def topology_setup(topology_m2): """Configure the topology with purge parameters and enable audit logging - configure replica purge delay and interval on supplier1 and supplier2 - enable audit log on supplier1 and supplier2 - restart supplier1 and supplier2 """ m1 = topology_m2.ms["supplier1"] m2 = topology_m2.ms["supplier2"] replica1 = Replicas(m1).get(DEFAULT_SUFFIX) replica2 = Replicas(m2).get(DEFAULT_SUFFIX) replica1.set('nsDS5ReplicaPurgeDelay', '5') replica2.set('nsDS5ReplicaPurgeDelay', '5') assert replica1.present('nsDS5ReplicaPurgeDelay') assert replica2.present('nsDS5ReplicaPurgeDelay') replica1.display_attr('nsDS5ReplicaPurgeDelay') replica2.display_attr('nsDS5ReplicaPurgeDelay') replica1.set('nsDS5ReplicaTombstonePurgeInterval', '5') replica2.set('nsDS5ReplicaTombstonePurgeInterval', '5') assert replica1.present('nsDS5ReplicaTombstonePurgeInterval') assert replica2.present('nsDS5ReplicaTombstonePurgeInterval') replica1.display_attr('nsDS5ReplicaTombstonePurgeInterval') replica2.display_attr('nsDS5ReplicaTombstonePurgeInterval') m1.config.set('nsslapd-auditlog-logging-enabled', 'on') m2.config.set('nsslapd-auditlog-logging-enabled', 'on') m1.restart() m2.restart()
def test_plugin_bind_dn_tracking_and_replication(topo_m2): """Testing nsslapd-plugin-binddn-tracking does not cause issues around access control and reconfiguring replication/repl agmt. :id: dd689d03-69b8-4bf9-a06e-2acd19d5e2c9 :setup: 2 supplier topology :steps: 1. Turn on plugin binddn tracking 2. Add some users 3. Make an update as a user 4. Make an update to the replica config 5. Make an update to the repliocation agreement :expectedresults: 1. Success 2. Success 3. Success 4. Success 5. Success """ m1 = topo_m2.ms["supplier1"] # Turn on bind dn tracking m1.config.set('nsslapd-plugin-binddn-tracking', 'on') # Add two users users = UserAccounts(m1, DEFAULT_SUFFIX) user1 = users.create_test_user(uid=1011) user1.set('userpassword', PASSWORD) user2 = users.create_test_user(uid=1012) # Add an aci acival = '(targetattr ="cn")(version 3.0;acl "Test bind dn tracking"' + \ ';allow (all) (userdn = "ldap:///{}");)'.format(user1.dn) Domain(m1, DEFAULT_SUFFIX).add('aci', acival) # Bind as user and make an update user1.rebind(PASSWORD) user2.set('cn', 'new value') dm = DirectoryManager(m1) dm.rebind() # modify replica replica = Replicas(m1).get(DEFAULT_SUFFIX) replica.set(REPL_PROTOCOL_TIMEOUT, "30") # modify repl agmt agmt = replica.get_agreements().list()[0] agmt.set(REPL_PROTOCOL_TIMEOUT, "20")