a )&iu@sddlZddlZddlZddlmZmZmZmZddlmZddl m Z ddl m Z ddl mZddlmZejddd ejd <d Zd ZGd d d eZedkrd Zd ZddlZedS)N)LdbErrorERR_OPERATIONS_ERROR SCOPE_BASE SCOPE_SUBTREE)security) ndr_unpack)SamDB) credentials) KDCBaseTestz bin/python1ZPYTHONUNBUFFEREDFc@s:eZdZdZddZddZddZdd d Zd d ZdS) LdapTestszgTest for LDAP authentication using Kerberos credentials stored in a credentials cache file. cCs |dS)N_run_ldap_testselfr|s||j\}}|t|| d |WYd}~dSd}~00|j dt!dgd} |dt| | d d}ttj|d }|r|tj"t#|ttj|d}|tj$t#|t|dkrttj|d}|tj%t#|n |||dS)NZldapF)Z account_typeZ use_cache)Zpacz(sAMAccountName=%s)Z objectSid)scopeZ expressionattrsrZsAMAccountName ldap://%sZurlr ZlpZ NT_STATUS_NO_IMPERSONATION_TOKEN tokenGroupsrr)& get_samdb host_dns_nameZget_cached_credsZ AccountTypeZUSERZ get_usernameZ get_dc_credsZcreate_ccache_with_userZ addCleanuposremovenamesearchr assertEquallenrrdom_sidZget_new_usernameldbZMessageZget_dnZMessageElementZFLAG_MOD_REPLACEZmodifyrget_lprZfailargsrZassertInrSID_NT_ANONYMOUSstrZSID_NT_NETWORKZSID_NT_THIS_ORGANISATION)rrrrrsamdb mach_nameZserviceZuser_credentialsZ user_nameZmach_credentialsZcredsZ cachefileldb_resZsidnew_namemsg ldb_as_usereenumZestrZ token_groups token_sidrrrr7sv       zLdapTests._run_ldap_testcCs|}|}t}|td|||d}|jdtdgd}| dt |t t j |ddd}| t jt|| t |ddddS)Nrrrr r!rr)r$r%r Z CredentialsZ set_anonymousrr.r)rr*r+rrr,r0r1)rr2r3Z anon_credsr7r4r:rrrtest_ldap_anonymouss zLdapTests.test_ldap_anonymousN)FTFF) __name__ __module__ __qualname____doc__rrrrr;rrrrr (s Wr __main__)sysr&r-rrrrZ samba.dcerpcrZ samba.ndrrZ samba.samdbrZsambar Zsamba.tests.krb5.kdc_base_testr pathinsertenvironZglobal_asn1_printZglobal_hexdumpr r<Zunittestmainrrrrs$      |