From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 5 Feb 2016 07:37:53 +0000 (+0100)
Subject: s4:dsdb/tests: let password_lockout.py use _readd_user() for testuser3 too
X-Git-Tag: tdb-1.3.10~606
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=73fb24c2e4fdd167032771fb15dc09e20791385e;p=thirdparty%2Fsamba.git

s4:dsdb/tests: let password_lockout.py use _readd_user() for testuser3 too

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/source4/dsdb/tests/python/password_lockout.py b/source4/dsdb/tests/python/password_lockout.py
index 6941f828562..f76843844bf 100755
--- a/source4/dsdb/tests/python/password_lockout.py
+++ b/source4/dsdb/tests/python/password_lockout.py
@@ -502,107 +502,8 @@ lockoutThreshold: """ + str(lockoutThreshold) + """
         self.creds2 = insta_creds()
         self.ldb2 = self._readd_user(self.creds2)
 
-     # (Re)adds the test user "testuser3" with no password atm
-        delete_force(self.ldb, "cn=testuser3,cn=users," + self.base_dn)
-        self.ldb.add({
-             "dn": "cn=testuser3,cn=users," + self.base_dn,
-             "objectclass": "user",
-             "sAMAccountName": "testuser3"})
-
-        res = self._check_account("cn=testuser3,cn=users," + self.base_dn,
-                                  badPwdCount=0,
-                                  badPasswordTime=0,
-                                  lastLogon=0,
-                                  lastLogonTimestamp=('absent', None),
-                                  userAccountControl=
-                                    dsdb.UF_NORMAL_ACCOUNT |
-                                    dsdb.UF_ACCOUNTDISABLE |
-                                    dsdb.UF_PASSWD_NOTREQD,
-                                  msDSUserAccountControlComputed=
-                                    dsdb.UF_PASSWORD_EXPIRED)
-
-        # Tests a password change when we don't have any password yet with a
-        # wrong old password
-        try:
-            self.ldb.modify_ldif("""
-dn: cn=testuser3,cn=users,""" + self.base_dn + """
-changetype: modify
-delete: userPassword
-userPassword: noPassword
-add: userPassword
-userPassword: thatsAcomplPASS2
-""")
-            self.fail()
-        except LdbError, (num, msg):
-            self.assertEquals(num, ERR_CONSTRAINT_VIOLATION)
-            # Windows (2008 at least) seems to have some small bug here: it
-            # returns "0000056A" on longer (always wrong) previous passwords.
-            self.assertTrue('00000056' in msg, msg)
-
-        res = self._check_account("cn=testuser3,cn=users," + self.base_dn,
-                                  badPwdCount=1,
-                                  badPasswordTime=("greater", 0),
-                                  lastLogon=0,
-                                  lastLogonTimestamp=('absent', None),
-                                  userAccountControl=
-                                    dsdb.UF_NORMAL_ACCOUNT |
-                                    dsdb.UF_ACCOUNTDISABLE |
-                                    dsdb.UF_PASSWD_NOTREQD,
-                                  msDSUserAccountControlComputed=
-                                    dsdb.UF_PASSWORD_EXPIRED)
-        badPasswordTime3 = int(res[0]["badPasswordTime"][0])
-
-        # Sets the initial user password with a "special" password change
-        # I think that this internally is a password set operation and it can
-        # only be performed by someone which has password set privileges on the
-        # account (at least in s4 we do handle it like that).
-        self.ldb.modify_ldif("""
-dn: cn=testuser3,cn=users,""" + self.base_dn + """
-changetype: modify
-delete: userPassword
-add: userPassword
-userPassword: thatsAcomplPASS1
-""")
-
-        res = self._check_account("cn=testuser3,cn=users," + self.base_dn,
-                                  badPwdCount=1,
-                                  badPasswordTime=badPasswordTime3,
-                                  lastLogon=0,
-                                  lastLogonTimestamp=('absent', None),
-                                  userAccountControl=
-                                    dsdb.UF_NORMAL_ACCOUNT |
-                                    dsdb.UF_ACCOUNTDISABLE |
-                                    dsdb.UF_PASSWD_NOTREQD,
-                                  msDSUserAccountControlComputed=0)
-
-        # Enables the user account
-        self.ldb.enable_account("(sAMAccountName=testuser3)")
-
-        res = self._check_account("cn=testuser3,cn=users," + self.base_dn,
-                                  badPwdCount=1,
-                                  badPasswordTime=badPasswordTime3,
-                                  lastLogon=0,
-                                  lastLogonTimestamp=('absent', None),
-                                  userAccountControl=
-                                    dsdb.UF_NORMAL_ACCOUNT,
-                                  msDSUserAccountControlComputed=0)
-
-        # Open a second LDB connection with the user credentials. Use the
-        # command line credentials for informations like the domain, the realm
-        # and the workstation.
-        creds3 = insta_creds()
-        creds3.set_username("testuser3")
-        creds3.set_password("thatsAcomplPASS1")
-        self.ldb3 = SamDB(url=host_url, credentials=creds3, lp=lp)
-
-        res = self._check_account("cn=testuser3,cn=users," + self.base_dn,
-                                  badPwdCount=0,
-                                  badPasswordTime=badPasswordTime3,
-                                  lastLogon=('greater', badPasswordTime3),
-                                  lastLogonTimestamp=('greater', badPasswordTime3),
-                                  userAccountControl=
-                                    dsdb.UF_NORMAL_ACCOUNT,
-                                  msDSUserAccountControlComputed=0)
+        self.creds3 = insta_creds(username="testuser3", userpass="thatsAcomplPASS1")
+        self.ldb3 = self._readd_user(self.creds3)
 
     def _test_userPassword_lockout_with_clear_change(self, method):
         print "Performs a password cleartext change operation on 'userPassword'"