+ if ((old_dns_hostname != NULL) && (dns_hostname != NULL) &&
+ (strcasecmp(old_dns_hostname, dns_hostname) == 0)) {
+ /* The "dNSHostName" didn't change */
+ dns_hostname = NULL;
+ }
+
+ if (old_sam_accountname == NULL) {
+ /* we cannot change when the old name is unknown */
+ sam_accountname = NULL;
+ }
+ if ((old_sam_accountname != NULL) && (sam_accountname != NULL) &&
+ (strcasecmp(old_sam_accountname, sam_accountname) == 0)) {
+ /* The "sAMAccountName" didn't change */
+ sam_accountname = NULL;
+ }
+
+ if ((dns_hostname == NULL) && (sam_accountname == NULL)) {
+ /* Well, there are informations missing (old name(s)) or the
+ * names didn't change. We've nothing to do and can exit here */
return LDB_SUCCESS;
}
@@ -1610,7 +1675,8 @@ static int samldb_service_principal_names_change(struct samldb_ctx *ac)
if (res->msgs[0]->num_elements == 1) {
/* Yes, we do have "servicePrincipalName"s. First we update them
* locally, that means we do always substitute the current
- * "dNSHostName" with the new one and then we append this to the
+ * "dNSHostName" with the new one and/or "sAMAccountName"
+ * without "$" with the new one and then we append this to the
* modification request (Windows behaviour). */
for (i = 0; i < res->msgs[0]->elements[0].num_values; i++) {
@@ -1627,9 +1693,14 @@ static int samldb_service_principal_names_change(struct samldb_ctx *ac)
}
while ((tok = strtok_r(NULL, "/", &pos)) != NULL) {
- if (strcasecmp(tok, old_dns_hostname) == 0) {
+ if ((dns_hostname != NULL) &&
+ (strcasecmp(tok, old_dns_hostname) == 0)) {
tok = dns_hostname;
}
+ if ((sam_accountname != NULL) &&
+ (strcasecmp(tok, old_sam_accountname) == 0)) {
+ tok = sam_accountname;
+ }
new_str = talloc_asprintf(ac->msg, "%s/%s",
new_str, tok);
@@ -1756,7 +1827,7 @@ static int samldb_modify(struct ldb_module *module, struct ldb_request *req)
{
struct ldb_context *ldb;
struct samldb_ctx *ac;
- struct ldb_message_element *el;
+ struct ldb_message_element *el, *el2;
bool modified = false;
int ret;
@@ -1857,7 +1928,8 @@ static int samldb_modify(struct ldb_module *module, struct ldb_request *req)
}
el = ldb_msg_find_element(ac->msg, "dNSHostName");
- if (el != NULL) {
+ el2 = ldb_msg_find_element(ac->msg, "sAMAccountName");
+ if ((el != NULL) || (el2 != NULL)) {
modified = true;
ret = samldb_service_principal_names_change(ac);
if (ret != LDB_SUCCESS) {
diff --git a/source4/dsdb/tests/python/sam.py b/source4/dsdb/tests/python/sam.py
index cc27894..6d5b1a2 100755
--- a/source4/dsdb/tests/python/sam.py
+++ b/source4/dsdb/tests/python/sam.py
@@ -136,6 +136,17 @@ class SamTests(unittest.TestCase):
self.assertEquals(num, ERR_ENTRY_ALREADY_EXISTS)
self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
+ # Try to create a user with an invalid account name
+ try:
+ ldb.add({
+ "dn": "cn=ldaptestuser,cn=users," + self.base_dn,
+ "objectclass": "user",
+ "sAMAccountName": []})
+ self.fail()
+ except LdbError, (num, _):
+ self.assertEquals(num, ERR_CONSTRAINT_VIOLATION)
+ self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
+
# Try to create a user with an invalid primary group
try:
ldb.add({
@@ -714,6 +725,16 @@ class SamTests(unittest.TestCase):
m = Message()
m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
+ m["sAMAccountName"] = MessageElement([], FLAG_MOD_REPLACE,
+ "sAMAccountName")
+ try:
+ ldb.modify(m)
+ self.fail()
+ except LdbError, (num, _):
+ self.assertEquals(num, ERR_UNWILLING_TO_PERFORM)
+
+ m = Message()
+ m.dn = Dn(ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
m["sAMAccountName"] = MessageElement([], FLAG_MOD_DELETE,
"sAMAccountName")
try:
@@ -1875,9 +1896,9 @@ class SamTests(unittest.TestCase):
self.delete_force(self.ldb, "cn=ldaptestuser,cn=users," + self.base_dn)
self.delete_force(self.ldb, "cn=ldaptestcomputer,cn=computers," + self.base_dn)
- def test_dNSHostName(self):
- """Test the dNSHostName behaviour"""
- print "Testing dNSHostName behaviour\n"
+ def test_service_principal_name_updates(self):
+ """Test the servicePrincipalNames update behaviour"""
+ print "Testing servicePrincipalNames update behaviour\n"
ldb.add({
"dn": "cn=ldaptestcomputer,cn=computers," + self.base_dn,
@@ -1885,7 +1906,7 @@ class SamTests(unittest.TestCase):
"dNSHostName": "testname.testdom"})
res = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
- scope=SCOPE_BASE, attrs=["servicePrincipalName"])
+ scope=SCOPE_BASE, attrs=["servicePrincipalName"])
self.assertTrue(len(res) == 1)
self.assertFalse("servicePrincipalName" in res[0])
@@ -1910,12 +1931,12 @@ class SamTests(unittest.TestCase):
"servicePrincipalName": "HOST/testname.testdom"})
res = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
- scope=SCOPE_BASE, attrs=["dNSHostName"])
+ scope=SCOPE_BASE, attrs=["dNSHostName"])
self.assertTrue(len(res) == 1)
self.assertEquals(res[0]["dNSHostName"][0], "testname2.testdom")
res = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
- scope=SCOPE_BASE, attrs=["servicePrincipalName"])
+ scope=SCOPE_BASE, attrs=["servicePrincipalName"])
self.assertTrue(len(res) == 1)
self.assertEquals(res[0]["servicePrincipalName"][0],
"HOST/testname.testdom")
@@ -1927,7 +1948,7 @@ class SamTests(unittest.TestCase):
ldb.modify(m)
res = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
- scope=SCOPE_BASE, attrs=["servicePrincipalName"])
+ scope=SCOPE_BASE, attrs=["servicePrincipalName"])
self.assertTrue(len(res) == 1)
self.assertEquals(res[0]["servicePrincipalName"][0],
"HOST/testname.testdom")
@@ -1939,7 +1960,7 @@ class SamTests(unittest.TestCase):
ldb.modify(m)
res = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
- scope=SCOPE_BASE, attrs=["servicePrincipalName"])
+ scope=SCOPE_BASE, attrs=["servicePrincipalName"])
self.assertTrue(len(res) == 1)
self.assertEquals(res[0]["servicePrincipalName"][0],
"HOST/testname2.testdom2")
@@ -1951,7 +1972,7 @@ class SamTests(unittest.TestCase):
ldb.modify(m)
res = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
- scope=SCOPE_BASE, attrs=["servicePrincipalName"])
+ scope=SCOPE_BASE, attrs=["servicePrincipalName"])
self.assertTrue(len(res) == 1)
self.assertEquals(res[0]["servicePrincipalName"][0],
"HOST/testname2.testdom2")
@@ -1963,7 +1984,7 @@ class SamTests(unittest.TestCase):
ldb.modify(m)
res = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
- scope=SCOPE_BASE, attrs=["servicePrincipalName"])
+ scope=SCOPE_BASE, attrs=["servicePrincipalName"])
self.assertTrue(len(res) == 1)
self.assertEquals(res[0]["servicePrincipalName"][0],
"HOST/testname2.testdom2")
@@ -1999,7 +2020,7 @@ class SamTests(unittest.TestCase):
ldb.modify(m)
res = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
- scope=SCOPE_BASE, attrs=["servicePrincipalName"])
+ scope=SCOPE_BASE, attrs=["servicePrincipalName"])
self.assertTrue(len(res) == 1)
self.assertEquals(res[0]["servicePrincipalName"][0],
"HOST/testname2.testdom2")
@@ -2018,12 +2039,207 @@ class SamTests(unittest.TestCase):
ldb.modify(m)
res = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
- scope=SCOPE_BASE, attrs=["servicePrincipalName"])
+ scope=SCOPE_BASE, attrs=["servicePrincipalName"])
+ self.assertTrue(len(res) == 1)
+ self.assertFalse("servicePrincipalName" in res[0])
+
+ self.delete_force(self.ldb, "cn=ldaptestcomputer,cn=computers," + self.base_dn)
+
+ ldb.add({
+ "dn": "cn=ldaptestcomputer,cn=computers," + self.base_dn,
+ "objectclass": "computer",
+ "sAMAccountName": "testname$"})
+
+ res = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
+ scope=SCOPE_BASE, attrs=["servicePrincipalName"])
self.assertTrue(len(res) == 1)
self.assertFalse("servicePrincipalName" in res[0])
self.delete_force(self.ldb, "cn=ldaptestcomputer,cn=computers," + self.base_dn)
+ ldb.add({
+ "dn": "cn=ldaptestcomputer,cn=computers," + self.base_dn,
+ "objectclass": "computer",
+ "servicePrincipalName": "HOST/testname"})
+
+ res = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
+ scope=SCOPE_BASE, attrs=["sAMAccountName"])
+ self.assertTrue(len(res) == 1)
+ self.assertTrue("sAMAccountName" in res[0])
+
+ self.delete_force(self.ldb, "cn=ldaptestcomputer,cn=computers," + self.base_dn)
+
+ ldb.add({
+ "dn": "cn=ldaptestcomputer,cn=computers," + self.base_dn,
+ "objectclass": "computer",
+ "sAMAccountName": "testname$",
+ "servicePrincipalName": "HOST/testname"})
+
+ res = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
+ scope=SCOPE_BASE, attrs=["sAMAccountName"])
+ self.assertTrue(len(res) == 1)
+ self.assertEquals(res[0]["sAMAccountName"][0], "testname$")
+
+ res = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
+ scope=SCOPE_BASE, attrs=["servicePrincipalName"])
+ self.assertTrue(len(res) == 1)
+ self.assertEquals(res[0]["servicePrincipalName"][0],
+ "HOST/testname")
+
+ m = Message()
+ m.dn = Dn(ldb, "cn=ldaptestcomputer,cn=computers," + self.base_dn)
+ m["sAMAccountName"] = MessageElement("testnamE$",
+ FLAG_MOD_REPLACE, "sAMAccountName")
+ ldb.modify(m)
+
+ res = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
+ scope=SCOPE_BASE, attrs=["servicePrincipalName"])
+ self.assertTrue(len(res) == 1)
+ self.assertEquals(res[0]["servicePrincipalName"][0],
+ "HOST/testname")
+
+ m = Message()
+ m.dn = Dn(ldb, "cn=ldaptestcomputer,cn=computers," + self.base_dn)
+ m["sAMAccountName"] = MessageElement("testname",
+ FLAG_MOD_REPLACE, "sAMAccountName")
+ ldb.modify(m)
+
+ res = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
+ scope=SCOPE_BASE, attrs=["servicePrincipalName"])
+ self.assertTrue(len(res) == 1)
+ self.assertEquals(res[0]["servicePrincipalName"][0],
+ "HOST/testname")
+
+ m = Message()
+ m.dn = Dn(ldb, "cn=ldaptestcomputer,cn=computers," + self.base_dn)
+ m["sAMAccountName"] = MessageElement("test$name$",
+ FLAG_MOD_REPLACE, "sAMAccountName")
+ ldb.modify(m)
+
+ res = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
+ scope=SCOPE_BASE, attrs=["servicePrincipalName"])
+ self.assertTrue(len(res) == 1)
+ self.assertEquals(res[0]["servicePrincipalName"][0],
+ "HOST/test$name")
+
+ m = Message()
+ m.dn = Dn(ldb, "cn=ldaptestcomputer,cn=computers," + self.base_dn)
+ m["sAMAccountName"] = MessageElement("testname2",
+ FLAG_MOD_REPLACE, "sAMAccountName")
+ ldb.modify(m)
+
+ res = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
+ scope=SCOPE_BASE, attrs=["servicePrincipalName"])
+ self.assertTrue(len(res) == 1)
+ self.assertEquals(res[0]["servicePrincipalName"][0],
+ "HOST/testname2")
+
+ m = Message()
+ m.dn = Dn(ldb, "cn=ldaptestcomputer,cn=computers," + self.base_dn)
+ m["sAMAccountName"] = MessageElement("testname3",
+ FLAG_MOD_REPLACE, "sAMAccountName")
+ m["servicePrincipalName"] = MessageElement("HOST/testname2",
+ FLAG_MOD_REPLACE,
+ "servicePrincipalName")
+ ldb.modify(m)
+
+ res = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
+ scope=SCOPE_BASE, attrs=["servicePrincipalName"])
+ self.assertTrue(len(res) == 1)
+ self.assertEquals(res[0]["servicePrincipalName"][0],
+ "HOST/testname3")
+
+ m = Message()
+ m.dn = Dn(ldb, "cn=ldaptestcomputer,cn=computers," + self.base_dn)
+ m["servicePrincipalName"] = MessageElement("HOST/testname2",
+ FLAG_MOD_REPLACE,
+ "servicePrincipalName")
+ m["sAMAccountName"] = MessageElement("testname4",
+ FLAG_MOD_REPLACE, "sAMAccountName")
+ ldb.modify(m)
+
+ res = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
+ scope=SCOPE_BASE, attrs=["servicePrincipalName"])
+ self.assertTrue(len(res) == 1)
+ self.assertEquals(res[0]["servicePrincipalName"][0],
+ "HOST/testname2")
+
+ m = Message()
+ m.dn = Dn(ldb, "cn=ldaptestcomputer,cn=computers," + self.base_dn)
+ m["servicePrincipalName"] = MessageElement([],
+ FLAG_MOD_DELETE,
+ "servicePrincipalName")
+ ldb.modify(m)
+
+ m = Message()
+ m.dn = Dn(ldb, "cn=ldaptestcomputer,cn=computers," + self.base_dn)
+ m["sAMAccountName"] = MessageElement("testname2",
+ FLAG_MOD_REPLACE, "sAMAccountName")
+ ldb.modify(m)
+
+ res = ldb.search("cn=ldaptestcomputer,cn=computers," + self.base_dn,
+ scope=SCOPE_BASE, attrs=["servicePrincipalName"])
+ self.assertTrue(len(res) == 1)
+ self.assertFalse("servicePrincipalName" in res[0])
+
+ self.delete_force(self.ldb, "cn=ldaptestcomputer,cn=computers," + self.base_dn)
+
+ ldb.add({
+ "dn": "cn=ldaptestcomputer,cn=computers," + self.base_dn,
+ "objectclass": "computer",
+ "dNSHostName": "testname.testdom",
+ "sAMAccountName": "testname$",
+ "servicePrincipalName": [ "HOST/testname.testdom", "HOST/testname" ]
+ })
--
Samba Shared Repository
More information about the samba-cvs
mailing list