9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams<?xml version="1.0" encoding="UTF-8" standalone="no"?>
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! CDDL HEADER START
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! The contents of this file are subject to the terms of the
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! Common Development and Distribution License, Version 1.0 only
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! (the "License"). You may not use this file except in compliance
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! with the License.
3437829f938dbb44527d91fbbc5f430a1243c5a5JnRouvignac ! You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! or http://forgerock.org/license/CDDLv1.0.html.
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! See the License for the specific language governing permissions
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! and limitations under the License.
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! When distributing Covered Code, include this CDDL HEADER in each
3437829f938dbb44527d91fbbc5f430a1243c5a5JnRouvignac ! file and include the License file at legal-notices/CDDLv1_0.txt.
3437829f938dbb44527d91fbbc5f430a1243c5a5JnRouvignac ! If applicable, add the following below this CDDL HEADER, with the
3437829f938dbb44527d91fbbc5f430a1243c5a5JnRouvignac ! fields enclosed by brackets "[]" replaced with your own identifying
3437829f938dbb44527d91fbbc5f430a1243c5a5JnRouvignac ! information:
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! Portions Copyright [yyyy] [name of copyright owner]
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! CDDL HEADER END
2f3086195e9aedc219323bd688832bb3686bbbabcsovant ! Copyright 2011-2013 ForgeRock AS
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams <!-- Definition of Test Cases -->
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams <!--- Test Cases : Basic : PTA -->
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams <!--- Test Case information
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestMarker Basic: PTA connection-timeout
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestName Basic: PTA connection-timeout
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_001
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPreamble Setup PTA
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Configure LDAP PTA Policy using connection-timeout
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Read back the "authentication policy" object
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Search users entry as Directory Manager for operational attributes
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Search users entry as self
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Modify the users entry
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPostamble Cleanup PTA
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestResult Test is successful if the result code is 0
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams <!--- Test Case information
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestMarker Basic: PTA anon unmapped
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestName Basic: PTA anon unmapped
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_002
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams #@TestPurpose Verify user with a LDAP PTA unmapped policy can authenticated to remote server
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestPreamble Setup PTA
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Enable AD backend on local server
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Configure LDAP PTA Policy as unmapped
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Read back the "authentication policy" object
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Search users entry as Directory Manager for operational attributes
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Search users entry as self
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Modify the users entry
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Disable AD backend on local server
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestPostamble Cleanup PTA
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams #@TestResult Test is successful if the result code is 0
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams <testcase name="getTestCaseName('PTA anon unmapped')">
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'Test Name = %s' % STAXCurrentTestcase
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'stepMessage' : 'Enable AD backend on local server.' }
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds={}
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds['uid=jwallace, ou=People, dc=AD,dc=com'] = ['linear',ldapPtaPolicyName]
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--backend-name "AD"')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set enabled:true')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams dsconfigOptions=' '.join(options)
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'location' : local_ldap_server.getHostname(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsPath' : '%s/%s' \
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'subcommand' : 'set-backend-prop',
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'optionsString' : dsconfigOptions
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'stepMessage' : 'Configure LDAP PTA Policy as unmapped.' }
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set mapping-policy:unmapped')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--type ldap-pass-through')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsconfigAuthPolicy' : options
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds }
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams <!--- Test Case information
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestMarker Basic: PTA anon mapped-bind
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestName Basic: PTA anon mapped-bind
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_003
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams #@TestPurpose Verify user with a LDAP PTA mapped-bind policy can authenticated to remote server
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestPreamble Setup PTA
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Configure LDAP PTA Policy for mapped-bind
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Read back the "authentication policy" object
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Search users entry as Directory Manager for operational attributes
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Search users entry as self
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Modify the users entry
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestPostamble Cleanup PTA
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams #@TestResult Test is successful if the result code is 0
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams <testcase name="getTestCaseName('PTA anon mapped-bind')">
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'Test Name = %s' % STAXCurrentTestcase
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'stepMessage' : 'Configure LDAP PTA Policy for mapped-bind.' }
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds={}
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds['uid=jmcFarla, ou=People, o=example'] = ['walnut',ldapPtaPolicyName]
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams options.append('--set mapped-attribute:seealso')
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams options.append('--set mapping-policy:mapped-bind')
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams options.append('--type ldap-pass-through')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsconfigAuthPolicy' : options
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds }
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams <!--- Test Case information
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestMarker Basic: PTA anon mapped-search
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestName Basic: PTA anon mapped-search
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_004
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestPreamble Setup PTA
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Configure LDAP PTA Policy for mapped-search
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Read back the "authentication policy" object
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Search users entry as Directory Manager for operational attributes
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Search users entry as self
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Modify the users entry
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestPostamble Cleanup PTA
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams #@TestResult Test is successful if the result code is 0
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams <testcase name="getTestCaseName('PTA anon mapped-search')">
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'Test Name = %s' % STAXCurrentTestcase
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'stepMessage' : 'Configure LDAP PTA Policy for mapped-search.' }
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds={}
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set mapped-attribute:cn')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set mapped-search-base-dn:dc=AD,dc=com')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set mapping-policy:mapped-search')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--type ldap-pass-through')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsconfigAuthPolicy' : options
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds }
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams <!--- Test Case information
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestMarker Basic: PTA simple mapped-search
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestName Basic: PTA simple mapped-search
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_005
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestPreamble Setup PTA
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Configure LDAP PTA Policy using mapped-search-bind credentials
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Read back the "authentication policy" object
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Search users entry as Directory Manager for operational attributes
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Search users entry as self
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Modify the users entry
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestPostamble Cleanup PTA
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestResult Test is successful if the result code is 0
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams <testcase name="getTestCaseName('PTA simple mapped-search-bind')">
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'Test Name = %s' % STAXCurrentTestcase
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'stepMessage' : 'Configure LDAP PTA Policy using mapped-search-bind credentials.' }
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds={}
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams options.append('--set mapped-attribute:cn')
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams options.append('--set mapped-search-base-dn:dc=AD,dc=com')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set mapped-search-bind-dn:"cn=Directory Manager"')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set mapped-search-bind-password:secret12')
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams options.append('--set mapping-policy:mapped-search')
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams options.append('--type ldap-pass-through')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsconfigAuthPolicy' : options
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds }
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams <!--- Test Case information
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestMarker Basic: PTA mapped-search-bind-password-env-variable
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestName Basic: PTA mapped-search-bind-password-env-variable
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestID basic_pta_006
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestPreamble Setup PTA
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Configure LDAP PTA Policy using mapped-search-bind-password-environment-variable
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Read back the "authentication policy" object
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Search users entry as Directory Manager for operational attributes
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Search users entry as self
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Modify the users entry
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestPostamble Cleanup PTA
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestResult Test is successful if the result code is 0
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams <!--- Test Case information
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestMarker Basic: PTA mapped-search-bind-password-file
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestName Basic: PTA mapped-search-bind-password-file
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_007
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPreamble Setup PTA
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Configure LDAP PTA Policy using mapped-search-bind-password-file
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Read back the "authentication policy" object
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Search users entry as Directory Manager for operational attributes
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Search users entry as self
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Modify the users entry
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPostamble Cleanup PTA
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestResult Test is successful if the result code is 0
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams <testcase name="getTestCaseName('PTA mapped-search-bind-password-file')">
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'Test Name = %s' % STAXCurrentTestcase
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams { 'stepMessage' : 'Configure LDAP PTA Policy using mapped-search-bind-password-file.' }
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds={}
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams options.append('--set mapped-attribute:cn')
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams options.append('--set mapped-search-base-dn:dc=AD,dc=com')
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams options.append('--set mapped-search-bind-dn:"cn=Directory Manager"')
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams options.append('--set mapped-search-bind-password-file:%s' % remotePTAuserPswdFile)
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams options.append('--set mapping-policy:mapped-search')
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams options.append('--type ldap-pass-through')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsconfigAuthPolicy' : options
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds }
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams <!--- Test Case information
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestMarker Basic: PTA mapped-search-bind-password-property
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestName Basic: PTA mapped-search-bind-password-property
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_008
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPreamble Setup PTA
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Configure LDAP PTA Policy using mapped-search-bind-password-property
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Read back the "authentication policy" object
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Search users entry as Directory Manager for operational attributes
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Search users entry as self
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Modify the users entry
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPostamble Cleanup PTA
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestResult Test is successful if the result code is 0
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams <!--- Test Case information
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestMarker Basic: PTA anon mapped-search use-ssl
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestName Basic: PTA anon mapped-search use-ssl
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_009
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestPreamble Setup PTA
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Configure LDAP PTA Policy for mapped-search
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Read back the "authentication policy" object
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Search users entry as Directory Manager for operational attributes
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Search users entry as self
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Modify the users entry
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestPostamble Cleanup PTA
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestResult Test is successful if the result code is 0
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams <testcase name="getTestCaseName('PTA anon mapped-search use-ssl')">
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'Test Name = %s' % STAXCurrentTestcase
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'stepMessage' : 'Configure LDAP PTA Policy for anon mapped-search over ssl.' }
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds={}
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primarySslPort))
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set mapped-attribute:cn')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set mapped-search-base-dn:dc=AD,dc=com')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set mapping-policy:mapped-search')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondarySslPort))
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set trust-manager-provider:JKS')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set use-ssl:true')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--type ldap-pass-through')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsconfigAuthPolicy' : options
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds }
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams <!--- Test Case information
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestMarker Basic: PTA simple mapped-search use-ssl
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestName Basic: PTA simple mapped-search use-ssl
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_010
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestPreamble Setup PTA
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Configure LDAP PTA Policy for mapped-search
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Read back the "authentication policy" object
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Search users entry as Directory Manager for operational attributes
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Search users entry as self
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Modify the users entry
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestPostamble Cleanup PTA
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestResult Test is successful if the result code is 0
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams <testcase name="getTestCaseName('PTA simple mapped-search use-ssl')">
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'Test Name = %s' % STAXCurrentTestcase
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'stepMessage' : 'Configure LDAP PTA Policy for anon mapped-search over ssl.' }
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds={}
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primarySslPort))
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set mapped-attribute:cn')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set mapped-search-base-dn:dc=AD,dc=com')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set mapped-search-bind-dn:"cn=Directory Manager"')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set mapped-search-bind-password:secret12')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set mapping-policy:mapped-search')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondarySslPort))
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set trust-manager-provider:JKS')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set use-ssl:true')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--type ldap-pass-through')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsconfigAuthPolicy' : options
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds }
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams <!--- Test Case information
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestMarker Basic: PTA simple failover
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestName Basic: PTA simple failover
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestID basic_pta_011
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestPurpose Verify user with a LDAP PTA policy can failover to secondary server
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestPreamble Setup PTA
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Configure LDAP PTA Policy using mapped-search-bind credentials
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Read back the "authentication policy" object
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Add ds-pwp-password-policy-dn to users entries
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Search users entries as Directory Manager for ds-pwp-password-policy-dn
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep First search users entries as self
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Stop the primary remote ldap server
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Second search users entries as self.
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Modify the users entries
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Restart the primary remote ldap server
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Wait for monitor heartbeat to primary remote ldap server
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Third search users entries as self
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Stop the secondary remote ldap server.
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Fourth search users entries as self
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestPostamble Cleanup PTA
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestResult Test is successful if the result code is 0
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams <testcase name="getTestCaseName('PTA simple failover')">
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'Test Name = %s' % STAXCurrentTestcase
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'stepMessage' : 'Configure LDAP PTA Policy using mapped-search-bind credentials.' }
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds={}
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set mapped-attribute:cn')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set mapped-search-base-dn:dc=AD,dc=com')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set mapped-search-bind-dn:"cn=Directory Manager"')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set mapped-search-bind-password:secret12')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set mapping-policy:mapped-search')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--type ldap-pass-through')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsconfigAuthPolicy' : options
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams <!--- Test Case information
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestMarker Basic: PTA failover use-ssl
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestName Basic: PTA failover use-ssl
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_012
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestPurpose Verify user with a LDAP PTA policy can failover to secondary server
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestPreamble Setup PTA
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestStep Configure LDAP PTA Policy using mapped-search-bind credentials over ssl
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestStep Read back the "authentication policy" object
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Add ds-pwp-password-policy-dn to users entries
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Search users entries as Directory Manager for ds-pwp-password-policy-dn
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep First search users entries as self
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestStep Stop the primary remote ldap server
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Second search users entries as self.
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Modify the users entries
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestStep Restart the primary remote ldap server
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Wait for monitor heartbeat to primary remote ldap server
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Third search users entries as self
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Stop the secondary remote ldap server.
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Fourth search users entries as self
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestPostamble Cleanup PTA
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestResult Test is successful if the result code is 0
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams <testcase name="getTestCaseName('PTA simple failover use-ssl')">
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'Test Name = %s' % STAXCurrentTestcase
a294720561a592554e011c69ca40c292621e7790gary.williams { 'stepMessage' : 'Configure LDAP PTA Policy using mapped-search-bind credentials over ssl.' }
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds={}
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primarySslPort))
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set mapped-attribute:cn')
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set mapped-search-base-dn:dc=AD,dc=com')
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set mapped-search-bind-dn:"cn=Directory Manager"')
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set mapped-search-bind-password:secret12')
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set mapping-policy:mapped-search')
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondarySslPort))
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set trust-manager-provider:JKS')
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set use-ssl:true')
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--type ldap-pass-through')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsconfigAuthPolicy' : options
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds }
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds }
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams <!--- Test Case information
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestMarker Basic: PTA multiple auth policies
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestName Basic: PTA multiple auth policies
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestID basic_pta_013
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestPurpose Verify multiple LDAP PTA policies
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestPreamble Setup PTA
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Configure n LDAP PTA policies using mapped-search-bind credentials
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Read back each "authentication policy" object
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Add ds-pwp-password-policy-dn to users entries
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Search users entries as Directory Manager for ds-pwp-password-policy-dn
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Search users entries as self
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestStep Modify the users entries
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestPostamble Cleanup PTA
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams #@TestResult Test is successful if the result code is 0
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams <testcase name="getTestCaseName('PTA multiple auth policies')">
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'Test Name = %s' % STAXCurrentTestcase
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'stepMessage' : 'Configure LDAP PTA Policies using mapped-search-bind.' }
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds={}
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds['uid=jvedder, %s' % remotePTAuserSuffix] = ['befitting','LDAP PTA 0']
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds['uid=tmorris, %s' % remotePTAuserSuffix] = ['irrefutable','LDAP PTA 1']
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds['uid=ealexand, %s' % remotePTAuserSuffix] = ['galactose','LDAP PTA 2']
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds['uid=tjames, %s' % remotePTAuserSuffix] = ['turtle','LDAP PTA 3']
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds['uid=alangdon, %s' % remotePTAuserSuffix] = ['muzzle','LDAP PTA 4']
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds['uid=pchassin, %s' % remotePTAuserSuffix] = ['barbital','LDAP PTA 5']
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds['uid=aknutson, %s' % remotePTAuserSuffix] = ['maltose','LDAP PTA 6']
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds['uid=pworrell, %s' % remotePTAuserSuffix] = ['solicitous','LDAP PTA 7']
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds['uid=mtalbot, %s' % remotePTAuserSuffix] = ['currant','LDAP PTA 8']
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams userDNsAndPswds['uid=bwalker, %s' % remotePTAuserSuffix] = ['interruptible','LDAP PTA 9']
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set mapped-attribute:cn')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set mapped-search-base-dn:dc=AD,dc=com')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set mapped-search-bind-dn:"cn=Directory Manager"')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set mapped-search-bind-password:secret12')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set mapping-policy:mapped-search')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--type ldap-pass-through')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsconfigAuthPolicy' : options
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'userNamePswd' : userDNsAndPswds }
2286b88c71735f82949be014ebbca32b7eb19505gary.williams <!--- Test Case information
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestMarker Basic: PTA use cache
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestName Basic: PTA use cache
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestID basic_pta_014
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestPurpose Verify PTA cache mechanism used when use password cache enabled
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestPreamble Setup PTA
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestStep Configure LDAP PTA Policy use cache true and cached password storage scheme Clear
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestStep Read back the "authentication policy" object
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestStep Search users entry as Directory Manager for operational attributes
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestStep Search users entry as self
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestStep Modify the users entry
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestPostamble Cleanup PTA
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestResult Test is successful if the result code is 0
2286b88c71735f82949be014ebbca32b7eb19505gary.williams <testcase name="getTestCaseName('PTA use cache')">
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'Test Name = %s' % STAXCurrentTestcase
2286b88c71735f82949be014ebbca32b7eb19505gary.williams userDNsAndPswds={}
2286b88c71735f82949be014ebbca32b7eb19505gary.williams userDNsAndPswds['uid=jwallace, ou=People, dc=AD,dc=com'] = ['linear',ldapPtaPolicyName]
2286b88c71735f82949be014ebbca32b7eb19505gary.williams options.append('--backend-name "AD"')
2286b88c71735f82949be014ebbca32b7eb19505gary.williams options.append('--set enabled:true')
2286b88c71735f82949be014ebbca32b7eb19505gary.williams dsconfigOptions=' '.join(options)
2286b88c71735f82949be014ebbca32b7eb19505gary.williams { 'location' : local_ldap_server.getHostname(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsPath' : '%s/%s' \
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'subcommand' : 'set-backend-prop',
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'optionsString' : dsconfigOptions
2286b88c71735f82949be014ebbca32b7eb19505gary.williams { 'stepMessage' : 'Configure LDAP PTA Policy to use password caching.' }
2286b88c71735f82949be014ebbca32b7eb19505gary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
2286b88c71735f82949be014ebbca32b7eb19505gary.williams options.append('--set mapping-policy:unmapped')
2286b88c71735f82949be014ebbca32b7eb19505gary.williams options.append('--set cached-password-storage-scheme:Clear')
2286b88c71735f82949be014ebbca32b7eb19505gary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
2286b88c71735f82949be014ebbca32b7eb19505gary.williams options.append('--set use-password-caching:true')
2286b88c71735f82949be014ebbca32b7eb19505gary.williams options.append('--type ldap-pass-through')
2286b88c71735f82949be014ebbca32b7eb19505gary.williams { 'userNamePswd' : userDNsAndPswds ,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsconfigAuthPolicy' : options
2286b88c71735f82949be014ebbca32b7eb19505gary.williams { 'stepMessage' : 'Change password on remote servers.' }
2286b88c71735f82949be014ebbca32b7eb19505gary.williams in="_topologyServerList"
2286b88c71735f82949be014ebbca32b7eb19505gary.williams indexvar="whoami">
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'Server is local: do nothing'
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'remote-ldap-server %s:%s' \
2286b88c71735f82949be014ebbca32b7eb19505gary.williams indexvar="usernum">
2286b88c71735f82949be014ebbca32b7eb19505gary.williams ldapObject=[]
2286b88c71735f82949be014ebbca32b7eb19505gary.williams ldapObject.append('userPassword:secret12')
2286b88c71735f82949be014ebbca32b7eb19505gary.williams { 'location' : server.getHostname(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsPath' : '%s/%s' \
2286b88c71735f82949be014ebbca32b7eb19505gary.williams % (server.getDir(),OPENDSNAME),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstanceHost' : server.getHostname() ,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstancePort' : server.getPort(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstanceDn' : server.getRootDn(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstancePswd' : server.getRootPwd(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'DNToModify' : remotePTAuserName ,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'listAttributes' : ldapObject ,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'changetype' : 'replace'
2286b88c71735f82949be014ebbca32b7eb19505gary.williams { 'stepMessage' : 'User logs in with old password - should succeed.' }
2286b88c71735f82949be014ebbca32b7eb19505gary.williams indexvar="usernum">
2286b88c71735f82949be014ebbca32b7eb19505gary.williams { 'location' : local_ldap_server.getHostname(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsPath' : '%s/%s' \
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstanceDn' : remotePTAuserName,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstancePswd' : userNamePswd[remotePTAuserName][0] ,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsBaseDN' : remotePTAuserName ,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsFilter' : 'objectclass=*'
2286b88c71735f82949be014ebbca32b7eb19505gary.williams { 'stepMessage' : 'User logs in with new password - should succeed and password cache/date refreshed.' }
2286b88c71735f82949be014ebbca32b7eb19505gary.williams indexvar="usernum">
2286b88c71735f82949be014ebbca32b7eb19505gary.williams { 'location' : local_ldap_server.getHostname(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsPath' : '%s/%s' \
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstanceDn' : remotePTAuserName,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstancePswd' : 'secret12' ,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsBaseDN' : remotePTAuserName ,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsFilter' : 'objectclass=*',
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsAttributes' : '* +'
2286b88c71735f82949be014ebbca32b7eb19505gary.williams { 'stepMessage' : 'User logs in with old password - should fail.' }
2286b88c71735f82949be014ebbca32b7eb19505gary.williams indexvar="usernum">
2286b88c71735f82949be014ebbca32b7eb19505gary.williams { 'location' : local_ldap_server.getHostname(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsPath' : '%s/%s' \
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstanceDn' : remotePTAuserName,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstancePswd' : userNamePswd[remotePTAuserName][0] ,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsBaseDN' : remotePTAuserName ,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsFilter' : 'objectclass=*',
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsAttributes' : '* +',
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'expectedRC' : 49
2286b88c71735f82949be014ebbca32b7eb19505gary.williams { 'stepMessage' : 'Change back this users password.' }
2286b88c71735f82949be014ebbca32b7eb19505gary.williams in="_topologyServerList"
2286b88c71735f82949be014ebbca32b7eb19505gary.williams indexvar="whoami">
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'Server is local: do nothing'
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'remote-ldap-server %s:%s' \
2286b88c71735f82949be014ebbca32b7eb19505gary.williams indexvar="usernum">
2286b88c71735f82949be014ebbca32b7eb19505gary.williams ldapObject=[]
2286b88c71735f82949be014ebbca32b7eb19505gary.williams ldapObject.append('userPassword:%s' % userNamePswd[remotePTAuserName][0])
2286b88c71735f82949be014ebbca32b7eb19505gary.williams { 'location' : server.getHostname(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsPath' : '%s/%s' \
2286b88c71735f82949be014ebbca32b7eb19505gary.williams % (server.getDir(),OPENDSNAME),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstanceHost' : server.getHostname() ,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstancePort' : server.getPort(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstanceDn' : server.getRootDn(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstancePswd' : server.getRootPwd(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'DNToModify' : remotePTAuserName ,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'listAttributes' : ldapObject ,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'changetype' : 'replace'
2286b88c71735f82949be014ebbca32b7eb19505gary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
2286b88c71735f82949be014ebbca32b7eb19505gary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)
2286b88c71735f82949be014ebbca32b7eb19505gary.williams { 'userNamePswd' : userDNsAndPswds }
2286b88c71735f82949be014ebbca32b7eb19505gary.williams <!--- Test Case information
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestMarker Basic: PTA cached-password-ttl
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestName Basic: PTA cached-password-ttl
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestID basic_pta_015
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestPurpose Verify PTA cached password time to live when use cache password enabled
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestPreamble Setup PTA
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestStep Configure LDAP PTA Policy using connection-timeout
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestStep Read back the "authentication policy" object
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestStep Search users entry as Directory Manager for operational attributes
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestStep Search users entry as self
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestStep Modify the users entry
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestPostamble Cleanup PTA
2286b88c71735f82949be014ebbca32b7eb19505gary.williams #@TestResult Test is successful if the result code is 0
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams <testcase name="getTestCaseName('PTA cached password ttl')">
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'Test Name = %s' % STAXCurrentTestcase
2f3086195e9aedc219323bd688832bb3686bbbabcsovant <if expr="not is_windows_platform(STAF_REMOTE_HOSTNAME)">
2f3086195e9aedc219323bd688832bb3686bbbabcsovant <!-- Unix -->
2f3086195e9aedc219323bd688832bb3686bbbabcsovant <!-- Windows -->
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams userDNsAndPswds={}
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams userDNsAndPswds['uid=jwallace, ou=People, dc=AD,dc=com'] = ['linear',ldapPtaPolicyName]
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams options.append('--backend-name "AD"')
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams options.append('--set enabled:true')
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams dsconfigOptions=' '.join(options)
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams { 'location' : local_ldap_server.getHostname(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsPath' : '%s/%s' \
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'subcommand' : 'set-backend-prop',
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'optionsString' : dsconfigOptions
2f3086195e9aedc219323bd688832bb3686bbbabcsovant { 'stepMessage' : 'Configure LDAP PTA Policy to use password caching with short ttl (%ss).' % ttl }
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams options.append('--set mapping-policy:unmapped')
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams options.append('--set cached-password-storage-scheme:Clear')
2f3086195e9aedc219323bd688832bb3686bbbabcsovant options.append('--set cached-password-ttl:%ss' % ttl)
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams options.append('--set use-password-caching:true')
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams options.append('--type ldap-pass-through')
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams { 'userNamePswd' : userDNsAndPswds ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsconfigAuthPolicy' : options
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams { 'stepMessage' : 'Change password on remote servers.' }
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams in="_topologyServerList"
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams indexvar="whoami">
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'Server is local: do nothing'
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'remote-ldap-server %s:%s' \
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams indexvar="usernum">
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams ldapObject=[]
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams ldapObject.append('userPassword:secret12')
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams { 'location' : server.getHostname(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsPath' : '%s/%s' \
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams % (server.getDir(),OPENDSNAME),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstanceHost' : server.getHostname() ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstancePort' : server.getPort(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstanceDn' : server.getRootDn(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstancePswd' : server.getRootPwd(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'DNToModify' : remotePTAuserName ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'listAttributes' : ldapObject ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'changetype' : 'replace'
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams { 'stepMessage' : 'User logs in with old password - should succeed.' }
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams indexvar="usernum">
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams { 'location' : local_ldap_server.getHostname(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsPath' : '%s/%s' \
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstancePort' : local_ldap_server.getPort(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstanceDn' : remotePTAuserName,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstancePswd' : userNamePswd[remotePTAuserName][0] ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsBaseDN' : remotePTAuserName ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsFilter' : 'objectclass=*' ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsAttributes' : '* +'
2f3086195e9aedc219323bd688832bb3686bbbabcsovant { 'stepMessage' : 'Waiting %ss for password ttl to expire.' % ttl }
2f3086195e9aedc219323bd688832bb3686bbbabcsovant { 'sleepForMilliSeconds' : ttl*1000 }
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams { 'stepMessage' : 'User logs in with old password after ttl - should now fail.' }
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams indexvar="usernum">
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams { 'location' : local_ldap_server.getHostname(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsPath' : '%s/%s' \
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstancePort' : local_ldap_server.getPort(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstanceDn' : remotePTAuserName,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstancePswd' : userNamePswd[remotePTAuserName][0] ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsBaseDN' : remotePTAuserName ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsFilter' : 'objectclass=*' ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'expectedRC' : 49
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams { 'stepMessage' : 'User logs in with new password - should succeed and password cache/date refreshed.' }
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams indexvar="usernum">
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams { 'location' : local_ldap_server.getHostname(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsPath' : '%s/%s' \
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstancePort' : local_ldap_server.getPort(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstanceDn' : remotePTAuserName,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstancePswd' : 'secret12' ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsBaseDN' : remotePTAuserName ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsFilter' : 'objectclass=*',
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsAttributes' : '* +'
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams { 'stepMessage' : 'User logs in with old password - should fail.' }
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams indexvar="usernum">
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams { 'location' : local_ldap_server.getHostname(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsPath' : '%s/%s' \
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstancePort' : local_ldap_server.getPort(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstanceDn' : remotePTAuserName,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstancePswd' : userNamePswd[remotePTAuserName][0] ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsBaseDN' : remotePTAuserName ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsFilter' : 'objectclass=*',
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsAttributes' : '* +',
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'expectedRC' : 49
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams { 'stepMessage' : 'Change back this users password.' }
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams in="_topologyServerList"
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams indexvar="whoami">
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'Server is local: do nothing'
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'remote-ldap-server %s:%s' \
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams indexvar="usernum">
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams ldapObject=[]
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams ldapObject.append('userPassword:%s' % userNamePswd[remotePTAuserName][0])
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams { 'location' : server.getHostname(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsPath' : '%s/%s' \
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams % (server.getDir(),OPENDSNAME),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstanceHost' : server.getHostname() ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstancePort' : server.getPort(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstanceDn' : server.getRootDn(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'dsInstancePswd' : server.getRootPwd(),
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'DNToModify' : remotePTAuserName ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'listAttributes' : ldapObject ,
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams 'changetype' : 'replace'
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams { 'userNamePswd' : userDNsAndPswds }
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams <function-arg-def name="userNamePswd" type="required">
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams Dictionary of user names (dn) and passwords.
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams <function-arg-property name="type" value="Dictionary"/>
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams <function-arg-def name="dsconfigAuthPolicy" type="required">
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams Authentication policy in form of a dsconfig options
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams <function-arg-property name="type" value="List"/>
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams indexvar="usernum">
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams myldapPtaPolicyName = userNamePswd[remotePTAuserName][1]
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams myldapPtaPolicyDn = 'cn=%s,cn=Password Policies,cn=config' % myldapPtaPolicyName
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options += dsconfigAuthPolicy
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--policy-name "%s"' % myldapPtaPolicyName)
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams dsconfigOptions=' '.join(options)
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'location' : local_ldap_server.getHostname(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsPath' : '%s/%s' \
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'subcommand' : 'create-password-policy',
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'optionsString' : dsconfigOptions
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'stepMessage' : 'Read back the "authentication policy" object.' }
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams indexvar="usernum">
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams myldapPtaPolicyName = userNamePswd[remotePTAuserName][1]
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams myldapPtaPolicyDn = 'cn=%s,cn=Password Policies,cn=config' % myldapPtaPolicyName
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams options.append('--policy-name "%s"' % myldapPtaPolicyName)
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams dsconfigOptions=' '.join(options)
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'location' : local_ldap_server.getHostname(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsPath' : '%s/%s' \
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'subcommand' : 'get-password-policy-prop',
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'optionsString' : dsconfigOptions
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'stepMessage' : 'Add ds-pwp-password-policy-dn to users entries.' }
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams indexvar="usernum">
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams myldapPtaPolicyName = userNamePswd[remotePTAuserName][1]
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams myldapPtaPolicyDn = 'cn=%s,cn=Password Policies,cn=config' % myldapPtaPolicyName
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams ldapObject=[]
2286b88c71735f82949be014ebbca32b7eb19505gary.williams ldapObject.append('ds-pwp-password-policy-dn:%s' % myldapPtaPolicyDn)
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'location' : local_ldap_server.getHostname(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsPath' : '%s/%s' \
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'DNToModify' : remotePTAuserName ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'listAttributes' : ldapObject ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'changetype' : 'add'
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'stepMessage' : 'Search users entries as Directory Manager for ds-pwp-password-policy-dn.' }
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams indexvar="usernum">
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'location' : local_ldap_server.getHostname(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsPath' : '%s/%s' \
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsBaseDN' : remotePTAuserName ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsScope' : 'base' ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsFilter' : 'objectclass=*' ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsAttributes' : 'ds-pwp-password-policy-dn'
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'stepMessage' : 'First search users entries as self.' }
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams indexvar="usernum">
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'location' : local_ldap_server.getHostname(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsPath' : '%s/%s' \
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstanceDn' : remotePTAuserName,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstancePswd' : userNamePswd[remotePTAuserName][0] ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsBaseDN' : remotePTAuserName ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsScope' : 'base' ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsFilter' : 'objectclass=*'
2286b88c71735f82949be014ebbca32b7eb19505gary.williams { 'stepMessage' : 'Get all the users operational attributes.' }
2286b88c71735f82949be014ebbca32b7eb19505gary.williams indexvar="usernum">
2286b88c71735f82949be014ebbca32b7eb19505gary.williams { 'location' : local_ldap_server.getHostname(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsPath' : '%s/%s' \
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsBaseDN' : remotePTAuserName ,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsScope' : 'base' ,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsFilter' : 'objectclass=*' ,
2286b88c71735f82949be014ebbca32b7eb19505gary.williams 'dsAttributes' : '+'
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'stepMessage' : 'Modify the users entries.' }
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams ldapObject=[]
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams ldapObject.append('description:I am now a remote LDAP PTA user')
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams indexvar="usernum">
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams { 'location' : local_ldap_server.getHostname(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsPath' : '%s/%s' \
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstanceDn' : remotePTAuserName,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstancePswd' : userNamePswd[remotePTAuserName][0] ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'DNToModify' : remotePTAuserName ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'listAttributes' : ldapObject ,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'changetype' : 'replace'
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams <function-arg-def name="userNamePswd" type="required">
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams Dictionary of user names (dn) and passwords.
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams <function-arg-property name="type" value="Dictionary"/>
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'stepMessage' : 'Stop the primary remote ldap server.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams [[primary_remote_ldap_server]]
a294720561a592554e011c69ca40c292621e7790gary.williams { 'stepMessage' : 'Second search users entries as self.' }
a294720561a592554e011c69ca40c292621e7790gary.williams indexvar="usernum">
a294720561a592554e011c69ca40c292621e7790gary.williams { 'location' : local_ldap_server.getHostname(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsPath' : '%s/%s' \
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceDn' : remotePTAuserName,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstancePswd' : userNamePswd[remotePTAuserName][0] ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsBaseDN' : remotePTAuserName ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsFilter' : 'objectclass=*'
a294720561a592554e011c69ca40c292621e7790gary.williams { 'stepMessage' : 'Modify the users entries.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams ldapObject=[]
b5aced315c4a2248eecb1e846795d0f5408f170cgary.williams ldapObject.append('description:I am now a remote LDAP PTA user')
a294720561a592554e011c69ca40c292621e7790gary.williams indexvar="usernum">
a294720561a592554e011c69ca40c292621e7790gary.williams { 'location' : local_ldap_server.getHostname(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsPath' : '%s/%s' \
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceDn' : remotePTAuserName,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstancePswd' : userNamePswd[remotePTAuserName][0],
a294720561a592554e011c69ca40c292621e7790gary.williams 'DNToModify' : remotePTAuserName ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'listAttributes' : ldapObject ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'changetype' : 'replace'
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'stepMessage' : 'Restart the primary remote ldap server.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams [[primary_remote_ldap_server]]
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'stepMessage' : 'Wait for monitor heartbeat to primary remote ldap server.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'sleepForMilliSeconds' : '5000' }
a294720561a592554e011c69ca40c292621e7790gary.williams { 'stepMessage' : 'Third search users entries as self.' }
a294720561a592554e011c69ca40c292621e7790gary.williams indexvar="usernum">
a294720561a592554e011c69ca40c292621e7790gary.williams { 'location' : local_ldap_server.getHostname(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsPath' : '%s/%s' \
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceDn' : remotePTAuserName,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstancePswd' : userNamePswd[remotePTAuserName][0] ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsBaseDN' : remotePTAuserName ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsFilter' : 'objectclass=*'
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'stepMessage' : 'Stop the secondary remote ldap server.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams [[secondary_remote_ldap_server]]
a294720561a592554e011c69ca40c292621e7790gary.williams { 'stepMessage' : 'Fourth search users entries as self.' }
a294720561a592554e011c69ca40c292621e7790gary.williams indexvar="usernum">
a294720561a592554e011c69ca40c292621e7790gary.williams { 'location' : local_ldap_server.getHostname(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsPath' : '%s/%s' \
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceDn' : remotePTAuserName,
a5a5241c8973f830f357a4cfd6424c6d670dc3b2gary.williams 'dsInstancePswd' : userNamePswd[remotePTAuserName][0] ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsBaseDN' : remotePTAuserName ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsFilter' : 'objectclass=*'
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'stepMessage' : 'Start the secondary remote ldap server.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams [[secondary_remote_ldap_server]]