def starttest(*args):
dn = "ou=test, dc=example, dc=com"
newrdn = "ou=test2"
dn2 = newrdn + ", dc=example, dc=com"
server = args[0]
print "starting starttest with " + str(server)
while True:
try:
entry = Entry(dn)
entry.setValues('objectclass', 'top', 'organizationalUnit')
entry.setValues('ou', 'test')
server.add_s(entry)
time.sleep(0.100)
except ldap.ALREADY_EXISTS:
pass
except ldap.LDAPError, e:
print "Could not add test entry to server " + str(server), e
raise
try:
server.rename_s(dn, newrdn)
time.sleep(0.050)
except ldap.ALREADY_EXISTS: # replicated from the other server
pass
except ldap.NO_SUCH_OBJECT: # deleted by the other server
pass
except ldap.LDAPError, e:
print "Could not delete test entry from server " + str(server), e
raise
def starttest(*args):
dn = "ou=test, dc=example, dc=com"
newrdn = "ou=test2"
dn2 = newrdn + ", dc=example, dc=com"
server = args[0]
print "starting starttest with " + str(server)
while True:
try:
entry = Entry(dn)
entry.setValues('objectclass', 'top', 'organizationalUnit')
entry.setValues('ou', 'test')
server.add_s(entry)
time.sleep(0.100)
except ldap.ALREADY_EXISTS:
pass
except ldap.LDAPError, e:
print "Could not add test entry to server " + str(server), e
raise
try:
server.rename_s(dn, newrdn)
time.sleep(0.050)
except ldap.ALREADY_EXISTS: # replicated from the other server
pass
except ldap.NO_SUCH_OBJECT: # deleted by the other server
pass
except ldap.LDAPError, e:
print "Could not delete test entry from server " + str(server), e
raise
def doadds(m1):
print "Add %d entries to m1" % len(m1ents)
for ii in m1ents:
dn = "cn=%d,%s" % (ii, basedn)
ent = Entry(dn)
ent.setValues('objectclass', 'person')
ent.setValues('sn', 'testuser')
m1.add_s(ent)
def doadds(m1):
print "Add %d entries to m1" % len(m1ents)
for ii in m1ents:
dn = "cn=%d,%s" % (ii, basedn)
ent = Entry(dn)
ent.setValues('objectclass', 'person')
ent.setValues('sn', 'testuser')
m1.add_s(ent)
def setup_mt(self, suffix, bename, parent=None):
"""Setup a suffix with the given backend-name.
@param suffix
@param bename
@param parent - the parent suffix
@param verbose - None
This method does not create the matching entry in the tree,
nor the given backend. Both should be created apart.
Ex. setup_mt(suffix='o=addressbook1', bename='addressbook1')
creates:
- the mapping in "cn=mapping tree,cn=config"
you have to create:
- the backend
- the ldap entry "o=addressbook1" *after*
"""
nsuffix = normalizeDN(suffix)
#escapedn = escapeDNValue(nsuffix)
if parent:
nparent = normalizeDN(parent)
else:
nparent = ""
filt = suffixfilt(suffix)
# if suffix exists, return
try:
entry = self.conn.getEntry(
DN_MAPPING_TREE, ldap.SCOPE_SUBTREE, filt)
return entry
except NoSuchEntryError:
entry = None
# fix me when we can actually used escaped DNs
#dn = "cn=%s,cn=mapping tree,cn=config" % escapedn
dn = ','.join(('cn="%s"' % nsuffix, DN_MAPPING_TREE))
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject', 'nsMappingTree'],
'nsslapd-state': 'backend',
# the value in the dn has to be DN escaped
# internal code will add the quoted value - unquoted value is useful for searching
'cn': nsuffix,
'nsslapd-backend': bename
})
#entry.setValues('cn', [escapedn, nsuffix]) # the value in the dn has to be DN escaped
# the other value can be the unescaped value
if parent:
entry.setValues('nsslapd-parent-suffix', nparent)
try:
self.log.debug("Creating entry: %r" % entry)
self.conn.add_s(entry)
except ldap.LDAPError, e:
raise ldap.LDAPError("Error adding suffix entry " + dn, e)
def setup_mt(self, suffix, bename, parent=None):
"""Setup a suffix with the given backend-name.
@param suffix
@param bename
@param parent - the parent suffix
@param verbose - None
This method does not create the matching entry in the tree,
nor the given backend. Both should be created apart.
Ex. setup_mt(suffix='o=addressbook1', bename='addressbook1')
creates:
- the mapping in "cn=mapping tree,cn=config"
you have to create:
- the backend
- the ldap entry "o=addressbook1" *after*
"""
nsuffix = normalizeDN(suffix)
#escapedn = escapeDNValue(nsuffix)
if parent:
nparent = normalizeDN(parent)
else:
nparent = ""
filt = suffixfilt(suffix)
# if suffix exists, return
try:
entry = self.conn.getEntry(
DN_MAPPING_TREE, ldap.SCOPE_SUBTREE, filt)
return entry
except NoSuchEntryError:
entry = None
# fix me when we can actually used escaped DNs
#dn = "cn=%s,cn=mapping tree,cn=config" % escapedn
dn = ','.join(('cn="%s"' % nsuffix, DN_MAPPING_TREE))
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject', 'nsMappingTree'],
'nsslapd-state': 'backend',
# the value in the dn has to be DN escaped
# internal code will add the quoted value - unquoted value is useful for searching
'cn': nsuffix,
'nsslapd-backend': bename
})
#entry.setValues('cn', [escapedn, nsuffix]) # the value in the dn has to be DN escaped
# the other value can be the unescaped value
if parent:
entry.setValues('nsslapd-parent-suffix', nparent)
try:
self.log.debug("Creating entry: %r" % entry)
self.conn.add_s(entry)
except ldap.LDAPError, e:
raise ldap.LDAPError("Error adding suffix entry " + dn, e)
def domods(m1):
ii = 0
dn = "cn=%d,%s" % (ii, basedn)
ent = Entry(dn)
ent.setValues('objectclass', 'person')
ent.setValues('sn', 'testuser')
m1.add_s(ent)
print "Do %d mods to m1" % len(m1ents)
for ii in m1ents:
newval = "description" + str(ii)
mod = [(ldap.MOD_REPLACE, 'description', newval)]
m1.modify_s(dn, mod)
def makeADUserEnt(idnum):
id = str(idnum)
userid = 'testuser' + id
cn = 'Test User' + id
dn = 'cn=%s,%s' % (cn, active_user_subtree)
ent = Entry(dn)
ent.setValues('objectclass', aduserObjClasses)
ent.setValues('cn', cn)
ent.setValues('sn', 'User' + id)
ent.setValues('userPrincipalName', '%s@%s' % (userid, realm))
ent.setValues('sAMAccountName', userid)
return ent
def domods(m1):
ii = 0
dn = "cn=%d,%s" % (ii, basedn)
ent = Entry(dn)
ent.setValues('objectclass', 'person')
ent.setValues('sn', 'testuser')
m1.add_s(ent)
print "Do %d mods to m1" % len(m1ents)
for ii in m1ents:
newval = "description" + str(ii)
mod = [(ldap.MOD_REPLACE, 'description', newval)]
m1.modify_s(dn, mod)
def makeADUserEnt(idnum):
id = str(idnum)
userid = 'testuser' + id
cn = 'Test User' + id
dn = 'cn=%s,%s' % (cn, active_user_subtree)
ent = Entry(dn)
ent.setValues('objectclass', aduserObjClasses)
ent.setValues('cn', cn)
ent.setValues('sn', 'User' + id)
ent.setValues('userPrincipalName', '%s@%s' % (userid, realm))
ent.setValues('sAMAccountName', userid)
return ent
def makeADUserEnt():
global idnum
id = str(idnum)
userid = 'testuser' + id
cn = 'Test User' + id
dn = 'cn=%s,%s,%s' % (cn, adusersubtree, suffix)
ent = Entry(dn)
ent.setValues('objectclass', aduserObjClasses)
ent.setValues('cn', cn)
ent.setValues('sn', 'User' + id)
ent.setValues('userPrincipalName', '%s@%s' % (userid, realm))
ent.setValues('sAMAccountName', userid)
idnum += 1
return ent
def makeDSUserEnt():
global idnum
id = str(idnum)
userid = 'testuser' + id
dn = 'uid=%s,%s,%s' % (userid, usersubtree, suffix)
ent = Entry(dn)
ent.setValues('objectclass', userObjClasses)
ent.setValues('cn', 'Test User' + id)
ent.setValues('sn', 'User' + id)
ent.setValues('ou', 'people')
idnum += 1
return ent
def addouent(ds, dn):
pdns = [dn]
while len(pdns) > 0:
dn = pdns.pop()
ent = Entry(dn)
ent.setValues('objectclass', 'organizationalUnit')
try:
ds.add_s(ent)
print "added entry", ent.dn
except ldap.ALREADY_EXISTS:
continue
except ldap.NO_SUCH_OBJECT:
pdns.append(dn)
rdns = ldap.explode_dn(dn)
pdn = ','.join(rdns[1:])
pdns.append(pdn)
except Exception, e:
print "Could not add entry", ent.dn, str(e)
raise e
def addouent(ds,dn):
pdns = [dn]
while len(pdns) > 0:
dn = pdns.pop()
ent = Entry(dn)
ent.setValues('objectclass', 'organizationalUnit')
try:
ds.add_s(ent)
print "added entry", ent.dn
except ldap.ALREADY_EXISTS:
continue
except ldap.NO_SUCH_OBJECT:
pdns.append(dn)
rdns = ldap.explode_dn(dn)
pdn = ','.join(rdns[1:])
pdns.append(pdn)
except Exception, e:
print "Could not add entry", ent.dn, str(e)
raise e
def newEntry(entrycnt, mmx):
userid = "user%d %s" % (entrycnt, mmx)
dn = "uid=%s,ou=people,%s" % (userid, basedn)
ent = Entry(dn)
ent.setValues("objectclass", "inetOrgPerson")
ent.setValues("cn", "Test " + userid)
ent.setValues("sn", userid)
msgid = mmx.add(ent)
return (ent, msgid)
def newEntry(entrycnt, mmx):
userid = "user%d %s" % (entrycnt, mmx)
dn = "uid=%s,ou=people,%s" % (userid, basedn)
ent = Entry(dn)
ent.setValues("objectclass", "inetOrgPerson")
ent.setValues("cn", "Test " + userid)
ent.setValues("sn", userid)
msgid = mmx.add(ent)
return (ent, msgid)
m1.startReplication(agmtm1tom2)
print "repl status after starting"
print m1.getReplStatus(agmtm1tom2)
agmtm2tom1 = m2.setupAgreement(m1, m2replargs)
agmtm1toc1 = m1.setupAgreement(c1, m1replargs)
time.sleep(2)
m1.startReplication(agmtm1toc1)
print "repl status after starting"
print m1.getReplStatus(agmtm1toc1)
agmtm2toc1 = m2.setupAgreement(c1, m2replargs)
print "add entry on m1 . . ."
dn = 'uid=testuser,dc=example,dc=com'
ent = Entry(dn)
ent.setValues('objectclass', 'inetOrgPerson')
ent.setValues('cn', "1")
ent.setValues('sn', 'testuser')
m1.add_s(ent)
time.sleep(2)
print "search for entry on m2 . . ."
ents = m2.search_s(dn, ldap.SCOPE_BASE)
if not ents:
time.sleep(2)
ents = m2.search_s(dn, ldap.SCOPE_BASE)
if not ents:
print "entry not found on m2"
sys.exit(1)
else:
print "entry found on m2"
print "search for entry on c1 . . ."
m2replargs = m1replargs
createargs['newhost'] = host2
createargs['newport'] = port2
createargs['newinst'] = 'm2'
#os.environ['USE_GDB'] = "1"
print "create and setup m2"
m2 = DSAdmin.createInstance(createargs)
#del os.environ['USE_GDB']
os.unlink(cfgfd.name)
print "add entries to each suffix"
for suf in suflist:
ent = Entry(suf)
ent.setValues('objectclass', ['top', 'extensibleObject'])
m1.add_s(ent)
print "setup replication"
replargs = m1replargs
for srv,ii in ((m1, 1),(m2, 2)):
for be,suf in zip(belist,suflist):
replargs['suffix'] = suf
replargs['bename'] = be
replargs['id'] = ii
srv.replicaSetupAll(replargs)
m1agmts = []
m2agmts = []
print "create agreements and init consumers"
for srv,oth,agmts in ((m1, m2, m1agmts),(m2, m1, m2agmts)):
for be,suf in zip(belist,suflist):
srvs.append(m4)
print "create all of the agreements and init the masters"
for mmx in srvs:
for mmy in srvs:
if mmx == mmy: continue
agmtdn = mmx.setupAgreement(mmy, replargs[mmx])
if mmx == m1:
mmx.startReplication(agmtdn)
print mmx.getReplStatus(agmtdn)
print "test to make sure replication is working"
for (ii, mmx) in enumerate(srvs):
dn = "cn=user%d,ou=people,%s" % (ii, basedn)
ent = Entry(dn)
ent.setValues("objectclass", "extensibleObject")
mmx.add_s(ent)
time.sleep(2)
for mmy in srvs:
while True:
try: ents = mmy.search_s(dn, ldap.SCOPE_BASE)
except ldap.NO_SUCH_OBJECT: ents = []
if len(ents) < 1:
print "waiting for", dn, "on", str(mmy)
time.sleep(1)
elif ents[0]:
print "found", dn, "on", str(mmy)
break
mmx.delete_s(dn)
time.sleep(2)
for mmy in srvs:
agmtm1tom2 = m1.setupAgreement(m2, m1replargs)
time.sleep(5)
#m1.setLogLevel(1,8192)
#m2.setLogLevel(1,8192)
m1.startReplication_async(agmtm1tom2)
print "waiting for init to finish"
time.sleep(5)
m1.waitForReplInit(agmtm1tom2)
agmtm2tom1 = m2.setupAgreement(m1, m2replargs)
print "Add a bunch of entries to queue up the changelog . . ."
for ii in xrange(0, 100):
cn = "test user%d" % ii
dn = "cn=%s,ou=people,%s" % (cn, basedn)
ent = Entry(dn)
ent.setValues('objectclass', 'person')
ent.setValues('cn', cn)
ent.setValues('sn', 'user' + str(ii))
m1.add_s(ent)
time.sleep(1)
print "Check replication status - note number of changes sent, in progress . . ."
print m1.getReplStatus(agmtm1tom2)
#print "Pause replication . . ."
#m1.stopReplication(agmtm1tom2)
#time.sleep(1)
#print "Check replication status - note number of changes sent, in progress . . ."
#print m1.getReplStatus(agmtm1tom2)
]
for attr in indexattrs:
m1.addIndex(basedn, attr, ['pres', 'eq', 'sub'])
m2.addIndex(basedn, attr, ['pres', 'eq', 'sub'])
binattr = "userCertificate;binary"
binval = ''.join([chr(ii % 256) for ii in xrange(0, 65536)])
basedn2 = "dc=example2,dc=com"
print "adding another suffix", basedn2
m1.addSuffix(basedn2)
m2.addSuffix(basedn2)
print "add several entries to", basedn2
ent = Entry(basedn2)
ent.setValues('objectclass', 'extensibleObject')
m1.add_s(ent)
m2.add_s(ent)
nusers = 100
print "add", nusers, "users to", basedn2
for ii in xrange(0, nusers):
uid = "user%03d" % ii
dn = "uid=%s,%s" % (uid, basedn2)
ent = Entry(dn)
ent.setValues('objectclass', 'inetOrgPerson')
ent.setValues('sn', 'User%03d' % ii)
ent.setValues('cn', 'Test User%03d' % ii)
ent.setValues(binattr, binval)
m1.add_s(ent)
m2.add_s(ent)
def agreement_add(self, consumer, suffix=None, binddn=None, bindpw=None, cn_format=r'meTo_$host:$port', description_format=r'me to $host:$port', timeout=120, auto_init=False, bindmethod='simple', starttls=False, schedule=ALWAYS, args=None):
"""Create (and return) a replication agreement from self to consumer.
- self is the supplier,
@param consumer: one of the following (consumer can be a master)
* a DSAdmin object if chaining
* an object with attributes: host, port, sslport, __str__
@param suffix - eg. 'dc=babel,dc=it'
@param binddn -
@param bindpw -
@param cn_format - string.Template to format the agreement name
@param timeout - replica timeout in seconds
@param auto_init - start replication immediately
@param bindmethod- 'simple'
@param starttls - True or False
@param schedule - when to schedule the replication. default: ALWAYS
@param args - further args dict. Allowed keys:
'fractional',
'stripattrs',
'winsync'
@raise NosuchEntryError - if a replica doesn't exist for that suffix
@raise ALREADY_EXISTS
@raise UNWILLING_TO_PERFORM if the database was previously
in read-only state. To create new agreements you
need to *restart* the directory server
NOTE: this method doesn't cache connection entries
TODO: test winsync
TODO: test chain
"""
import string
assert binddn and bindpw and suffix
args = args or {}
othhost, othport, othsslport = (
consumer.host, consumer.port, consumer.sslport)
othport = othsslport or othport
nsuffix = normalizeDN(suffix)
# adding agreement to previously created replica
replica_entries = self.list(suffix)
if not replica_entries:
raise NoSuchEntryError(
"Error: no replica set up for suffix " + suffix)
replica = replica_entries[0]
# define agreement entry
cn = string.Template(cn_format).substitute({'host': othhost, 'port': othport})
dn_agreement = ','.join(["cn=%s" % cn, replica.dn])
# This is probably unnecessary because
# we can just raise ALREADY_EXISTS
try:
entry = self.conn.getEntry(dn_agreement, ldap.SCOPE_BASE)
self.log.warn("Agreement exists: %r" % dn_agreement)
raise ldap.ALREADY_EXISTS
except ldap.NO_SUCH_OBJECT:
entry = None
# In a separate function in this scope?
entry = Entry(dn_agreement)
entry.update({
'objectclass': ["top", "nsds5replicationagreement"],
'cn': cn,
'nsds5replicahost': consumer.host,
'nsds5replicatimeout': str(timeout),
'nsds5replicabinddn': binddn,
'nsds5replicacredentials': bindpw,
'nsds5replicabindmethod': bindmethod,
'nsds5replicaroot': nsuffix,
'description': string.Template(description_format).substitute({'host': othhost, 'port': othport})
})
if schedule:
if not re.match(r'\d{4}-\d{4} [0-6]{1,7}', schedule): # TODO put the regexp in a separate variable
raise ValueError("Bad schedule format %r" % schedule)
entry.update({'nsds5replicaupdateschedule': schedule})
if starttls:
entry.setValues('nsds5replicatransportinfo', 'TLS')
entry.setValues('nsds5replicaport', str(othport))
elif othsslport:
entry.setValues('nsds5replicatransportinfo', 'SSL')
entry.setValues('nsds5replicaport', str(othsslport))
else:
entry.setValues('nsds5replicatransportinfo', 'LDAP')
entry.setValues('nsds5replicaport', str(othport))
if auto_init:
entry.setValues('nsds5BeginReplicaRefresh', 'start')
# further arguments
if 'fractional' in args:
entry.setValues('nsDS5ReplicatedAttributeList', args['fractional'])
if 'stripattrs' in args:
entry.setValues('nsds5ReplicaStripAttrs', args['stripattrs'])
if 'winsync' in args: # state it clearly!
self.conn.setupWinSyncAgmt(args, entry)
try:
self.log.debug("Adding replica agreement: [%s]" % entry)
self.conn.add_s(entry)
except:
# FIXME check please!
raise
entry = self.conn.waitForEntry(dn_agreement)
if entry:
# More verbose but shows what's going on
if 'chain' in args:
chain_args = {
'suffix': suffix,
'binddn': binddn,
'bindpw': bindpw
}
# Work on `self` aka producer
if replica.nsds5replicatype == MASTER_TYPE:
self.setupChainingFarm(**chain_args)
# Work on `consumer`
# TODO - is it really required?
if replica.nsds5replicatype == LEAF_TYPE:
chain_args.update({
'isIntermediate': 0,
'urls': self.conn.toLDAPURL(),
'args': args['chainargs']
})
consumer.setupConsumerChainOnUpdate(**chain_args)
elif replica.nsds5replicatype == HUB_TYPE:
chain_args.update({
'isIntermediate': 1,
'urls': self.conn.toLDAPURL(),
'args': args['chainargs']
})
consumer.setupConsumerChainOnUpdate(**chain_args)
return dn_agreement
srv.addAttr("( NAME 'ipaUserDN' DESC 'ipaUserDN' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )")
srv.addObjClass("( NAME 'ipaPosixName' SUP top AUXILIARY MUST posixName MAY ipaUserDN )")
# # enable attr uniqueness for posixName
# dn = "cn=attribute uniqueness,cn=plugins,cn=config"
# mod = [(ldap.MOD_REPLACE, 'pluginarg0', ['posixName']),
# (ldap.MOD_REPLACE, 'nsslapd-pluginarg1', [accountdn])]
# srv.modify_s(dn, mod)
# # stop start for plugin changes to take effect
# srv.stop()
# srv.start()
# add containers
ent = Entry(accountdn)
ent.setValues('objectclass', 'nsContainer')
srv.add_s(ent)
userdn = "cn=users," + accountdn
ent = Entry(userdn)
ent.setValues('objectclass', 'nsContainer')
srv.add_s(ent)
groupdn = "cn=groups," + accountdn
ent = Entry(groupdn)
ent.setValues('objectclass', 'nsContainer')
srv.add_s(ent)
# add CoS
dn = "cn=generatePosixName," + groupdn
ent = Entry(dn)
agmtm1tom2 = m1.setupAgreement(m2, m1replargs)
time.sleep(5)
#m1.setLogLevel(1,8192)
#m2.setLogLevel(1,8192)
m1.startReplication_async(agmtm1tom2)
print "waiting for init to finish"
time.sleep(5)
m1.waitForReplInit(agmtm1tom2)
agmtm2tom1 = m2.setupAgreement(m1, m2replargs)
print "Add a bunch of entries to queue up the changelog . . ."
for ii in xrange(0,100):
cn = "test user%d" % ii
dn = "cn=%s,ou=people,%s" % (cn, basedn)
ent = Entry(dn)
ent.setValues('objectclass', 'person')
ent.setValues('cn', cn)
ent.setValues('sn', 'user' + str(ii))
m1.add_s(ent)
time.sleep(1)
print "Check replication status - note number of changes sent, in progress . . ."
print m1.getReplStatus(agmtm1tom2)
#print "Pause replication . . ."
#m1.stopReplication(agmtm1tom2)
#time.sleep(1)
#print "Check replication status - note number of changes sent, in progress . . ."
#print m1.getReplStatus(agmtm1tom2)
indexattrs = ['description', 'title', 'facsimileTelephoneNumber', 'street', 'postOfficeBox', 'roomNumber', 'postalCode', 'audio', 'departmentNumber', 'employeeNumber', 'homePhone', 'homePostalAddress', 'manager', 'secretary' ]
for attr in indexattrs:
m1.addIndex(basedn, attr, ['pres', 'eq', 'sub'])
m2.addIndex(basedn, attr, ['pres', 'eq', 'sub'])
binattr = "userCertificate;binary"
binval = ''.join([chr(ii % 256) for ii in xrange(0, 65536)])
basedn2 = "dc=example2,dc=com"
print "adding another suffix", basedn2
m1.addSuffix(basedn2)
m2.addSuffix(basedn2)
print "add several entries to", basedn2
ent = Entry(basedn2)
ent.setValues('objectclass', 'extensibleObject')
m1.add_s(ent)
m2.add_s(ent)
nusers = 100
print "add", nusers, "users to", basedn2
for ii in xrange(0, nusers):
uid = "user%03d" % ii
dn = "uid=%s,%s" % (uid, basedn2)
ent = Entry(dn)
ent.setValues('objectclass', 'inetOrgPerson')
ent.setValues('sn', 'User%03d' % ii)
ent.setValues('cn', 'Test User%03d' % ii)
ent.setValues(binattr, binval)
m1.add_s(ent)
m2.add_s(ent)
'userAccountControl': 512 + 65536},
{'description': 'normal, regular AD account disabled, do not expire password',
'userAccountControl': 512 + 2 + 65536}
]
userids_disabled = {}
if useds:
print "Create sub-ou's on the AD side and add users . . ."
ii = 0
dns = ['ou=people,' + suffix,
'ou=1,ou=people,' + suffix, 'ou=2,ou=people,' + suffix,
'ou=11,ou=1,ou=people,' + suffix,
'ou=12,ou=1,ou=people,' + suffix]
for dn in dns:
ent = Entry(dn)
ent.setValues('objectclass', 'organizationalUnit')
try: ad.add_s(ent)
except ldap.ALREADY_EXISTS: pass
print "Add users to", dn
for jj in range(0,5):
strii = str(ii)
userdn = 'cn=Test User' + strii + ',' + dn
ent = Entry(userdn)
userid = 'userid' + strii
ent.setValues('objectclass', ['person', 'adPerson'])
ent.setValues('sn', 'User' + strii)
ent.setValues('samAccountName', userid)
ent.setValues('objectGUID', struct.pack('B', ii))
ent.setValues('name', 'Test User' + strii) # same as cn
kk = ii % len(userAcctVals)
for attr, val in userAcctVals[kk].iteritems():
# ntUser either by the winsync code, or when you want an
# existing IPA user to be synced with AD
userObjClasses = [
'top', 'person', 'organizationalPerson', 'inetOrgPerson'
]
if useds:
print "Create sub-ou's on the AD side and add users . . ."
ii = 0
dns = ['ou=people,' + suffix,
'ou=1,ou=people,' + suffix, 'ou=2,ou=people,' + suffix,
'ou=11,ou=1,ou=people,' + suffix,
'ou=12,ou=1,ou=people,' + suffix]
for dn in dns:
ent = Entry(dn)
ent.setValues('objectclass', 'organizationalUnit')
try: ad.add_s(ent)
except ldap.ALREADY_EXISTS: pass
print "Add users to", dn
for jj in range(0,5):
strii = str(ii)
userdn = 'cn=Test User' + strii + ',' + dn
ent = Entry(userdn)
userid = 'userid' + strii
ent.setValues('objectclass', ['person', 'adPerson'])
ent.setValues('sn', 'User' + strii)
ent.setValues('samAccountName', userid)
ent.setValues('objectGUID', struct.pack('B', ii))
ent.setValues('name', 'Test User' + strii) # same as cn
try: ad.add_s(ent)
except ldap.ALREADY_EXISTS: pass
m1.startReplication(agmtm1tom2)
print "repl status after starting"
print m1.getReplStatus(agmtm1tom2)
agmtm2tom1 = m2.setupAgreement(m1, m2replargs)
agmtm1toc1 = m1.setupAgreement(c1, m1replargs)
time.sleep(2)
m1.startReplication(agmtm1toc1)
print "repl status after starting"
print m1.getReplStatus(agmtm1toc1)
agmtm2toc1 = m2.setupAgreement(c1, m2replargs)
print "add entry on m1 . . ."
dn = 'uid=testuser,dc=example,dc=com'
ent = Entry(dn)
ent.setValues('objectclass', 'inetOrgPerson')
ent.setValues('cn', "1")
ent.setValues('sn', 'testuser')
m1.add_s(ent)
time.sleep(2)
print "search for entry on m2 . . ."
ents = m2.search_s(dn, ldap.SCOPE_BASE)
if not ents:
time.sleep(2)
ents = m2.search_s(dn, ldap.SCOPE_BASE)
if not ents:
print "entry not found on m2"
sys.exit(1)
else:
print "entry found on m2"
print "search for entry on c1 . . ."
m1.startReplication_async(agmtm1tom2)
print "waiting for init to finish"
m1.waitForReplInit(agmtm1tom2)
agmtm2tom1 = m2.setupAgreement(m1, m2replargs)
sys.exit(0)
basedn = "dc=example,dc=com"
nents = 20000
myiter = xrange(0, nents)
for ii in myiter:
dn = "cn=%d, %s" % (ii, basedn)
svr = (m1,m2)[ii % 2]
ent = Entry(dn)
ent.setValues('objectclass', 'person')
ent.setValues('sn', 'testuser')
ent.setValues('description', 'added description')
svr.add_s(ent)
print "Added", dn
print "Sleep for 20 seconds to let changes propagate . . ."
time.sleep(20)
print "Verify all entries are present in both servers . . ."
for ii in myiter:
dn = "cn=%d, %s" % (ii, basedn)
ent = m1.getEntry(dn, ldap.SCOPE_BASE)
if not ent: raise "Entry %s not found in %s" % (dn, m1)
ent = m2.getEntry(dn, ldap.SCOPE_BASE)
if not ent: raise "Entry %s not found in %s" % (dn, m2)
time.sleep(5)
ent = m2.getEntry(userdn, ldap.SCOPE_BASE)
if ent.description == "changed back":
print "replication is still working"
else:
print "replication is not working any longer"
sys.exit(1)
nents = 1000
svrs = (m1, m2)
nsvrs = len(svrs)
print "Add %d entries alternately . . ." % nents
for ii in range(0,nents):
dn = "cn=%d, %s" % (ii, basedn)
ent = Entry(dn)
ent.setValues('objectclass', 'person')
ent.setValues('sn', 'testuser')
svr = svrs[ii % nsvrs]
svr.add_s(ent)
print "Added %s to %s" % (dn, svr)
print "see if all entries are on both servers . . ."
time.sleep(10)
for ii in range(0,nents):
dn = "cn=%d, %s" % (ii, basedn)
try:
ent = m1.getEntry(dn, ldap.SCOPE_BASE)
ent = m2.getEntry(dn, ldap.SCOPE_BASE)
except:
print "Could not read entry", dn
raise
'userAccountControl': 512 + 65536},
{'description': 'normal, regular AD account disabled, do not expire password',
'userAccountControl': 512 + 2 + 65536}
]
userids_disabled = {}
if useds:
print "Create sub-ou's on the AD side and add users . . ."
ii = 0
dns = ['ou=people,' + suffix,
'ou=1,ou=people,' + suffix, 'ou=2,ou=people,' + suffix,
'ou=11,ou=1,ou=people,' + suffix,
'ou=12,ou=1,ou=people,' + suffix]
for dn in dns:
ent = Entry(dn)
ent.setValues('objectclass', 'organizationalUnit')
try: ad.add_s(ent)
except ldap.ALREADY_EXISTS: pass
print "Add users to", dn
for jj in range(0,5):
strii = str(ii)
userdn = 'cn=Test User' + strii + ',' + dn
ent = Entry(userdn)
userid = 'userid' + strii
ent.setValues('objectclass', ['person', 'adPerson'])
ent.setValues('sn', 'User' + strii)
ent.setValues('samAccountName', userid)
ent.setValues('objectGUID', struct.pack('B', ii))
ent.setValues('name', 'Test User' + strii) # same as cn
kk = ii % len(userAcctVals)
for attr, val in userAcctVals[kk].iteritems():
'newsuffix': basedn,
'no_admin': True,
'ConfigFile': [cfgfd.name]
})
os.unlink(cfgfd.name)
initfile = ''
if os.environ.has_key('SERVER_ROOT'):
initfile = "%s/slapd-%s/ldif/Example.ldif" % (ds.sroot,ds.inst)
else:
initfilesrc = "%s/share/dirsrv/data/Example.ldif" % os.environ.get('PREFIX', '/usr')
initfile = "%s/var/lib/dirsrv/slapd-%s/ldif/Example.ldif" % (os.environ.get('PREFIX', ''), 'ds')
shutil.copy(initfilesrc, initfile)
print "importing database"
ds.importLDIF(initfile, '', "userRoot", False)
print "get the list of all users"
ents = ds.search_s(basedn, ldap.SCOPE_SUBTREE, "objectclass=inetorgperson")
for ii in xrange(0, 5):
groupdn = "cn=testgroup%d,ou=groups,%s" % (ii, basedn)
print "add a bunch of users to the group", groupdn
ent = Entry(groupdn)
ent.setValues('objectclass', 'groupOfNames')
ent.setValues('member', [ee.dn for ee in ents])
ds.add_s(ent)
#print "delete some users"
#for ent in ents:
# print "deleting user", ent.dn
# ds.delete_s(ent.dn)
os.environ['USE_GDB'] = "1"
farm = DSAdmin.createInstance({
'newrootpw': rootpw2,
'newhost': host2,
'newport': port2,
'newinst': 'farm',
'newsuffix': 'dc=notused',
'no_admin': True
})
# add the suffix
farm.addSuffix(suffix)
# add the suffix entry
dn = suffix
ent = Entry(dn)
ent.setValues('objectclass', 'domain')
farm.add_s(ent)
# setup chaining
mux.setupChaining(farm, suffix, False)
# add an administrative user on the mux
admindn = 'uid=ttestuser,cn=config'
adminpw = "adminpw"
ent = Entry(admindn)
ent.setValues('objectclass', 'inetOrgPerson')
ent.setValues('cn', 'Chain Admin User')
ent.setValues('sn', 'Chain')
ent.setValues('givenName', 'Admin User')
ent.setValues('userPassword', "adminpw")
mux.add_s(ent)
os.environ['USE_GDB'] = "1"
farm = DSAdmin.createInstance({
'newrootpw': rootpw2,
'newhost': host2,
'newport': port2,
'newinst': 'farm',
'newsuffix': 'dc=notused',
'no_admin': True
})
# add the suffix
farm.addSuffix(suffix)
# add the suffix entry
dn = suffix
ent = Entry(dn)
ent.setValues('objectclass', 'domain')
farm.add_s(ent)
# setup chaining
mux.setupChaining(farm, suffix, False)
# add an administrative user on the mux
admindn = 'uid=ttestuser,cn=config'
adminpw = "adminpw"
ent = Entry(admindn)
ent.setValues('objectclass', 'inetOrgPerson')
ent.setValues('cn', 'Chain Admin User')
ent.setValues('sn', 'Chain')
ent.setValues('givenName', 'Admin User')
ent.setValues('userPassword', "adminpw")
mux.add_s(ent)
'userAccountControl': 512 + 65536},
{'description': 'normal, regular AD account disabled, do not expire password',
'userAccountControl': 512 + 2 + 65536}
]
userids_disabled = {}
if useds:
print "Create sub-ou's on the AD side and add users . . ."
ii = 0
dns = ['ou=people,' + suffix,
'ou=1,ou=people,' + suffix, 'ou=2,ou=people,' + suffix,
'ou=11,ou=1,ou=people,' + suffix,
'ou=12,ou=1,ou=people,' + suffix]
for dn in dns:
ent = Entry(dn)
ent.setValues('objectclass', 'organizationalUnit')
try: ad.add_s(ent)
except ldap.ALREADY_EXISTS: pass
print "Add users to", dn
for jj in range(0,5):
strii = str(ii)
userdn = 'cn=Test User' + strii + ',' + dn
ent = Entry(userdn)
userid = 'userid' + strii
ent.setValues('objectclass', ['person', 'adPerson'])
ent.setValues('sn', 'User' + strii)
ent.setValues('samAccountName', userid)
ent.setValues('objectGUID', struct.pack('B', ii))
ent.setValues('name', 'Test User' + strii) # same as cn
kk = ii % len(userAcctVals)
for attr, val in userAcctVals[kk].iteritems():
srvs.append(m4)
print "create all of the agreements and init the masters"
for mmx in srvs:
for mmy in srvs:
if mmx == mmy: continue
agmtdn = mmx.setupAgreement(mmy, replargs[mmx])
if mmx == m1:
mmx.startReplication(agmtdn)
print mmx.getReplStatus(agmtdn)
print "test to make sure replication is working"
for (ii, mmx) in enumerate(srvs):
dn = "cn=user%d,ou=people,%s" % (ii, basedn)
ent = Entry(dn)
ent.setValues("objectclass", "extensibleObject")
mmx.add_s(ent)
time.sleep(2)
for mmy in srvs:
while True:
try:
ents = mmy.search_s(dn, ldap.SCOPE_BASE)
except ldap.NO_SUCH_OBJECT:
ents = []
if len(ents) < 1:
print "waiting for", dn, "on", str(mmy)
time.sleep(1)
elif ents[0]:
print "found", dn, "on", str(mmy)
break
mmx.delete_s(dn)
def makeDSUserEnt():
global idnum
id = str(idnum)
userid = 'testuser' + id
dn = 'uid=%s,%s,%s' % (userid, usersubtree, suffix)
ent = Entry(dn)
ent.setValues('objectclass', userObjClasses)
ent.setValues('cn', 'Test User' + id)
ent.setValues('sn', 'User' + id)
ent.setValues('userPassword', 'Password' + id)
if ipawinsync:
ent.setValues('krbPrincipalName', '%s@%s' % (userid, realm))
ent.setValues('uidNumber', str(500+idnum))
ent.setValues('gidNumber', '1002')
ent.setValues('homeDirectory', '/home/' + userid)
if jj % 2:
ent.setValues('description', 'User added disabled to DS')
else:
ent.setValues('description', 'User added enabled to DS')
idnum += 1
return ent
m1.startReplication(agmtm1tom2)
print "repl status after starting"
print m1.getReplStatus(agmtm1tom2)
agmtm2tom1 = m2.setupAgreement(m1, m2replargs)
agmtm1toc1 = m1.setupAgreement(c1, m1replargs)
time.sleep(2)
m1.startReplication(agmtm1toc1)
print "repl status after starting"
print m1.getReplStatus(agmtm1toc1)
agmtm2toc1 = m2.setupAgreement(c1, m2replargs)
print "add entry on m1 . . ."
dn = "uid=testuser,dc=example,dc=com"
ent = Entry(dn)
ent.setValues("objectclass", "inetOrgPerson")
ent.setValues("cn", "1")
ent.setValues("sn", "testuser")
m1.add_s(ent)
time.sleep(2)
print "search for entry on m2 . . ."
ents = m2.search_s(dn, ldap.SCOPE_BASE)
if not ents:
time.sleep(2)
ents = m2.search_s(dn, ldap.SCOPE_BASE)
if not ents:
print "entry not found on m2"
sys.exit(1)
else:
print "entry found on m2"
print "search for entry on c1 . . ."
filt = '(objectclass=*)'
os.environ['USE_VALGRIND'] = "1"
m1 = DSAdmin.createInstance({
'newrootpw': rootpw1,
'newhost': host1,
'newport': port1,
'newinst': 'm1',
'newsuffix': suffix,
'verbose': False,
'no_admin': True
})
dn = "ou=virtualviews," + suffix
ent = Entry(dn)
ent.setValues('objectclass', 'organizationalUnit')
print "Create view ou", dn
m1.add_s(ent)
mod = [(ldap.MOD_REPLACE, 'objectclass',
['top', 'organizationalUnit', 'nsView'])]
print "add nsview to", dn
m1.modify_s(dn, mod)
dn = "ou=LPP,ou=VirtualViews," + suffix
ent = Entry(dn)
ent.setValues('objectclass', 'organizationalUnit', 'nsView')
ent.setValues('nsViewFilter',
"(ou=ou=lpp,ou=lab,ou=organisation," + suffix + ")")
ent.setValues('description', 'Test LPP')
print "Create view ou", dn
ents = srv.getBackendsForSuffix(base2)
for ent in ents:
srv.modify_s(ent.dn, mod)
srv.stop(True)
#os.environ["USE_GDB"] = "1"
srv.start(True)
msgid1 = srv.search(basedn, ldap.SCOPE_SUBTREE, "objectclass=*")
taskdns = []
for (bename, fn) in zip(benames, initfiles):
outfile = fn + ".out"
cn = "export" + str(int(time.time())) + "-" + bename
taskdn = "cn=%s,cn=export,cn=tasks,cn=config" % cn
entry = Entry(taskdn)
entry.setValues('objectclass', 'top', 'extensibleObject')
entry.setValues('cn', cn)
entry.setValues('nsFilename', outfile)
entry.setValues('nsInstance', bename)
srv.add_s(entry)
taskdns.append(taskdn)
msgid2 = srv.search(basedn, ldap.SCOPE_SUBTREE, "objectclass=*")
attrlist = ['nsTaskLog', 'nsTaskStatus', 'nsTaskExitCode', 'nsTaskCurrentItem', 'nsTaskTotalItems']
for taskdn in taskdns:
try:
entry = srv.getEntry(taskdn, ldap.SCOPE_BASE, "(objectclass=*)", attrlist)
print entry
except ldap.NO_SUCH_OBJECT:
print "no task for", taskdn
port2 = 389
rootdn1 = "cn=directory manager"
rootpw1 = 'secret12'
rootdn2 = "cn=directory manager"
rootpw2 = 'secret12'
mux = DSAdmin(host1, port1, rootdn1, rootpw1)
farm = DSAdmin(host2, port2, rootdn2, rootpw2)
suffix = 'dc=chaintest'
# add the suffix
farm.addSuffix(suffix)
# add the suffix entry
dn = suffix
ent = Entry(dn)
ent.setValues('objectclass', 'domain')
farm.add_s(ent)
# setup chaining
mux.setupChaining(farm, suffix, False)
# add ctuser on farm
dn = 'uid=ctuser,' + suffix
ent = Entry(dn)
ent.setValues('objectclass', 'inetOrgPerson')
ent.setValues('cn', 'Chain Testuser')
ent.setValues('sn', 'Testuser')
ent.setValues('givenName', 'Chain')
farm.add_s(ent)
#del os.environ['USE_DBX']
initfile = ''
if os.environ.has_key('SERVER_ROOT'):
initfile = "%s/slapd-%s/ldif/Example.ldif" % (m1.sroot, m1.inst)
else:
initfile = "%s/share/dirsrv/data/Example.ldif" % os.environ.get(
'PREFIX', '/usr')
m1.importLDIF(initfile, '', "userRoot", True)
#m1.setLogLevel(65535)
print "Add the filtered group entry with bogus filter"
dn = "cn=TestDynamicGroup,dc=example,dc=com"
ent = Entry(dn)
ent.setValues('description', "Dynamic test group")
ent.setValues('objectclass', 'top', 'groupofuniquenames', 'groupofurls')
ent.setValues(
'memberurl',
'ldap:///dc=example,dc=com??sub?(&(objectclass=person)(uid=scart*)')
#ent.cn = 'TestDynamicGroup'
m1.add_s(ent)
print "Add the bogus aci for that group"
addmod = [(
ldap.MOD_REPLACE, 'aci',
'(targetattr = "*") (version 3.0;acl "Test Crash ACL";allow (all)(groupdn = "ldap:///cn=TestDynamicGroup,dc=example,dc=com");)'
)]
m1.modify_s("dc=example,dc=com", addmod)
#m1.setLogLevel(0)
initfile = "%s/slapd-%s/ldif/Example.ldif" % (m1.sroot,m1.inst)
else:
initfile = "%s/share/dirsrv/data/Example.ldif" % os.environ.get('PREFIX', '/usr')
m1.importLDIF(initfile, '', "userRoot", True)
print "create agreements and init consumers . . ."
agmtm1tom2 = m1.setupAgreement(m2, m1replargs)
agmtm2tom1 = m2.setupAgreement(m1, m2replargs)
print "starting replication . . ."
m1.startReplication(agmtm1tom2)
print "Replication started"
print "add a ou=Clovis entry"
dn = "ou=Clovis,dc=example,dc=com"
ent = Entry(dn)
ent.setValues('objectclass', 'top', 'organizationalUnit', 'nsView')
ent.setValues('nsviewfilter', '(l=Clovis)')
m1.add_s(ent)
m2.waitForEntry(ent)
print "add a ou=Finance entry"
dn = "ou=Finance,ou=Clovis,dc=example,dc=com"
ent = Entry(dn)
ent.setValues('objectclass', 'top', 'organizationalUnit', 'nsView')
ent.setValues('nsviewfilter', '(departmentNumber=finance)')
m1.add_s(ent)
m2.waitForEntry(ent)
print "Delete ou=Finance"
def makeDSUserEnt(idnum):
id = str(idnum)
userid = 'testuser' + id
dn = 'uid=%s,%s,%s,%s' % (userid, active_user_cont, usersubtree, suffix)
ent = Entry(dn)
ent.setValues('objectclass', userObjClasses)
ent.setValues('cn', 'Test User' + id)
ent.setValues('sn', 'User' + id)
ent.setValues('uid', userid)
ent.setValues('userPassword', 'Password' + id)
ent.setValues('ntUserDomainId', userid)
ent.setValues('userPassword', 'Ornette1')
if ipawinsync:
ent.setValues('krbPrincipalName', '%s@%s' % (userid, realm))
ent.setValues('uidNumber', str(500+idnum))
ent.setValues('gidNumber', '1002')
ent.setValues('homeDirectory', '/home/' + userid)
if idnum % 2:
ent.setValues('description', 'User added disabled to DS')
ent.setValues('nsAccountLock', 'TRUE')
else:
ent.setValues('description', 'User added enabled to DS')
else:
ent.setValues('description', 'User added to DS')
ent.setValues('ntUserCreateNewAccount', 'TRUE')
ent.setValues('ntUserDeleteAccount', 'TRUE')
return ent
})
#del os.environ['USE_GDB']
val1 = 'PRC (China)Limited company'
val2 = 'PRC (China) Limited company'
rdn1 = "ou=" + val1
rdn2 = "ou=" + val2
filt1 = '(ou=*\\28China\\29Limited*)'
filt2 = '(ou=*\\28China\\29*)'
filt3 = '(businessCategory=*\\29Limited*)'
dn1 = rdn1 + "," + basedn
dn2 = rdn2 + "," + basedn
ent = Entry(dn1)
ent.setValues('objectclass', 'extensibleObject')
ent.setValues('businessCategory', val1)
srv.add_s(ent)
ent = Entry(dn2)
ent.setValues('objectclass', 'extensibleObject')
ent.setValues('businessCategory', val2)
srv.add_s(ent)
ents = srv.search_s(basedn, ldap.SCOPE_SUBTREE, filt1)
print "filter", filt1, "returns the following"
for ent in ents:
print ent
ents = srv.search_s(basedn, ldap.SCOPE_SUBTREE, filt2)
print "filter", filt2, "returns the following"
agmtm2tom1 = m2.setupAgreement(m1, m2replargs)
# the attribute value must be larger
# than 1024 * 32 bytes in order to
# trigger the clcache buffer resize
size = 1024 * 32 + 1
val1 = "description1" + ("#" * size)
val2 = "description1" + ("#" * size)
nents = 2
print "Add %d entries alternately . . ." % nents
svrs = (m1, m2)
vals = (val1, val2)
nsvrs = len(svrs)
for ii in range(0, nents):
dn = "cn=%d, %s" % (ii, suffix)
ent = Entry(dn)
ent.setValues('objectclass', 'person')
ent.setValues('sn', 'testuser')
ent.setValues('description', vals[ii % nsvrs])
svr = svrs[ii % nsvrs]
svr.add_s(ent)
print "Added %s to %s" % (dn, svr)
print "see if all entries are on both servers . . ."
time.sleep(5)
for ii in range(0, nents):
dn = "cn=%d, %s" % (ii, suffix)
ent = m1.getEntry(dn, ldap.SCOPE_BASE)
ent = m2.getEntry(dn, ldap.SCOPE_BASE)
'normal, regular AD account disabled, do not expire password',
'userAccountControl': 512 + 2 + 65536
}]
userids_disabled = {}
if useds:
print "Create sub-ou's on the AD side and add users . . ."
ii = 0
dns = [
'ou=people,' + suffix, 'ou=1,ou=people,' + suffix,
'ou=2,ou=people,' + suffix, 'ou=11,ou=1,ou=people,' + suffix,
'ou=12,ou=1,ou=people,' + suffix
]
for dn in dns:
ent = Entry(dn)
ent.setValues('objectclass', 'organizationalUnit')
try:
ad.add_s(ent)
except ldap.ALREADY_EXISTS:
pass
print "Add users to", dn
for jj in range(0, 5):
strii = str(ii)
userdn = 'cn=Test User' + strii + ',' + dn
ent = Entry(userdn)
userid = 'userid' + strii
ent.setValues('objectclass', ['person', 'adPerson'])
ent.setValues('sn', 'User' + strii)
ent.setValues('samAccountName', userid)
ent.setValues('objectGUID', struct.pack('B', ii))
ent.setValues('name', 'Test User' + strii) # same as cn
rootpw = "password"
basedn = 'dc=example,dc=com'
newinst = 'ds'
os.environ['USE_VALGRIND'] = "1"
srv = DSAdmin.createInstance({
'newrootpw': rootpw,
'newhost': host1,
'newport': port1,
'newinst': newinst,
'newsuffix': basedn,
'no_admin': True
})
print "turn on syntax checking and trivial words checking"
attr = "passwordCheckSyntax"
mod = [(ldap.MOD_REPLACE, attr, "on")]
srv.modify_s("cn=config", mod)
print "add a user with a password"
dn = "uid=scarter,dc=example,dc=com"
bindpw = "SPrain12"
ent = Entry(dn)
ent.setValues('objectclass', 'inetOrgPerson')
ent.setValues('cn', 'Sam Carter')
ent.setValues('sn', 'Carter')
ent.setValues('givenName', 'Sam')
ent.setValues('userPassword', bindpw)
srv.add_s(ent)
def test_update_complex(self):
# compare two entries created with different methods
nsuffix, replid, replicatype = "dc=example,dc=com", 5, dsadmin.REPLICA_RDWR_TYPE
binddnlist, legacy = ['uid=pippo, cn=config'], 'off'
dn = "dc=example,dc=com"
entry = Entry(dn)
entry.setValues(
'objectclass', "top", "nsds5replica", "extensibleobject")
entry.setValues('cn', "replica")
entry.setValues('nsds5replicaroot', nsuffix)
entry.setValues('nsds5replicaid', str(replid))
entry.setValues('nsds5replicatype', str(replicatype))
entry.setValues('nsds5flags', "1")
entry.setValues('nsds5replicabinddn', binddnlist)
entry.setValues('nsds5replicalegacyconsumer', legacy)
uentry = Entry((
dn, {
'objectclass': ["top", "nsds5replica", "extensibleobject"],
'cn': ["replica"],
})
)
print uentry
# Entry.update *replaces*, so be careful with multi-valued attrs
uentry.update({
'nsds5replicaroot': nsuffix,
'nsds5replicaid': str(replid),
'nsds5replicatype': str(replicatype),
'nsds5flags': '1',
'nsds5replicabinddn': binddnlist,
'nsds5replicalegacyconsumer': legacy
})
uentry_s, entry_s = map(str, (uentry, entry))
assert uentry_s == entry_s, "Mismatching entries [%r] vs [%r]" % (
uentry, entry)
