5785N/A<?xml version="1.0" encoding="UTF-8" standalone="no"?>
5785N/A<!DOCTYPE stax SYSTEM "/shared/stax.dtd">
5785N/A<!--
5785N/A ! CDDL HEADER START
5785N/A !
5785N/A ! The contents of this file are subject to the terms of the
5785N/A ! Common Development and Distribution License, Version 1.0 only
5785N/A ! (the "License"). You may not use this file except in compliance
5785N/A ! with the License.
5785N/A !
6982N/A ! You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
6982N/A ! or http://forgerock.org/license/CDDLv1.0.html.
5785N/A ! See the License for the specific language governing permissions
5785N/A ! and limitations under the License.
5785N/A !
5785N/A ! When distributing Covered Code, include this CDDL HEADER in each
6982N/A ! file and include the License file at legal-notices/CDDLv1_0.txt.
6982N/A ! If applicable, add the following below this CDDL HEADER, with the
6982N/A ! fields enclosed by brackets "[]" replaced with your own identifying
6982N/A ! information:
5785N/A ! Portions Copyright [yyyy] [name of copyright owner]
5785N/A !
5785N/A ! CDDL HEADER END
5785N/A !
5785N/A ! Copyright 2007-2008 Sun Microsystems, Inc.
5785N/A ! Portions Copyright 2012 ForgeRock AS
5785N/A ! -->
5785N/A<stax>
5785N/A
5785N/A <!--- Test Case information
5785N/A #@TestMarker Grace Login
5785N/A #@TestName Admin Changing Password Policy Settings
5785N/A #@TestIssue None
5785N/A #@TestPurpose Admin Changing Password Policy Settings
5785N/A #@TestPreamble None
5785N/A #@TestStep Set expire-passwords-without-warning true
5785N/A #@TestStep Set min-password-age 1s
5785N/A #@TestStep Set max-password-age 3s
5785N/A #@TestStep Set password-expiration-warning-interval 1s
5785N/A #@TestStep Set grace-login-count 3
5785N/A #@TestPostamble None
5785N/A #@TestResult Success if dsconfig returns 0
5785N/A -->
5785N/A <function name="pwp_grace_login_001" scope="local">
5785N/A <testcase name="getTestCaseName('PWP Set Password Policy Settings')">
5785N/A <sequence>
5785N/A <try>
5785N/A <sequence>
5785N/A
5785N/A <call function="'testCase_Preamble'"/>
5785N/A
5785N/A <message>
5785N/A 'Test Name = %s' % STAXCurrentTestcase
5785N/A </message>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Modifying password policy setting.' % msg }
5785N/A </call>
5785N/A
5785N/A <script>
5785N/A options=[]
5785N/A options.append('--policy-name "Default Password Policy"')
5785N/A options.append('--set "expire-passwords-without-warning:true"')
5785N/A options.append('--set "allow-expired-password-changes:true"')
5785N/A options.append('--set "min-password-age:1s"')
5785N/A options.append('--set "max-password-age:3s"')
5785N/A options.append('--set "password-expiration-warning-interval:1s"')
5785N/A options.append('--set "grace-login-count:%s"' % grace_login_count)
5785N/A dsconfigOptions=' '.join(options)
5785N/A </script>
5785N/A
5785N/A <call function="'dsconfig'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
5785N/A 'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
5785N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
5785N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
5785N/A 'subcommand' : 'set-password-policy-prop',
5785N/A 'optionsString' : dsconfigOptions
5785N/A }
5785N/A </call>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Get Default Password Policy.' % msg }
5785N/A </call>
5785N/A
5785N/A <script>
5785N/A options=[]
5785N/A options.append('--policy-name "Default Password Policy"')
5785N/A dsconfigOptions=' '.join(options)
5785N/A </script>
5785N/A
5785N/A <call function="'dsconfig'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
5785N/A 'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
5785N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
5785N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
5785N/A 'subcommand' : 'get-password-policy-prop',
5785N/A 'optionsString' : dsconfigOptions
5785N/A
5785N/A }
5785N/A </call>
5785N/A
5785N/A </sequence>
5785N/A
5785N/A <catch exception="'STAXException'" typevar="eType" var="eInfo">
5785N/A <message log="1" level="'fatal'">
5785N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5785N/A </message>
5785N/A </catch>
5785N/A <finally>
5785N/A <sequence>
5785N/A <call function="'testCase_Postamble'"/>
5785N/A </sequence>
5785N/A </finally>
5785N/A </try>
5785N/A </sequence>
5785N/A </testcase>
5785N/A </function>
5785N/A
5785N/A <!--- Test Case information
5785N/A #@TestMarker Grace Login
5785N/A #@TestName Min Password Age More than Max Password Age
5785N/A #@TestIssue None
5785N/A #@TestPurpose Verify that min-password-age is not more than max-password-age
5785N/A #@TestPreamble None
5785N/A #@TestStep Change Password Policy min password age beyond limit
5785N/A #@TestStep Set min-password-age 10s
5785N/A #@TestStep Set max-password-age 3s
5785N/A #@TestStep Set password-expiration-warning-interval 1s
5785N/A #@TestPostamble None
5785N/A #@TestResult Success if dsconfig returns 1
5785N/A -->
5785N/A <function name="pwp_grace_login_002" scope="local">
5785N/A <testcase name="getTestCaseName('PWP Min Password Age Greater than Max Password Age')">
5785N/A <sequence>
5785N/A <try>
5785N/A <sequence>
5785N/A
5785N/A <call function="'testCase_Preamble'"/>
5785N/A
5785N/A <message>
5785N/A 'Test Name = %s' % STAXCurrentTestcase
5785N/A </message>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Admin modifying password policy settings.' % msg }
5785N/A </call>
5785N/A
5785N/A <script>
5785N/A options=[]
5785N/A options.append('--policy-name "Default Password Policy"')
5785N/A options.append('--set "min-password-age:10s"')
5785N/A options.append('--set "max-password-age:3s"')
5785N/A options.append('--set "password-expiration-warning-interval:1s"')
5785N/A dsconfigOptions=' '.join(options)
5785N/A </script>
5785N/A
5785N/A <call function="'dsconfig'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
5785N/A 'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
5785N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
5785N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
5785N/A 'subcommand' : 'set-password-policy-prop',
5785N/A 'optionsString' : dsconfigOptions,
5785N/A 'expectedRC' : 1
5785N/A }
5785N/A </call>
5785N/A
5785N/A </sequence>
5785N/A
5785N/A <catch exception="'STAXException'" typevar="eType" var="eInfo">
5785N/A <message log="1" level="'fatal'">
5785N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5785N/A </message>
5785N/A </catch>
5785N/A <finally>
5785N/A <sequence>
5785N/A <call function="'testCase_Postamble'"/>
5785N/A </sequence>
5785N/A </finally>
5785N/A </try>
5785N/A </sequence>
5785N/A </testcase>
5785N/A </function>
5785N/A
5785N/A <!--- Test Case information
5785N/A #@TestMarker Grace Login
5785N/A #@TestName Min Password Age More than Expiration Warning Interval
5785N/A #@TestIssue None
5785N/A #@TestPurpose Verify that min-password-age is not more than password-expiration-warning-interval
5785N/A #@TestPreamble None
5785N/A #@TestStep Change Password Policy min password age to limit
5785N/A #@TestStep Set min-password-age 2s
5785N/A #@TestStep Set max-password-age 3s
5785N/A #@TestStep Set password-expiration-warning-interval 1s
5785N/A #@TestPostamble None
5785N/A #@TestResult Success if dsconfig returns 1
5785N/A -->
5785N/A <function name="pwp_grace_login_003" scope="local">
5785N/A <testcase name="getTestCaseName('PWP Min Password Age More than Expiration Warning Interval')">
5785N/A <sequence>
5785N/A <try>
5785N/A <sequence>
5785N/A
5785N/A <call function="'testCase_Preamble'"/>
5785N/A
5785N/A <message>
5785N/A 'Test Name = %s' % STAXCurrentTestcase
5785N/A </message>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Modifying password policy settings.' % msg }
5785N/A </call>
5785N/A
5785N/A <script>
5785N/A options=[]
5785N/A options.append('--policy-name "Default Password Policy"')
5785N/A options.append('--set "min-password-age:2s"')
5785N/A options.append('--set "max-password-age:3s"')
5785N/A options.append('--set "password-expiration-warning-interval:1s"')
5785N/A dsconfigOptions=' '.join(options)
5785N/A </script>
5785N/A
5785N/A <call function="'dsconfig'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
5785N/A 'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
5785N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
5785N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
5785N/A 'subcommand' : 'set-password-policy-prop',
5785N/A 'optionsString' : dsconfigOptions,
5785N/A 'expectedRC' : 1
5785N/A }
5785N/A </call>
5785N/A
5785N/A </sequence>
5785N/A
5785N/A <catch exception="'STAXException'" typevar="eType" var="eInfo">
5785N/A <message log="1" level="'fatal'">
5785N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5785N/A </message>
5785N/A </catch>
5785N/A <finally>
5785N/A <sequence>
5785N/A <call function="'testCase_Postamble'"/>
5785N/A </sequence>
5785N/A </finally>
5785N/A </try>
5785N/A </sequence>
5785N/A </testcase>
5785N/A </function>
5785N/A
5785N/A <!--- Test Case information
5785N/A #@TestMarker Grace Login
5785N/A #@TestName Password Expiration Warning Interval Too Big
5785N/A #@TestIssue None
5785N/A #@TestPurpose Verify that password-expiration-warning-interval can not be
5785N/A greater than max-password-age
5785N/A #@TestPreamble None
5785N/A #@TestStep Change Password Policy expire warning interval beyond limit
5785N/A #@TestStep Set min-password-age 1s
5785N/A #@TestStep Set max-password-age 3s
5785N/A #@TestStep Set password-expiration-warning-interval 10 s
5785N/A #@TestPostamble None
5785N/A #@TestResult Success if dsconfig returns 1
5785N/A -->
5785N/A <function name="pwp_grace_login_004" scope="local">
5785N/A <testcase name="getTestCaseName('PWP Password Expiration Warning Interval Too Big')">
5785N/A <sequence>
5785N/A <try>
5785N/A <sequence>
5785N/A
5785N/A <call function="'testCase_Preamble'"/>
5785N/A
5785N/A <message>
5785N/A 'Test Name = %s' % STAXCurrentTestcase
5785N/A </message>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Admin modifying password policy settings.' % msg }
5785N/A </call>
5785N/A
5785N/A <script>
5785N/A options=[]
5785N/A options.append('--policy-name "Default Password Policy"')
5785N/A options.append('--set "min-password-age:1s"')
5785N/A options.append('--set "max-password-age:3s"')
5785N/A options.append('--set "password-expiration-warning-interval:10s"')
5785N/A dsconfigOptions=' '.join(options)
5785N/A </script>
5785N/A
5785N/A <call function="'dsconfig'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
5785N/A 'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
5785N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
5785N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
5785N/A 'subcommand' : 'set-password-policy-prop',
5785N/A 'optionsString' : dsconfigOptions,
5785N/A 'expectedRC' : 1
5785N/A }
5785N/A </call>
5785N/A
5785N/A </sequence>
5785N/A
5785N/A <catch exception="'STAXException'" typevar="eType" var="eInfo">
5785N/A <message log="1" level="'fatal'">
5785N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5785N/A </message>
5785N/A </catch>
5785N/A <finally>
5785N/A <sequence>
5785N/A <call function="'testCase_Postamble'"/>
5785N/A </sequence>
5785N/A </finally>
5785N/A </try>
5785N/A </sequence>
5785N/A </testcase>
5785N/A </function>
5785N/A
5785N/A <!--- Test Case information
5785N/A #@TestMarker Grace Login
5785N/A #@TestName Grace Login Count Expired
5785N/A #@TestIssue None
5785N/A #@TestPurpose Grace Login Count Expired
5785N/A #@TestPreamble None
5785N/A #@TestStep Pause 2 seconds
5785N/A #@TestStep Verify grace login use times with manage-account
5785N/A #@TestStep Search Bind 1 SearchObject returns 19
5785N/A #@TestStep Verify remaining grace login with manage-account
5785N/A #@TestStep Verify grace login use times with manage-account
5785N/A #@TestStep Search Bind 2 SearchObject returns 19
5785N/A #@TestStep Verify remaining grace login with manage-account
5785N/A #@TestStep Search Bind 3 SearchObject returns 49
5785N/A #@TestStep Verify remaining grace login with manage-account
5785N/A #@TestStep Search Bind 4 SearchObject returns 49
5785N/A #@TestStep Verify remaining grace login with manage-account
5785N/A #@TestStep Verify manage-account get-all
5785N/A #@TestPostamble None
5785N/A #@TestResult Success if all the steps are PASS
5785N/A -->
5785N/A <function name="pwp_grace_login_005" scope="local">
5785N/A <testcase name="getTestCaseName('PWP Grace Login Count Expired')">
5785N/A <sequence>
5785N/A <try>
5785N/A <sequence>
5785N/A
5785N/A <call function="'testCase_Preamble'"/>
5785N/A
5785N/A <message>
5785N/A 'Test Name = %s' % STAXCurrentTestcase
5785N/A </message>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Get Default Password Policy.' % msg }
5785N/A </call>
5785N/A
5785N/A <script>
5785N/A options=[]
5785N/A options.append('--policy-name "Default Password Policy"')
5785N/A dsconfigOptions=' '.join(options)
5785N/A </script>
5785N/A
5785N/A <call function="'dsconfig'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
5785N/A 'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
5785N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
5785N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
5785N/A 'subcommand' : 'get-password-policy-prop',
5785N/A 'optionsString' : dsconfigOptions
5785N/A
5785N/A }
5785N/A </call>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Pause 2 seconds.' % msg }
5785N/A </call>
5785N/A
5785N/A <call function="'Sleep'">
5785N/A { 'sleepForMilliSeconds' : '2000' }
5785N/A </call>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Verify remaining grace login count with manage-account ' % msg }
5785N/A </call>
5785N/A
5785N/A <call function="'manageAccountWithScript'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5785N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
5785N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
5785N/A 'subcommand' : 'get-remaining-grace-login-count' ,
5785N/A 'targetDn' : 'uid=btalbot,%s' % basedn }
5785N/A </call>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Verify grace login use times with manage-account ' % msg }
5785N/A </call>
5785N/A
5785N/A <call function="'manageAccountWithScript'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5785N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
5785N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
5785N/A 'subcommand' : 'get-grace-login-use-times' ,
5785N/A 'targetDn' : 'uid=btalbot,%s' % basedn }
5785N/A </call>
5785N/A
5785N/A <script>
5785N/A returnString = STAXResult[0][1]
5785N/A </script>
5785N/A
5789N/A <call function="'searchString'">
5785N/A { 'returnString' : returnString ,
5785N/A 'expectedString' : 'Grace Login Use Times:' }
5785N/A </call>
5785N/A
5785N/A <!-- The password has expired, entering grace login period -->
5785N/A <script>
5785N/A remaining_grace_login_count = 2
5785N/A </script>
5785N/A <loop from="1" to="grace_login_count" var="loop">
5785N/A
5785N/A <sequence>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Search Bind %s' % (msg,loop) }
5785N/A </call>
5785N/A
5785N/A <call function="'SearchObject'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5785N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
5785N/A 'dsInstanceDn' : 'uid=btalbot,%s' % basedn ,
5785N/A 'dsInstancePswd' : 'trident',
5785N/A 'dsBaseDN' : 'dc=example,dc=com' ,
5785N/A 'dsFilter' : 'objectclass=*' ,
5785N/A 'extraParams' : '-s base' ,
5785N/A 'expectedRC' : 19 }
5785N/A </call>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Verify remaining grace login count.' % msg }
5785N/A </call>
5785N/A
5785N/A <call function="'manageAccountWithScript'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5785N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
5785N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
5785N/A 'subcommand' : 'get-remaining-grace-login-count' ,
5785N/A 'targetDn' : 'uid=btalbot,%s' % basedn }
5785N/A </call>
5785N/A
5785N/A <script>
5785N/A returnString = STAXResult[0][1]
5785N/A </script>
5785N/A
5789N/A <call function="'searchString'">
5785N/A { 'returnString' : returnString ,
5785N/A 'expectedString' : 'Remaining Grace Login Count: %s' % remaining_grace_login_count }
5785N/A </call>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Verify grace login use times.' % msg }
5785N/A </call>
5785N/A
5785N/A <call function="'manageAccountWithScript'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5785N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
5785N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
5785N/A 'subcommand' : 'get-grace-login-use-times' ,
5785N/A 'targetDn' : 'uid=btalbot,%s' % basedn }
5785N/A </call>
5785N/A
5785N/A <script>
5785N/A returnString = STAXResult[0][1]
5785N/A </script>
5785N/A
5785N/A <!-- TODO: WTF -->
5789N/A <call function="'searchString'">
5785N/A { 'returnString' : returnString ,
5785N/A 'expectedString' : 'Grace Login Use Times: 20' }
5785N/A </call>
5785N/A
5785N/A <script>
5785N/A remaining_grace_login_count -= 1
5785N/A </script>
5785N/A
5785N/A </sequence>
5785N/A </loop>
5785N/A
5785N/A
5785N/A <!-- The password has expired, no grace logins remaining -->
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Search Bind 4' % msg }
5785N/A </call>
5785N/A
5785N/A <call function="'SearchObject'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5785N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
5785N/A 'dsInstanceDn' : 'uid=btalbot,%s' % basedn ,
5785N/A 'dsInstancePswd' : 'trident',
5785N/A 'dsBaseDN' : 'dc=example,dc=com' ,
5785N/A 'dsFilter' : 'objectclass=*' ,
5785N/A 'extraParams' : '-s base' ,
5785N/A 'expectedRC' : 49 }
5785N/A </call>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Verify remaining grace login with manage-account' % msg }
5785N/A </call>
5785N/A
5785N/A <call function="'manageAccountWithScript'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5785N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
5785N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
5785N/A 'subcommand' : 'get-remaining-grace-login-count' ,
5785N/A 'targetDn' : 'uid=btalbot,%s' % basedn }
5785N/A </call>
5785N/A
5785N/A <script>
5785N/A returnString = STAXResult[0][1]
5785N/A </script>
5785N/A
5789N/A <call function="'searchString'">
5785N/A { 'returnString' : returnString ,
5785N/A 'expectedString' : 'Remaining Grace Login Count: 0' }
5785N/A </call>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Verify manage-account get-all' % msg }
5785N/A </call>
5785N/A
5785N/A <call function="'manageAccountWithScript'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5785N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN ,
5785N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD ,
5785N/A 'subcommand' : 'get-all' ,
5785N/A 'targetDn' : 'uid=btalbot,%s' % basedn }
5785N/A </call>
5785N/A
5785N/A <script>
5785N/A returnString = STAXResult[0][1]
5785N/A </script>
5785N/A
5789N/A <call function="'searchString'">
5785N/A { 'returnString' : returnString ,
5785N/A 'expectedString' : msg1 ,
5785N/A 'expectedString' : msg2 ,
5785N/A 'expectedString' : msg3 }
5785N/A </call>
5785N/A
5785N/A </sequence>
5785N/A
5785N/A <catch exception="'STAXException'" typevar="eType" var="eInfo">
5785N/A <message log="1" level="'fatal'">
5785N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5785N/A </message>
5785N/A </catch>
5785N/A <finally>
5785N/A <sequence>
5785N/A <call function="'testCase_Postamble'"/>
5785N/A </sequence>
5785N/A </finally>
5785N/A </try>
5785N/A </sequence>
5785N/A </testcase>
5785N/A </function>
5785N/A
5785N/A <!--- Test Case information
5785N/A #@TestMarker Grace Login
5785N/A #@TestName User Reset Password During Grace Login
5785N/A #@TestIssue None
5785N/A #@TestPurpose User Reset Password During Grace Login
5785N/A #@TestPreamble None
5785N/A #@TestStep Search Bind 1 SearchObject returns 19
5785N/A #@TestStep User resetting password
5785N/A #@TestStep Admin reset max password age set
5785N/A #@TestStep Set max-password-age to 24h
5785N/A #@TestStep Search Bind 2 SearchObject returns 0
5785N/A #@TestStep Search Bind 2 SearchObject returns 0
5785N/A #@TestPostamble None
5785N/A #@TestResult Success if the 5 steps are PASS
5785N/A -->
5785N/A <function name="pwp_grace_login_006" scope="local">
5785N/A <testcase name="getTestCaseName('PWP User Reset Password During Grace Login')">
5785N/A <sequence>
5785N/A <try>
5785N/A <sequence>
5785N/A
5785N/A <call function="'testCase_Preamble'"/>
5785N/A
5785N/A <message>
5785N/A 'Test Name = %s' % STAXCurrentTestcase
5785N/A </message>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Reset Password, Search Bind 1' % msg }
5785N/A </call>
5785N/A
5785N/A <call function="'SearchObject'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5785N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
5785N/A 'dsInstanceDn' : 'uid=kwinters,%s' % basedn ,
5785N/A 'dsInstancePswd' : 'forsook',
5785N/A 'dsBaseDN' : 'dc=example,dc=com' ,
5785N/A 'dsFilter' : 'objectclass=*' ,
5785N/A 'extraParams' : '-s base' ,
5785N/A 'expectedRC' : 19 }
5785N/A </call>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Reset Password, User resetting password' % msg }
5785N/A </call>
5785N/A
5785N/A <call function="'ldapPasswordModifyWithScript'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5785N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
5785N/A 'dsInstanceDn' : 'uid=kwinters,%s' % basedn ,
5785N/A 'dsInstancePswd' : 'forsook' ,
5785N/A 'dsAuthzID' : 'dn:uid=kwinters,%s' % basedn ,
5785N/A 'dsNewPassword' : 'newforsook' }
5785N/A </call>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Reset Password, Admin reset max password age' % msg }
5785N/A </call>
5785N/A
5785N/A <script>
5785N/A options=[]
5785N/A options.append('--policy-name "Default Password Policy"')
5785N/A options.append('--set "max-password-age:24h"')
5785N/A dsconfigOptions=' '.join(options)
5785N/A </script>
5785N/A
5785N/A <call function="'dsconfig'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
5785N/A 'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
5785N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
5785N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
5785N/A 'subcommand' : 'set-password-policy-prop',
5785N/A 'optionsString' : dsconfigOptions
5785N/A }
5785N/A </call>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Reset Password, Search Bind 2' % msg }
5785N/A </call>
5785N/A
5785N/A <call function="'SearchObject'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5785N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
5785N/A 'dsInstanceDn' : 'uid=kwinters,%s' % basedn ,
5785N/A 'dsInstancePswd' : 'newforsook',
5785N/A 'dsBaseDN' : 'dc=example,dc=com' ,
5785N/A 'dsFilter' : 'objectclass=*' ,
5785N/A 'extraParams' : '-s base' }
5785N/A </call>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Reset Password, Search Bind 3' % msg }
5785N/A </call>
5785N/A
5785N/A <call function="'SearchObject'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST ,
5785N/A 'dsInstancePort' : DIRECTORY_INSTANCE_PORT ,
5785N/A 'dsInstanceDn' : 'uid=kwinters,%s' % basedn ,
5785N/A 'dsInstancePswd' : 'newforsook',
5785N/A 'dsBaseDN' : 'dc=example,dc=com' ,
5785N/A 'dsFilter' : 'objectclass=*' ,
5785N/A 'extraParams' : '-s base' }
5785N/A </call>
5785N/A
5785N/A </sequence>
5785N/A
5785N/A <catch exception="'STAXException'" typevar="eType" var="eInfo">
5785N/A <message log="1" level="'fatal'">
5785N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5785N/A </message>
5785N/A </catch>
5785N/A <finally>
5785N/A <sequence>
5785N/A <call function="'testCase_Postamble'"/>
5785N/A </sequence>
5785N/A </finally>
5785N/A </try>
5785N/A </sequence>
5785N/A </testcase>
5785N/A </function>
5785N/A
5785N/A <!--- Test Case information
5785N/A #@TestMarker Grace Login
5785N/A #@TestName Admin Resetting Password Policy Settings
5785N/A #@TestIssue None
5785N/A #@TestPurpose Admin Resetting Password Policy Settings
5785N/A #@TestPreamble None
5785N/A #@TestStep Reset expire-passwords-without-warning to false
5785N/A #@TestStep Reset max-password-age 0s
5785N/A #@TestStep Reset min-password-age 0s
5785N/A #@TestStep Reset password-expiration-warning-interval 5d
5785N/A #@TestStep Reset grace-login-count 0
5785N/A #@TestPostamble None
5785N/A #@TestResult Success if dsconfig returns 0
5785N/A -->
5785N/A <function name="pwp_grace_login_007" scope="local">
5785N/A <testcase name="getTestCaseName('PWP Admin Reset Password Policy Settings')">
5785N/A <sequence>
5785N/A <try>
5785N/A <sequence>
5785N/A
5785N/A <call function="'testCase_Preamble'"/>
5785N/A
5785N/A <message>
5785N/A 'Test Name = %s' % STAXCurrentTestcase
5785N/A </message>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Admin resetting password policy settings.' % msg }
5785N/A </call>
5785N/A
5785N/A <script>
5785N/A options=[]
5785N/A options.append('--policy-name "Default Password Policy"')
5785N/A options.append('--reset expire-passwords-without-warning')
5785N/A options.append('--reset allow-expired-password-changes')
5785N/A options.append('--reset max-password-age')
5785N/A options.append('--reset min-password-age')
5785N/A options.append('--reset password-expiration-warning-interval')
5785N/A options.append('--reset grace-login-count')
5785N/A dsconfigOptions=' '.join(options)
5785N/A </script>
5785N/A
5785N/A <call function="'dsconfig'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
5785N/A 'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
5785N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
5785N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
5785N/A 'subcommand' : 'set-password-policy-prop',
5785N/A 'optionsString' : dsconfigOptions
5785N/A }
5785N/A </call>
5785N/A
5785N/A <call function="'testStep'">
5785N/A { 'stepMessage' : '%s Get Default Password Policy.' % msg }
5785N/A </call>
5785N/A
5785N/A <script>
5785N/A options=[]
5785N/A options.append('--policy-name "Default Password Policy"')
5785N/A dsconfigOptions=' '.join(options)
5785N/A </script>
5785N/A
5785N/A <call function="'dsconfig'">
5785N/A { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST,
5785N/A 'dsInstanceAdminPort' : DIRECTORY_INSTANCE_ADMIN_PORT,
5785N/A 'dsInstanceDn' : DIRECTORY_INSTANCE_DN,
5785N/A 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD,
5785N/A 'subcommand' : 'get-password-policy-prop',
5785N/A 'optionsString' : dsconfigOptions
5785N/A
5785N/A }
5785N/A </call>
5785N/A
5785N/A </sequence>
5785N/A
5785N/A <catch exception="'STAXException'" typevar="eType" var="eInfo">
5785N/A <message log="1" level="'fatal'">
5785N/A '%s: Test failed. eInfo(%s)' % (eType,eInfo)
5785N/A </message>
5785N/A </catch>
5785N/A <finally>
5785N/A <sequence>
5785N/A <call function="'testCase_Postamble'"/>
5785N/A </sequence>
5785N/A </finally>
5785N/A </try>
5785N/A </sequence>
5785N/A </testcase>
5785N/A </function>
5785N/A
5785N/A</stax>