external-software/github_OpenIdentityPlatform_OpenDJ.git

parent: a0399607 | patch | commit | show whitespace

LDAP PTA tests refactor common parts and test for multiple auth policies

Gary Williams

28.34.2011 4a84a26b9d18d198936fb713e94ffcc2191f7757

LDAP PTA tests refactor common parts and test for multiple auth policies

4 files modified

	opends/tests/staf-tests/functional-tests/testcases/pta/basic/pta_basic.xml	1 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/staf-tests/functional-tests/testcases/pta/basic/pta_basic_postamble.xml	101 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/staf-tests/functional-tests/testcases/pta/basic/pta_basic_tests.xml	1465 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/staf-tests/functional-tests/testcases/pta/pta_setup.xml	20 ●●●●● patch \| view \| raw \| blame \| history

 opends/tests/staf-tests/functional-tests/testcases/pta/basic/pta_basic.xml

@@ -92,6 +92,7 @@
                  testsList.append('basic_pta_010')
                  testsList.append('basic_pta_011')
                  testsList.append('basic_pta_012')
                  testsList.append('basic_pta_013')
                </script>

                <!-- Execute the Tests -->

 opends/tests/staf-tests/functional-tests/testcases/pta/basic/pta_basic_postamble.xml

@@ -29,19 +29,35 @@

  <function name="pta_postamble1">
    <function-prolog>
      Performs postamble for PTA tests
      Performs postamble for multi-user/policy PTA tests
    </function-prolog>
    <function-no-args />
    <function-map-args>
      <function-arg-def name="userNamePswd" type="required">
        <function-arg-description>
          Dictionary of user names (dn) and passwords.
        </function-arg-description>
        <function-arg-property name="type" value="Dictionary"/>
      </function-arg-def>
    </function-map-args>
    <sequence>

      <call function="'testStep'">
        { 'stepMessage' : 'Delete ds-pwp-password-policy-dn from users entry.' }
      </call>

      <iterate var="remotePTAuserName"
               in="userNamePswd.keys()" 
               indexvar="usernum">
        <sequence>
          
      <script>
            myldapPtaPolicyName = userNamePswd[remotePTAuserName][1]
            myldapPtaPolicyDn   = 'cn=%s,cn=Password Policies,cn=config' \
                                    % myldapPtaPolicyName
    
        ldapObject=[]
        ldapObject.append('ds-pwp-password-policy-dn: %s' \
                            % ldapPtaPolicyDn)
                                % myldapPtaPolicyDn)
      </script>

      <call function="'modifyAnAttribute'">
@@ -58,13 +74,26 @@
        }
      </call>

        </sequence>
      
      </iterate>

      <call function="'testStep'">
        { 'stepMessage' : 'Remove LDAP PTA Authentication Policy.' }
      </call>

      <iterate var="remotePTAuserName"
               in="userNamePswd.keys()" 
               indexvar="usernum">
        <sequence>
          
      <script>
            #myldapPtaPolicyName = 'LDAP PTA %s' % usernum
            myldapPtaPolicyName = userNamePswd[remotePTAuserName][1]
            myldapPtaPolicyDn   = 'cn=%s,cn=Password Policies,cn=config' % myldapPtaPolicyName

        options=[]
        options.append('--policy-name "%s"' % ldapPtaPolicyName)
            options.append('--policy-name "%s"' % myldapPtaPolicyName)
        dsconfigOptions=' '.join(options)
      </script>

@@ -81,6 +110,8 @@
        }
      </call>
    </sequence>
      </iterate>
    </sequence>
  </function>

  <function name="pta_postamble2">
@@ -117,66 +148,4 @@
    </sequence>
  </function>
  
  <function name="pta_postamble3">
    <function-prolog>
      Performs postamble for multi-user PTA tests
    </function-prolog>
    <function-no-args />
    <sequence>

      <call function="'testStep'">
        { 'stepMessage' : 'Delete ds-pwp-password-policy-dn from users entry.' }
      </call>

      <script>
        ldapObject=[]
        ldapObject.append('ds-pwp-password-policy-dn: %s' \
                            % ldapPtaPolicyDn)
      </script>

      <iterate var="remotePTAuserName"
               in="remotePTAuserDict.keys()" 
               indexvar="usernum">
              
        <call function="'modifyAnAttribute'">
          { 'location'        : local_ldap_server.getHostname(),
            'dsPath'                 : '%s/%s' \
                                       % (local_ldap_server.getDir(),OPENDSNAME),
            'dsInstanceHost'  : local_ldap_server.getHostname() ,
            'dsInstancePort'  : local_ldap_server.getPort(),
            'dsInstanceDn'    : local_ldap_server.getRootDn(),
            'dsInstancePswd'  : local_ldap_server.getRootPwd(),
            'DNToModify'      : remotePTAuserName ,
            'listAttributes'  : ldapObject ,
            'changetype'      : 'delete'
          }
        </call>
      
      </iterate>

      <call function="'testStep'">
        { 'stepMessage' : 'Remove LDAP PTA Authentication Policy.' }
      </call>

      <script>
        options=[]
        options.append('--policy-name "%s"' % ldapPtaPolicyName)
        dsconfigOptions=' '.join(options)
      </script>

      <call function="'dsconfig'">
        { 'location'            : local_ldap_server.getHostname(),
          'dsPath'              : '%s/%s' \
                                   % (local_ldap_server.getDir(),OPENDSNAME),
          'dsInstanceHost'      : local_ldap_server.getHostname(),
          'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
          'dsInstanceDn'        : local_ldap_server.getRootDn(),
          'dsInstancePswd'      : local_ldap_server.getRootPwd(),
          'subcommand'          : 'delete-password-policy',
          'optionsString'       : dsconfigOptions
        }
      </call>
    </sequence>
  </function>

</stax>

 opends/tests/staf-tests/functional-tests/testcases/pta/basic/pta_basic_tests.xml

@@ -82,6 +82,9 @@
            </call>

            <script>
              userDNsAndPswds={}
              userDNsAndPswds['uid=jwallace, ou=People, dc=AD,dc=com'] = ['linear',ldapPtaPolicyName]

              options=[]
              options.append('--backend-name "AD"')
              options.append('--set enabled:true')
@@ -111,127 +114,11 @@
              options.append('--set mapping-policy:unmapped')
              options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
              options.append('--type ldap-pass-through')
              options.append('--policy-name "%s"' % ldapPtaPolicyName)
              dsconfigOptions=' '.join(options)
            </script>

            <call function="'dsconfig'">
              { 'location'            : local_ldap_server.getHostname(),
                'dsPath'              : '%s/%s' \
                                         % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'      : local_ldap_server.getHostname(),
                'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
                'dsInstanceDn'        : local_ldap_server.getRootDn(),
                'dsInstancePswd'      : local_ldap_server.getRootPwd(),
                'subcommand'          : 'create-password-policy',
                'optionsString'       : dsconfigOptions
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Read back the "authentication policy" object.' }
            </call>

            <script>
              options=[]
              options.append('--policy-name "%s"' % ldapPtaPolicyName)
              dsconfigOptions=' '.join(options)
            </script>

            <call function="'dsconfig'">
              { 'location'            : local_ldap_server.getHostname(),
                'dsPath'              : '%s/%s' \
                                         % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'      : local_ldap_server.getHostname(),
                'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
                'dsInstanceDn'        : local_ldap_server.getRootDn(),
                'dsInstancePswd'      : local_ldap_server.getRootPwd(),
                'subcommand'          : 'get-password-policy-prop',
                'optionsString'       : dsconfigOptions
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Add ds-pwp-password-policy-dn to users entry.' }
            </call>

            <script>
              remotePTAuserName='uid=jwallace, ou=People, dc=AD,dc=com'
              remotePTAuserPSWD='linear'
              ldapObject=[]
              ldapObject.append('ds-pwp-password-policy-dn: %s' \
                                  % ldapPtaPolicyDn)
           </script>

            <call function="'modifyAnAttribute'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : local_ldap_server.getRootDn(),
                'dsInstancePswd'  : local_ldap_server.getRootPwd(),
                'DNToModify'      : remotePTAuserName ,
                'listAttributes'  : ldapObject ,
                'changetype'      : 'add'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Search users entry as Directory Manager for operational attributes.' }
            </call>

            <call function="'ldapSearchWithScript'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : local_ldap_server.getRootDn(),
                'dsInstancePswd'  : local_ldap_server.getRootPwd(),
                'dsBaseDN'        : remotePTAuserName ,
                'dsFilter'        : 'objectclass=*' ,
                'dsAttributes'    : '+'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Search users entry as self.' }
            </call>

            <call function="'ldapSearchWithScript'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : remotePTAuserName,
                'dsInstancePswd'  : remotePTAuserPSWD ,
                'dsBaseDN'        : remotePTAuserName ,
                'dsFilter'        : 'objectclass=*'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Modify the users entry.' }
            </call>

            <script>
              ldapObject=[]
              ldapObject.append('description: i am now a remote LDAP PTA user')
           </script>

            <call function="'modifyAnAttribute'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : remotePTAuserName,
                'dsInstancePswd'  : remotePTAuserPSWD,
                'DNToModify'      : remotePTAuserName ,
                'listAttributes'  : ldapObject ,
                'changetype'      : 'replace'
            <call function="'pta_test_body1'">
              { 'userNamePswd'       : userDNsAndPswds ,
                'dsconfigAuthPolicy' : options
              }
            </call>
                        
@@ -244,7 +131,9 @@
          </catch>
          <finally>
            <sequence>
              <call function="'pta_postamble1'"/>
              <call function="'pta_postamble1'">
                { 'userNamePswd' : userDNsAndPswds }
              </call>
              <call function="'pta_postamble2'"/>
              <call function="'testCase_Postamble'"/>
            </sequence>
@@ -280,137 +169,24 @@
            </message>

            <call function="'testStep'">
              { 'stepMessage' : 'onfigure LDAP PTA Policy for mapped-bind.' }
              { 'stepMessage' : 'Configure LDAP PTA Policy for mapped-bind.' }
            </call>

            <script>
              userDNsAndPswds={}
              userDNsAndPswds['uid=jmcFarla, ou=People, o=example'] = ['walnut',ldapPtaPolicyName]

              options=[]
              options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
              options.append('--set mapped-attribute:seealso')
              options.append('--set mapping-policy:mapped-bind')
              options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
              options.append('--type ldap-pass-through')
              options.append('--policy-name "%s"' % ldapPtaPolicyName)
              dsconfigOptions=' '.join(options)
            </script>

            <call function="'dsconfig'">
              { 'location'            : local_ldap_server.getHostname(),
                'dsPath'              : '%s/%s' \
                                         % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'      : local_ldap_server.getHostname(),
                'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
                'dsInstanceDn'        : local_ldap_server.getRootDn(),
                'dsInstancePswd'      : local_ldap_server.getRootPwd(),
                'subcommand'          : 'create-password-policy',
                'optionsString'       : dsconfigOptions
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Read back the "authentication policy" object.' }
            </call>

            <script>
              options=[]
              options.append('--policy-name "%s"' % ldapPtaPolicyName)
              dsconfigOptions=' '.join(options)
            </script>

            <call function="'dsconfig'">
              { 'location'            : local_ldap_server.getHostname(),
                'dsPath'              : '%s/%s' \
                                         % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'      : local_ldap_server.getHostname(),
                'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
                'dsInstanceDn'        : local_ldap_server.getRootDn(),
                'dsInstancePswd'      : local_ldap_server.getRootPwd(),
                'subcommand'          : 'get-password-policy-prop',
                'optionsString'       : dsconfigOptions
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Add ds-pwp-password-policy-dn to users entry.' }
            </call>

            <script>
              remotePTAuserName='uid=jmcFarla, ou=People, o=example'
              remotePTAuserPSWD='walnut'
              ldapObject=[]
              ldapObject.append('ds-pwp-password-policy-dn: %s' \
                                  % ldapPtaPolicyDn)
           </script>

            <call function="'modifyAnAttribute'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : local_ldap_server.getRootDn(),
                'dsInstancePswd'  : local_ldap_server.getRootPwd(),
                'DNToModify'      : remotePTAuserName ,
                'listAttributes'  : ldapObject ,
                'changetype'      : 'add'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Search users entry as Directory Manager for operational attributes.' }
            </call>

            <call function="'ldapSearchWithScript'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : local_ldap_server.getRootDn(),
                'dsInstancePswd'  : local_ldap_server.getRootPwd(),
                'dsBaseDN'        : remotePTAuserName ,
                'dsFilter'        : 'objectclass=*' ,
                'dsAttributes'    : '+'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Search users entry as self.' }
            </call>

            <call function="'ldapSearchWithScript'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : remotePTAuserName,
                'dsInstancePswd'  : remotePTAuserPSWD ,
                'dsBaseDN'        : remotePTAuserName ,
                'dsFilter'        : 'objectclass=*'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Modify the users entry.' }
            </call>

            <script>
              ldapObject=[]
              ldapObject.append('description: i am now a remote LDAP PTA user')
           </script>

            <call function="'modifyAnAttribute'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : remotePTAuserName,
                'dsInstancePswd'  : remotePTAuserPSWD,
                'DNToModify'      : remotePTAuserName ,
                'listAttributes'  : ldapObject ,
                'changetype'      : 'replace'
            <call function="'pta_test_body1'">
              { 'userNamePswd'       : userDNsAndPswds ,
                'dsconfigAuthPolicy' : options
              }
            </call>
                        
@@ -423,7 +199,9 @@
          </catch>
          <finally>
            <sequence>
              <call function="'pta_postamble1'"/>
              <call function="'pta_postamble1'">
                { 'userNamePswd' : userDNsAndPswds }
              </call>
              <call function="'testCase_Postamble'"/>
            </sequence>
          </finally>
@@ -462,6 +240,9 @@
            </call>

            <script>
              userDNsAndPswds={}
              userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]

              options=[]
              options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
              options.append('--set mapped-attribute:cn')
@@ -469,127 +250,11 @@
              options.append('--set mapping-policy:mapped-search')
              options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
              options.append('--type ldap-pass-through')
              options.append('--policy-name "%s"' % ldapPtaPolicyName)
              dsconfigOptions=' '.join(options)
            </script>

            <call function="'dsconfig'">
              { 'location'            : local_ldap_server.getHostname(),
                'dsPath'              : '%s/%s' \
                                         % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'      : local_ldap_server.getHostname(),
                'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
                'dsInstanceDn'        : local_ldap_server.getRootDn(),
                'dsInstancePswd'      : local_ldap_server.getRootPwd(),
                'subcommand'          : 'create-password-policy',
                'optionsString'       : dsconfigOptions
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Read back the "authentication policy" object.' }
            </call>

            <script>
              options=[]
              options.append('--policy-name "%s"' % ldapPtaPolicyName)
              dsconfigOptions=' '.join(options)
            </script>

            <call function="'dsconfig'">
              { 'location'            : local_ldap_server.getHostname(),
                'dsPath'              : '%s/%s' \
                                         % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'      : local_ldap_server.getHostname(),
                'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
                'dsInstanceDn'        : local_ldap_server.getRootDn(),
                'dsInstancePswd'      : local_ldap_server.getRootPwd(),
                'subcommand'          : 'get-password-policy-prop',
                'optionsString'       : dsconfigOptions
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Add ds-pwp-password-policy-dn to users entry.' }
            </call>

            <script>
              remotePTAuserName='uid=jvedder, ou=People, o=example'
              remotePTAuserPSWD='befitting'
              ldapObject=[]
              ldapObject.append('ds-pwp-password-policy-dn: %s' \
                                  % ldapPtaPolicyDn)
           </script>

            <call function="'modifyAnAttribute'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : local_ldap_server.getRootDn(),
                'dsInstancePswd'  : local_ldap_server.getRootPwd(),
                'DNToModify'      : remotePTAuserName ,
                'listAttributes'  : ldapObject ,
                'changetype'      : 'add'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Search users entry as Directory Manager for operational attributes.' }
            </call>

            <call function="'ldapSearchWithScript'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : local_ldap_server.getRootDn(),
                'dsInstancePswd'  : local_ldap_server.getRootPwd(),
                'dsBaseDN'        : remotePTAuserName ,
                'dsFilter'        : 'objectclass=*' ,
                'dsAttributes'    : '+'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Search users entry as self.' }
            </call>

            <call function="'ldapSearchWithScript'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : remotePTAuserName,
                'dsInstancePswd'  : remotePTAuserPSWD ,
                'dsBaseDN'        : remotePTAuserName ,
                'dsFilter'        : 'objectclass=*'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Modify the users entry.' }
            </call>

            <script>
              ldapObject=[]
              ldapObject.append('description: i am now a remote LDAP PTA user')
           </script>

            <call function="'modifyAnAttribute'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : remotePTAuserName,
                'dsInstancePswd'  : remotePTAuserPSWD,
                'DNToModify'      : remotePTAuserName ,
                'listAttributes'  : ldapObject ,
                'changetype'      : 'replace'
            <call function="'pta_test_body1'">
              { 'userNamePswd'       : userDNsAndPswds ,
                'dsconfigAuthPolicy' : options
              }
            </call>
   
@@ -602,7 +267,9 @@
          </catch>
          <finally>
            <sequence>
              <call function="'pta_postamble1'"/>
              <call function="'pta_postamble1'">
                { 'userNamePswd' : userDNsAndPswds }
              </call>
              <call function="'testCase_Postamble'"/>
            </sequence>
          </finally>
@@ -641,6 +308,9 @@
            </call>

            <script>
              userDNsAndPswds={}
              userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]

              options=[]
              options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
              options.append('--set mapped-attribute:cn')
@@ -650,127 +320,11 @@
              options.append('--set mapping-policy:mapped-search')
              options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
              options.append('--type ldap-pass-through')
              options.append('--policy-name "%s"' % ldapPtaPolicyName)
              dsconfigOptions=' '.join(options)
            </script>

            <call function="'dsconfig'">
              { 'location'            : local_ldap_server.getHostname(),
                'dsPath'              : '%s/%s' \
                                         % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'      : local_ldap_server.getHostname(),
                'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
                'dsInstanceDn'        : local_ldap_server.getRootDn(),
                'dsInstancePswd'      : local_ldap_server.getRootPwd(),
                'subcommand'          : 'create-password-policy',
                'optionsString'       : dsconfigOptions
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Read back the "authentication policy" object.' }
            </call>

            <script>
              options=[]
              options.append('--policy-name "%s"' % ldapPtaPolicyName)
              dsconfigOptions=' '.join(options)
            </script>

            <call function="'dsconfig'">
              { 'location'            : local_ldap_server.getHostname(),
                'dsPath'              : '%s/%s' \
                                         % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'      : local_ldap_server.getHostname(),
                'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
                'dsInstanceDn'        : local_ldap_server.getRootDn(),
                'dsInstancePswd'      : local_ldap_server.getRootPwd(),
                'subcommand'          : 'get-password-policy-prop',
                'optionsString'       : dsconfigOptions
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Add ds-pwp-password-policy-dn to users entry.' }
            </call>

            <script>
              remotePTAuserName='uid=jvedder, ou=People, o=example'
              remotePTAuserPSWD='befitting'
              ldapObject=[]
              ldapObject.append('ds-pwp-password-policy-dn: %s' \
                                  % ldapPtaPolicyDn)
           </script>

            <call function="'modifyAnAttribute'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : local_ldap_server.getRootDn(),
                'dsInstancePswd'  : local_ldap_server.getRootPwd(),
                'DNToModify'      : remotePTAuserName ,
                'listAttributes'  : ldapObject ,
                'changetype'      : 'add'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Search users entry as Directory Manager for operational attributes.' }
            </call>

            <call function="'ldapSearchWithScript'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : local_ldap_server.getRootDn(),
                'dsInstancePswd'  : local_ldap_server.getRootPwd(),
                'dsBaseDN'        : remotePTAuserName ,
                'dsFilter'        : 'objectclass=*' ,
                'dsAttributes'    : '+'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Search users entry as self.' }
            </call>

            <call function="'ldapSearchWithScript'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : remotePTAuserName,
                'dsInstancePswd'  : remotePTAuserPSWD ,
                'dsBaseDN'        : remotePTAuserName ,
                'dsFilter'        : 'objectclass=*'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Modify the users entry.' }
            </call>

            <script>
              ldapObject=[]
              ldapObject.append('description: i am now a remote LDAP PTA user')
           </script>

            <call function="'modifyAnAttribute'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : remotePTAuserName,
                'dsInstancePswd'  : remotePTAuserPSWD,
                'DNToModify'      : remotePTAuserName ,
                'listAttributes'  : ldapObject ,
                'changetype'      : 'replace'
            <call function="'pta_test_body1'">
              { 'userNamePswd'       : userDNsAndPswds ,
                'dsconfigAuthPolicy' : options
              }
            </call>

@@ -783,7 +337,9 @@
          </catch>
          <finally>
            <sequence>
              <call function="'pta_postamble1'"/>
              <call function="'pta_postamble1'">
                { 'userNamePswd' : userDNsAndPswds }
              </call>
              <call function="'testCase_Postamble'"/>
            </sequence>
          </finally>
@@ -841,6 +397,9 @@
            </call>

            <script>
              userDNsAndPswds={}
              userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]

              options=[]
              options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
              options.append('--set mapped-attribute:cn')
@@ -850,127 +409,11 @@
              options.append('--set mapping-policy:mapped-search')
              options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
              options.append('--type ldap-pass-through')
              options.append('--policy-name "%s"' % ldapPtaPolicyName)
              dsconfigOptions=' '.join(options)
            </script>

            <call function="'dsconfig'">
              { 'location'            : local_ldap_server.getHostname(),
                'dsPath'              : '%s/%s' \
                                         % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'      : local_ldap_server.getHostname(),
                'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
                'dsInstanceDn'        : local_ldap_server.getRootDn(),
                'dsInstancePswd'      : local_ldap_server.getRootPwd(),
                'subcommand'          : 'create-password-policy',
                'optionsString'       : dsconfigOptions
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Read back the "authentication policy" object.' }
            </call>

            <script>
              options=[]
              options.append('--policy-name "%s"' % ldapPtaPolicyName)
              dsconfigOptions=' '.join(options)
            </script>

            <call function="'dsconfig'">
              { 'location'            : local_ldap_server.getHostname(),
                'dsPath'              : '%s/%s' \
                                         % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'      : local_ldap_server.getHostname(),
                'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
                'dsInstanceDn'        : local_ldap_server.getRootDn(),
                'dsInstancePswd'      : local_ldap_server.getRootPwd(),
                'subcommand'          : 'get-password-policy-prop',
                'optionsString'       : dsconfigOptions
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Add ds-pwp-password-policy-dn to users entry.' }
            </call>

            <script>
              remotePTAuserName='uid=jvedder, ou=People, o=example'
              remotePTAuserPSWD='befitting'
              ldapObject=[]
              ldapObject.append('ds-pwp-password-policy-dn: %s' \
                                  % ldapPtaPolicyDn)
           </script>

            <call function="'modifyAnAttribute'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : local_ldap_server.getRootDn(),
                'dsInstancePswd'  : local_ldap_server.getRootPwd(),
                'DNToModify'      : remotePTAuserName ,
                'listAttributes'  : ldapObject ,
                'changetype'      : 'add'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Search users entry as Directory Manager for operational attributes.' }
            </call>

            <call function="'ldapSearchWithScript'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : local_ldap_server.getRootDn(),
                'dsInstancePswd'  : local_ldap_server.getRootPwd(),
                'dsBaseDN'        : remotePTAuserName ,
                'dsFilter'        : 'objectclass=*' ,
                'dsAttributes'    : '+'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Search users entry as self.' }
            </call>

            <call function="'ldapSearchWithScript'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : remotePTAuserName,
                'dsInstancePswd'  : remotePTAuserPSWD ,
                'dsBaseDN'        : remotePTAuserName ,
                'dsFilter'        : 'objectclass=*'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Modify the users entry.' }
            </call>

            <script>
              ldapObject=[]
              ldapObject.append('description: i am now a remote LDAP PTA user')
           </script>

            <call function="'modifyAnAttribute'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : remotePTAuserName,
                'dsInstancePswd'  : remotePTAuserPSWD,
                'DNToModify'      : remotePTAuserName ,
                'listAttributes'  : ldapObject ,
                'changetype'      : 'replace'
            <call function="'pta_test_body1'">
              { 'userNamePswd'       : userDNsAndPswds ,
                'dsconfigAuthPolicy' : options
              }
            </call>

@@ -983,7 +426,9 @@
          </catch>
          <finally>
            <sequence>
              <call function="'pta_postamble1'"/>
             <call function="'pta_postamble1'">
                { 'userNamePswd' : userDNsAndPswds }
              </call>
              <call function="'testCase_Postamble'"/>
            </sequence>
          </finally>
@@ -1041,6 +486,9 @@
            </call>

            <script>
              userDNsAndPswds={}
              userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]

              options=[]
              options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primarySslPort))
              options.append('--set mapped-attribute:cn')
@@ -1050,127 +498,11 @@
              options.append('--set trust-manager-provider:JKS')
              options.append('--set use-ssl:true')
              options.append('--type ldap-pass-through')
              options.append('--policy-name "%s"' % ldapPtaPolicyName)
              dsconfigOptions=' '.join(options)
            </script>

            <call function="'dsconfig'">
              { 'location'            : local_ldap_server.getHostname(),
                'dsPath'              : '%s/%s' \
                                         % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'      : local_ldap_server.getHostname(),
                'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
                'dsInstanceDn'        : local_ldap_server.getRootDn(),
                'dsInstancePswd'      : local_ldap_server.getRootPwd(),
                'subcommand'          : 'create-password-policy',
                'optionsString'       : dsconfigOptions
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Read back the "authentication policy" object.' }
            </call>

            <script>
              options=[]
              options.append('--policy-name "%s"' % ldapPtaPolicyName)
              dsconfigOptions=' '.join(options)
            </script>

            <call function="'dsconfig'">
              { 'location'            : local_ldap_server.getHostname(),
                'dsPath'              : '%s/%s' \
                                         % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'      : local_ldap_server.getHostname(),
                'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
                'dsInstanceDn'        : local_ldap_server.getRootDn(),
                'dsInstancePswd'      : local_ldap_server.getRootPwd(),
                'subcommand'          : 'get-password-policy-prop',
                'optionsString'       : dsconfigOptions
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Add ds-pwp-password-policy-dn to users entry.' }
            </call>

            <script>
              remotePTAuserName='uid=jvedder, ou=People, o=example'
              remotePTAuserPSWD='befitting'
              ldapObject=[]
              ldapObject.append('ds-pwp-password-policy-dn: %s' \
                                  % ldapPtaPolicyDn)
           </script>

            <call function="'modifyAnAttribute'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : local_ldap_server.getRootDn(),
                'dsInstancePswd'  : local_ldap_server.getRootPwd(),
                'DNToModify'      : remotePTAuserName ,
                'listAttributes'  : ldapObject ,
                'changetype'      : 'add'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Search users entry as Directory Manager for operational attributes.' }
            </call>

            <call function="'ldapSearchWithScript'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : local_ldap_server.getRootDn(),
                'dsInstancePswd'  : local_ldap_server.getRootPwd(),
                'dsBaseDN'        : remotePTAuserName ,
                'dsFilter'        : 'objectclass=*' ,
                'dsAttributes'    : '+'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Search users entry as self.' }
            </call>

            <call function="'ldapSearchWithScript'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : remotePTAuserName,
                'dsInstancePswd'  : remotePTAuserPSWD ,
                'dsBaseDN'        : remotePTAuserName ,
                'dsFilter'        : 'objectclass=*'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Modify the users entry.' }
            </call>

            <script>
              ldapObject=[]
              ldapObject.append('description: i am now a remote LDAP PTA user')
           </script>

            <call function="'modifyAnAttribute'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : remotePTAuserName,
                'dsInstancePswd'  : remotePTAuserPSWD,
                'DNToModify'      : remotePTAuserName ,
                'listAttributes'  : ldapObject ,
                'changetype'      : 'replace'
            <call function="'pta_test_body1'">
              { 'userNamePswd'       : userDNsAndPswds ,
                'dsconfigAuthPolicy' : options
              }
            </call>
   
@@ -1183,7 +515,9 @@
          </catch>
          <finally>
            <sequence>
              <call function="'pta_postamble1'"/>
              <call function="'pta_postamble1'">
                { 'userNamePswd' : userDNsAndPswds }
              </call>
              <call function="'testCase_Postamble'"/>
            </sequence>
          </finally>
@@ -1222,6 +556,9 @@
            </call>

            <script>
              userDNsAndPswds={}
              userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]

              options=[]
              options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primarySslPort))
              options.append('--set mapped-attribute:cn')
@@ -1233,127 +570,11 @@
              options.append('--set trust-manager-provider:JKS')
              options.append('--set use-ssl:true')
              options.append('--type ldap-pass-through')
              options.append('--policy-name "%s"' % ldapPtaPolicyName)
              dsconfigOptions=' '.join(options)
            </script>

            <call function="'dsconfig'">
              { 'location'            : local_ldap_server.getHostname(),
                'dsPath'              : '%s/%s' \
                                         % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'      : local_ldap_server.getHostname(),
                'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
                'dsInstanceDn'        : local_ldap_server.getRootDn(),
                'dsInstancePswd'      : local_ldap_server.getRootPwd(),
                'subcommand'          : 'create-password-policy',
                'optionsString'       : dsconfigOptions
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Read back the "authentication policy" object.' }
            </call>

            <script>
              options=[]
              options.append('--policy-name "%s"' % ldapPtaPolicyName)
              dsconfigOptions=' '.join(options)
            </script>

            <call function="'dsconfig'">
              { 'location'            : local_ldap_server.getHostname(),
                'dsPath'              : '%s/%s' \
                                         % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'      : local_ldap_server.getHostname(),
                'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
                'dsInstanceDn'        : local_ldap_server.getRootDn(),
                'dsInstancePswd'      : local_ldap_server.getRootPwd(),
                'subcommand'          : 'get-password-policy-prop',
                'optionsString'       : dsconfigOptions
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Add ds-pwp-password-policy-dn to users entry.' }
            </call>

            <script>
              remotePTAuserName='uid=jvedder, ou=People, o=example'
              remotePTAuserPSWD='befitting'
              ldapObject=[]
              ldapObject.append('ds-pwp-password-policy-dn: %s' \
                                  % ldapPtaPolicyDn)
           </script>

            <call function="'modifyAnAttribute'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : local_ldap_server.getRootDn(),
                'dsInstancePswd'  : local_ldap_server.getRootPwd(),
                'DNToModify'      : remotePTAuserName ,
                'listAttributes'  : ldapObject ,
                'changetype'      : 'add'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Search users entry as Directory Manager for operational attributes.' }
            </call>

            <call function="'ldapSearchWithScript'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : local_ldap_server.getRootDn(),
                'dsInstancePswd'  : local_ldap_server.getRootPwd(),
                'dsBaseDN'        : remotePTAuserName ,
                'dsFilter'        : 'objectclass=*' ,
                'dsAttributes'    : '+'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Search users entry as self.' }
            </call>

            <call function="'ldapSearchWithScript'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : remotePTAuserName,
                'dsInstancePswd'  : remotePTAuserPSWD ,
                'dsBaseDN'        : remotePTAuserName ,
                'dsFilter'        : 'objectclass=*'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Modify the users entry.' }
            </call>

            <script>
              ldapObject=[]
              ldapObject.append('description: i am now a remote LDAP PTA user')
           </script>

            <call function="'modifyAnAttribute'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : remotePTAuserName,
                'dsInstancePswd'  : remotePTAuserPSWD,
                'DNToModify'      : remotePTAuserName ,
                'listAttributes'  : ldapObject ,
                'changetype'      : 'replace'
            <call function="'pta_test_body1'">
              { 'userNamePswd'       : userDNsAndPswds ,
                'dsconfigAuthPolicy' : options
              }
            </call>
   
@@ -1366,7 +587,9 @@
          </catch>
          <finally>
            <sequence>
              <call function="'pta_postamble1'"/>
             <call function="'pta_postamble1'">
                { 'userNamePswd' : userDNsAndPswds }
              </call>
              <call function="'testCase_Postamble'"/>
            </sequence>
          </finally>
@@ -1376,8 +599,8 @@
  </function>

  <!--- Test Case information
  #@TestMarker          Basic: PTA failover
  #@TestName            Basic: PTA failover
  #@TestMarker          Basic: PTA simple failover
  #@TestName            Basic: PTA simple failover
  #@TestID              basic_pta_011
  #@TestPurpose         Verify user with a LDAP PTA policy can failover to secondary server
  #@TestPreamble        Setup PTA
@@ -1412,6 +635,9 @@
            </call>

            <script>
              userDNsAndPswds={}
              userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]

              options=[]
              options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
              options.append('--set mapped-attribute:cn')
@@ -1421,271 +647,16 @@
              options.append('--set mapping-policy:mapped-search')
              options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
              options.append('--type ldap-pass-through')
              options.append('--policy-name "%s"' % ldapPtaPolicyName)
              dsconfigOptions=' '.join(options)
            </script>

            <call function="'dsconfig'">
              { 'location'            : local_ldap_server.getHostname(),
                'dsPath'              : '%s/%s' \
                                         % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'      : local_ldap_server.getHostname(),
                'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
                'dsInstanceDn'        : local_ldap_server.getRootDn(),
                'dsInstancePswd'      : local_ldap_server.getRootPwd(),
                'subcommand'          : 'create-password-policy',
                'optionsString'       : dsconfigOptions
            <call function="'pta_test_body1'">
              { 'userNamePswd'       : userDNsAndPswds ,
                'dsconfigAuthPolicy' : options
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Read back the "authentication policy" object.' }
            </call>

            <script>
              options=[]
              options.append('--policy-name "%s"' % ldapPtaPolicyName)
              dsconfigOptions=' '.join(options)
            </script>

            <call function="'dsconfig'">
              { 'location'            : local_ldap_server.getHostname(),
                'dsPath'              : '%s/%s' \
                                         % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'      : local_ldap_server.getHostname(),
                'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
                'dsInstanceDn'        : local_ldap_server.getRootDn(),
                'dsInstancePswd'      : local_ldap_server.getRootPwd(),
                'subcommand'          : 'get-password-policy-prop',
                'optionsString'       : dsconfigOptions
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Add ds-pwp-password-policy-dn to users entries.' }
            </call>

            <call function="'ldapSearchWithScript'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : local_ldap_server.getRootDn(),
                'dsInstancePswd'  : local_ldap_server.getRootPwd(),
                'dsBaseDN'        : 'cn=PTA Remote Users,ou=groups,o=example' ,
                'dsScope'         : 'base' ,
                'dsFilter'        : 'objectclass=*' ,
                'dsAttributes'    : 'uniquemember'
              }
            </call>
            
            <message>
              'Result= %s' % STAXResult
            </message>

            <script>
              ldapObject=[]
              ldapObject.append('ds-pwp-password-policy-dn: %s' \
                                  % ldapPtaPolicyDn)
           </script>

            <iterate var="remotePTAuserName"
                     in="remotePTAuserDict.keys()" 
                     indexvar="usernum">

              <call function="'modifyAnAttribute'">
                { 'location'        : local_ldap_server.getHostname(),
                  'dsPath'                 : '%s/%s' \
                                             % (local_ldap_server.getDir(),OPENDSNAME),
                  'dsInstanceHost'  : local_ldap_server.getHostname() ,
                  'dsInstancePort'  : local_ldap_server.getPort(),
                  'dsInstanceDn'    : local_ldap_server.getRootDn(),
                  'dsInstancePswd'  : local_ldap_server.getRootPwd(),
                  'DNToModify'      : remotePTAuserName ,
                  'listAttributes'  : ldapObject ,
                  'changetype'      : 'add'
                }
              </call>

            </iterate>

            <call function="'testStep'">
              { 'stepMessage' : 'Search users entries as Directory Manager for ds-pwp-password-policy-dn.' }
            </call>

            <call function="'ldapSearchWithScript'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : local_ldap_server.getRootDn(),
                'dsInstancePswd'  : local_ldap_server.getRootPwd(),
                'dsBaseDN'        : remotePTAuserSuffix ,
                'dsFilter'        : 'objectclass=*' ,
                'dsAttributes'    : 'ds-pwp-password-policy-dn'
              }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'First search users entries as self.' }
            </call>

            <iterate var="remotePTAuserName"
                     in="remotePTAuserDict.keys()" 
                     indexvar="usernum">
              
              <call function="'ldapSearchWithScript'">
                { 'location'        : local_ldap_server.getHostname(),
                  'dsPath'                 : '%s/%s' \
                                             % (local_ldap_server.getDir(),OPENDSNAME),
                  'dsInstanceHost'  : local_ldap_server.getHostname() ,
                  'dsInstancePort'  : local_ldap_server.getPort(),
                  'dsInstanceDn'    : remotePTAuserName,
                  'dsInstancePswd'  : remotePTAuserDict[remotePTAuserName] ,
                  'dsBaseDN'        : remotePTAuserName ,
                  'dsFilter'        : 'objectclass=*'
                }
              </call>

            </iterate>

            <call function="'testStep'">
              { 'stepMessage' : 'Stop the primary remote ldap server.' }
            </call>

            <call function="'stopServers'">
              [[primary_remote_ldap_server]]
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Second search users entries as self.' }
            </call>

            <iterate var="remotePTAuserName"
                     in="remotePTAuserDict.keys()" 
                     indexvar="usernum">
              
              <call function="'ldapSearchWithScript'">
                { 'location'        : local_ldap_server.getHostname(),
                  'dsPath'                 : '%s/%s' \
                                             % (local_ldap_server.getDir(),OPENDSNAME),
                  'dsInstanceHost'  : local_ldap_server.getHostname() ,
                  'dsInstancePort'  : local_ldap_server.getPort(),
                  'dsInstanceDn'    : remotePTAuserName,
                  'dsInstancePswd'  : remotePTAuserDict[remotePTAuserName] ,
                  'dsBaseDN'        : remotePTAuserName ,
                  'dsFilter'        : 'objectclass=*'
                }
              </call>

            </iterate>

            <call function="'testStep'">
              { 'stepMessage' : 'Modify the users entries.' }
            </call>

            <script>
              ldapObject=[]
              ldapObject.append('description: i am now a remote LDAP PTA user')
           </script>

            <iterate var="remotePTAuserName"
                     in="remotePTAuserDict.keys()" 
                     indexvar="usernum">

              <call function="'modifyAnAttribute'">
                { 'location'        : local_ldap_server.getHostname(),
                  'dsPath'                 : '%s/%s' \
                                             % (local_ldap_server.getDir(),OPENDSNAME),
                  'dsInstanceHost'  : local_ldap_server.getHostname() ,
                  'dsInstancePort'  : local_ldap_server.getPort(),
                  'dsInstanceDn'    : remotePTAuserName,
                  'dsInstancePswd'  : remotePTAuserDict[remotePTAuserName],
                  'DNToModify'      : remotePTAuserName ,
                  'listAttributes'  : ldapObject ,
                  'changetype'      : 'replace'
                }
              </call>

            </iterate>

            <call function="'testStep'">
              { 'stepMessage' : 'Restart the primary remote ldap server.' }
            </call>

            <call function="'startServers'">
              [[primary_remote_ldap_server]]
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Wait for monitor heartbeat to primary remote ldap server.' }
            </call>
            <call function="'Sleep'">
              { 'sleepForMilliSeconds' : '5000' }
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Third search users entries as self.' }
            </call>

            <iterate var="remotePTAuserName"
                     in="remotePTAuserDict.keys()" 
                     indexvar="usernum">
              
              <call function="'ldapSearchWithScript'">
                { 'location'        : local_ldap_server.getHostname(),
                  'dsPath'                 : '%s/%s' \
                                             % (local_ldap_server.getDir(),OPENDSNAME),
                  'dsInstanceHost'  : local_ldap_server.getHostname() ,
                  'dsInstancePort'  : local_ldap_server.getPort(),
                  'dsInstanceDn'    : remotePTAuserName,
                  'dsInstancePswd'  : remotePTAuserDict[remotePTAuserName] ,
                  'dsBaseDN'        : remotePTAuserName ,
                  'dsFilter'        : 'objectclass=*'
                }
              </call>

            </iterate>

            <call function="'testStep'">
              { 'stepMessage' : 'Stop the secondary remote ldap server.' }
            </call>

            <call function="'stopServers'">
              [[secondary_remote_ldap_server]]
            </call>

            <call function="'testStep'">
              { 'stepMessage' : 'Fourth search users entries as self.' }
            </call>

            <iterate var="remotePTAuserName"
                     in="remotePTAuserDict.keys()" 
                     indexvar="usernum">
              
              <call function="'ldapSearchWithScript'">
                { 'location'        : local_ldap_server.getHostname(),
                  'dsPath'                 : '%s/%s' \
                                             % (local_ldap_server.getDir(),OPENDSNAME),
                  'dsInstanceHost'  : local_ldap_server.getHostname() ,
                  'dsInstancePort'  : local_ldap_server.getPort(),
                  'dsInstanceDn'    : remotePTAuserName,
                  'dsInstancePswd'  : remotePTAuserDict[remotePTAuserName] ,
                  'dsBaseDN'        : remotePTAuserName ,
                  'dsFilter'        : 'objectclass=*'
                }
              </call>

            </iterate>

            <call function="'testStep'">
              { 'stepMessage' : 'Start the secondary remote ldap server.' }
            </call>

            <call function="'startServers'">
              [[secondary_remote_ldap_server]]
            <call function="'pta_test_body2'">
              { 'userNamePswd'       : userDNsAndPswds }
            </call>
               
          </sequence>
@@ -1697,7 +668,9 @@
          </catch>
          <finally>
            <sequence>
              <call function="'pta_postamble3'"/>
              <call function="'pta_postamble1'">
                { 'userNamePswd' : userDNsAndPswds }
              </call>
              <call function="'testCase_Postamble'"/>
            </sequence>
          </finally>
@@ -1743,6 +716,9 @@
            </call>

            <script>
              userDNsAndPswds={}
              userDNsAndPswds['uid=jvedder, ou=People, o=example'] = ['befitting',ldapPtaPolicyName]

              options=[]
              options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primarySslPort))
              options.append('--set mapped-attribute:cn')
@@ -1754,7 +730,147 @@
              options.append('--set trust-manager-provider:JKS')
              options.append('--set use-ssl:true')
              options.append('--type ldap-pass-through')
              options.append('--policy-name "%s"' % ldapPtaPolicyName)
            </script>

            <call function="'pta_test_body1'">
              { 'userNamePswd'       : userDNsAndPswds ,
                'dsconfigAuthPolicy' : options
              }
            </call>

            <call function="'pta_test_body2'">
              { 'userNamePswd'       : userDNsAndPswds }
            </call>
               
          </sequence>
  
          <catch exception="'STAXException'" typevar="eType" var="eInfo">
            <message log="1" level="'fatal'">
              '%s: Test failed. eInfo(%s)' % (eType,eInfo)
            </message>
          </catch>
          <finally>
            <sequence>
              <call function="'pta_postamble1'">
                { 'userNamePswd' : userDNsAndPswds }
              </call>
              <call function="'testCase_Postamble'"/>
            </sequence>
          </finally>
        </try>
      </sequence>
    </testcase>
  </function>

  <!--- Test Case information
  #@TestMarker          Basic: PTA multiple auth policies
  #@TestName            Basic: PTA multiple auth policies
  #@TestID              basic_pta_013
  #@TestPurpose         Verify multiple LDAP PTA policies
  #@TestPreamble        Setup PTA
  #@TestStep            Configure n LDAP PTA policies using mapped-search-bind credentials
  #@TestStep            Read back each "authentication policy" object
  #@TestStep            Add ds-pwp-password-policy-dn to users entries
  #@TestStep            Search users entries as Directory Manager for ds-pwp-password-policy-dn
  #@TestStep            Search users entries as self
  #@TestStep            Modify the users entries
  #@TestPostamble       Cleanup PTA
  #@TestResult          Test is successful if the result code is 0
  -->                           
  <function name="basic_pta_013" scope="local">
    <testcase name="getTestCaseName('PTA multiple auth policies')">                     
      <sequence>
        <try>
          <sequence>                
            <call function="'testCase_Preamble'"/>
            <message>
               'Test Name = %s' % STAXCurrentTestcase
            </message>

            <call function="'testStep'">
              { 'stepMessage' : 'Configure LDAP PTA Policies using mapped-search-bind.' }
            </call>

            <script>
              userDNsAndPswds={}
              userDNsAndPswds['uid=jvedder,  %s' % remotePTAuserSuffix] = ['befitting','LDAP PTA 0']
              userDNsAndPswds['uid=tmorris,  %s' % remotePTAuserSuffix] = ['irrefutable','LDAP PTA 1']
              userDNsAndPswds['uid=ealexand, %s' % remotePTAuserSuffix] = ['galactose','LDAP PTA 2']
              userDNsAndPswds['uid=tjames,   %s' % remotePTAuserSuffix] = ['turtle','LDAP PTA 3']
              userDNsAndPswds['uid=alangdon, %s' % remotePTAuserSuffix] = ['muzzle','LDAP PTA 4']
              userDNsAndPswds['uid=pchassin, %s' % remotePTAuserSuffix] = ['barbital','LDAP PTA 5']
              userDNsAndPswds['uid=aknutson, %s' % remotePTAuserSuffix] = ['maltose','LDAP PTA 6']
              userDNsAndPswds['uid=pworrell, %s' % remotePTAuserSuffix] = ['solicitous','LDAP PTA 7']
              userDNsAndPswds['uid=mtalbot,  %s' % remotePTAuserSuffix] = ['currant','LDAP PTA 8']
              userDNsAndPswds['uid=bwalker,  %s' % remotePTAuserSuffix] = ['interruptible','LDAP PTA 9']

              options=[]
              options.append('--set primary-remote-ldap-server:%s:%s' % (primaryHost,primaryPort))
              options.append('--set mapped-attribute:cn')
              options.append('--set mapped-search-base-dn:dc=AD,dc=com')
              options.append('--set mapped-search-bind-dn:"cn=Directory Manager"')
              options.append('--set mapped-search-bind-password:secret12')
              options.append('--set mapping-policy:mapped-search')
              options.append('--set secondary-remote-ldap-server:%s:%s' % (secondaryHost,secondaryPort))
              options.append('--type ldap-pass-through')
            </script>
                   
            <call function="'pta_test_body1'">
              { 'userNamePswd'       : userDNsAndPswds ,
                'dsconfigAuthPolicy' : options
              }
            </call>
               
          </sequence>
  
          <catch exception="'STAXException'" typevar="eType" var="eInfo">
            <message log="1" level="'fatal'">
              '%s: Test failed. eInfo(%s)' % (eType,eInfo)
            </message>
          </catch>
          <finally>
            <sequence>
              <call function="'pta_postamble1'">
                { 'userNamePswd' : userDNsAndPswds }
              </call>
              <call function="'testCase_Postamble'"/>
            </sequence>
          </finally>
        </try>
      </sequence>
    </testcase>
  </function>

  <function name="pta_test_body1">
    <function-map-args>
      <function-arg-def name="userNamePswd" type="required">
        <function-arg-description>
          Dictionary of user names (dn) and passwords.
        </function-arg-description>
        <function-arg-property name="type" value="Dictionary"/>
      </function-arg-def>
      <function-arg-def name="dsconfigAuthPolicy" type="required">
        <function-arg-description>
          Authentication policy in form of a dsconfig options
        </function-arg-description>
        <function-arg-property name="type" value="List"/>
      </function-arg-def>
    </function-map-args>
    <sequence>

      <iterate var="remotePTAuserName"
               in="userNamePswd.keys()" 
               indexvar="usernum">
              
        <sequence>

          <script>            
            myldapPtaPolicyName = userNamePswd[remotePTAuserName][1]
            myldapPtaPolicyDn   = 'cn=%s,cn=Password Policies,cn=config' % myldapPtaPolicyName

            options = []
            options += dsconfigAuthPolicy
            options.append('--policy-name "%s"' % myldapPtaPolicyName)
              dsconfigOptions=' '.join(options)
            </script>

@@ -1771,13 +887,26 @@
              }
            </call>

        </sequence>

      </iterate>

            <call function="'testStep'">
              { 'stepMessage' : 'Read back the "authentication policy" object.' }
            </call>

      <iterate var="remotePTAuserName"
               in="userNamePswd.keys()" 
               indexvar="usernum">
              
        <sequence>
    
            <script>
            myldapPtaPolicyName = userNamePswd[remotePTAuserName][1]
            myldapPtaPolicyDn   = 'cn=%s,cn=Password Policies,cn=config' % myldapPtaPolicyName

              options=[]
              options.append('--policy-name "%s"' % ldapPtaPolicyName)
            options.append('--policy-name "%s"' % myldapPtaPolicyName)
              dsconfigOptions=' '.join(options)
            </script>

@@ -1794,39 +923,29 @@
              }
            </call>

        </sequence>
      
      </iterate>

            <call function="'testStep'">
              { 'stepMessage' : 'Add ds-pwp-password-policy-dn to users entries.' }
            </call>

            <call function="'ldapSearchWithScript'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
                                           % (local_ldap_server.getDir(),OPENDSNAME),
                'dsInstanceHost'  : local_ldap_server.getHostname() ,
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : local_ldap_server.getRootDn(),
                'dsInstancePswd'  : local_ldap_server.getRootPwd(),
                'dsBaseDN'        : 'cn=PTA Remote Users,ou=groups,o=example' ,
                'dsScope'         : 'base' ,
                'dsFilter'        : 'objectclass=*' ,
                'dsAttributes'    : 'uniquemember'
              }
            </call>
      <iterate var="remotePTAuserName"
               in="userNamePswd.keys()" 
               indexvar="usernum">
            
            <message>
              'Result= %s' % STAXResult
            </message>
        <sequence>              

            <script>
            myldapPtaPolicyName = userNamePswd[remotePTAuserName][1]
            myldapPtaPolicyDn   = 'cn=%s,cn=Password Policies,cn=config' % myldapPtaPolicyName
            
              ldapObject=[]
              ldapObject.append('ds-pwp-password-policy-dn: %s' \
                                  % ldapPtaPolicyDn)
                                % myldapPtaPolicyDn)
           </script>

            <iterate var="remotePTAuserName"
                     in="remotePTAuserDict.keys()" 
                     indexvar="usernum">

              <call function="'modifyAnAttribute'">
                { 'location'        : local_ldap_server.getHostname(),
                  'dsPath'                 : '%s/%s' \
@@ -1841,12 +960,18 @@
                }
              </call>

        </sequence>
      
            </iterate>

            <call function="'testStep'">
              { 'stepMessage' : 'Search users entries as Directory Manager for ds-pwp-password-policy-dn.' }
            </call>

      <iterate var="remotePTAuserName"
               in="userNamePswd.keys()" 
               indexvar="usernum">
    
            <call function="'ldapSearchWithScript'">
              { 'location'        : local_ldap_server.getHostname(),
                'dsPath'                 : '%s/%s' \
@@ -1855,18 +980,21 @@
                'dsInstancePort'  : local_ldap_server.getPort(),
                'dsInstanceDn'    : local_ldap_server.getRootDn(),
                'dsInstancePswd'  : local_ldap_server.getRootPwd(),
                'dsBaseDN'        : remotePTAuserSuffix ,
            'dsBaseDN'        : remotePTAuserName ,
            'dsScope'         : 'base' ,
                'dsFilter'        : 'objectclass=*' ,
                'dsAttributes'    : 'ds-pwp-password-policy-dn'
              }
            </call>

      </iterate>

            <call function="'testStep'">
              { 'stepMessage' : 'First search users entries as self.' }
            </call>

            <iterate var="remotePTAuserName"
                     in="remotePTAuserDict.keys()" 
               in="userNamePswd.keys()" 
                     indexvar="usernum">
              
              <call function="'ldapSearchWithScript'">
@@ -1876,8 +1004,9 @@
                  'dsInstanceHost'  : local_ldap_server.getHostname() ,
                  'dsInstancePort'  : local_ldap_server.getPort(),
                  'dsInstanceDn'    : remotePTAuserName,
                  'dsInstancePswd'  : remotePTAuserDict[remotePTAuserName] ,
            'dsInstancePswd'  : userNamePswd[remotePTAuserName][0] ,
                  'dsBaseDN'        : remotePTAuserName ,
            'dsScope'         : 'base' ,
                  'dsFilter'        : 'objectclass=*'
                }
              </call>
@@ -1885,6 +1014,50 @@
            </iterate>

            <call function="'testStep'">
        { 'stepMessage' : 'Modify the users entries.' }
      </call>

      <script>
        ldapObject=[]
        ldapObject.append('description: i am now a remote LDAP PTA user')
      </script>

      <iterate var="remotePTAuserName"
               in="userNamePswd.keys()" 
               indexvar="usernum">

        <call function="'modifyAnAttribute'">
          { 'location'        : local_ldap_server.getHostname(),
            'dsPath'                 : '%s/%s' \
                                       % (local_ldap_server.getDir(),OPENDSNAME),
            'dsInstanceHost'  : local_ldap_server.getHostname() ,
            'dsInstancePort'  : local_ldap_server.getPort(),
            'dsInstanceDn'    : remotePTAuserName,
            'dsInstancePswd'  : userNamePswd[remotePTAuserName][0] ,
            'DNToModify'      : remotePTAuserName ,
            'listAttributes'  : ldapObject ,
            'changetype'      : 'replace'
          }
        </call>

      </iterate>

    </sequence>

  </function>

  <function name="pta_test_body2">
    <function-map-args>
      <function-arg-def name="userNamePswd" type="required">
        <function-arg-description>
          Dictionary of user names (dn) and passwords.
        </function-arg-description>
        <function-arg-property name="type" value="Dictionary"/>
      </function-arg-def>
    </function-map-args>
    <sequence>

            <call function="'testStep'">
              { 'stepMessage' : 'Stop the primary remote ldap server.' }
            </call>

@@ -1897,7 +1070,7 @@
            </call>

            <iterate var="remotePTAuserName"
                     in="remotePTAuserDict.keys()" 
                     in="userNamePswd.keys()" 
                     indexvar="usernum">
              
              <call function="'ldapSearchWithScript'">
@@ -1907,7 +1080,7 @@
                  'dsInstanceHost'  : local_ldap_server.getHostname() ,
                  'dsInstancePort'  : local_ldap_server.getPort(),
                  'dsInstanceDn'    : remotePTAuserName,
                  'dsInstancePswd'  : remotePTAuserDict[remotePTAuserName] ,
                  'dsInstancePswd'  : userNamePswd[remotePTAuserName][0] ,
                  'dsBaseDN'        : remotePTAuserName ,
                  'dsFilter'        : 'objectclass=*'
                }
@@ -1925,7 +1098,7 @@
           </script>

            <iterate var="remotePTAuserName"
                     in="remotePTAuserDict.keys()" 
                     in="userNamePswd.keys()" 
                     indexvar="usernum">

              <call function="'modifyAnAttribute'">
@@ -1935,7 +1108,7 @@
                  'dsInstanceHost'  : local_ldap_server.getHostname() ,
                  'dsInstancePort'  : local_ldap_server.getPort(),
                  'dsInstanceDn'    : remotePTAuserName,
                  'dsInstancePswd'  : remotePTAuserDict[remotePTAuserName],
                  'dsInstancePswd'  : userNamePswd[remotePTAuserName][0],
                  'DNToModify'      : remotePTAuserName ,
                  'listAttributes'  : ldapObject ,
                  'changetype'      : 'replace'
@@ -1964,7 +1137,7 @@
            </call>

            <iterate var="remotePTAuserName"
                     in="remotePTAuserDict.keys()" 
                     in="userNamePswd.keys()" 
                     indexvar="usernum">
              
              <call function="'ldapSearchWithScript'">
@@ -1974,7 +1147,7 @@
                  'dsInstanceHost'  : local_ldap_server.getHostname() ,
                  'dsInstancePort'  : local_ldap_server.getPort(),
                  'dsInstanceDn'    : remotePTAuserName,
                  'dsInstancePswd'  : remotePTAuserDict[remotePTAuserName] ,
                  'dsInstancePswd'  : userNamePswd[remotePTAuserName][0] ,
                  'dsBaseDN'        : remotePTAuserName ,
                  'dsFilter'        : 'objectclass=*'
                }
@@ -1995,7 +1168,7 @@
            </call>

            <iterate var="remotePTAuserName"
                     in="remotePTAuserDict.keys()" 
                     in="userNamePswd.keys()" 
                     indexvar="usernum">
              
              <call function="'ldapSearchWithScript'">
@@ -2005,7 +1178,7 @@
                  'dsInstanceHost'  : local_ldap_server.getHostname() ,
                  'dsInstancePort'  : local_ldap_server.getPort(),
                  'dsInstanceDn'    : remotePTAuserName,
                  'dsInstancePswd'  : remotePTAuserDict[remotePTAuserName] ,
                  'dsInstancePswd'  : userNamePswd[remotePTAuserName][0] ,
                  'dsBaseDN'        : remotePTAuserName ,
                  'dsFilter'        : 'objectclass=*'
                }
@@ -2023,20 +1196,6 @@
               
          </sequence>
  
          <catch exception="'STAXException'" typevar="eType" var="eInfo">
            <message log="1" level="'fatal'">
              '%s: Test failed. eInfo(%s)' % (eType,eInfo)
            </message>
          </catch>
          <finally>
            <sequence>
              <call function="'pta_postamble3'"/>
              <call function="'testCase_Postamble'"/>
            </sequence>
          </finally>
        </try>
      </sequence>
    </testcase>
  </function>
   
</stax>

 opends/tests/staf-tests/functional-tests/testcases/pta/pta_setup.xml

@@ -93,16 +93,16 @@
                remotePTAuserPswdFile = '%s/pta/mypasswd' % local_ldap_server.getTmpDir()
  
                # List of Remote LDAP PTA Users and Passwords              
                remotePTAuserDict['uid=jvedder,  %s' % remotePTAuserSuffix] = 'befitting'
                remotePTAuserDict['uid=tmorris,  %s' % remotePTAuserSuffix] = 'irrefutable'
                remotePTAuserDict['uid=ealexand, %s' % remotePTAuserSuffix] = 'galactose'
                remotePTAuserDict['uid=tjames,   %s' % remotePTAuserSuffix] = 'turtle'
                remotePTAuserDict['uid=alangdon, %s' % remotePTAuserSuffix] = 'muzzle'
                remotePTAuserDict['uid=pchassin, %s' % remotePTAuserSuffix] = 'barbital'
                remotePTAuserDict['uid=aknutson, %s' % remotePTAuserSuffix] = 'maltose'
                remotePTAuserDict['uid=pworrell, %s' % remotePTAuserSuffix] = 'solicitous'
                remotePTAuserDict['uid=mtalbot,  %s' % remotePTAuserSuffix] = 'currant'
                remotePTAuserDict['uid=bwalker,  %s' % remotePTAuserSuffix] = 'interruptible'
                remotePTAuserDict['uid=jvedder,  %s' % remotePTAuserSuffix] = ['befitting',ldapPtaPolicyName]
                remotePTAuserDict['uid=tmorris,  %s' % remotePTAuserSuffix] = ['irrefutable',ldapPtaPolicyName]
                remotePTAuserDict['uid=ealexand, %s' % remotePTAuserSuffix] = ['galactose',ldapPtaPolicyName]
                remotePTAuserDict['uid=tjames,   %s' % remotePTAuserSuffix] = ['turtle',ldapPtaPolicyName]
                remotePTAuserDict['uid=alangdon, %s' % remotePTAuserSuffix] = ['muzzle',ldapPtaPolicyName]
                remotePTAuserDict['uid=pchassin, %s' % remotePTAuserSuffix] = ['barbital',ldapPtaPolicyName]
                remotePTAuserDict['uid=aknutson, %s' % remotePTAuserSuffix] = ['maltose',ldapPtaPolicyName]
                remotePTAuserDict['uid=pworrell, %s' % remotePTAuserSuffix] = ['solicitous',ldapPtaPolicyName]
                remotePTAuserDict['uid=mtalbot,  %s' % remotePTAuserSuffix] = ['currant',ldapPtaPolicyName]
                remotePTAuserDict['uid=bwalker,  %s' % remotePTAuserSuffix] = ['interruptible',ldapPtaPolicyName]
              </script>

              <!-- Create local PTA passwd -->

			@@ -92,6 +92,7 @@
			testsList.append('basic_pta_010')
			testsList.append('basic_pta_011')
			testsList.append('basic_pta_012')
			testsList.append('basic_pta_013')
			</script>

			<!-- Execute the Tests -->

			@@ -29,19 +29,35 @@

			<function name="pta_postamble1">
			<function-prolog>
			Performs postamble for PTA tests
			Performs postamble for multi-user/policy PTA tests
			</function-prolog>
			<function-no-args />
			<function-map-args>
			<function-arg-def name="userNamePswd" type="required">
			<function-arg-description>
			Dictionary of user names (dn) and passwords.
			</function-arg-description>
			<function-arg-property name="type" value="Dictionary"/>
			</function-arg-def>
			</function-map-args>
			<sequence>

			<call function="'testStep'">
			{ 'stepMessage' : 'Delete ds-pwp-password-policy-dn from users entry.' }
			</call>

			<iterate var="remotePTAuserName"
			in="userNamePswd.keys()"
			indexvar="usernum">
			<sequence>

			<script>
			myldapPtaPolicyName = userNamePswd[remotePTAuserName][1]
			myldapPtaPolicyDn = 'cn=%s,cn=Password Policies,cn=config' \
			% myldapPtaPolicyName

			ldapObject=[]
			ldapObject.append('ds-pwp-password-policy-dn: %s' \
			% ldapPtaPolicyDn)
			% myldapPtaPolicyDn)
			</script>

			<call function="'modifyAnAttribute'">
			@@ -58,13 +74,26 @@
			}
			</call>

			</sequence>

			</iterate>

			<call function="'testStep'">
			{ 'stepMessage' : 'Remove LDAP PTA Authentication Policy.' }
			</call>

			<iterate var="remotePTAuserName"
			in="userNamePswd.keys()"
			indexvar="usernum">
			<sequence>

			<script>
			#myldapPtaPolicyName = 'LDAP PTA %s' % usernum
			myldapPtaPolicyName = userNamePswd[remotePTAuserName][1]
			myldapPtaPolicyDn = 'cn=%s,cn=Password Policies,cn=config' % myldapPtaPolicyName

			options=[]
			options.append('--policy-name "%s"' % ldapPtaPolicyName)
			options.append('--policy-name "%s"' % myldapPtaPolicyName)
			dsconfigOptions=' '.join(options)
			</script>

			@@ -81,6 +110,8 @@
			}
			</call>
			</sequence>
			</iterate>
			</sequence>
			</function>

			<function name="pta_postamble2">
			@@ -117,66 +148,4 @@
			</sequence>
			</function>

			<function name="pta_postamble3">
			<function-prolog>
			Performs postamble for multi-user PTA tests
			</function-prolog>
			<function-no-args />
			<sequence>

			<call function="'testStep'">
			{ 'stepMessage' : 'Delete ds-pwp-password-policy-dn from users entry.' }
			</call>

			<script>
			ldapObject=[]
			ldapObject.append('ds-pwp-password-policy-dn: %s' \
			% ldapPtaPolicyDn)
			</script>

			<iterate var="remotePTAuserName"
			in="remotePTAuserDict.keys()"
			indexvar="usernum">

			<call function="'modifyAnAttribute'">
			{ 'location' : local_ldap_server.getHostname(),
			'dsPath' : '%s/%s' \
			% (local_ldap_server.getDir(),OPENDSNAME),
			'dsInstanceHost' : local_ldap_server.getHostname() ,
			'dsInstancePort' : local_ldap_server.getPort(),
			'dsInstanceDn' : local_ldap_server.getRootDn(),
			'dsInstancePswd' : local_ldap_server.getRootPwd(),
			'DNToModify' : remotePTAuserName ,
			'listAttributes' : ldapObject ,
			'changetype' : 'delete'
			}
			</call>

			</iterate>

			<call function="'testStep'">
			{ 'stepMessage' : 'Remove LDAP PTA Authentication Policy.' }
			</call>

			<script>
			options=[]
			options.append('--policy-name "%s"' % ldapPtaPolicyName)
			dsconfigOptions=' '.join(options)
			</script>

			<call function="'dsconfig'">
			{ 'location' : local_ldap_server.getHostname(),
			'dsPath' : '%s/%s' \
			% (local_ldap_server.getDir(),OPENDSNAME),
			'dsInstanceHost' : local_ldap_server.getHostname(),
			'dsInstanceAdminPort' : local_ldap_server.getAdminPort(),
			'dsInstanceDn' : local_ldap_server.getRootDn(),
			'dsInstancePswd' : local_ldap_server.getRootPwd(),
			'subcommand' : 'delete-password-policy',
			'optionsString' : dsconfigOptions
			}
			</call>
			</sequence>
			</function>

			</stax>

			@@ -93,16 +93,16 @@
			remotePTAuserPswdFile = '%s/pta/mypasswd' % local_ldap_server.getTmpDir()

			# List of Remote LDAP PTA Users and Passwords
			remotePTAuserDict['uid=jvedder, %s' % remotePTAuserSuffix] = 'befitting'
			remotePTAuserDict['uid=tmorris, %s' % remotePTAuserSuffix] = 'irrefutable'
			remotePTAuserDict['uid=ealexand, %s' % remotePTAuserSuffix] = 'galactose'
			remotePTAuserDict['uid=tjames, %s' % remotePTAuserSuffix] = 'turtle'
			remotePTAuserDict['uid=alangdon, %s' % remotePTAuserSuffix] = 'muzzle'
			remotePTAuserDict['uid=pchassin, %s' % remotePTAuserSuffix] = 'barbital'
			remotePTAuserDict['uid=aknutson, %s' % remotePTAuserSuffix] = 'maltose'
			remotePTAuserDict['uid=pworrell, %s' % remotePTAuserSuffix] = 'solicitous'
			remotePTAuserDict['uid=mtalbot, %s' % remotePTAuserSuffix] = 'currant'
			remotePTAuserDict['uid=bwalker, %s' % remotePTAuserSuffix] = 'interruptible'
			remotePTAuserDict['uid=jvedder, %s' % remotePTAuserSuffix] = ['befitting',ldapPtaPolicyName]
			remotePTAuserDict['uid=tmorris, %s' % remotePTAuserSuffix] = ['irrefutable',ldapPtaPolicyName]
			remotePTAuserDict['uid=ealexand, %s' % remotePTAuserSuffix] = ['galactose',ldapPtaPolicyName]
			remotePTAuserDict['uid=tjames, %s' % remotePTAuserSuffix] = ['turtle',ldapPtaPolicyName]
			remotePTAuserDict['uid=alangdon, %s' % remotePTAuserSuffix] = ['muzzle',ldapPtaPolicyName]
			remotePTAuserDict['uid=pchassin, %s' % remotePTAuserSuffix] = ['barbital',ldapPtaPolicyName]
			remotePTAuserDict['uid=aknutson, %s' % remotePTAuserSuffix] = ['maltose',ldapPtaPolicyName]
			remotePTAuserDict['uid=pworrell, %s' % remotePTAuserSuffix] = ['solicitous',ldapPtaPolicyName]
			remotePTAuserDict['uid=mtalbot, %s' % remotePTAuserSuffix] = ['currant',ldapPtaPolicyName]
			remotePTAuserDict['uid=bwalker, %s' % remotePTAuserSuffix] = ['interruptible',ldapPtaPolicyName]
			</script>

			<!-- Create local PTA passwd -->