'Security: SASL DIGEST-MD5: Preamble Step 1 - Admin Changing \ Pwd Storage to CLEAR' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'propertyName' : 'Default Password Policy' , 'attributeName' : 'default-password-storage-scheme' , 'attributeValue' : 'Clear' } 'Security: SASL DIGEST-MD5: Preamble Step 2 - Admin Changing \ Password for three users' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'uid=jsprinter, ou=People, o=SASL Tests, dc=example,dc=com' , 'attributeName' : 'userpassword' , 'newAttributeValue' : 'frogleg' , 'changetype' : 'replace' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'uid=jwalleye, ou=People, o=SASL Realm Tests, dc=example,dc=com' , 'attributeName' : 'userpassword' , 'newAttributeValue' : 'frogleg' , 'changetype' : 'replace' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'uid=jcarp, ou=People, o=SASL Tests, dc=example,dc=com' , 'attributeName' : 'userpassword' , 'newAttributeValue' : 'carpleg' , 'changetype' : 'replace' } 'Security: SASL DIGEST-MD5: User With Dupe uid (u:) Binding' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o authid=u:jsprinter -w frogleg' , 'expectedRC' : 49 } 'Security: SASL DIGEST-MD5: User (u:) Binding' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o authid=u:jwalleye -w frogleg' } 'Security: SASL DIGEST-MD5: User (u:) Binding with authzid' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o authid=u:jwalleye -w frogleg -o authzid=jwalleye' } 'Security: SASL DIGEST-MD5: User (u:) Binding with another authzid' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o authid=u:jwalleye -w frogleg -o authzid=jcarp' , 'expectedRC' : 49 } 'Security: SASL DIGEST-MD5: User (u:) Binding with authzid without authid' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o authzid=jcarp -w frogleg' , 'expectedRC' : 89 } 'Security: SASL DIGEST-MD5: Admin Changing authzid attribute to sn' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'mapperName' : 'Exact Match' , 'attributeName' : 'match-attribute' , 'attributeValue' : 'sn' } 'Security: SASL DIGEST-MD5: User (u:) Binding with authzid after attribute change' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o authid=u:jwalleye -w frogleg -o authzid=jwalleye' , 'expectedRC' : 49 } 'Security: SASL DIGEST-MD5: User (u:) Binding with authzid after attribute change 2' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o authid=u:Walleye -w frogleg -o authzid=Walleye' } 'Security: SASL DIGEST-MD5: Admin Resetting authzid attribute to uid' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'mapperName' : 'Exact Match' , 'attributeName' : 'match-attribute' , 'attributeValue' : 'uid' } 'Security: SASL DIGEST-MD5: User (u:) Binding with authzid after attribute reset' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o authid=u:jwalleye -w frogleg -o authzid=jwalleye' } 'Security: SASL DIGEST-MD5: User With Dupe uid (dn:) Binding' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:uid=jsprinter,ou=People,o=SASL Tests,dc=example,dc=com" -w frogleg' } 'Security: SASL DIGEST-MD5: User With Dupe uid (dn:) Binding with authzid' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:uid=jsprinter,ou=People,o=SASL Tests,dc=example,dc=com" -w frogleg -o authzid=jsprinter' , 'expectedRC' : 49 } 'Security: SASL DIGEST-MD5: User (dn:) Binding' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com" -w frogleg' } 'Security: SASL DIGEST-MD5: Admin Creating Realm' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'handlerName' : 'DIGEST-MD5' , 'propertyName' : 'realm' , 'propertyValue' : 'SASL-Realm-Tests.example.com' } 'Security: SASL DIGEST-MD5: User With Dupe uid (u:) Binding With Realm' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=u:jsprinter" -o "realm=SASL-Realm-Tests.example.com" -w frogleg' , 'expectedRC' : 49 } 'Security: SASL DIGEST-MD5: User (u:) Binding With Realm' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=u:jwalleye" -o "realm=SASL-Realm-Tests.example.com" -w frogleg' } 'Security: SASL DIGEST-MD5: User With Dupe uid (dn:) Binding With Realm' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:uid=jsprinter,ou=People,o=SASL Tests,dc=example,dc=com" -o "realm=SASL-Realm-Tests.example.com" -w frogleg' } 'Security: SASL DIGEST-MD5: User (dn:) Binding With Realm' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com" -o "realm=SASL-Realm-Tests.example.com" -w frogleg' } 'Security: SASL DIGEST-MD5: User With Dupe uid (u:) Binding With Undefined Realm' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=u:jsprinter" -o "realm=o=SASL Tests,dc=example,dc=com" -w frogleg' , 'expectedRC' : 49 } 'Security: SASL DIGEST-MD5: User (u:) Binding With Undefined Realm' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=u:jwalleye" -o "realm=o=SASL Tests,dc=example,dc=com" -w frogleg' , 'expectedRC' : 49 } 'Security: SASL DIGEST-MD5: User With Dupe uid (dn:) Binding With Undefined Realm' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:uid=jsprinter,ou=People,o=SASL Tests,dc=example,dc=com" -o "realm=o=SASL Tests,dc=example,dc=com" -w frogleg' , 'expectedRC' : 49 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With Undefined Realm' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com" -o "realm=o=SASL Tests,dc=example,dc=com" -w frogleg' , 'expectedRC' : 49 } 'Security: SASL DIGEST-MD5: User (dn:) Binding with authmethod equal sasl, sasl authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com" -w frogleg' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 0 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equal sasl, simple authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com' , 'dsInstancePswd' : 'frogleg' , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 0 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equal sasl, delete global search ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'aciValue' : GLOBAL_ACI_SEARCH , 'opType' : 'remove' } 'Security: SASL DIGEST-MD5: User (dn:) Binding with authmethod equal sasl, sasl authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com" -w frogleg' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 1 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equal sasl, simple authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com' , 'dsInstancePswd' : 'frogleg' , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 1 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equal sasl, adding authmethod ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : curr_aci , 'changetype' : 'add' } 'Security: SASL DIGEST-MD5: User (dn:) Binding with authmethod equal sasl, sasl authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com" -w frogleg' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 0 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equal sasl, simple authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com' , 'dsInstancePswd' : 'frogleg' , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 1 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equal sasl, deleting authmethod ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : curr_aci , 'changetype' : 'delete' } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equal sasl, put back global search ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'aciValue' : GLOBAL_ACI_SEARCH , 'opType' : 'add' } 'Security: SASL DIGEST-MD5: User (dn:) Binding with authmethod equal simple, sasl authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com" -w frogleg' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 0 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equal simple, simple authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com' , 'dsInstancePswd' : 'frogleg' , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 0 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equal simple, delete global search ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'aciValue' : GLOBAL_ACI_SEARCH , 'opType' : 'remove' } 'Security: SASL DIGEST-MD5: User (dn:) Binding with authmethod equal simple, sasl authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com" -w frogleg' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 1 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equal simple, simple authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com' , 'dsInstancePswd' : 'frogleg' , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 1 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equal simple, adding authmethod ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : curr_aci , 'changetype' : 'add' } 'Security: SASL DIGEST-MD5: User (dn:) Binding with authmethod equal simple, sasl authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com" -w frogleg' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 1 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equal simple, simple authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com' , 'dsInstancePswd' : 'frogleg' , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 0 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equal simple, deleting authmethod ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : curr_aci , 'changetype' : 'delete' } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equal simple, put back global search ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'aciValue' : GLOBAL_ACI_SEARCH , 'opType' : 'add' } 'Security: SASL DIGEST-MD5: User (dn:) Binding with authmethod not equals simple, sasl authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com" -w frogleg' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 0 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod not equals simple, simple authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com' , 'dsInstancePswd' : 'frogleg' , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 0 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod not equals simple, delete global search ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'aciValue' : GLOBAL_ACI_SEARCH , 'opType' : 'remove' } 'Security: SASL DIGEST-MD5: User (dn:) Binding with authmethod not equals simple, sasl authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com" -w frogleg' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 1 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod not equals simple, simple authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com' , 'dsInstancePswd' : 'frogleg' , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 1 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod not equals simple, adding authmethod ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : curr_aci , 'changetype' : 'add' } 'Security: SASL DIGEST-MD5: User (dn:) Binding with authmethod not equals simple, sasl authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com" -w frogleg' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 0 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod not equals simple, simple authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com' , 'dsInstancePswd' : 'frogleg' , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 1 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod not equals simple, deleting authmethod ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : curr_aci , 'changetype' : 'delete' } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod not equals simple, put back global search ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'aciValue' : GLOBAL_ACI_SEARCH , 'opType' : 'add' } 'Security: SASL DIGEST-MD5: User (dn:) Binding with authmethod equals none, sasl authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com" -w frogleg' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 0 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equals none, simple authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com' , 'dsInstancePswd' : 'frogleg' , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 0 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equals none, delete global search ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'aciValue' : GLOBAL_ACI_SEARCH , 'opType' : 'remove' } 'Security: SASL DIGEST-MD5: User (dn:) Binding with authmethod equals none, sasl authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com" -w bad', 'expectedRC' : 49 } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 1 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equals none, simple authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com' , 'dsInstancePswd' : 'bad' , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'expectedRC' : 49 } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 1 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equals none, adding authmethod ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : curr_aci , 'changetype' : 'add' } 'Security: SASL DIGEST-MD5: User (dn:) Binding with authmethod equals none, sasl authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com" -w frogleg' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 0 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equals none, simple authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com' , 'dsInstancePswd' : 'frogleg' , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 0 } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equals none, deleting authmethod ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : curr_aci , 'changetype' : 'delete' } 'Security: SASL DIGEST-MD5: User (dn:) Binding With ACI with authmethod equals none, put back global search ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'aciValue' : GLOBAL_ACI_SEARCH , 'opType' : 'add' } 'Security: SASL DIGEST-MD5: Non-clear Pwd Storage Scheme' 'Security: SASL DIGEST-MD5: Non-clear Pwd Storage Scheme - \ Admin Changing Pwd Storage to 3DES' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'propertyName' : 'Default Password Policy' , 'attributeName' : 'default-password-storage-scheme' , 'attributeValue' : '3DES' } 'Security: SASL DIGEST-MD5: Non-clear Pwd Storage Scheme - \ Admin Changing Password for test user' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : test_user, 'attributeName' : 'userpassword', 'newAttributeValue' : 'newleg', 'changetype' : 'replace' } 'Security: SASL DIGEST-MD5: Non-clear Pwd Storage Scheme - \ Search with SASL bind request as test user' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'extraParams' : sasl_options } 'Security: SASL DIGEST-MD5: Proxy-auth \ {no proxy-auth privilege ; no proxy access right}' 'Security: SASL DIGEST-MD5: Proxy-auth {no priv ; no aci}- \ Admin Changing Password for test user' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : test_user, 'attributeName' : 'userpassword', 'newAttributeValue' : 'newleg', 'changetype' : 'replace' } 'Security: SASL DIGEST-MD5: Proxy-auth {no priv ; no aci} - \ SASL bind with authzid=proxied-user' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'extraParams' : sasl_options, 'expectedRC' : 49 } 'Security: SASL DIGEST-MD5: Proxy-auth \ {proxy-auth privilege ; no proxy access right}' 'Security: SASL DIGEST-MD5: Proxy-auth {priv ; no aci}- \ Admin Changing Password for test user' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : test_user, 'attributeName' : 'userpassword', 'newAttributeValue' : 'newleg', 'changetype' : 'replace' } 'Security: SASL DIGEST-MD5: Proxy-auth {priv ; no aci} - \ SASL bind with authzid=proxied-user' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'extraParams' : sasl_options, 'expectedRC' : 49 } 'Security: SASL DIGEST-MD5: Proxy-auth \ {proxy-auth + bypass-acl privilege ; no proxy access right}' 'Security: SASL DIGEST-MD5: Proxy-auth {priv + bypass; no aci}- \ Admin Changing Password for test user' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : test_user, 'attributeName' : 'userpassword', 'newAttributeValue' : 'newleg', 'changetype' : 'replace' } 'Security: SASL DIGEST-MD5: Proxy-auth {priv + bypass; no aci} - \ SASL bind with authzid=proxied-user' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'extraParams' : sasl_options } 'Security: SASL DIGEST-MD5: Proxy-auth \ {no proxy-auth privilege ; proxy access right}' 'Security: SASL DIGEST-MD5: Proxy-auth {no priv ; aci}- \ Admin Changing Password for test user' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : test_user, 'attributeName' : 'userpassword', 'newAttributeValue' : 'newleg', 'changetype' : 'replace' } 'Security: SASL DIGEST-MD5: Proxy-auth {no priv ; aci} - \ SASL bind with authzid=proxied-user' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'extraParams' : sasl_options, 'expectedRC' : 49 } 'Security: SASL DIGEST-MD5: Proxy-auth \ {proxy-auth privilege ; proxy access right}' 'Security: SASL DIGEST-MD5: Proxy-auth {priv ; aci}- \ Admin Changing Password for test user' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : test_user, 'attributeName' : 'userpassword', 'newAttributeValue' : 'newleg', 'changetype' : 'replace' } 'Security: SASL DIGEST-MD5: Proxy-auth {priv ; aci} - \ SASL bind with authzid=proxied-user' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'extraParams' : sasl_options } 'Security: SASL DIGEST-MD5: Proxy-auth \ {proxy-auth privilege ; group proxy access right}' 'Security: SASL DIGEST-MD5: Proxy-auth {priv ; group aci} - \ Admin Changing Password for test user' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : test_user, 'attributeName' : 'userpassword', 'newAttributeValue' : 'newleg', 'changetype' : 'replace' } 'Security: SASL DIGEST-MD5: Proxy-auth {priv ; group aci} - \ SASL bind with authzid=proxied-user' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'extraParams' : sasl_options } 'Security: SASL DIGEST-MD5: Set FQDN' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'handlerName' : 'DIGEST-MD5' , 'propertyName' : 'server-fqdn' , 'propertyValue' : 'fqdn-test.com' } 'Security: SASL DIGEST-MD5: FQDN {hostname != fqdn}' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'extraParams' : sasl_options, 'expectedRC' : 49 } 'Security: SASL DIGEST-MD5: FQDN {hostname!=fqdn ; uri=fqdn}' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'extraParams' : sasl_options } 'Security: SASL DIGEST-MD5: FQDN {hostname!=fqdn ; uri!=fqdn}' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'extraParams' : sasl_options, 'expectedRC' : 49 } 'Security: SASL DIGEST-MD5: Set FQDN' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'handlerName' : 'DIGEST-MD5' , 'propertyName' : 'server-fqdn' , 'propertyValue' : DIRECTORY_INSTANCE_HOST } 'Security: SASL DIGEST-MD5: FQDN {hostname = fqdn}' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'extraParams' : sasl_options } 'Security: SASL DIGEST-MD5: FQDN {hostname=fqdn ; uri=fqdn}' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'extraParams' : sasl_options } 'Security: SASL DIGEST-MD5: FQDN {hostname=fqdn ; uri!=fqdn}' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'extraParams' : sasl_options, 'expectedRC' : 49 } 'Security: SASL DIGEST-MD5: QOP {client:auth-int ; server:none}' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'password' : 'newleg', 'protection' : 'auth-int', 'expectedRC' : 89 } 'Security: SASL DIGEST-MD5: QOP {client:auth-conf ; server:none}' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'password' : 'newleg', 'protection' : 'auth-conf', 'expectedRC' : 89 } 'Security: SASL DIGEST-MD5: Set QOP = integrity' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstanceDn' : DIRECTORY_INSTANCE_DN, 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD, 'handlerName' : 'DIGEST-MD5', 'propertyName' : 'quality-of-protection', 'propertyValue' : 'integrity' } 'Security: SASL DIGEST-MD5: QOP {client:auth ; server:int}' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'password' : 'newleg', 'protection' : 'auth', 'expectedRC' : 89 } 'Security: SASL DIGEST-MD5: QOP {client:auth-int ; server:int}' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'password' : 'newleg', 'protection' : 'auth-int' } 'Security: SASL DIGEST-MD5: QOP {client:auth-conf ; server:int}' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'password' : 'newleg', 'protection' : 'auth-conf', 'expectedRC' : 89 } 'Security: SASL DIGEST-MD5: Set QOP = confidentiality' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstanceDn' : DIRECTORY_INSTANCE_DN, 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD, 'handlerName' : 'DIGEST-MD5', 'propertyName' : 'quality-of-protection', 'propertyValue' : 'confidentiality' } 'Security: SASL DIGEST-MD5: QOP {client:auth ; server:conf}' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'password' : 'newleg', 'protection' : 'auth', 'expectedRC' : 89 } 'Security: SASL DIGEST-MD5: QOP {client:auth-int ; server:conf}' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'password' : 'newleg', 'protection' : 'auth-int', 'expectedRC' : 89 } 'Security: SASL DIGEST-MD5: QOP {client:auth-conf ; server:conf}' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'password' : 'newleg', 'protection' : 'auth-conf' } 'Security: SASL DIGEST-MD5: Cipher Strength: high' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'strength' : 'high', 'password' : 'newleg', 'protection' : 'auth-conf' } 'Security: SASL DIGEST-MD5: Cipher Strength: medium' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'strength' : 'medium', 'password' : 'newleg', 'protection' : 'auth-conf' } 'Security: SASL DIGEST-MD5: Cipher Strength: low' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'strength' : 'low', 'password' : 'newleg', 'protection' : 'auth-conf' } 'Security: SASL DIGEST-MD5: Max. recv. buffer size lower than \ result size' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsScope' : 'sub', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'maxbuffersize' : '5000', 'password' : 'newleg', 'protection' : 'auth-conf' } 'Search result: %s' % returnString { 'returnString' : returnString , 'expectedString' : 'uid=tmorris,ou=People', 'expectedRC' : 0 } 'Security: SASL DIGEST-MD5: Max. recv. buffer size > result size' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsScope' : 'sub', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'maxbuffersize' : '25000', 'password' : 'newleg', 'protection' : 'auth-conf' } 'Search result: %s' % returnString { 'returnString' : returnString , 'expectedString' : 'uid=tmorris,ou=People', 'expectedRC' : 0 } 'Security: SASL DIGEST-MD5: Remove global ACI' 'Delete global search ACI' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'aciValue' : GLOBAL_ACI_SEARCH , 'opType' : 'remove' } 'Make sure read access is not granted (no entries returned).' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : test_user, 'dsInstancePswd' : 'newleg' , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' } { 'returnString' : returnString , 'expectedString' : 'dn: uid=tmorris,ou=People', 'expectedRC' : 1 } 'Security: SASL DIGEST-MD5: SSF {ssf=1 ; qop=confidentialiy}' 'Adding ACI with ssf bind rule: ssf = 1' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : ssf_aci , 'changetype' : 'replace' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsScope' : 'sub', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'password' : 'newleg', 'protection' : 'auth-conf' } 'Search result: %s' % returnString { 'returnString' : returnString , 'expectedString' : 'uid=tmorris,ou=People', 'expectedRC' : 1 } 'Security: SASL DIGEST-MD5: SSF {ssf>40 ; qop=conf ; str=low}' 'Adding ACI with ssf bind rule: ssf > 40' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : ssf_aci , 'changetype' : 'replace' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsScope' : 'sub', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'strength' : 'low', 'password' : 'newleg', 'protection' : 'auth-conf' } 'Search result: %s' % returnString { 'returnString' : returnString , 'expectedString' : 'uid=tmorris,ou=People', 'expectedRC' : 1 } 'Security: SASL DIGEST-MD5: SSF {ssf>40 ; qop=conf ; str=medium}' 'Adding ACI with ssf bind rule: ssf > 40' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : ssf_aci , 'changetype' : 'replace' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsScope' : 'sub', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'strength' : 'medium', 'password' : 'newleg', 'protection' : 'auth-conf' } 'Search result: %s' % returnString { 'returnString' : returnString , 'expectedString' : 'uid=tmorris,ou=People', 'expectedRC' : 0 } 'Security: SASL DIGEST-MD5: SSF {ssf>=128 ; qop=conf ;str=medium}' 'Adding ACI with ssf bind rule: ssf >= 128' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : ssf_aci , 'changetype' : 'replace' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsScope' : 'sub', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'strength' : 'medium', 'password' : 'newleg', 'protection' : 'auth-conf' } 'Search result: %s' % returnString { 'returnString' : returnString , 'expectedString' : 'uid=tmorris,ou=People', 'expectedRC' : 1 } 'Security: SASL DIGEST-MD5: SSF {ssf>=128 ; qop=conf ; str=high}' 'Adding ACI with ssf bind rule: ssf >= 128' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : ssf_aci , 'changetype' : 'replace' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsScope' : 'sub', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'strength' : 'high', 'password' : 'newleg', 'protection' : 'auth-conf' } 'Search result: %s' % returnString { 'returnString' : returnString , 'expectedString' : 'uid=tmorris,ou=People', 'expectedRC' : 0 } 'Security: SASL DIGEST-MD5: SSF {ssf=56 ; qop=conf ; str=high}' 'Adding ACI with ssf bind rule: ssf = 56' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : ssf_aci , 'changetype' : 'replace' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsScope' : 'sub', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'strength' : 'high', 'password' : 'newleg', 'protection' : 'auth-conf' } 'Search result: %s' % returnString { 'returnString' : returnString , 'expectedString' : 'uid=tmorris,ou=People', 'expectedRC' : 1 } 'Security: SASL DIGEST-MD5: SSF {ssf=56 ; qop=conf ; str=medium}' 'Adding ACI with ssf bind rule: ssf = 56' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : ssf_aci , 'changetype' : 'replace' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsScope' : 'sub', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'strength' : 'medium', 'password' : 'newleg', 'protection' : 'auth-conf' } 'Search result: %s' % returnString { 'returnString' : returnString , 'expectedString' : 'uid=tmorris,ou=People', 'expectedRC' : 0 } 'Security: SASL DIGEST-MD5: SSF {ssf!=56 ; qop=conf ;str=medium}' 'Adding ACI with ssf bind rule: ssf != 56' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : ssf_aci , 'changetype' : 'replace' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsScope' : 'sub', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'strength' : 'medium', 'password' : 'newleg', 'protection' : 'auth-conf' } 'Search result: %s' % returnString { 'returnString' : returnString, 'expectedString' : 'uid=tmorris,ou=People', 'expectedRC' : 1 } 'Security: SASL DIGEST-MD5: SSF {ssf!=56 ; qop=conf ; str=high}' 'Adding ACI with ssf bind rule: ssf != 56' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : ssf_aci , 'changetype' : 'replace' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsScope' : 'sub', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'strength' : 'high', 'password' : 'newleg', 'protection' : 'auth-conf' } 'Search result: %s' % returnString { 'returnString' : returnString, 'expectedString' : 'uid=tmorris,ou=People' } 'Security: SASL DIGEST-MD5: SSF {ssf!=56 ; qop=conf ; str=low}' 'Adding ACI with ssf bind rule: ssf != 56' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : ssf_aci , 'changetype' : 'replace' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsScope' : 'sub', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'strength' : 'low', 'password' : 'newleg', 'protection' : 'auth-conf' } 'Search result: %s' % returnString { 'returnString' : returnString, 'expectedString' : 'uid=tmorris,ou=People' } 'Security: SASL DIGEST-MD5: Re-Set QOP = integrity' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstanceDn' : DIRECTORY_INSTANCE_DN, 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD, 'handlerName' : 'DIGEST-MD5', 'propertyName' : 'quality-of-protection', 'propertyValue' : 'integrity' } 'Security: SASL DIGEST-MD5: SSF {ssf=1 ; qop=integrity}' 'Adding ACI with ssf bind rule: ssf = 1' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : ssf_aci , 'changetype' : 'replace' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsScope' : 'sub', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'password' : 'newleg', 'protection' : 'auth-int' } 'Search result: %s' % returnString { 'returnString' : returnString , 'expectedString' : 'uid=tmorris,ou=People', 'expectedRC' : 0 } 'Security: SASL DIGEST-MD5: SSF {ssf>40 ; qop=integrity}' 'Adding ACI with ssf bind rule: ssf > 40' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : ssf_aci , 'changetype' : 'replace' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsScope' : 'sub', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'password' : 'newleg', 'protection' : 'auth-int' } 'Search result: %s' % returnString { 'returnString' : returnString , 'expectedString' : 'uid=tmorris,ou=People', 'expectedRC' : 1 } 'Security: SASL DIGEST-MD5: Set QOP = none' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstanceDn' : DIRECTORY_INSTANCE_DN, 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD, 'handlerName' : 'DIGEST-MD5', 'propertyName' : 'quality-of-protection', 'propertyValue' : 'none' } 'Security: SASL DIGEST-MD5: SSF {ssf=1 ; qop=none}' 'Adding ACI with ssf bind rule: ssf = 1' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'o=SASL Tests,dc=example,dc=com' , 'attributeName' : 'aci' , 'newAttributeValue' : ssf_aci , 'changetype' : 'replace' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST, 'dsInstancePort' : DIRECTORY_INSTANCE_PORT, 'dsBaseDN' : 'dc=example,dc=com', 'dsScope' : 'sub', 'dsFilter' : 'objectclass=*', 'mechanism' : 'DIGEST-MD5', 'authenticationId' : 'dn:%s' % test_user, 'password' : 'newleg', 'protection' : 'auth' } 'Search result: %s' % returnString { 'returnString' : returnString , 'expectedString' : 'uid=tmorris,ou=People', 'expectedRC' : 1 } 'Security: SASL DIGEST-MD5: Postamble Step 1 - Admin Changing Pwd Storage to SSHA' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'propertyName' : 'Default Password Policy' , 'attributeName' : 'default-password-storage-scheme' , 'attributeValue' : 'Salted SHA-1' } 'Security: SASL DIGEST-MD5: Postamble Step 2 - Admin Restting Password for two users' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'uid=jsprinter, ou=People, o=SASL Tests, dc=example,dc=com' , 'attributeName' : 'userpassword' , 'newAttributeValue' : 'catleg' , 'changetype' : 'replace' } { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'DNToModify' : 'uid=jwalleye, ou=People, o=SASL Realm Tests, dc=example,dc=com' , 'attributeName' : 'userpassword' , 'newAttributeValue' : 'catleg' , 'changetype' : 'replace' } 'Security: SASL DIGEST-MD5: Postamble Step 3 - Admin Deleting Realm' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'entryToBeModified' : '%s/security/sasl/admin_del_realm.ldif' % remote.data } 'Security: SASL DIGEST-MD5: Postamble Step 4 - User (dn:) Binding With Simple Authentication' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : 'uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com' , 'dsInstancePswd' : 'catleg' , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-s base' } 'Security: SASL DIGEST-MD5: Postamble Step 5 - User (dn:) Binding 2' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsBaseDN' : 'dc=example,dc=com' , 'dsFilter' : 'objectclass=*' , 'extraParams' : '-o mech=DIGEST-MD5 -o "authid=dn:uid=jwalleye,ou=People,o=SASL Realm Tests,dc=example,dc=com" -w catleg' , 'expectedRC' : 49 }