diff --git a/ldap/client_exported_test.go b/ldap/client_exported_test.go index 7c7983c..d795f52 100644 --- a/ldap/client_exported_test.go +++ b/ldap/client_exported_test.go @@ -458,6 +458,57 @@ func TestClient_Authenticate(t *testing.T) { opts: []ldap.Option{ldap.WithGroups()}, wantGroups: []string{groups[0].DN}, }, + { + name: "success-with-anon-bind-upn-domain-samaccountname", + username: "eve", + password: "password", + clientConfig: &ldap.ClientConfig{ + URLs: []string{fmt.Sprintf("ldaps://127.0.0.1:%d", td.Port())}, + Certificates: []string{td.Cert()}, + DiscoverDN: true, + UserDN: testdirectory.DefaultUserDN, + GroupDN: testdirectory.DefaultGroupDN, + UPNDomain: "example.com", + EnableSamaccountnameLogin: true, + }, + opts: []ldap.Option{ldap.WithGroups()}, + wantGroups: []string{groups[0].DN}, + }, + { + name: "success-with-anon-bind-upn-domain-empty-userdn-samaccountname", + username: "eve", + password: "password", + clientConfig: &ldap.ClientConfig{ + URLs: []string{fmt.Sprintf("ldaps://127.0.0.1:%d", td.Port())}, + Certificates: []string{td.Cert()}, + DiscoverDN: true, + UserDN: testdirectory.DefaultUserDN, + GroupDN: testdirectory.DefaultGroupDN, + UPNDomain: "example.com", + AnonymousGroupSearch: true, + AllowEmptyAnonymousGroupSearch: true, + EnableSamaccountnameLogin: true, + }, + opts: []ldap.Option{ldap.WithGroups()}, + wantGroups: []string{groups[0].DN}, + }, + { + name: "success-with-anon-bind-upn-domain-empty-userdn-opt-samaccountname", + username: "eve", + password: "password", + clientConfig: &ldap.ClientConfig{ + URLs: []string{fmt.Sprintf("ldaps://127.0.0.1:%d", td.Port())}, + Certificates: []string{td.Cert()}, + DiscoverDN: true, + UserDN: testdirectory.DefaultUserDN, + GroupDN: testdirectory.DefaultGroupDN, + UPNDomain: "example.com", + AnonymousGroupSearch: true, + EnableSamaccountnameLogin: true, + }, + opts: []ldap.Option{ldap.WithGroups(), ldap.WithEmptyAnonymousGroupSearch()}, + wantGroups: []string{groups[0].DN}, + }, } for _, tc := range tests { t.Run(tc.name, func(t *testing.T) {