opattrs = [ 'passwordRetryCount', 'retryCountResetTime', 'accountUnlockTime', 'passwordExpirationTime', 'modifyTimestamp', 'modifiersName' ] print "Do %d attempts to bind with incorrect password . . ." % nattempts userconn = DSAdmin(host1, port1) for xx in range(0, nattempts+1): try: userconn.simple_bind_s(userdn, "boguspassword") except ldap.INVALID_CREDENTIALS: print "password was not correct" except ldap.CONSTRAINT_VIOLATION: print "too many password attempts" print "m1 pwd attrs" print "%s" % m1.getEntry(userdn, ldap.SCOPE_BASE, "(objectclass=*)", opattrs) print "m2 pwd attrs" print "%s" % m2.getEntry(userdn, ldap.SCOPE_BASE, "(objectclass=*)", opattrs) mymod = [(ldap.MOD_REPLACE, "description", "changed %d" % xx)] m1.modify_s(userdn, mymod) userconn.unbind() print "sleep to let repl propagate . . ." time.sleep(5) print "do a mod to see if replication is still working . . ." mymod = [(ldap.MOD_REPLACE, "description", "changed back")] m1.modify_s(userdn, mymod) time.sleep(5) ent = m2.getEntry(userdn, ldap.SCOPE_BASE) if ent.description == "changed back": print "replication is still working" else: print "replication is not working any longer" sys.exit(1)