diff options
| author | Stefan Metzmacher <metze@samba.org> | 2022-03-04 21:53:06 +0100 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2022-03-10 03:16:35 +0000 |
| commit | 0b1fbc9d56e2a25e3f1527ee5bc54880bdc65fc6 (patch) | |
| tree | 2e21bcc28b686123c09cd557d011b3c21662ecf8 /source4/dsdb/tests/python | |
| parent | 751ce671a4af32bc1c56433a5a1c8161377856c5 (diff) | |
| download | samba-0b1fbc9d56e2a25e3f1527ee5bc54880bdc65fc6.tar.gz samba-0b1fbc9d56e2a25e3f1527ee5bc54880bdc65fc6.tar.bz2 samba-0b1fbc9d56e2a25e3f1527ee5bc54880bdc65fc6.zip | |
dsdb/tests: prepare BasePasswordTestCase for simple bind tests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13879
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4/dsdb/tests/python')
| -rw-r--r-- | source4/dsdb/tests/python/password_lockout_base.py | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/source4/dsdb/tests/python/password_lockout_base.py b/source4/dsdb/tests/python/password_lockout_base.py index d11c6439913..5b872980b15 100644 --- a/source4/dsdb/tests/python/password_lockout_base.py +++ b/source4/dsdb/tests/python/password_lockout_base.py @@ -5,6 +5,7 @@ from samba.credentials import Credentials, DONT_USE_KERBEROS, MUST_USE_KERBEROS from ldb import SCOPE_BASE, LdbError from ldb import ERR_CONSTRAINT_VIOLATION from ldb import ERR_INVALID_CREDENTIALS +from ldb import SUCCESS as LDB_SUCCESS from ldb import Message, MessageElement, Dn from ldb import FLAG_MOD_REPLACE from samba import gensec, dsdb @@ -212,11 +213,17 @@ class BasePasswordTestCase(PasswordTestCase): FLAG_MOD_REPLACE, "lockOutObservationWindow") self.ldb.modify(m) - def _readd_user(self, creds, lockOutObservationWindow=0): + def _readd_user(self, creds, lockOutObservationWindow=0, simple=False): username = creds.get_username() userpass = creds.get_password() userdn = "cn=%s,cn=users,%s" % (username, self.base_dn) + if simple: + creds.set_bind_dn(userdn) + ldap_url = self.host_url_ldaps + else: + ldap_url = self.host_url + delete_force(self.ldb, userdn) self.ldb.add({ "dn": userdn, @@ -247,10 +254,10 @@ userPassword: """ + userpass + """ self._check_account_initial(userdn) # Fail once to get a badPasswordTime - self.assertLoginFailure(self.host_url, fail_creds, self.lp) + self.assertLoginFailure(ldap_url, fail_creds, self.lp) # Succeed to reset everything to 0 - ldb = self.assertLoginSuccess(self.host_url, creds, self.lp) + ldb = self.assertLoginSuccess(ldap_url, creds, self.lp) return ldb @@ -361,10 +368,17 @@ lockoutThreshold: """ + str(lockoutThreshold) + """ userpass="thatsAcomplPASS0", kerberos_state=DONT_USE_KERBEROS) self.lockout1ntlm_ldb = self._readd_user(self.lockout1ntlm_creds) + self.lockout1simple_creds = self.insta_creds(self.template_creds, + username="lockout1simple", + userpass="thatsAcomplPASS0", + kerberos_state=DONT_USE_KERBEROS) + self.lockout1simple_ldb = self._readd_user(self.lockout1simple_creds, + simple=True) def delete_ldb_connections(self): del self.lockout1krb5_ldb del self.lockout1ntlm_ldb + del self.lockout1simple_ldb del self.ldb def tearDown(self): |