5541N/A<?
xml version="1.0" encoding="UTF-8" standalone="no"?>
5541N/A ! The contents of this file are subject to the terms of the 5541N/A ! Common Development and Distribution License, Version 1.0 only 5541N/A ! (the "License"). You may not use this file except in compliance 5541N/A ! You can obtain a copy of the license at 5541N/A ! See the License for the specific language governing permissions 5541N/A ! and limitations under the License. 5541N/A ! When distributing Covered Code, include this CDDL HEADER in each 5541N/A ! file and include the License file at 5541N/A ! add the following below this CDDL HEADER, with the fields enclosed 5541N/A ! by brackets "[]" replaced with your own identifying information: 5541N/A ! Portions Copyright [yyyy] [name of copyright owner] 5541N/A ! Copyright 2011 ForgeRock AS 5541N/A <!-- Definition of Test Cases --> 5541N/A <!--- Test Cases : Basic : PTA --> 5562N/A <!--- Test Case information 5562N/A #@TestMarker Basic: PTA connection-timeout 5562N/A #@TestName Basic: PTA connection-timeout 5562N/A #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server 5562N/A #@TestStep Configure LDAP PTA Policy using connection-timeout 5562N/A #@TestStep Read back the "authentication policy" object 5562N/A #@TestStep Add ds-pwp-password-policy-dn to users entry 5562N/A #@TestStep Search users entry as Directory Manager for operational attributes 5562N/A #@TestStep Search users entry as self 5562N/A #@TestStep Modify the users entry 5562N/A #@TestPostamble Cleanup PTA 5562N/A #@TestResult Test is successful if the result code is 0 5562N/A <
function name="basic_pta_001" scope="local">
5562N/A <
message>'Not implemented.'</
message>
5541N/A <!--- Test Case information 5548N/A #@TestMarker Basic: PTA anon unmapped 5548N/A #@TestName Basic: PTA anon unmapped 5541N/A #@TestPurpose Verify user with a LDAP PTA unmapped policy can authenticated to remote server 5548N/A #@TestStep Enable AD backend on local server 5548N/A #@TestStep Configure LDAP PTA Policy as unmapped 5546N/A #@TestStep Read back the "authentication policy" object 5546N/A #@TestStep Add ds-pwp-password-policy-dn to users entry 5546N/A #@TestStep Search users entry as Directory Manager for operational attributes 5546N/A #@TestStep Search users entry as self 5546N/A #@TestStep Modify the users entry 5548N/A #@TestStep Disable AD backend on local server 5546N/A #@TestPostamble Cleanup PTA 5541N/A #@TestResult Test is successful if the result code is 0 5562N/A <
function name="basic_pta_002" scope="local">
5548N/A <
testcase name="getTestCaseName('PTA anon unmapped')">
5546N/A <
call function="'testCase_Preamble'"/>
5546N/A 'Test Name = %s' % STAXCurrentTestcase
5546N/A <
call function="'testStep'">
5548N/A { 'stepMessage' : 'Enable AD backend on local server.' }
5571N/A userDNsAndPswds['uid=jwallace, ou=People, dc=AD,dc=com'] = ['linear',ldapPtaPolicyName]
5548N/A dsconfigOptions=' '.join(options)
5548N/A <
call function="'dsconfig'">
5548N/A 'subcommand' : 'set-backend-prop',
5548N/A 'optionsString' : dsconfigOptions
5548N/A <
call function="'testStep'">
5548N/A { 'stepMessage' : 'Configure LDAP PTA Policy as unmapped.' }
5571N/A <
call function="'pta_test_body1'">
5571N/A { 'userNamePswd' : userDNsAndPswds ,
5571N/A 'dsconfigAuthPolicy' : options
5548N/A <
catch exception="'STAXException'" typevar="eType" var="eInfo">
5548N/A <
message log="1" level="'fatal'">
5548N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5571N/A <
call function="'pta_postamble1'">
5571N/A { 'userNamePswd' : userDNsAndPswds }
5560N/A <
call function="'pta_postamble2'"/>
5560N/A <
call function="'testCase_Postamble'"/>
5548N/A <!--- Test Case information 5548N/A #@TestMarker Basic: PTA anon mapped-bind 5548N/A #@TestName Basic: PTA anon mapped-bind 5548N/A #@TestPurpose Verify user with a LDAP PTA mapped-bind policy can authenticated to remote server 5548N/A #@TestStep Configure LDAP PTA Policy for mapped-bind 5548N/A #@TestStep Read back the "authentication policy" object 5548N/A #@TestStep Add ds-pwp-password-policy-dn to users entry 5548N/A #@TestStep Search users entry as Directory Manager for operational attributes 5548N/A #@TestStep Search users entry as self 5548N/A #@TestStep Modify the users entry 5548N/A #@TestPostamble Cleanup PTA 5548N/A #@TestResult Test is successful if the result code is 0 5562N/A <
function name="basic_pta_003" scope="local">
5548N/A <
testcase name="getTestCaseName('PTA anon mapped-bind')">
5548N/A <
call function="'testCase_Preamble'"/>
5548N/A 'Test Name = %s' % STAXCurrentTestcase
5548N/A <
call function="'testStep'">
5571N/A { 'stepMessage' : 'Configure LDAP PTA Policy for mapped-bind.' }
5571N/A userDNsAndPswds['uid=jmcFarla, ou=People, o=example'] = ['walnut',ldapPtaPolicyName]
5571N/A <
call function="'pta_test_body1'">
5571N/A { 'userNamePswd' : userDNsAndPswds ,
5571N/A 'dsconfigAuthPolicy' : options
5546N/A <
catch exception="'STAXException'" typevar="eType" var="eInfo">
5546N/A <
message log="1" level="'fatal'">
5546N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5571N/A <
call function="'pta_postamble1'">
5571N/A { 'userNamePswd' : userDNsAndPswds }
5560N/A <
call function="'testCase_Postamble'"/>
5541N/A <!--- Test Case information 5548N/A #@TestMarker Basic: PTA anon mapped-search 5548N/A #@TestName Basic: PTA anon mapped-search 5541N/A #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server 5546N/A #@TestStep Configure LDAP PTA Policy for mapped-search 5546N/A #@TestStep Read back the "authentication policy" object 5546N/A #@TestStep Add ds-pwp-password-policy-dn to users entry 5546N/A #@TestStep Search users entry as Directory Manager for operational attributes 5546N/A #@TestStep Search users entry as self 5546N/A #@TestStep Modify the users entry 5546N/A #@TestPostamble Cleanup PTA 5541N/A #@TestResult Test is successful if the result code is 0 5562N/A <
function name="basic_pta_004" scope="local">
5548N/A <
testcase name="getTestCaseName('PTA anon mapped-search')">
5541N/A <
call function="'testCase_Preamble'"/>
5541N/A 'Test Name = %s' % STAXCurrentTestcase
5546N/A <
call function="'testStep'">
5548N/A { 'stepMessage' : 'Configure LDAP PTA Policy for mapped-search.' }
5571N/A userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]
5571N/A <
call function="'pta_test_body1'">
5571N/A { 'userNamePswd' : userDNsAndPswds ,
5571N/A 'dsconfigAuthPolicy' : options
5548N/A <
catch exception="'STAXException'" typevar="eType" var="eInfo">
5548N/A <
message log="1" level="'fatal'">
5548N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5571N/A <
call function="'pta_postamble1'">
5571N/A { 'userNamePswd' : userDNsAndPswds }
5560N/A <
call function="'testCase_Postamble'"/>
5548N/A <!--- Test Case information 5560N/A #@TestMarker Basic: PTA simple mapped-search 5560N/A #@TestName Basic: PTA simple mapped-search 5548N/A #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server 5548N/A #@TestStep Configure LDAP PTA Policy using mapped-search-bind credentials 5548N/A #@TestStep Read back the "authentication policy" object 5548N/A #@TestStep Add ds-pwp-password-policy-dn to users entry 5548N/A #@TestStep Search users entry as Directory Manager for operational attributes 5548N/A #@TestStep Search users entry as self 5548N/A #@TestStep Modify the users entry 5548N/A #@TestPostamble Cleanup PTA 5548N/A #@TestResult Test is successful if the result code is 0 5562N/A <
function name="basic_pta_005" scope="local">
5548N/A <
testcase name="getTestCaseName('PTA simple mapped-search-bind')">
5548N/A <
call function="'testCase_Preamble'"/>
5548N/A 'Test Name = %s' % STAXCurrentTestcase
5548N/A <
call function="'testStep'">
5548N/A { 'stepMessage' : 'Configure LDAP PTA Policy using mapped-search-bind credentials.' }
5571N/A userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]
5571N/A <
call function="'pta_test_body1'">
5571N/A { 'userNamePswd' : userDNsAndPswds ,
5571N/A 'dsconfigAuthPolicy' : options
5541N/A <
catch exception="'STAXException'" typevar="eType" var="eInfo">
5541N/A <
message log="1" level="'fatal'">
5541N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5571N/A <
call function="'pta_postamble1'">
5571N/A { 'userNamePswd' : userDNsAndPswds }
5560N/A <
call function="'testCase_Postamble'"/>
5551N/A <!--- Test Case information 5562N/A #@TestMarker Basic: PTA mapped-search-bind-password-env-variable 5562N/A #@TestName Basic: PTA mapped-search-bind-password-env-variable 5562N/A #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server 5562N/A #@TestStep Configure LDAP PTA Policy using mapped-search-bind-password-environment-variable 5562N/A #@TestStep Read back the "authentication policy" object 5562N/A #@TestStep Add ds-pwp-password-policy-dn to users entry 5562N/A #@TestStep Search users entry as Directory Manager for operational attributes 5562N/A #@TestStep Search users entry as self 5562N/A #@TestStep Modify the users entry 5562N/A #@TestPostamble Cleanup PTA 5562N/A #@TestResult Test is successful if the result code is 0 5562N/A <
function name="basic_pta_006" scope="local">
5562N/A <
message>'Not implemented.'</
message>
5562N/A <!--- Test Case information 5562N/A #@TestMarker Basic: PTA mapped-search-bind-password-file 5562N/A #@TestName Basic: PTA mapped-search-bind-password-file 5562N/A #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server 5562N/A #@TestStep Configure LDAP PTA Policy using mapped-search-bind-password-file 5562N/A #@TestStep Read back the "authentication policy" object 5562N/A #@TestStep Add ds-pwp-password-policy-dn to users entry 5562N/A #@TestStep Search users entry as Directory Manager for operational attributes 5562N/A #@TestStep Search users entry as self 5562N/A #@TestStep Modify the users entry 5562N/A #@TestPostamble Cleanup PTA 5562N/A #@TestResult Test is successful if the result code is 0 5562N/A <
function name="basic_pta_007" scope="local">
5562N/A <
testcase name="getTestCaseName('PTA mapped-search-bind-password-file')">
5562N/A <
call function="'testCase_Preamble'"/>
5562N/A 'Test Name = %s' % STAXCurrentTestcase
5562N/A <
call function="'testStep'">
5562N/A { 'stepMessage' : 'Configure LDAP PTA Policy using mapped-search-bind-password-file.' }
5571N/A userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]
5571N/A <
call function="'pta_test_body1'">
5571N/A { 'userNamePswd' : userDNsAndPswds ,
5571N/A 'dsconfigAuthPolicy' : options
5562N/A <
catch exception="'STAXException'" typevar="eType" var="eInfo">
5562N/A <
message log="1" level="'fatal'">
5562N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5571N/A <
call function="'pta_postamble1'">
5571N/A { 'userNamePswd' : userDNsAndPswds }
5562N/A <
call function="'testCase_Postamble'"/>
5562N/A <!--- Test Case information 5562N/A #@TestMarker Basic: PTA mapped-search-bind-password-property 5562N/A #@TestName Basic: PTA mapped-search-bind-password-property 5562N/A #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server 5562N/A #@TestStep Configure LDAP PTA Policy using mapped-search-bind-password-property 5562N/A #@TestStep Read back the "authentication policy" object 5562N/A #@TestStep Add ds-pwp-password-policy-dn to users entry 5562N/A #@TestStep Search users entry as Directory Manager for operational attributes 5562N/A #@TestStep Search users entry as self 5562N/A #@TestStep Modify the users entry 5562N/A #@TestPostamble Cleanup PTA 5562N/A #@TestResult Test is successful if the result code is 0 5562N/A <
function name="basic_pta_008" scope="local">
5562N/A <
message>'Not implemented.'</
message>
5562N/A <!--- Test Case information 5551N/A #@TestMarker Basic: PTA anon mapped-search use-ssl 5551N/A #@TestName Basic: PTA anon mapped-search use-ssl 5551N/A #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server 5551N/A #@TestStep Configure LDAP PTA Policy for mapped-search 5551N/A #@TestStep Read back the "authentication policy" object 5551N/A #@TestStep Add ds-pwp-password-policy-dn to users entry 5551N/A #@TestStep Search users entry as Directory Manager for operational attributes 5551N/A #@TestStep Search users entry as self 5551N/A #@TestStep Modify the users entry 5551N/A #@TestPostamble Cleanup PTA 5551N/A #@TestResult Test is successful if the result code is 0 5562N/A <
function name="basic_pta_009" scope="local">
5551N/A <
testcase name="getTestCaseName('PTA anon mapped-search use-ssl')">
5551N/A <
call function="'testCase_Preamble'"/>
5551N/A 'Test Name = %s' % STAXCurrentTestcase
5551N/A <
call function="'testStep'">
5551N/A { 'stepMessage' : 'Configure LDAP PTA Policy for anon mapped-search over ssl.' }
5571N/A userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]
5571N/A <
call function="'pta_test_body1'">
5571N/A { 'userNamePswd' : userDNsAndPswds ,
5571N/A 'dsconfigAuthPolicy' : options
5551N/A <
catch exception="'STAXException'" typevar="eType" var="eInfo">
5551N/A <
message log="1" level="'fatal'">
5551N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5571N/A <
call function="'pta_postamble1'">
5571N/A { 'userNamePswd' : userDNsAndPswds }
5560N/A <
call function="'testCase_Postamble'"/>
5551N/A <!--- Test Case information 5551N/A #@TestMarker Basic: PTA simple mapped-search use-ssl 5551N/A #@TestName Basic: PTA simple mapped-search use-ssl 5551N/A #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server 5551N/A #@TestStep Configure LDAP PTA Policy for mapped-search 5551N/A #@TestStep Read back the "authentication policy" object 5551N/A #@TestStep Add ds-pwp-password-policy-dn to users entry 5551N/A #@TestStep Search users entry as Directory Manager for operational attributes 5551N/A #@TestStep Search users entry as self 5551N/A #@TestStep Modify the users entry 5551N/A #@TestPostamble Cleanup PTA 5551N/A #@TestResult Test is successful if the result code is 0 5562N/A <
function name="basic_pta_010" scope="local">
5551N/A <
testcase name="getTestCaseName('PTA simple mapped-search use-ssl')">
5551N/A <
call function="'testCase_Preamble'"/>
5551N/A 'Test Name = %s' % STAXCurrentTestcase
5551N/A <
call function="'testStep'">
5551N/A { 'stepMessage' : 'Configure LDAP PTA Policy for anon mapped-search over ssl.' }
5571N/A userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]
5571N/A <
call function="'pta_test_body1'">
5571N/A { 'userNamePswd' : userDNsAndPswds ,
5571N/A 'dsconfigAuthPolicy' : options
5560N/A <
catch exception="'STAXException'" typevar="eType" var="eInfo">
5560N/A <
message log="1" level="'fatal'">
5560N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5571N/A <
call function="'pta_postamble1'">
5571N/A { 'userNamePswd' : userDNsAndPswds }
5560N/A <
call function="'testCase_Postamble'"/>
5560N/A <!--- Test Case information 5571N/A #@TestMarker Basic: PTA simple failover 5571N/A #@TestName Basic: PTA simple failover 5560N/A #@TestPurpose Verify user with a LDAP PTA policy can failover to secondary server 5560N/A #@TestStep Configure LDAP PTA Policy using mapped-search-bind credentials 5560N/A #@TestStep Read back the "authentication policy" object 5561N/A #@TestStep Add ds-pwp-password-policy-dn to users entries 5561N/A #@TestStep Search users entries as Directory Manager for ds-pwp-password-policy-dn 5561N/A #@TestStep First search users entries as self 5560N/A #@TestStep Stop the primary remote ldap server 5561N/A #@TestStep Second search users entries as self. 5561N/A #@TestStep Modify the users entries 5560N/A #@TestStep Restart the primary remote ldap server 5561N/A #@TestStep Wait for monitor heartbeat to primary remote ldap server 5561N/A #@TestStep Third search users entries as self 5561N/A #@TestStep Stop the secondary remote ldap server. 5561N/A #@TestStep Fourth search users entries as self 5560N/A #@TestPostamble Cleanup PTA 5560N/A #@TestResult Test is successful if the result code is 0 5562N/A <
function name="basic_pta_011" scope="local">
5562N/A <
testcase name="getTestCaseName('PTA simple failover')">
5560N/A <
call function="'testCase_Preamble'"/>
5560N/A 'Test Name = %s' % STAXCurrentTestcase
5551N/A <
call function="'testStep'">
5560N/A { 'stepMessage' : 'Configure LDAP PTA Policy using mapped-search-bind credentials.' }
5571N/A userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]
5571N/A <
call function="'pta_test_body1'">
5571N/A { 'userNamePswd' : userDNsAndPswds ,
5571N/A 'dsconfigAuthPolicy' : options
5571N/A <
call function="'pta_test_body2'">
5571N/A { 'userNamePswd' : userDNsAndPswds }
5551N/A <
catch exception="'STAXException'" typevar="eType" var="eInfo">
5551N/A <
message log="1" level="'fatal'">
5551N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5571N/A <
call function="'pta_postamble1'">
5571N/A { 'userNamePswd' : userDNsAndPswds }
5560N/A <
call function="'testCase_Postamble'"/>
5560N/A <!--- Test Case information 5560N/A #@TestMarker Basic: PTA failover use-ssl 5560N/A #@TestName Basic: PTA failover use-ssl 5560N/A #@TestPurpose Verify user with a LDAP PTA policy can failover to secondary server 5560N/A #@TestStep Configure LDAP PTA Policy using mapped-search-bind credentials over ssl 5560N/A #@TestStep Read back the "authentication policy" object 5561N/A #@TestStep Add ds-pwp-password-policy-dn to users entries 5561N/A #@TestStep Search users entries as Directory Manager for ds-pwp-password-policy-dn 5561N/A #@TestStep First search users entries as self 5560N/A #@TestStep Stop the primary remote ldap server 5561N/A #@TestStep Second search users entries as self. 5561N/A #@TestStep Modify the users entries 5560N/A #@TestStep Restart the primary remote ldap server 5561N/A #@TestStep Wait for monitor heartbeat to primary remote ldap server 5561N/A #@TestStep Third search users entries as self 5561N/A #@TestStep Stop the secondary remote ldap server. 5561N/A #@TestStep Fourth search users entries as self 5560N/A #@TestPostamble Cleanup PTA 5560N/A #@TestResult Test is successful if the result code is 0 5562N/A <
function name="basic_pta_012" scope="local">
5562N/A <
testcase name="getTestCaseName('PTA simple failover use-ssl')">
5560N/A <
call function="'testCase_Preamble'"/>
5560N/A 'Test Name = %s' % STAXCurrentTestcase
5560N/A <
call function="'testStep'">
5561N/A { 'stepMessage' : 'Configure LDAP PTA Policy using mapped-search-bind credentials over ssl.' }
5571N/A userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]
5571N/A <
call function="'pta_test_body1'">
5571N/A { 'userNamePswd' : userDNsAndPswds ,
5571N/A 'dsconfigAuthPolicy' : options
5571N/A <
call function="'pta_test_body2'">
5571N/A { 'userNamePswd' : userDNsAndPswds }
5571N/A <
catch exception="'STAXException'" typevar="eType" var="eInfo">
5571N/A <
message log="1" level="'fatal'">
5571N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5571N/A <
call function="'pta_postamble1'">
5571N/A { 'userNamePswd' : userDNsAndPswds }
5571N/A <
call function="'testCase_Postamble'"/>
5571N/A <!--- Test Case information 5571N/A #@TestMarker Basic: PTA multiple auth policies 5571N/A #@TestName Basic: PTA multiple auth policies 5571N/A #@TestPurpose Verify multiple LDAP PTA policies 5571N/A #@TestStep Configure n LDAP PTA policies using mapped-search-bind credentials 5571N/A #@TestStep Read back each "authentication policy" object 5571N/A #@TestStep Add ds-pwp-password-policy-dn to users entries 5571N/A #@TestStep Search users entries as Directory Manager for ds-pwp-password-policy-dn 5571N/A #@TestStep Search users entries as self 5571N/A #@TestStep Modify the users entries 5571N/A #@TestPostamble Cleanup PTA 5571N/A #@TestResult Test is successful if the result code is 0 5571N/A <
function name="basic_pta_013" scope="local">
5571N/A <
testcase name="getTestCaseName('PTA multiple auth policies')">
5571N/A <
call function="'testCase_Preamble'"/>
5571N/A 'Test Name = %s' % STAXCurrentTestcase
5571N/A <
call function="'testStep'">
5571N/A { 'stepMessage' : 'Configure LDAP PTA Policies using mapped-search-bind.' }
5571N/A userDNsAndPswds['uid=jvedder, %s' % remotePTAuserSuffix] = ['befitting','LDAP PTA 0']
5571N/A userDNsAndPswds['uid=tmorris, %s' % remotePTAuserSuffix] = ['irrefutable','LDAP PTA 1']
5571N/A userDNsAndPswds['uid=ealexand, %s' % remotePTAuserSuffix] = ['galactose','LDAP PTA 2']
5571N/A userDNsAndPswds['uid=tjames, %s' % remotePTAuserSuffix] = ['turtle','LDAP PTA 3']
5571N/A userDNsAndPswds['uid=alangdon, %s' % remotePTAuserSuffix] = ['muzzle','LDAP PTA 4']
5571N/A userDNsAndPswds['uid=pchassin, %s' % remotePTAuserSuffix] = ['barbital','LDAP PTA 5']
5571N/A userDNsAndPswds['uid=aknutson, %s' % remotePTAuserSuffix] = ['maltose','LDAP PTA 6']
5571N/A userDNsAndPswds['uid=pworrell, %s' % remotePTAuserSuffix] = ['solicitous','LDAP PTA 7']
5571N/A userDNsAndPswds['uid=mtalbot, %s' % remotePTAuserSuffix] = ['currant','LDAP PTA 8']
5571N/A userDNsAndPswds['uid=bwalker, %s' % remotePTAuserSuffix] = ['interruptible','LDAP PTA 9']
5571N/A <
call function="'pta_test_body1'">
5571N/A { 'userNamePswd' : userDNsAndPswds ,
5571N/A 'dsconfigAuthPolicy' : options
5571N/A <
catch exception="'STAXException'" typevar="eType" var="eInfo">
5571N/A <
message log="1" level="'fatal'">
5571N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5571N/A <
call function="'pta_postamble1'">
5571N/A { 'userNamePswd' : userDNsAndPswds }
5571N/A <
call function="'testCase_Postamble'"/>
5571N/A <
function name="pta_test_body1">
5571N/A <
function-
arg-
def name="userNamePswd" type="required">
5571N/A Dictionary of user names (dn) and passwords.
5571N/A </
function-
arg-
description>
5571N/A <
function-
arg-
property name="type" value="Dictionary"/>
5571N/A <
function-
arg-
def name="dsconfigAuthPolicy" type="required">
5571N/A Authentication policy in form of a dsconfig options
5571N/A </
function-
arg-
description>
5571N/A <
function-
arg-
property name="type" value="List"/>
5571N/A <
iterate var="remotePTAuserName" 5571N/A myldapPtaPolicyName = userNamePswd[remotePTAuserName][1]
5571N/A myldapPtaPolicyDn = 'cn=%s,cn=Password Policies,cn=config' % myldapPtaPolicyName
5571N/A options += dsconfigAuthPolicy
5571N/A dsconfigOptions=' '.join(options)
5571N/A <
call function="'dsconfig'">
5571N/A 'subcommand' : 'create-password-policy',
5571N/A 'optionsString' : dsconfigOptions
5571N/A <
call function="'testStep'">
5571N/A { 'stepMessage' : 'Read back the "authentication policy" object.' }
5571N/A <
iterate var="remotePTAuserName" 5571N/A myldapPtaPolicyName = userNamePswd[remotePTAuserName][1]
5571N/A myldapPtaPolicyDn = 'cn=%s,cn=Password Policies,cn=config' % myldapPtaPolicyName
5571N/A dsconfigOptions=' '.join(options)
5571N/A <
call function="'dsconfig'">
5571N/A 'subcommand' : 'get-password-policy-prop',
5571N/A 'optionsString' : dsconfigOptions
5571N/A <
call function="'testStep'">
5571N/A { 'stepMessage' : 'Add ds-pwp-password-policy-dn to users entries.' }
5571N/A <
iterate var="remotePTAuserName" 5571N/A myldapPtaPolicyName = userNamePswd[remotePTAuserName][1]
5571N/A myldapPtaPolicyDn = 'cn=%s,cn=Password Policies,cn=config' % myldapPtaPolicyName
5571N/A <
call function="'modifyAnAttribute'">
5571N/A 'DNToModify' : remotePTAuserName ,
5571N/A 'listAttributes' : ldapObject ,
5571N/A <
call function="'testStep'">
5571N/A { 'stepMessage' : 'Search users entries as Directory Manager for ds-pwp-password-policy-dn.' }
5571N/A <
iterate var="remotePTAuserName" 5571N/A <
call function="'ldapSearchWithScript'">
5571N/A 'dsBaseDN' : remotePTAuserName ,
5571N/A 'dsFilter' : 'objectclass=*' ,
5571N/A 'dsAttributes' : 'ds-pwp-password-policy-dn'
5571N/A <
call function="'testStep'">
5571N/A { 'stepMessage' : 'First search users entries as self.' }
5571N/A <
iterate var="remotePTAuserName" 5571N/A <
call function="'ldapSearchWithScript'">
5571N/A 'dsInstanceDn' : remotePTAuserName,
5571N/A 'dsInstancePswd' : userNamePswd[remotePTAuserName][0] ,
5571N/A 'dsBaseDN' : remotePTAuserName ,
5571N/A 'dsFilter' : 'objectclass=*'
5571N/A <
call function="'testStep'">
5571N/A { 'stepMessage' : 'Modify the users entries.' }
5571N/A <
iterate var="remotePTAuserName" 5571N/A <
call function="'modifyAnAttribute'">
5571N/A 'dsInstanceDn' : remotePTAuserName,
5571N/A 'dsInstancePswd' : userNamePswd[remotePTAuserName][0] ,
5571N/A 'DNToModify' : remotePTAuserName ,
5571N/A 'listAttributes' : ldapObject ,
5571N/A <
function name="pta_test_body2">
5571N/A <
function-
arg-
def name="userNamePswd" type="required">
5571N/A Dictionary of user names (dn) and passwords.
5571N/A </
function-
arg-
description>
5571N/A <
function-
arg-
property name="type" value="Dictionary"/>
5560N/A <
call function="'testStep'">
5560N/A { 'stepMessage' : 'Stop the primary remote ldap server.' }
5560N/A <
call function="'stopServers'">
5560N/A [[primary_remote_ldap_server]]
5560N/A <
call function="'testStep'">
5561N/A { 'stepMessage' : 'Second search users entries as self.' }
5561N/A <
iterate var="remotePTAuserName" 5561N/A <
call function="'ldapSearchWithScript'">
5561N/A 'dsInstanceDn' : remotePTAuserName,
5571N/A 'dsInstancePswd' : userNamePswd[remotePTAuserName][0] ,
5561N/A 'dsBaseDN' : remotePTAuserName ,
5561N/A 'dsFilter' : 'objectclass=*'
5560N/A <
call function="'testStep'">
5561N/A { 'stepMessage' : 'Modify the users entries.' }
5561N/A <
iterate var="remotePTAuserName" 5561N/A <
call function="'modifyAnAttribute'">
5561N/A 'dsInstanceDn' : remotePTAuserName,
5571N/A 'dsInstancePswd' : userNamePswd[remotePTAuserName][0],
5561N/A 'DNToModify' : remotePTAuserName ,
5561N/A 'listAttributes' : ldapObject ,
5560N/A <
call function="'testStep'">
5560N/A { 'stepMessage' : 'Restart the primary remote ldap server.' }
5560N/A <
call function="'startServers'">
5560N/A [[primary_remote_ldap_server]]
5560N/A <
call function="'testStep'">
5560N/A { 'stepMessage' : 'Wait for monitor heartbeat to primary remote ldap server.' }
5560N/A { 'sleepForMilliSeconds' : '5000' }
5560N/A <
call function="'testStep'">
5561N/A { 'stepMessage' : 'Third search users entries as self.' }
5561N/A <
iterate var="remotePTAuserName" 5561N/A <
call function="'ldapSearchWithScript'">
5561N/A 'dsInstanceDn' : remotePTAuserName,
5571N/A 'dsInstancePswd' : userNamePswd[remotePTAuserName][0] ,
5561N/A 'dsBaseDN' : remotePTAuserName ,
5561N/A 'dsFilter' : 'objectclass=*'
5560N/A <
call function="'testStep'">
5560N/A { 'stepMessage' : 'Stop the secondary remote ldap server.' }
5560N/A <
call function="'stopServers'">
5560N/A [[secondary_remote_ldap_server]]
5560N/A <
call function="'testStep'">
5561N/A { 'stepMessage' : 'Fourth search users entries as self.' }
5561N/A <
iterate var="remotePTAuserName" 5561N/A <
call function="'ldapSearchWithScript'">
5561N/A 'dsInstanceDn' : remotePTAuserName,
5571N/A 'dsInstancePswd' : userNamePswd[remotePTAuserName][0] ,
5561N/A 'dsBaseDN' : remotePTAuserName ,
5561N/A 'dsFilter' : 'objectclass=*'
5560N/A <
call function="'testStep'">
5560N/A { 'stepMessage' : 'Start the secondary remote ldap server.' }
5560N/A <
call function="'startServers'">
5560N/A [[secondary_remote_ldap_server]]