'Security: Deprecated Pwd Schemes: Preamble Step 1. Admin Adding 3 Pwd Storage Schemes' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'propertyName' : 'Default Password Policy' , 'attributeName' : 'default-password-storage-scheme' , 'attributeValue' : 'MD5' , 'modifyType' : 'add' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'propertyName' : 'Default Password Policy' , 'attributeName' : 'default-password-storage-scheme' , 'attributeValue' : 'Base64' , 'modifyType' : 'add' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'propertyName' : 'Default Password Policy' , 'attributeName' : 'default-password-storage-scheme' , 'attributeValue' : 'Salted SHA-256' , 'modifyType' : 'add' } 'Security: Deprecated Pwd Schemes: Preamble Step 2. User Change Password' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'uid=tmason,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' , 'dsInstancePswd' : 'squatted' , 'DNToModify' : 'uid=tmason,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' , 'attributeName' : 'userpassword' , 'newAttributeValue' : 'squinted' , 'changetype' : 'replace' } 'Security: Deprecating Pwd Schemes: Preamble Step 3. Checking for MD5 Scheme Before Deprecating' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'dsBaseDN' : 'uid=tmason,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'attributes' : 'userpassword' } { 'returnString' : returnString , 'expectedString' : 'MD5' } 'Security: Deprecated Pwd Schemes: Admin Deprecating MD5 Scheme' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'propertyName' : 'Default Password Policy' , 'attributeName' : 'deprecated-password-storage-scheme' , 'attributeValue' : 'MD5' } 'Security: Deprecated Pwd Schemes: Admin Removing MD5 Scheme From Default' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'cn=Default Password Policy,cn=Password Policies,cn=config' , 'attributeName' : 'ds-cfg-default-password-storage-scheme' , 'newAttributeValue' : 'cn=MD5,cn=Password Storage Schemes,cn=config' , 'changetype' : 'delete' } 'Security: Deprecating Pwd Schemes: Checking for MD5 Hashed Pwd After Deprecating - Existing User (before user bind)' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'dsBaseDN' : 'uid=tmason,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'attributes' : 'userpassword' } { 'returnString' : returnString , 'expectedString' : 'MD5' } 'Security: Deprecated Pwd Schemes: User Binding' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'uid=tmason,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' , 'dsInstancePswd' : 'squinted' , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-s base' } 'Security: Deprecating Pwd Schemes: Checking for MD5 Hashed Pwd After Deprecating - Existing User (after user bind)' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'dsBaseDN' : 'uid=tmason,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'attributes' : 'userpassword' } { 'returnString' : returnString , 'expectedString' : 'MD5' , 'expectedRC' : 1 } 'Security: Deprecating Pwd Schemes: Checking for MD5 Hashed Pwd After Deprecating - New User' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToAdd' : 'uid=test, ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com', 'listAttributes' : listAttr } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'dsBaseDN' : 'uid=test, ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com', 'dsFilter' : 'objectclass=*' , 'attributes' : 'userpassword' } { 'returnString' : returnString , 'expectedString' : 'MD5' , 'expectedRC' : 1 } 'Security: Deprecating Pwd Schemes: Checking for SSHA256 Hashed Pwd After Deprecating' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'dsBaseDN' : 'uid=tmason,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'attributes' : 'userpassword' } { 'returnString' : returnString , 'expectedString' : 'SSHA256' } 'Security: Deprecating Pwd Schemes: Checking for BASE64 Hashed Pwd After Deprecating' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'dsBaseDN' : 'uid=tmason,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'attributes' : 'userpassword' } { 'returnString' : returnString , 'expectedString' : 'BASE64' } 'Security: Deprecating Pwd Schemes: Postamble - Admin Resetting to SSHA Storage Scheme' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'propertyName' : 'Default Password Policy' , 'attributeName' : 'default-password-storage-scheme' , 'attributeValue' : 'Salted SHA-1' } 'Security: New Deprecated Pwd Schemes: Preamble Step 1. Admin Adding MD5 Pwd Storage Scheme' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'propertyName' : 'Default Password Policy' , 'attributeName' : 'default-password-storage-scheme' , 'attributeValue' : 'MD5' , 'modifyType' : 'add' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'dsBaseDN' : 'uid=bhall,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'attributes' : 'userpassword' } 'Security: New Deprecating Pwd Schemes: Preamble Step 2. Checking for SSHA is present Before Deprecating' { 'returnString' : returnString , 'expectedString' : 'SSHA' } 'Security: New Deprecating Pwd Schemes: Preamble Step 3. Checking for MD5 is not present Before Deprecating' { 'returnString' : returnString , 'expectedString' : 'MD5' , 'expectedRC' : 1 } 'Security: New Deprecated Pwd Schemes: Admin Deprecating SSHA Scheme' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'propertyName' : 'Default Password Policy' , 'attributeName' : 'deprecated-password-storage-scheme' , 'attributeValue' : 'Salted SHA-1' } 'Security: New Deprecated Pwd Schemes: Admin Removing SSHA Scheme From Default' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'cn=Default Password Policy,cn=Password Policies,cn=config' , 'attributeName' : 'ds-cfg-default-password-storage-scheme' , 'newAttributeValue' : 'cn=Salted SHA-1,cn=Password Storage Schemes,cn=config' , 'changetype' : 'delete' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'dsBaseDN' : 'uid=bhall,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'attributes' : 'userpassword' } 'Security: New Deprecating Pwd Schemes: Checking for SSHA is present After Deprecating - Existing User (before user bind)' { 'returnString' : returnString , 'expectedString' : 'SSHA' } 'Security: New Deprecating Pwd Schemes: Checking for MD5 is not present After Deprecating - Existing User (before user bind)' { 'returnString' : returnString , 'expectedString' : 'MD5' , 'expectedRC' : 1 } 'Security: New Deprecated Pwd Schemes: User Binding' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'uid=bhall,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' , 'dsInstancePswd' : 'oranges' , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-s base' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'dsBaseDN' : 'uid=bhall,ou=people,ou=password tests,o=Pwd Storage Tests,dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'attributes' : 'userpassword' } 'Security: New Deprecating Pwd Schemes: Checking for SSHA is no more present After Deprecating - Existing User (after user bind)' { 'returnString' : returnString , 'expectedString' : 'SSHA' , 'expectedRC' : 1 } 'Security: New Deprecating Pwd Schemes: Checking for MD5 is present After Deprecating - Existing User (after user bind)' { 'returnString' : returnString , 'expectedString' : 'MD5' } 'Security: New Deprecating Pwd Schemes: Postamble - Admin Resetting to SSHA Storage Scheme' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'propertyName' : 'Default Password Policy' , 'attributeName' : 'default-password-storage-scheme' , 'attributeValue' : 'Salted SHA-1' }