def starttest(*args): dn = "ou=test, dc=example, dc=com" newrdn = "ou=test2" dn2 = newrdn + ", dc=example, dc=com" server = args[0] print "starting starttest with " + str(server) while True: try: entry = Entry(dn) entry.setValues('objectclass', 'top', 'organizationalUnit') entry.setValues('ou', 'test') server.add_s(entry) time.sleep(0.100) except ldap.ALREADY_EXISTS: pass except ldap.LDAPError, e: print "Could not add test entry to server " + str(server), e raise try: server.rename_s(dn, newrdn) time.sleep(0.050) except ldap.ALREADY_EXISTS: # replicated from the other server pass except ldap.NO_SUCH_OBJECT: # deleted by the other server pass except ldap.LDAPError, e: print "Could not delete test entry from server " + str(server), e raise
def enableAttrEncryption(srv,attrname,alg,dbname="userRoot"): # Add an entry for this attribute dn = "cn=%s,cn=encrypted attributes,cn=%s,cn=ldbm database,cn=plugins,cn=config" % (attrname, dbname) ent = Entry(dn) ent.setValue('objectclass', 'nsAttributeEncryption') ent.setValue('nsEncryptionAlgorithm', alg) srv.add_s(ent)
def doadds(m1): print "Add %d entries to m1" % len(m1ents) for ii in m1ents: dn = "cn=%d,%s" % (ii, basedn) ent = Entry(dn) ent.setValues('objectclass', 'person') ent.setValues('sn', 'testuser') m1.add_s(ent)
def setup_mt(self, suffix, bename, parent=None): """Setup a suffix with the given backend-name. @param suffix @param bename @param parent - the parent suffix @param verbose - None This method does not create the matching entry in the tree, nor the given backend. Both should be created apart. Ex. setup_mt(suffix='o=addressbook1', bename='addressbook1') creates: - the mapping in "cn=mapping tree,cn=config" you have to create: - the backend - the ldap entry "o=addressbook1" *after* """ nsuffix = normalizeDN(suffix) #escapedn = escapeDNValue(nsuffix) if parent: nparent = normalizeDN(parent) else: nparent = "" filt = suffixfilt(suffix) # if suffix exists, return try: entry = self.conn.getEntry( DN_MAPPING_TREE, ldap.SCOPE_SUBTREE, filt) return entry except NoSuchEntryError: entry = None # fix me when we can actually used escaped DNs #dn = "cn=%s,cn=mapping tree,cn=config" % escapedn dn = ','.join(('cn="%s"' % nsuffix, DN_MAPPING_TREE)) entry = Entry(dn) entry.update({ 'objectclass': ['top', 'extensibleObject', 'nsMappingTree'], 'nsslapd-state': 'backend', # the value in the dn has to be DN escaped # internal code will add the quoted value - unquoted value is useful for searching 'cn': nsuffix, 'nsslapd-backend': bename }) #entry.setValues('cn', [escapedn, nsuffix]) # the value in the dn has to be DN escaped # the other value can be the unescaped value if parent: entry.setValues('nsslapd-parent-suffix', nparent) try: self.log.debug("Creating entry: %r" % entry) self.conn.add_s(entry) except ldap.LDAPError, e: raise ldap.LDAPError("Error adding suffix entry " + dn, e)
def test_update(self): expected = 'pluto minnie' given = {'cn': expected} t = ('o=pippo', { 'o': ['pippo'], 'objectclass': ['organization', 'top'] }) e = Entry(t) e.update(given) assert e.cn == expected, "Bad cn: %s, expected: %s" % (e.cn, expected)
def handle(self,dn,entry): if not dn: dn = '' newentry = Entry((dn, entry)) if newentry.hasValueCase('objectclass', 'inetorgperson'): ocvals = newentry.getValues('objectclass') ocvals.append('inetUser') newentry.setValue('objectclass', ocvals) try: self.conn.add_s(newentry) except ldap.LDAPError, e: if not self.cont: raise e print "Error: could not add entry %s: error %s" % (dn, str(e))
def domods(m1): ii = 0 dn = "cn=%d,%s" % (ii, basedn) ent = Entry(dn) ent.setValues('objectclass', 'person') ent.setValues('sn', 'testuser') m1.add_s(ent) print "Do %d mods to m1" % len(m1ents) for ii in m1ents: newval = "description" + str(ii) mod = [(ldap.MOD_REPLACE, 'description', newval)] m1.modify_s(dn, mod)
def makeDSUserEnt(): global idnum id = str(idnum) userid = 'testuser' + id dn = 'uid=%s,%s,%s' % (userid, usersubtree, suffix) ent = Entry(dn) ent.setValues('objectclass', userObjClasses) ent.setValues('cn', 'Test User' + id) ent.setValues('sn', 'User' + id) ent.setValues('ou', 'people') idnum += 1 return ent
def newEntry(entrycnt, mmx): userid = "user%d %s" % (entrycnt, mmx) dn = "uid=%s,ou=people,%s" % (userid, basedn) ent = Entry(dn) ent.setValues("objectclass", "inetOrgPerson") ent.setValues("cn", "Test " + userid) ent.setValues("sn", userid) msgid = mmx.add(ent) return (ent, msgid)
def enable_ssl(self, secport=636, secargs=None): """Configure SSL support into cn=encryption,cn=config. secargs is a dict like { 'nsSSLPersonalitySSL': 'Server-Cert' } """ self.log.debug("configuring SSL with secargs:%r" % secargs) secargs = secargs or {} dn_enc = 'cn=encryption,cn=config' ciphers = '-rsa_null_md5,+rsa_rc4_128_md5,+rsa_rc4_40_md5,+rsa_rc2_40_md5,+rsa_des_sha,' + \ '+rsa_fips_des_sha,+rsa_3des_sha,+rsa_fips_3des_sha,' + \ '+tls_rsa_export1024_with_rc4_56_sha,+tls_rsa_export1024_with_des_cbc_sha' mod = [(ldap.MOD_REPLACE, 'nsSSL3', secargs.get('nsSSL3', 'on')), (ldap.MOD_REPLACE, 'nsSSLClientAuth', secargs.get('nsSSLClientAuth', 'allowed')), (ldap.MOD_REPLACE, 'nsSSL3Ciphers', secargs.get('nsSSL3Ciphers', ciphers))] self.conn.modify_s(dn_enc, mod) dn_rsa = 'cn=RSA,cn=encryption,cn=config' e_rsa = Entry(dn_rsa) e_rsa.update({ 'objectclass': ['top', 'nsEncryptionModule'], 'nsSSLPersonalitySSL': secargs.get('nsSSLPersonalitySSL', 'Server-Cert'), 'nsSSLToken': secargs.get('nsSSLToken', 'internal (software)'), 'nsSSLActivation': secargs.get('nsSSLActivation', 'on') }) try: self.conn.add_s(e_rsa) except ldap.ALREADY_EXISTS: pass mod = [ (ldap.MOD_REPLACE, 'nsslapd-security', secargs.get('nsslapd-security', 'on')), (ldap.MOD_REPLACE, 'nsslapd-ssl-check-hostname', secargs.get('nsslapd-ssl-check-hostname', 'off')), (ldap.MOD_REPLACE, 'nsslapd-secureport', str(secport)) ] self.log.debug("trying to modify %r with %r" % (DN_CONFIG, mod)) self.conn.modify_s(DN_CONFIG, mod) fields = 'nsslapd-security nsslapd-ssl-check-hostname'.split() return self.conn.getEntry(DN_CONFIG, attrlist=fields)
def handle(self,dn,entry): """ Append single record to dictionary of all records. """ if not dn: dn = '' newentry = Entry((dn, entry)) objclasses = newentry.getValues('objectclass') if 'inetOrgPerson' in objclasses: print "adding posixAccount to ", dn objclasses.append('posixAccount') objclasses.append('myintobjclass') newentry.setValue('objectclass', objclasses) newentry.setValue('uidNumber', str(self.uidNumber)) newentry.setValue('gidNumber', str(self.uidNumber)) newentry.setValue('homeDirectory', '/home/foo') newentry.setValue('myintattr', str(self.uidNumber)) self.uidNumber = self.uidNumber + 1 print>>self.output_file, str(newentry)
def test_init_with_tuple(self): expected = 'pippo' given = 'o=pippo' t = (given, { 'o': [expected], 'objectclass': ['organization', 'top'] }) e = Entry(t) assert e.dn == given assert expected in e.o
def addouent(ds, dn): pdns = [dn] while len(pdns) > 0: dn = pdns.pop() ent = Entry(dn) ent.setValues('objectclass', 'organizationalUnit') try: ds.add_s(ent) print "added entry", ent.dn except ldap.ALREADY_EXISTS: continue except ldap.NO_SUCH_OBJECT: pdns.append(dn) rdns = ldap.explode_dn(dn) pdn = ','.join(rdns[1:]) pdns.append(pdn) except Exception, e: print "Could not add entry", ent.dn, str(e) raise e
def addouent(ds,dn): pdns = [dn] while len(pdns) > 0: dn = pdns.pop() ent = Entry(dn) ent.setValues('objectclass', 'organizationalUnit') try: ds.add_s(ent) print "added entry", ent.dn except ldap.ALREADY_EXISTS: continue except ldap.NO_SUCH_OBJECT: pdns.append(dn) rdns = ldap.explode_dn(dn) pdn = ','.join(rdns[1:]) pdns.append(pdn) except Exception, e: print "Could not add entry", ent.dn, str(e) raise e
def handle(self, dn, entry): """ Append single record to dictionary of all records. """ ent = Entry((dn, entry)) normdn = DSAdmin.normalizeDN(dn) self.dndict[normdn] = ent cn = ent.cn if cn: self.cndict[cn] = ent self.dnlist.append(ent)
def changelog(self, dbname='changelogdb'): """Add and return the replication changelog entry. If dbname starts with "/" then it's considered a full path, otherwise it's relative to self.dbdir """ dn = DN_CHANGELOG dirpath = os.path.join(self.conn.dbdir, dbname) entry = Entry(dn) entry.update({ 'objectclass': ("top", "extensibleobject"), 'cn': "changelog5", 'nsslapd-changelogdir': dirpath }) self.log.debug("adding changelog entry: %r" % entry) try: self.conn.add_s(entry) except ldap.ALREADY_EXISTS: self.log.warn("entry %s already exists" % dn) return self.conn._test_entry(dn, ldap.SCOPE_BASE)
def handle(self, dn, entry): """ Append single record to dictionary of all records. """ if not dn: dn = '' newentry = Entry((dn, entry)) try: self.dsadmin.add_s(newentry) except ldap.ALREADY_EXISTS: print "Entry %s already exists - skipping" % dn return cs.mark()
def addbackend_harn(conn, name, beattrs=None): """Create the suffix o=name and its backend.""" suffix = "o=%s" % name e = Entry((suffix, {'objectclass': ['top', 'organization'], 'o': [name]})) try: ret = conn.addSuffix(suffix, bename=name, beattrs=beattrs) except ldap.ALREADY_EXISTS: raise finally: conn.added_backends.add(suffix) conn.add(e) conn.added_entries.append(e.dn) return ret
def handle(self, dn, entry): if not dn: dn = '' newentry = Entry((dn, entry)) if newentry.hasValueCase('objectclass', 'inetorgperson'): ocvals = newentry.getValues('objectclass') ocvals.append('inetUser') newentry.setValue('objectclass', ocvals) try: self.conn.add_s(newentry) except ldap.LDAPError, e: if not self.cont: raise e print "Error: could not add entry %s: error %s" % (dn, str(e))
# the same as in the cn=ipaConfig ipaUserObjectClasses list # ntUser either by the winsync code, or when you want an # existing IPA user to be synced with AD userObjClasses = [ 'top', 'person', 'organizationalPerson', 'inetOrgPerson' ] if useds: print "Create sub-ou's on the AD side and add users . . ." ii = 0 dns = ['ou=people,' + suffix, 'ou=1,ou=people,' + suffix, 'ou=2,ou=people,' + suffix, 'ou=11,ou=1,ou=people,' + suffix, 'ou=12,ou=1,ou=people,' + suffix] for dn in dns: ent = Entry(dn) ent.setValues('objectclass', 'organizationalUnit') try: ad.add_s(ent) except ldap.ALREADY_EXISTS: pass print "Add users to", dn for jj in range(0,5): strii = str(ii) userdn = 'cn=Test User' + strii + ',' + dn ent = Entry(userdn) userid = 'userid' + strii ent.setValues('objectclass', ['person', 'adPerson']) ent.setValues('sn', 'User' + strii) ent.setValues('samAccountName', userid) ent.setValues('objectGUID', struct.pack('B', ii)) ent.setValues('name', 'Test User' + strii) # same as cn try: ad.add_s(ent)
'employeeNumber', 'homePhone', 'homePostalAddress', 'manager', 'secretary' ] for attr in indexattrs: m1.addIndex(basedn, attr, ['pres', 'eq', 'sub']) m2.addIndex(basedn, attr, ['pres', 'eq', 'sub']) binattr = "userCertificate;binary" binval = ''.join([chr(ii % 256) for ii in xrange(0, 65536)]) basedn2 = "dc=example2,dc=com" print "adding another suffix", basedn2 m1.addSuffix(basedn2) m2.addSuffix(basedn2) print "add several entries to", basedn2 ent = Entry(basedn2) ent.setValues('objectclass', 'extensibleObject') m1.add_s(ent) m2.add_s(ent) nusers = 100 print "add", nusers, "users to", basedn2 for ii in xrange(0, nusers): uid = "user%03d" % ii dn = "uid=%s,%s" % (uid, basedn2) ent = Entry(dn) ent.setValues('objectclass', 'inetOrgPerson') ent.setValues('sn', 'User%03d' % ii) ent.setValues('cn', 'Test User%03d' % ii) ent.setValues(binattr, binval) m1.add_s(ent)
'newsuffix': basedn, 'no_admin': True, 'ConfigFile': [cfgfd.name] }) os.unlink(cfgfd.name) initfile = '' if os.environ.has_key('SERVER_ROOT'): initfile = "%s/slapd-%s/ldif/Example.ldif" % (ds.sroot,ds.inst) else: initfilesrc = "%s/share/dirsrv/data/Example.ldif" % os.environ.get('PREFIX', '/usr') initfile = "%s/var/lib/dirsrv/slapd-%s/ldif/Example.ldif" % (os.environ.get('PREFIX', ''), 'ds') shutil.copy(initfilesrc, initfile) print "importing database" ds.importLDIF(initfile, '', "userRoot", False) print "get the list of all users" ents = ds.search_s(basedn, ldap.SCOPE_SUBTREE, "objectclass=inetorgperson") for ii in xrange(0, 5): groupdn = "cn=testgroup%d,ou=groups,%s" % (ii, basedn) print "add a bunch of users to the group", groupdn ent = Entry(groupdn) ent.setValues('objectclass', 'groupOfNames') ent.setValues('member', [ee.dn for ee in ents]) ds.add_s(ent) #print "delete some users" #for ent in ents: # print "deleting user", ent.dn # ds.delete_s(ent.dn)
'description': 'normal, regular AD account disabled, do not expire password', 'userAccountControl': 512 + 2 + 65536 }] userids_disabled = {} if useds: print "Create sub-ou's on the AD side and add users . . ." ii = 0 dns = [ 'ou=people,' + suffix, 'ou=1,ou=people,' + suffix, 'ou=2,ou=people,' + suffix, 'ou=11,ou=1,ou=people,' + suffix, 'ou=12,ou=1,ou=people,' + suffix ] for dn in dns: ent = Entry(dn) ent.setValues('objectclass', 'organizationalUnit') try: ad.add_s(ent) except ldap.ALREADY_EXISTS: pass print "Add users to", dn for jj in range(0, 5): strii = str(ii) userdn = 'cn=Test User' + strii + ',' + dn ent = Entry(userdn) userid = 'userid' + strii ent.setValues('objectclass', ['person', 'adPerson']) ent.setValues('sn', 'User' + strii) ent.setValues('samAccountName', userid) ent.setValues('objectGUID', struct.pack('B', ii))
replargs[m4] = m4replargs srvs.append(m4) print "create all of the agreements and init the masters" for mmx in srvs: for mmy in srvs: if mmx == mmy: continue agmtdn = mmx.setupAgreement(mmy, replargs[mmx]) if mmx == m1: mmx.startReplication(agmtdn) print mmx.getReplStatus(agmtdn) print "test to make sure replication is working" for (ii, mmx) in enumerate(srvs): dn = "cn=user%d,ou=people,%s" % (ii, basedn) ent = Entry(dn) ent.setValues("objectclass", "extensibleObject") mmx.add_s(ent) time.sleep(2) for mmy in srvs: while True: try: ents = mmy.search_s(dn, ldap.SCOPE_BASE) except ldap.NO_SUCH_OBJECT: ents = [] if len(ents) < 1: print "waiting for", dn, "on", str(mmy) time.sleep(1) elif ents[0]: print "found", dn, "on", str(mmy) break mmx.delete_s(dn) time.sleep(2)
print "create agreements and init consumers" agmtm1tom2 = m1.setupAgreement(m2, m1replargs) time.sleep(5) #m1.setLogLevel(1,8192) #m2.setLogLevel(1,8192) m1.startReplication_async(agmtm1tom2) print "waiting for init to finish" time.sleep(5) m1.waitForReplInit(agmtm1tom2) agmtm2tom1 = m2.setupAgreement(m1, m2replargs) print "Add a bunch of entries to queue up the changelog . . ." for ii in xrange(0, 100): cn = "test user%d" % ii dn = "cn=%s,ou=people,%s" % (cn, basedn) ent = Entry(dn) ent.setValues('objectclass', 'person') ent.setValues('cn', cn) ent.setValues('sn', 'user' + str(ii)) m1.add_s(ent) time.sleep(1) print "Check replication status - note number of changes sent, in progress . . ." print m1.getReplStatus(agmtm1tom2) #print "Pause replication . . ." #m1.stopReplication(agmtm1tom2) #time.sleep(1) #print "Check replication status - note number of changes sent, in progress . . ." #print m1.getReplStatus(agmtm1tom2)
def makeADUserEnt(): global idnum id = str(idnum) userid = 'testuser' + id cn = 'Test User' + id dn = 'cn=%s,%s,%s' % (cn, adusersubtree, suffix) ent = Entry(dn) ent.setValues('objectclass', aduserObjClasses) ent.setValues('cn', cn) ent.setValues('sn', 'User' + id) ent.setValues('userPrincipalName', '%s@%s' % (userid, realm)) ent.setValues('sAMAccountName', userid) idnum += 1 return ent
def makeDSUserEnt(): global idnum id = str(idnum) userid = 'testuser' + id dn = 'uid=%s,%s,%s' % (userid, usersubtree, suffix) ent = Entry(dn) ent.setValues('objectclass', userObjClasses) ent.setValues('cn', 'Test User' + id) ent.setValues('sn', 'User' + id) ent.setValues('userPassword', 'Password' + id) if ipawinsync: ent.setValues('krbPrincipalName', '%s@%s' % (userid, realm)) ent.setValues('uidNumber', str(500+idnum)) ent.setValues('gidNumber', '1002') ent.setValues('homeDirectory', '/home/' + userid) if jj % 2: ent.setValues('description', 'User added disabled to DS') else: ent.setValues('description', 'User added enabled to DS') idnum += 1 return ent
print "create agreements and init consumers" agmtm1tom2 = m1.setupAgreement(m2, m1replargs) time.sleep(5) #m1.setLogLevel(1,8192) #m2.setLogLevel(1,8192) m1.startReplication_async(agmtm1tom2) print "waiting for init to finish" time.sleep(5) m1.waitForReplInit(agmtm1tom2) agmtm2tom1 = m2.setupAgreement(m1, m2replargs) print "Add a bunch of entries to queue up the changelog . . ." for ii in xrange(0,100): cn = "test user%d" % ii dn = "cn=%s,ou=people,%s" % (cn, basedn) ent = Entry(dn) ent.setValues('objectclass', 'person') ent.setValues('cn', cn) ent.setValues('sn', 'user' + str(ii)) m1.add_s(ent) time.sleep(1) print "Check replication status - note number of changes sent, in progress . . ." print m1.getReplStatus(agmtm1tom2) #print "Pause replication . . ." #m1.stopReplication(agmtm1tom2) #time.sleep(1) #print "Check replication status - note number of changes sent, in progress . . ." #print m1.getReplStatus(agmtm1tom2)
def makeADUserEnt(idnum): id = str(idnum) userid = 'testuser' + id cn = 'Test User' + id dn = 'cn=%s,%s' % (cn, active_user_subtree) ent = Entry(dn) ent.setValues('objectclass', aduserObjClasses) ent.setValues('cn', cn) ent.setValues('sn', 'User' + id) ent.setValues('userPrincipalName', '%s@%s' % (userid, realm)) ent.setValues('sAMAccountName', userid) return ent
{'description': 'normal, regular AD account, do not expire password', 'userAccountControl': 512 + 65536}, {'description': 'normal, regular AD account disabled, do not expire password', 'userAccountControl': 512 + 2 + 65536} ] userids_disabled = {} if useds: print "Create sub-ou's on the AD side and add users . . ." ii = 0 dns = ['ou=people,' + suffix, 'ou=1,ou=people,' + suffix, 'ou=2,ou=people,' + suffix, 'ou=11,ou=1,ou=people,' + suffix, 'ou=12,ou=1,ou=people,' + suffix] for dn in dns: ent = Entry(dn) ent.setValues('objectclass', 'organizationalUnit') try: ad.add_s(ent) except ldap.ALREADY_EXISTS: pass print "Add users to", dn for jj in range(0,5): strii = str(ii) userdn = 'cn=Test User' + strii + ',' + dn ent = Entry(userdn) userid = 'userid' + strii ent.setValues('objectclass', ['person', 'adPerson']) ent.setValues('sn', 'User' + strii) ent.setValues('samAccountName', userid) ent.setValues('objectGUID', struct.pack('B', ii)) ent.setValues('name', 'Test User' + strii) # same as cn kk = ii % len(userAcctVals)
time.sleep(2) m1.startReplication(agmtm1tom2) print "repl status after starting" print m1.getReplStatus(agmtm1tom2) agmtm2tom1 = m2.setupAgreement(m1, m2replargs) agmtm1toc1 = m1.setupAgreement(c1, m1replargs) time.sleep(2) m1.startReplication(agmtm1toc1) print "repl status after starting" print m1.getReplStatus(agmtm1toc1) agmtm2toc1 = m2.setupAgreement(c1, m2replargs) print "add entry on m1 . . ." dn = 'uid=testuser,dc=example,dc=com' ent = Entry(dn) ent.setValues('objectclass', 'inetOrgPerson') ent.setValues('cn', "1") ent.setValues('sn', 'testuser') m1.add_s(ent) time.sleep(2) print "search for entry on m2 . . ." ents = m2.search_s(dn, ldap.SCOPE_BASE) if not ents: time.sleep(2) ents = m2.search_s(dn, ldap.SCOPE_BASE) if not ents: print "entry not found on m2" sys.exit(1) else: print "entry found on m2"
replargs[m4] = m4replargs srvs.append(m4) print "create all of the agreements and init the masters" for mmx in srvs: for mmy in srvs: if mmx == mmy: continue agmtdn = mmx.setupAgreement(mmy, replargs[mmx]) if mmx == m1: mmx.startReplication(agmtdn) print mmx.getReplStatus(agmtdn) print "test to make sure replication is working" for (ii, mmx) in enumerate(srvs): dn = "cn=user%d,ou=people,%s" % (ii, basedn) ent = Entry(dn) ent.setValues("objectclass", "extensibleObject") mmx.add_s(ent) time.sleep(2) for mmy in srvs: while True: try: ents = mmy.search_s(dn, ldap.SCOPE_BASE) except ldap.NO_SUCH_OBJECT: ents = [] if len(ents) < 1: print "waiting for", dn, "on", str(mmy) time.sleep(1) elif ents[0]: print "found", dn, "on", str(mmy) break
agmtm1tom2 = m1.setupAgreement(m2, m1replargs) m1.startReplication_async(agmtm1tom2) print "waiting for init to finish" m1.waitForReplInit(agmtm1tom2) agmtm2tom1 = m2.setupAgreement(m1, m2replargs) sys.exit(0) basedn = "dc=example,dc=com" nents = 20000 myiter = xrange(0, nents) for ii in myiter: dn = "cn=%d, %s" % (ii, basedn) svr = (m1,m2)[ii % 2] ent = Entry(dn) ent.setValues('objectclass', 'person') ent.setValues('sn', 'testuser') ent.setValues('description', 'added description') svr.add_s(ent) print "Added", dn print "Sleep for 20 seconds to let changes propagate . . ." time.sleep(20) print "Verify all entries are present in both servers . . ." for ii in myiter: dn = "cn=%d, %s" % (ii, basedn) ent = m1.getEntry(dn, ldap.SCOPE_BASE) if not ent: raise "Entry %s not found in %s" % (dn, m1) ent = m2.getEntry(dn, ldap.SCOPE_BASE) if not ent: raise "Entry %s not found in %s" % (dn, m2)
time.sleep(2) m1.startReplication(agmtm1tom2) print "repl status after starting" print m1.getReplStatus(agmtm1tom2) agmtm2tom1 = m2.setupAgreement(m1, m2replargs) agmtm1toc1 = m1.setupAgreement(c1, m1replargs) time.sleep(2) m1.startReplication(agmtm1toc1) print "repl status after starting" print m1.getReplStatus(agmtm1toc1) agmtm2toc1 = m2.setupAgreement(c1, m2replargs) print "add entry on m1 . . ." dn = "uid=testuser,dc=example,dc=com" ent = Entry(dn) ent.setValues("objectclass", "inetOrgPerson") ent.setValues("cn", "1") ent.setValues("sn", "testuser") m1.add_s(ent) time.sleep(2) print "search for entry on m2 . . ." ents = m2.search_s(dn, ldap.SCOPE_BASE) if not ents: time.sleep(2) ents = m2.search_s(dn, ldap.SCOPE_BASE) if not ents: print "entry not found on m2" sys.exit(1) else: print "entry found on m2"
}) #del os.environ['USE_DBX'] initfile = '' if os.environ.has_key('SERVER_ROOT'): initfile = "%s/slapd-%s/ldif/Example.ldif" % (m1.sroot, m1.inst) else: initfile = "%s/share/dirsrv/data/Example.ldif" % os.environ.get( 'PREFIX', '/usr') m1.importLDIF(initfile, '', "userRoot", True) #m1.setLogLevel(65535) print "Add the filtered group entry with bogus filter" dn = "cn=TestDynamicGroup,dc=example,dc=com" ent = Entry(dn) ent.setValues('description', "Dynamic test group") ent.setValues('objectclass', 'top', 'groupofuniquenames', 'groupofurls') ent.setValues( 'memberurl', 'ldap:///dc=example,dc=com??sub?(&(objectclass=person)(uid=scart*)') #ent.cn = 'TestDynamicGroup' m1.add_s(ent) print "Add the bogus aci for that group" addmod = [( ldap.MOD_REPLACE, 'aci', '(targetattr = "*") (version 3.0;acl "Test Crash ACL";allow (all)(groupdn = "ldap:///cn=TestDynamicGroup,dc=example,dc=com");)' )] m1.modify_s("dc=example,dc=com", addmod) #m1.setLogLevel(0)
srv.modify_s(ent.dn, mod) ents = srv.getBackendsForSuffix(base2) for ent in ents: srv.modify_s(ent.dn, mod) srv.stop(True) #os.environ["USE_GDB"] = "1" srv.start(True) msgid1 = srv.search(basedn, ldap.SCOPE_SUBTREE, "objectclass=*") taskdns = [] for (bename, fn) in zip(benames, initfiles): outfile = fn + ".out" cn = "export" + str(int(time.time())) + "-" + bename taskdn = "cn=%s,cn=export,cn=tasks,cn=config" % cn entry = Entry(taskdn) entry.setValues('objectclass', 'top', 'extensibleObject') entry.setValues('cn', cn) entry.setValues('nsFilename', outfile) entry.setValues('nsInstance', bename) srv.add_s(entry) taskdns.append(taskdn) msgid2 = srv.search(basedn, ldap.SCOPE_SUBTREE, "objectclass=*") attrlist = ['nsTaskLog', 'nsTaskStatus', 'nsTaskExitCode', 'nsTaskCurrentItem', 'nsTaskTotalItems'] for taskdn in taskdns: try: entry = srv.getEntry(taskdn, ldap.SCOPE_BASE, "(objectclass=*)", attrlist) print entry except ldap.NO_SUCH_OBJECT:
m1.modify_s(userdn, mymod) time.sleep(5) ent = m2.getEntry(userdn, ldap.SCOPE_BASE) if ent.description == "changed back": print "replication is still working" else: print "replication is not working any longer" sys.exit(1) nents = 1000 svrs = (m1, m2) nsvrs = len(svrs) print "Add %d entries alternately . . ." % nents for ii in range(0,nents): dn = "cn=%d, %s" % (ii, basedn) ent = Entry(dn) ent.setValues('objectclass', 'person') ent.setValues('sn', 'testuser') svr = svrs[ii % nsvrs] svr.add_s(ent) print "Added %s to %s" % (dn, svr) print "see if all entries are on both servers . . ." time.sleep(10) for ii in range(0,nents): dn = "cn=%d, %s" % (ii, basedn) try: ent = m1.getEntry(dn, ldap.SCOPE_BASE) ent = m2.getEntry(dn, ldap.SCOPE_BASE) except: print "Could not read entry", dn
'no_admin': True }) #del os.environ['USE_GDB'] val1 = 'PRC (China)Limited company' val2 = 'PRC (China) Limited company' rdn1 = "ou=" + val1 rdn2 = "ou=" + val2 filt1 = '(ou=*\\28China\\29Limited*)' filt2 = '(ou=*\\28China\\29*)' filt3 = '(businessCategory=*\\29Limited*)' dn1 = rdn1 + "," + basedn dn2 = rdn2 + "," + basedn ent = Entry(dn1) ent.setValues('objectclass', 'extensibleObject') ent.setValues('businessCategory', val1) srv.add_s(ent) ent = Entry(dn2) ent.setValues('objectclass', 'extensibleObject') ent.setValues('businessCategory', val2) srv.add_s(ent) ents = srv.search_s(basedn, ldap.SCOPE_SUBTREE, filt1) print "filter", filt1, "returns the following" for ent in ents: print ent ents = srv.search_s(basedn, ldap.SCOPE_SUBTREE, filt2)
def makeDSUserEnt(idnum): id = str(idnum) userid = 'testuser' + id dn = 'uid=%s,%s,%s,%s' % (userid, active_user_cont, usersubtree, suffix) ent = Entry(dn) ent.setValues('objectclass', userObjClasses) ent.setValues('cn', 'Test User' + id) ent.setValues('sn', 'User' + id) ent.setValues('uid', userid) ent.setValues('userPassword', 'Password' + id) ent.setValues('ntUserDomainId', userid) ent.setValues('userPassword', 'Ornette1') if ipawinsync: ent.setValues('krbPrincipalName', '%s@%s' % (userid, realm)) ent.setValues('uidNumber', str(500+idnum)) ent.setValues('gidNumber', '1002') ent.setValues('homeDirectory', '/home/' + userid) if idnum % 2: ent.setValues('description', 'User added disabled to DS') ent.setValues('nsAccountLock', 'TRUE') else: ent.setValues('description', 'User added enabled to DS') else: ent.setValues('description', 'User added to DS') ent.setValues('ntUserCreateNewAccount', 'TRUE') ent.setValues('ntUserDeleteAccount', 'TRUE') return ent
def test_update_complex(self): # compare two entries created with different methods nsuffix, replid, replicatype = "dc=example,dc=com", 5, dsadmin.REPLICA_RDWR_TYPE binddnlist, legacy = ['uid=pippo, cn=config'], 'off' dn = "dc=example,dc=com" entry = Entry(dn) entry.setValues( 'objectclass', "top", "nsds5replica", "extensibleobject") entry.setValues('cn', "replica") entry.setValues('nsds5replicaroot', nsuffix) entry.setValues('nsds5replicaid', str(replid)) entry.setValues('nsds5replicatype', str(replicatype)) entry.setValues('nsds5flags', "1") entry.setValues('nsds5replicabinddn', binddnlist) entry.setValues('nsds5replicalegacyconsumer', legacy) uentry = Entry(( dn, { 'objectclass': ["top", "nsds5replica", "extensibleobject"], 'cn': ["replica"], }) ) print uentry # Entry.update *replaces*, so be careful with multi-valued attrs uentry.update({ 'nsds5replicaroot': nsuffix, 'nsds5replicaid': str(replid), 'nsds5replicatype': str(replicatype), 'nsds5flags': '1', 'nsds5replicabinddn': binddnlist, 'nsds5replicalegacyconsumer': legacy }) uentry_s, entry_s = map(str, (uentry, entry)) assert uentry_s == entry_s, "Mismatching entries [%r] vs [%r]" % ( uentry, entry)
agmtm2tom1 = m2.setupAgreement(m1, m2replargs) # the attribute value must be larger # than 1024 * 32 bytes in order to # trigger the clcache buffer resize size = 1024 * 32 + 1 val1 = "description1" + ("#" * size) val2 = "description1" + ("#" * size) nents = 2 print "Add %d entries alternately . . ." % nents svrs = (m1, m2) vals = (val1, val2) nsvrs = len(svrs) for ii in range(0, nents): dn = "cn=%d, %s" % (ii, suffix) ent = Entry(dn) ent.setValues('objectclass', 'person') ent.setValues('sn', 'testuser') ent.setValues('description', vals[ii % nsvrs]) svr = svrs[ii % nsvrs] svr.add_s(ent) print "Added %s to %s" % (dn, svr) print "see if all entries are on both servers . . ." time.sleep(5) for ii in range(0, nents): dn = "cn=%d, %s" % (ii, suffix) ent = m1.getEntry(dn, ldap.SCOPE_BASE) ent = m2.getEntry(dn, ldap.SCOPE_BASE)
os.environ['USE_GDB'] = "1" farm = DSAdmin.createInstance({ 'newrootpw': rootpw2, 'newhost': host2, 'newport': port2, 'newinst': 'farm', 'newsuffix': 'dc=notused', 'no_admin': True }) # add the suffix farm.addSuffix(suffix) # add the suffix entry dn = suffix ent = Entry(dn) ent.setValues('objectclass', 'domain') farm.add_s(ent) # setup chaining mux.setupChaining(farm, suffix, False) # add an administrative user on the mux admindn = 'uid=ttestuser,cn=config' adminpw = "adminpw" ent = Entry(admindn) ent.setValues('objectclass', 'inetOrgPerson') ent.setValues('cn', 'Chain Admin User') ent.setValues('sn', 'Chain') ent.setValues('givenName', 'Admin User') ent.setValues('userPassword', "adminpw")
rootpw = "password" basedn = 'dc=example,dc=com' newinst = 'ds' os.environ['USE_VALGRIND'] = "1" srv = DSAdmin.createInstance({ 'newrootpw': rootpw, 'newhost': host1, 'newport': port1, 'newinst': newinst, 'newsuffix': basedn, 'no_admin': True }) print "turn on syntax checking and trivial words checking" attr = "passwordCheckSyntax" mod = [(ldap.MOD_REPLACE, attr, "on")] srv.modify_s("cn=config", mod) print "add a user with a password" dn = "uid=scarter,dc=example,dc=com" bindpw = "SPrain12" ent = Entry(dn) ent.setValues('objectclass', 'inetOrgPerson') ent.setValues('cn', 'Sam Carter') ent.setValues('sn', 'Carter') ent.setValues('givenName', 'Sam') ent.setValues('userPassword', bindpw) srv.add_s(ent)