pta_basic_tests.xml revision 0e6d5b77fb3f672a81665189cfc6a81e96ed756c
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams<?xml version="1.0" encoding="UTF-8" standalone="no"?>
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! CDDL HEADER START
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! The contents of this file are subject to the terms of the
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! Common Development and Distribution License, Version 1.0 only
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! (the "License"). You may not use this file except in compliance
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! with the License.
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! You can obtain a copy of the license at
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! trunk/opends/resource/legal-notices/CDDLv1_0.txt
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! or http://forgerock.org/license/CDDLv1.0.html.
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! See the License for the specific language governing permissions
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! and limitations under the License.
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! When distributing Covered Code, include this CDDL HEADER in each
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! file and include the License file at
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! trunk/opends/resource/legal-notices/CDDLv1_0.txt. If applicable,
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! add the following below this CDDL HEADER, with the fields enclosed
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! by brackets "[]" replaced with your own identifying information:
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! Portions Copyright [yyyy] [name of copyright owner]
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! CDDL HEADER END
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ! Copyright 2011 ForgeRock AS
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams <!-- Definition of Test Cases -->
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams <!--- Test Cases : Basic : PTA -->
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams <!--- Test Case information
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestMarker Basic: PTA connection-timeout
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestName Basic: PTA connection-timeout
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_001
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPreamble Setup PTA
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Configure LDAP PTA Policy using connection-timeout
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Read back the "authentication policy" object
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Search users entry as Directory Manager for operational attributes
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Search users entry as self
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Modify the users entry
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPostamble Cleanup PTA
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestResult Test is successful if the result code is 0
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams <!--- Test Case information
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestMarker Basic: PTA anon unmapped
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestName Basic: PTA anon unmapped
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_002
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams #@TestPurpose Verify user with a LDAP PTA unmapped policy can authenticated to remote server
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestPreamble Setup PTA
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Enable AD backend on local server
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Configure LDAP PTA Policy as unmapped
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Read back the "authentication policy" object
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Search users entry as Directory Manager for operational attributes
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Search users entry as self
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Modify the users entry
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Disable AD backend on local server
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestPostamble Cleanup PTA
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams #@TestResult Test is successful if the result code is 0
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams <testcase name="getTestCaseName('PTA anon unmapped')">
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'Test Name = %s' % STAXCurrentTestcase
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'stepMessage' : 'Enable AD backend on local server.' }
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--backend-name "AD"')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set enabled:true')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams dsconfigOptions=' '.join(options)
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'location' : local_ldap_server.getHostname(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsPath' : '%s/%s' \
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'subcommand' : 'set-backend-prop',
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'optionsString' : dsconfigOptions
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'stepMessage' : 'Configure LDAP PTA Policy as unmapped.' }
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set mapping-policy:unmapped')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--type ldap-pass-through')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--policy-name "%s"' % ldapPtaPolicyName)
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams dsconfigOptions=' '.join(options)
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'location' : local_ldap_server.getHostname(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsPath' : '%s/%s' \
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'subcommand' : 'create-password-policy',
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'optionsString' : dsconfigOptions
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'stepMessage' : 'Read back the "authentication policy" object.' }
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--policy-name "%s"' % ldapPtaPolicyName)
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams dsconfigOptions=' '.join(options)
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'location' : local_ldap_server.getHostname(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsPath' : '%s/%s' \
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'subcommand' : 'get-password-policy-prop',
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'optionsString' : dsconfigOptions
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'stepMessage' : 'Add ds-pwp-password-policy-dn to users entry.' }
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams remotePTAuserName='uid=jwallace, ou=People, dc=AD,dc=com'
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams remotePTAuserPSWD='linear'
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams ldapObject=[]
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams ldapObject.append('ds-pwp-password-policy-dn: %s' \
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams % ldapPtaPolicyDn)
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'location' : local_ldap_server.getHostname(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsPath' : '%s/%s' \
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'DNToModify' : remotePTAuserName ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'listAttributes' : ldapObject ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'changetype' : 'add'
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'stepMessage' : 'Search users entry as Directory Manager for operational attributes.' }
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'location' : local_ldap_server.getHostname(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsPath' : '%s/%s' \
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsBaseDN' : remotePTAuserName ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsFilter' : 'objectclass=*' ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsAttributes' : '+'
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'stepMessage' : 'Search users entry as self.' }
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'location' : local_ldap_server.getHostname(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsPath' : '%s/%s' \
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceDn' : remotePTAuserName,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePswd' : remotePTAuserPSWD ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsBaseDN' : remotePTAuserName ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsFilter' : 'objectclass=*'
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'stepMessage' : 'Modify the users entry.' }
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams ldapObject=[]
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams ldapObject.append('description: i am now a remote LDAP PTA user')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'location' : local_ldap_server.getHostname(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsPath' : '%s/%s' \
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceDn' : remotePTAuserName,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePswd' : remotePTAuserPSWD,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'DNToModify' : remotePTAuserName ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'listAttributes' : ldapObject ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'changetype' : 'replace'
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams <!--- Test Case information
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestMarker Basic: PTA anon mapped-bind
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestName Basic: PTA anon mapped-bind
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_003
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams #@TestPurpose Verify user with a LDAP PTA mapped-bind policy can authenticated to remote server
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestPreamble Setup PTA
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Configure LDAP PTA Policy for mapped-bind
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Read back the "authentication policy" object
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Search users entry as Directory Manager for operational attributes
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Search users entry as self
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Modify the users entry
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestPostamble Cleanup PTA
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams #@TestResult Test is successful if the result code is 0
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams <testcase name="getTestCaseName('PTA anon mapped-bind')">
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'Test Name = %s' % STAXCurrentTestcase
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'stepMessage' : 'onfigure LDAP PTA Policy for mapped-bind.' }
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams options.append('--set mapped-attribute:seealso')
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams options.append('--set mapping-policy:mapped-bind')
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams options.append('--type ldap-pass-through')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--policy-name "%s"' % ldapPtaPolicyName)
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams dsconfigOptions=' '.join(options)
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams { 'location' : local_ldap_server.getHostname(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsPath' : '%s/%s' \
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'subcommand' : 'create-password-policy',
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'optionsString' : dsconfigOptions
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams { 'stepMessage' : 'Read back the "authentication policy" object.' }
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--policy-name "%s"' % ldapPtaPolicyName)
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams dsconfigOptions=' '.join(options)
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams { 'location' : local_ldap_server.getHostname(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsPath' : '%s/%s' \
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'subcommand' : 'get-password-policy-prop',
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'optionsString' : dsconfigOptions
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams { 'stepMessage' : 'Add ds-pwp-password-policy-dn to users entry.' }
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams remotePTAuserName='uid=jmcFarla, ou=People, o=example'
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams remotePTAuserPSWD='walnut'
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams ldapObject=[]
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams ldapObject.append('ds-pwp-password-policy-dn: %s' \
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams % ldapPtaPolicyDn)
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams { 'location' : local_ldap_server.getHostname(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsPath' : '%s/%s' \
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'DNToModify' : remotePTAuserName ,
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'listAttributes' : ldapObject ,
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'changetype' : 'add'
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams { 'stepMessage' : 'Search users entry as Directory Manager for operational attributes.' }
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams { 'location' : local_ldap_server.getHostname(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsPath' : '%s/%s' \
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsBaseDN' : remotePTAuserName ,
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsFilter' : 'objectclass=*' ,
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsAttributes' : '+'
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams { 'stepMessage' : 'Search users entry as self.' }
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams { 'location' : local_ldap_server.getHostname(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsPath' : '%s/%s' \
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstanceDn' : remotePTAuserName,
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstancePswd' : remotePTAuserPSWD ,
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsBaseDN' : remotePTAuserName ,
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsFilter' : 'objectclass=*'
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams { 'stepMessage' : 'Modify the users entry.' }
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams ldapObject=[]
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams ldapObject.append('description: i am now a remote LDAP PTA user')
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams { 'location' : local_ldap_server.getHostname(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsPath' : '%s/%s' \
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstanceDn' : remotePTAuserName,
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'dsInstancePswd' : remotePTAuserPSWD,
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'DNToModify' : remotePTAuserName ,
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'listAttributes' : ldapObject ,
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'changetype' : 'replace'
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams <!--- Test Case information
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestMarker Basic: PTA anon mapped-search
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestName Basic: PTA anon mapped-search
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_004
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestPreamble Setup PTA
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Configure LDAP PTA Policy for mapped-search
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Read back the "authentication policy" object
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Search users entry as Directory Manager for operational attributes
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Search users entry as self
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestStep Modify the users entry
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams #@TestPostamble Cleanup PTA
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams #@TestResult Test is successful if the result code is 0
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams <testcase name="getTestCaseName('PTA anon mapped-search')">
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'Test Name = %s' % STAXCurrentTestcase
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'stepMessage' : 'Configure LDAP PTA Policy for mapped-search.' }
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set mapped-attribute:cn')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set mapped-search-base-dn:dc=AD,dc=com')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set mapping-policy:mapped-search')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--type ldap-pass-through')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--policy-name "%s"' % ldapPtaPolicyName)
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams dsconfigOptions=' '.join(options)
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'location' : local_ldap_server.getHostname(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsPath' : '%s/%s' \
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'subcommand' : 'create-password-policy',
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'optionsString' : dsconfigOptions
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'stepMessage' : 'Read back the "authentication policy" object.' }
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--policy-name "%s"' % ldapPtaPolicyName)
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams dsconfigOptions=' '.join(options)
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'location' : local_ldap_server.getHostname(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsPath' : '%s/%s' \
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'subcommand' : 'get-password-policy-prop',
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'optionsString' : dsconfigOptions
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'stepMessage' : 'Add ds-pwp-password-policy-dn to users entry.' }
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams remotePTAuserName='uid=jvedder, ou=People, o=example'
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams remotePTAuserPSWD='befitting'
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams ldapObject=[]
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams ldapObject.append('ds-pwp-password-policy-dn: %s' \
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams % ldapPtaPolicyDn)
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'location' : local_ldap_server.getHostname(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsPath' : '%s/%s' \
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'DNToModify' : remotePTAuserName ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'listAttributes' : ldapObject ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'changetype' : 'add'
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'stepMessage' : 'Search users entry as Directory Manager for operational attributes.' }
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'location' : local_ldap_server.getHostname(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsPath' : '%s/%s' \
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsBaseDN' : remotePTAuserName ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsFilter' : 'objectclass=*' ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsAttributes' : '+'
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'stepMessage' : 'Search users entry as self.' }
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'location' : local_ldap_server.getHostname(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsPath' : '%s/%s' \
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceDn' : remotePTAuserName,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePswd' : remotePTAuserPSWD ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsBaseDN' : remotePTAuserName ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsFilter' : 'objectclass=*'
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'stepMessage' : 'Modify the users entry.' }
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams ldapObject=[]
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams ldapObject.append('description: i am now a remote LDAP PTA user')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'location' : local_ldap_server.getHostname(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsPath' : '%s/%s' \
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstanceDn' : remotePTAuserName,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'dsInstancePswd' : remotePTAuserPSWD,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'DNToModify' : remotePTAuserName ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'listAttributes' : ldapObject ,
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams 'changetype' : 'replace'
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams <!--- Test Case information
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestMarker Basic: PTA simple mapped-search
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestName Basic: PTA simple mapped-search
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_005
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestPreamble Setup PTA
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Configure LDAP PTA Policy using mapped-search-bind credentials
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Read back the "authentication policy" object
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Search users entry as Directory Manager for operational attributes
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Search users entry as self
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestStep Modify the users entry
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestPostamble Cleanup PTA
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams #@TestResult Test is successful if the result code is 0
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams <testcase name="getTestCaseName('PTA simple mapped-search-bind')">
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'Test Name = %s' % STAXCurrentTestcase
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams { 'stepMessage' : 'Configure LDAP PTA Policy using mapped-search-bind credentials.' }
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams options.append('--set mapped-attribute:cn')
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams options.append('--set mapped-search-base-dn:dc=AD,dc=com')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set mapped-search-bind-dn:"cn=Directory Manager"')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--set mapped-search-bind-password:secret12')
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams options.append('--set mapping-policy:mapped-search')
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams options.append('--type ldap-pass-through')
d5ab1ee6a7f1c8159562af429b861ae32f6aa2d6gary.williams options.append('--policy-name "%s"' % ldapPtaPolicyName)
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams dsconfigOptions=' '.join(options)
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams { 'location' : local_ldap_server.getHostname(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsPath' : '%s/%s' \
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'subcommand' : 'create-password-policy',
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'optionsString' : dsconfigOptions
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams { 'stepMessage' : 'Read back the "authentication policy" object.' }
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams options.append('--policy-name "%s"' % ldapPtaPolicyName)
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams dsconfigOptions=' '.join(options)
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams { 'location' : local_ldap_server.getHostname(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsPath' : '%s/%s' \
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'subcommand' : 'get-password-policy-prop',
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'optionsString' : dsconfigOptions
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams { 'stepMessage' : 'Add ds-pwp-password-policy-dn to users entry.' }
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams remotePTAuserName='uid=jvedder, ou=People, o=example'
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams remotePTAuserPSWD='befitting'
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ldapObject=[]
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams ldapObject.append('ds-pwp-password-policy-dn: %s' \
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams % ldapPtaPolicyDn)
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams { 'location' : local_ldap_server.getHostname(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsPath' : '%s/%s' \
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'DNToModify' : remotePTAuserName ,
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'listAttributes' : ldapObject ,
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'changetype' : 'add'
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams { 'stepMessage' : 'Search users entry as Directory Manager for operational attributes.' }
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams { 'location' : local_ldap_server.getHostname(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsPath' : '%s/%s' \
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsBaseDN' : remotePTAuserName ,
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsFilter' : 'objectclass=*' ,
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsAttributes' : '+'
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams { 'stepMessage' : 'Search users entry as self.' }
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams { 'location' : local_ldap_server.getHostname(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsPath' : '%s/%s' \
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstanceDn' : remotePTAuserName,
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstancePswd' : remotePTAuserPSWD ,
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsBaseDN' : remotePTAuserName ,
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsFilter' : 'objectclass=*'
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams { 'stepMessage' : 'Modify the users entry.' }
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ldapObject=[]
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams ldapObject.append('description: i am now a remote LDAP PTA user')
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams { 'location' : local_ldap_server.getHostname(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsPath' : '%s/%s' \
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstanceDn' : remotePTAuserName,
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'dsInstancePswd' : remotePTAuserPSWD,
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'DNToModify' : remotePTAuserName ,
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams 'listAttributes' : ldapObject ,
01e09f486fb36ebba02ca7958e3069a251dd6ce9gary.williams 'changetype' : 'replace'
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
9e400e3d1871744e62389a6c84b841e6e6158d63gary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams <!--- Test Case information
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestMarker Basic: PTA mapped-search-bind-password-env-variable
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestName Basic: PTA mapped-search-bind-password-env-variable
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_006
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPreamble Setup PTA
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Configure LDAP PTA Policy using mapped-search-bind-password-environment-variable
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Read back the "authentication policy" object
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Search users entry as Directory Manager for operational attributes
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Search users entry as self
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Modify the users entry
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPostamble Cleanup PTA
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestResult Test is successful if the result code is 0
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams <!--- Test Case information
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestMarker Basic: PTA mapped-search-bind-password-file
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestName Basic: PTA mapped-search-bind-password-file
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_007
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPreamble Setup PTA
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Configure LDAP PTA Policy using mapped-search-bind-password-file
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Read back the "authentication policy" object
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Search users entry as Directory Manager for operational attributes
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Search users entry as self
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Modify the users entry
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPostamble Cleanup PTA
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestResult Test is successful if the result code is 0
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams <testcase name="getTestCaseName('PTA mapped-search-bind-password-file')">
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'Test Name = %s' % STAXCurrentTestcase
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams { 'stepMessage' : 'Configure LDAP PTA Policy using mapped-search-bind-password-file.' }
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams options.append('--set mapped-attribute:cn')
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams options.append('--set mapped-search-base-dn:dc=AD,dc=com')
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams options.append('--set mapped-search-bind-dn:"cn=Directory Manager"')
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams options.append('--set mapped-search-bind-password-file:%s' % remotePTAuserPswdFile)
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams options.append('--set mapping-policy:mapped-search')
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams options.append('--type ldap-pass-through')
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams options.append('--policy-name "%s"' % ldapPtaPolicyName)
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams dsconfigOptions=' '.join(options)
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams { 'location' : local_ldap_server.getHostname(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsPath' : '%s/%s' \
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'subcommand' : 'create-password-policy',
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'optionsString' : dsconfigOptions
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams { 'stepMessage' : 'Read back the "authentication policy" object.' }
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams options.append('--policy-name "%s"' % ldapPtaPolicyName)
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams dsconfigOptions=' '.join(options)
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams { 'location' : local_ldap_server.getHostname(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsPath' : '%s/%s' \
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'subcommand' : 'get-password-policy-prop',
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'optionsString' : dsconfigOptions
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams { 'stepMessage' : 'Add ds-pwp-password-policy-dn to users entry.' }
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams remotePTAuserName='uid=jvedder, ou=People, o=example'
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams remotePTAuserPSWD='befitting'
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams ldapObject=[]
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams ldapObject.append('ds-pwp-password-policy-dn: %s' \
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams % ldapPtaPolicyDn)
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams { 'location' : local_ldap_server.getHostname(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsPath' : '%s/%s' \
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstancePort' : local_ldap_server.getPort(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'DNToModify' : remotePTAuserName ,
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'listAttributes' : ldapObject ,
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'changetype' : 'add'
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams { 'stepMessage' : 'Search users entry as Directory Manager for operational attributes.' }
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams { 'location' : local_ldap_server.getHostname(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsPath' : '%s/%s' \
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstancePort' : local_ldap_server.getPort(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsBaseDN' : remotePTAuserName ,
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsFilter' : 'objectclass=*' ,
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsAttributes' : '+'
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams { 'stepMessage' : 'Search users entry as self.' }
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams { 'location' : local_ldap_server.getHostname(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsPath' : '%s/%s' \
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstancePort' : local_ldap_server.getPort(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstanceDn' : remotePTAuserName,
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstancePswd' : remotePTAuserPSWD ,
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsBaseDN' : remotePTAuserName ,
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsFilter' : 'objectclass=*'
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams { 'stepMessage' : 'Modify the users entry.' }
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams ldapObject=[]
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams ldapObject.append('description: i am now a remote LDAP PTA user')
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams { 'location' : local_ldap_server.getHostname(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsPath' : '%s/%s' \
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstancePort' : local_ldap_server.getPort(),
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstanceDn' : remotePTAuserName,
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'dsInstancePswd' : remotePTAuserPSWD,
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'DNToModify' : remotePTAuserName ,
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'listAttributes' : ldapObject ,
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams 'changetype' : 'replace'
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams <!--- Test Case information
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestMarker Basic: PTA mapped-search-bind-password-property
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestName Basic: PTA mapped-search-bind-password-property
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_008
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPreamble Setup PTA
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Configure LDAP PTA Policy using mapped-search-bind-password-property
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Read back the "authentication policy" object
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Search users entry as Directory Manager for operational attributes
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Search users entry as self
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestStep Modify the users entry
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestPostamble Cleanup PTA
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestResult Test is successful if the result code is 0
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams <!--- Test Case information
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestMarker Basic: PTA anon mapped-search use-ssl
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestName Basic: PTA anon mapped-search use-ssl
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_009
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestPreamble Setup PTA
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Configure LDAP PTA Policy for mapped-search
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Read back the "authentication policy" object
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Search users entry as Directory Manager for operational attributes
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Search users entry as self
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Modify the users entry
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestPostamble Cleanup PTA
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestResult Test is successful if the result code is 0
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams <testcase name="getTestCaseName('PTA anon mapped-search use-ssl')">
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'Test Name = %s' % STAXCurrentTestcase
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'stepMessage' : 'Configure LDAP PTA Policy for anon mapped-search over ssl.' }
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primarySslPort))
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set mapped-attribute:cn')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set mapped-search-base-dn:dc=AD,dc=com')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set mapping-policy:mapped-search')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondarySslPort))
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set trust-manager-provider:JKS')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set use-ssl:true')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--type ldap-pass-through')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--policy-name "%s"' % ldapPtaPolicyName)
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams dsconfigOptions=' '.join(options)
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'location' : local_ldap_server.getHostname(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsPath' : '%s/%s' \
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'subcommand' : 'create-password-policy',
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'optionsString' : dsconfigOptions
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'stepMessage' : 'Read back the "authentication policy" object.' }
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--policy-name "%s"' % ldapPtaPolicyName)
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams dsconfigOptions=' '.join(options)
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'location' : local_ldap_server.getHostname(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsPath' : '%s/%s' \
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'subcommand' : 'get-password-policy-prop',
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'optionsString' : dsconfigOptions
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'stepMessage' : 'Add ds-pwp-password-policy-dn to users entry.' }
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams remotePTAuserName='uid=jvedder, ou=People, o=example'
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams remotePTAuserPSWD='befitting'
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams ldapObject=[]
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams ldapObject.append('ds-pwp-password-policy-dn: %s' \
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams % ldapPtaPolicyDn)
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'location' : local_ldap_server.getHostname(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsPath' : '%s/%s' \
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'DNToModify' : remotePTAuserName ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'listAttributes' : ldapObject ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'changetype' : 'add'
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'stepMessage' : 'Search users entry as Directory Manager for operational attributes.' }
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'location' : local_ldap_server.getHostname(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsPath' : '%s/%s' \
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsBaseDN' : remotePTAuserName ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsFilter' : 'objectclass=*' ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsAttributes' : '+'
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'stepMessage' : 'Search users entry as self.' }
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'location' : local_ldap_server.getHostname(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsPath' : '%s/%s' \
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceDn' : remotePTAuserName,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePswd' : remotePTAuserPSWD ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsBaseDN' : remotePTAuserName ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsFilter' : 'objectclass=*'
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'stepMessage' : 'Modify the users entry.' }
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams ldapObject=[]
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams ldapObject.append('description: i am now a remote LDAP PTA user')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'location' : local_ldap_server.getHostname(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsPath' : '%s/%s' \
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceDn' : remotePTAuserName,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePswd' : remotePTAuserPSWD,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'DNToModify' : remotePTAuserName ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'listAttributes' : ldapObject ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'changetype' : 'replace'
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams <!--- Test Case information
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestMarker Basic: PTA simple mapped-search use-ssl
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestName Basic: PTA simple mapped-search use-ssl
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_010
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestPurpose Verify user with a LDAP PTA mapped-search policy can authenticated to remote server
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestPreamble Setup PTA
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Configure LDAP PTA Policy for mapped-search
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Read back the "authentication policy" object
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Add ds-pwp-password-policy-dn to users entry
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Search users entry as Directory Manager for operational attributes
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Search users entry as self
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestStep Modify the users entry
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestPostamble Cleanup PTA
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams #@TestResult Test is successful if the result code is 0
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams <testcase name="getTestCaseName('PTA simple mapped-search use-ssl')">
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'Test Name = %s' % STAXCurrentTestcase
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'stepMessage' : 'Configure LDAP PTA Policy for anon mapped-search over ssl.' }
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primarySslPort))
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set mapped-attribute:cn')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set mapped-search-base-dn:dc=AD,dc=com')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set mapped-search-bind-dn:"cn=Directory Manager"')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set mapped-search-bind-password:secret12')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set mapping-policy:mapped-search')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondarySslPort))
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set trust-manager-provider:JKS')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--set use-ssl:true')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--type ldap-pass-through')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--policy-name "%s"' % ldapPtaPolicyName)
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams dsconfigOptions=' '.join(options)
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'location' : local_ldap_server.getHostname(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsPath' : '%s/%s' \
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'subcommand' : 'create-password-policy',
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'optionsString' : dsconfigOptions
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'stepMessage' : 'Read back the "authentication policy" object.' }
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--policy-name "%s"' % ldapPtaPolicyName)
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams dsconfigOptions=' '.join(options)
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'location' : local_ldap_server.getHostname(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsPath' : '%s/%s' \
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'subcommand' : 'get-password-policy-prop',
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'optionsString' : dsconfigOptions
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'stepMessage' : 'Add ds-pwp-password-policy-dn to users entry.' }
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams remotePTAuserName='uid=jvedder, ou=People, o=example'
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams remotePTAuserPSWD='befitting'
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams ldapObject=[]
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams ldapObject.append('ds-pwp-password-policy-dn: %s' \
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams % ldapPtaPolicyDn)
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'location' : local_ldap_server.getHostname(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsPath' : '%s/%s' \
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'DNToModify' : remotePTAuserName ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'listAttributes' : ldapObject ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'changetype' : 'add'
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'stepMessage' : 'Search users entry as Directory Manager for operational attributes.' }
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'location' : local_ldap_server.getHostname(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsPath' : '%s/%s' \
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsBaseDN' : remotePTAuserName ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsFilter' : 'objectclass=*' ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsAttributes' : '+'
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'stepMessage' : 'Search users entry as self.' }
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'location' : local_ldap_server.getHostname(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsPath' : '%s/%s' \
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceDn' : remotePTAuserName,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePswd' : remotePTAuserPSWD ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsBaseDN' : remotePTAuserName ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsFilter' : 'objectclass=*'
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'stepMessage' : 'Modify the users entry.' }
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams ldapObject=[]
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams ldapObject.append('description: i am now a remote LDAP PTA user')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'location' : local_ldap_server.getHostname(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsPath' : '%s/%s' \
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceDn' : remotePTAuserName,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePswd' : remotePTAuserPSWD,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'DNToModify' : remotePTAuserName ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'listAttributes' : ldapObject ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'changetype' : 'replace'
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams <!--- Test Case information
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestMarker Basic: PTA failover
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestName Basic: PTA failover
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_011
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestPurpose Verify user with a LDAP PTA policy can failover to secondary server
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestPreamble Setup PTA
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestStep Configure LDAP PTA Policy using mapped-search-bind credentials
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestStep Read back the "authentication policy" object
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Add ds-pwp-password-policy-dn to users entries
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Search users entries as Directory Manager for ds-pwp-password-policy-dn
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep First search users entries as self
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestStep Stop the primary remote ldap server
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Second search users entries as self.
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Modify the users entries
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestStep Restart the primary remote ldap server
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Wait for monitor heartbeat to primary remote ldap server
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Third search users entries as self
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Stop the secondary remote ldap server.
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Fourth search users entries as self
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestPostamble Cleanup PTA
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestResult Test is successful if the result code is 0
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams <testcase name="getTestCaseName('PTA simple failover')">
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'Test Name = %s' % STAXCurrentTestcase
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'stepMessage' : 'Configure LDAP PTA Policy using mapped-search-bind credentials.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set mapped-attribute:cn')
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set mapped-search-base-dn:dc=AD,dc=com')
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set mapped-search-bind-dn:"cn=Directory Manager"')
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set mapped-search-bind-password:secret12')
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set mapping-policy:mapped-search')
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--type ldap-pass-through')
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--policy-name "%s"' % ldapPtaPolicyName)
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams dsconfigOptions=' '.join(options)
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'location' : local_ldap_server.getHostname(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsPath' : '%s/%s' \
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'subcommand' : 'create-password-policy',
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'optionsString' : dsconfigOptions
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'stepMessage' : 'Read back the "authentication policy" object.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--policy-name "%s"' % ldapPtaPolicyName)
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams dsconfigOptions=' '.join(options)
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'location' : local_ldap_server.getHostname(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsPath' : '%s/%s' \
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'subcommand' : 'get-password-policy-prop',
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'optionsString' : dsconfigOptions
a294720561a592554e011c69ca40c292621e7790gary.williams { 'stepMessage' : 'Add ds-pwp-password-policy-dn to users entries.' }
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'location' : local_ldap_server.getHostname(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsPath' : '%s/%s' \
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsBaseDN' : 'cn=PTA Remote Users,ou=groups,o=example' ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsScope' : 'base' ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsFilter' : 'objectclass=*' ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsAttributes' : 'uniquemember'
a294720561a592554e011c69ca40c292621e7790gary.williams 'Result= %s' % STAXResult
a294720561a592554e011c69ca40c292621e7790gary.williams ldapObject=[]
a294720561a592554e011c69ca40c292621e7790gary.williams ldapObject.append('ds-pwp-password-policy-dn: %s' \
a294720561a592554e011c69ca40c292621e7790gary.williams % ldapPtaPolicyDn)
a294720561a592554e011c69ca40c292621e7790gary.williams indexvar="usernum">
a294720561a592554e011c69ca40c292621e7790gary.williams { 'location' : local_ldap_server.getHostname(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsPath' : '%s/%s' \
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'DNToModify' : remotePTAuserName ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'listAttributes' : ldapObject ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'changetype' : 'add'
a294720561a592554e011c69ca40c292621e7790gary.williams { 'stepMessage' : 'Search users entries as Directory Manager for ds-pwp-password-policy-dn.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'location' : local_ldap_server.getHostname(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsPath' : '%s/%s' \
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstancePort' : local_ldap_server.getPort(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsBaseDN' : remotePTAuserSuffix ,
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsFilter' : 'objectclass=*' ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsAttributes' : 'ds-pwp-password-policy-dn'
a294720561a592554e011c69ca40c292621e7790gary.williams { 'stepMessage' : 'First search users entries as self.' }
a294720561a592554e011c69ca40c292621e7790gary.williams indexvar="usernum">
a294720561a592554e011c69ca40c292621e7790gary.williams { 'location' : local_ldap_server.getHostname(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsPath' : '%s/%s' \
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceDn' : remotePTAuserName,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePswd' : remotePTAuserDict[remotePTAuserName] ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsBaseDN' : remotePTAuserName ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsFilter' : 'objectclass=*'
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'stepMessage' : 'Stop the primary remote ldap server.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams [[primary_remote_ldap_server]]
a294720561a592554e011c69ca40c292621e7790gary.williams { 'stepMessage' : 'Second search users entries as self.' }
a294720561a592554e011c69ca40c292621e7790gary.williams indexvar="usernum">
a294720561a592554e011c69ca40c292621e7790gary.williams { 'location' : local_ldap_server.getHostname(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsPath' : '%s/%s' \
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceDn' : remotePTAuserName,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePswd' : remotePTAuserDict[remotePTAuserName] ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsBaseDN' : remotePTAuserName ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsFilter' : 'objectclass=*'
a294720561a592554e011c69ca40c292621e7790gary.williams { 'stepMessage' : 'Modify the users entries.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams ldapObject=[]
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams ldapObject.append('description: i am now a remote LDAP PTA user')
a294720561a592554e011c69ca40c292621e7790gary.williams indexvar="usernum">
a294720561a592554e011c69ca40c292621e7790gary.williams { 'location' : local_ldap_server.getHostname(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsPath' : '%s/%s' \
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceDn' : remotePTAuserName,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePswd' : remotePTAuserDict[remotePTAuserName],
a294720561a592554e011c69ca40c292621e7790gary.williams 'DNToModify' : remotePTAuserName ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'listAttributes' : ldapObject ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'changetype' : 'replace'
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'stepMessage' : 'Restart the primary remote ldap server.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams [[primary_remote_ldap_server]]
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'stepMessage' : 'Wait for monitor heartbeat to primary remote ldap server.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'sleepForMilliSeconds' : '5000' }
a294720561a592554e011c69ca40c292621e7790gary.williams { 'stepMessage' : 'Third search users entries as self.' }
a294720561a592554e011c69ca40c292621e7790gary.williams indexvar="usernum">
a294720561a592554e011c69ca40c292621e7790gary.williams { 'location' : local_ldap_server.getHostname(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsPath' : '%s/%s' \
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceDn' : remotePTAuserName,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePswd' : remotePTAuserDict[remotePTAuserName] ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsBaseDN' : remotePTAuserName ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsFilter' : 'objectclass=*'
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'stepMessage' : 'Stop the secondary remote ldap server.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams [[secondary_remote_ldap_server]]
a294720561a592554e011c69ca40c292621e7790gary.williams { 'stepMessage' : 'Fourth search users entries as self.' }
a294720561a592554e011c69ca40c292621e7790gary.williams indexvar="usernum">
a294720561a592554e011c69ca40c292621e7790gary.williams { 'location' : local_ldap_server.getHostname(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsPath' : '%s/%s' \
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceDn' : remotePTAuserName,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePswd' : remotePTAuserDict[remotePTAuserName] ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsBaseDN' : remotePTAuserName ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsFilter' : 'objectclass=*'
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'stepMessage' : 'Start the secondary remote ldap server.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams [[secondary_remote_ldap_server]]
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams <!--- Test Case information
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestMarker Basic: PTA failover use-ssl
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestName Basic: PTA failover use-ssl
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams #@TestID basic_pta_012
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestPurpose Verify user with a LDAP PTA policy can failover to secondary server
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestPreamble Setup PTA
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestStep Configure LDAP PTA Policy using mapped-search-bind credentials over ssl
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestStep Read back the "authentication policy" object
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Add ds-pwp-password-policy-dn to users entries
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Search users entries as Directory Manager for ds-pwp-password-policy-dn
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep First search users entries as self
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestStep Stop the primary remote ldap server
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Second search users entries as self.
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Modify the users entries
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestStep Restart the primary remote ldap server
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Wait for monitor heartbeat to primary remote ldap server
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Third search users entries as self
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Stop the secondary remote ldap server.
a294720561a592554e011c69ca40c292621e7790gary.williams #@TestStep Fourth search users entries as self
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestPostamble Cleanup PTA
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams #@TestResult Test is successful if the result code is 0
0e6d5b77fb3f672a81665189cfc6a81e96ed756cgary.williams <testcase name="getTestCaseName('PTA simple failover use-ssl')">
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'Test Name = %s' % STAXCurrentTestcase
a294720561a592554e011c69ca40c292621e7790gary.williams { 'stepMessage' : 'Configure LDAP PTA Policy using mapped-search-bind credentials over ssl.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primarySslPort))
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set mapped-attribute:cn')
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set mapped-search-base-dn:dc=AD,dc=com')
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set mapped-search-bind-dn:"cn=Directory Manager"')
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set mapped-search-bind-password:secret12')
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set mapping-policy:mapped-search')
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondarySslPort))
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set trust-manager-provider:JKS')
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--set use-ssl:true')
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--type ldap-pass-through')
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams options.append('--policy-name "%s"' % ldapPtaPolicyName)
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams dsconfigOptions=' '.join(options)
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams { 'location' : local_ldap_server.getHostname(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsPath' : '%s/%s' \
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'subcommand' : 'create-password-policy',
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams 'optionsString' : dsconfigOptions
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'stepMessage' : 'Read back the "authentication policy" object.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams options.append('--policy-name "%s"' % ldapPtaPolicyName)
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams dsconfigOptions=' '.join(options)
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'location' : local_ldap_server.getHostname(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsPath' : '%s/%s' \
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstanceHost' : local_ldap_server.getHostname(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'subcommand' : 'get-password-policy-prop',
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'optionsString' : dsconfigOptions
a294720561a592554e011c69ca40c292621e7790gary.williams { 'stepMessage' : 'Add ds-pwp-password-policy-dn to users entries.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'location' : local_ldap_server.getHostname(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsPath' : '%s/%s' \
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstancePort' : local_ldap_server.getPort(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsBaseDN' : 'cn=PTA Remote Users,ou=groups,o=example' ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsScope' : 'base' ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsFilter' : 'objectclass=*' ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsAttributes' : 'uniquemember'
a294720561a592554e011c69ca40c292621e7790gary.williams 'Result= %s' % STAXResult
a294720561a592554e011c69ca40c292621e7790gary.williams ldapObject=[]
a294720561a592554e011c69ca40c292621e7790gary.williams ldapObject.append('ds-pwp-password-policy-dn: %s' \
a294720561a592554e011c69ca40c292621e7790gary.williams % ldapPtaPolicyDn)
a294720561a592554e011c69ca40c292621e7790gary.williams indexvar="usernum">
a294720561a592554e011c69ca40c292621e7790gary.williams { 'location' : local_ldap_server.getHostname(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsPath' : '%s/%s' \
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'DNToModify' : remotePTAuserName ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'listAttributes' : ldapObject ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'changetype' : 'add'
a294720561a592554e011c69ca40c292621e7790gary.williams { 'stepMessage' : 'Search users entries as Directory Manager for ds-pwp-password-policy-dn.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'location' : local_ldap_server.getHostname(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsPath' : '%s/%s' \
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstancePort' : local_ldap_server.getPort(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstanceDn' : local_ldap_server.getRootDn(),
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsInstancePswd' : local_ldap_server.getRootPwd(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsBaseDN' : remotePTAuserSuffix ,
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams 'dsFilter' : 'objectclass=*' ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsAttributes' : 'ds-pwp-password-policy-dn'
a294720561a592554e011c69ca40c292621e7790gary.williams { 'stepMessage' : 'First search users entries as self.' }
a294720561a592554e011c69ca40c292621e7790gary.williams indexvar="usernum">
a294720561a592554e011c69ca40c292621e7790gary.williams { 'location' : local_ldap_server.getHostname(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsPath' : '%s/%s' \
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceDn' : remotePTAuserName,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePswd' : remotePTAuserDict[remotePTAuserName] ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsBaseDN' : remotePTAuserName ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsFilter' : 'objectclass=*'
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'stepMessage' : 'Stop the primary remote ldap server.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams [[primary_remote_ldap_server]]
a294720561a592554e011c69ca40c292621e7790gary.williams { 'stepMessage' : 'Second search users entries as self.' }
a294720561a592554e011c69ca40c292621e7790gary.williams indexvar="usernum">
a294720561a592554e011c69ca40c292621e7790gary.williams { 'location' : local_ldap_server.getHostname(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsPath' : '%s/%s' \
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceDn' : remotePTAuserName,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePswd' : remotePTAuserDict[remotePTAuserName] ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsBaseDN' : remotePTAuserName ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsFilter' : 'objectclass=*'
a294720561a592554e011c69ca40c292621e7790gary.williams { 'stepMessage' : 'Modify the users entries.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams ldapObject=[]
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams ldapObject.append('description: i am now a remote LDAP PTA user')
a294720561a592554e011c69ca40c292621e7790gary.williams indexvar="usernum">
a294720561a592554e011c69ca40c292621e7790gary.williams { 'location' : local_ldap_server.getHostname(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsPath' : '%s/%s' \
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceDn' : remotePTAuserName,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePswd' : remotePTAuserDict[remotePTAuserName],
a294720561a592554e011c69ca40c292621e7790gary.williams 'DNToModify' : remotePTAuserName ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'listAttributes' : ldapObject ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'changetype' : 'replace'
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'stepMessage' : 'Restart the primary remote ldap server.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams [[primary_remote_ldap_server]]
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'stepMessage' : 'Wait for monitor heartbeat to primary remote ldap server.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'sleepForMilliSeconds' : '5000' }
a294720561a592554e011c69ca40c292621e7790gary.williams { 'stepMessage' : 'Third search users entries as self.' }
a294720561a592554e011c69ca40c292621e7790gary.williams indexvar="usernum">
a294720561a592554e011c69ca40c292621e7790gary.williams { 'location' : local_ldap_server.getHostname(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsPath' : '%s/%s' \
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceDn' : remotePTAuserName,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePswd' : remotePTAuserDict[remotePTAuserName] ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsBaseDN' : remotePTAuserName ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsFilter' : 'objectclass=*'
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'stepMessage' : 'Stop the secondary remote ldap server.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams [[secondary_remote_ldap_server]]
a294720561a592554e011c69ca40c292621e7790gary.williams { 'stepMessage' : 'Fourth search users entries as self.' }
a294720561a592554e011c69ca40c292621e7790gary.williams indexvar="usernum">
a294720561a592554e011c69ca40c292621e7790gary.williams { 'location' : local_ldap_server.getHostname(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsPath' : '%s/%s' \
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceHost' : local_ldap_server.getHostname() ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePort' : local_ldap_server.getPort(),
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstanceDn' : remotePTAuserName,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsInstancePswd' : remotePTAuserDict[remotePTAuserName] ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsBaseDN' : remotePTAuserName ,
a294720561a592554e011c69ca40c292621e7790gary.williams 'dsFilter' : 'objectclass=*'
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams { 'stepMessage' : 'Start the secondary remote ldap server.' }
cac8d0253f9bf77a50323a91487c6246013ef4ebgary.williams [[secondary_remote_ldap_server]]
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams <catch exception="'STAXException'" typevar="eType" var="eInfo">
a031e6d9877cabf432f5e4f9caafec7f5781198agary.williams '%s: Test failed. eInfo(%s)' % (eType,eInfo)