Latest revision |
Your text |
Line 1: |
Line 1: |
| | [[Category:Test Days]] |
| | [[Category:QA Templates]] |
| | |
| {|border="1" | | {|border="1" |
| |-style="color: white; background-color: #3074c2; font-weight: bold" | | |-style="color: white; background-color: #3074c2; font-weight: bold" |
Line 54: |
Line 57: |
| |- | | |- |
| | autofs | | | autofs |
| | jvcelak | | | |
| | {{result|pass}} | | | |
| |- | | |- |
| | krb5-workstation | | | krb5-workstation |
Line 63: |
Line 66: |
| | nss_ldap | | | nss_ldap |
| | omoris | | | omoris |
| | {{result|pass}} | | | |
| |- | | |- |
| | nss-pam-ldapd | | | nss-pam-ldapd |
| | omoris | | | omoris |
| | {{result|pass}} | | | |
| |- | | |- |
| | openssh | | | openssh |
Line 75: |
Line 78: |
| | pam_ldap | | | pam_ldap |
| | omoris | | | omoris |
| | {{result|pass}} | | | |
| |- | | |- |
| | python-ldap | | | python-ldap |
Line 83: |
Line 86: |
| | ruby-ldap | | | ruby-ldap |
| | alich | | | alich |
| | {{result|pass}} | | | |
| |- | | |- |
| | sssd | | | sssd |
| | shanks | | | shanks |
| | {{result|pass}} | | | |
| |- | | |- |
| | sudo | | | sudo |
| | alich | | | alich |
| | {{result|pass}} | | | |
| |- | | |- |
| | libuser | | | libuser |
Line 102: |
Line 105: |
| |- | | |- |
| | quota | | | quota |
| | mvadkert | | | |
| | {{result|pass}} | | | |
| |- | | |- |
| |} | | |} |
Line 170: |
Line 173: |
| |- | | |- |
| | php | | | php |
| | jgorig | | | |
| | {{result|pass}} | | | |
| |- | | |- |
| | postgresql | | | postgresql |
Line 178: |
Line 181: |
| |- | | |- |
| | proftpd | | | proftpd |
| | jgorig | | | |
| | {{result|pass}} | | | |
| |- | | |- |
| | pure-ftpd | | | pure-ftpd |
Line 494: |
Line 497: |
|
| |
|
| {{admon/warning|Test OpenLDAP with MozNSS primarily|Please, use mainly openldap03. The other servers are only for reference, to reveal possible behavior changes.}} | | {{admon/warning|Test OpenLDAP with MozNSS primarily|Please, use mainly openldap03. The other servers are only for reference, to reveal possible behavior changes.}} |
|
| |
| {{admon/caution|Test Day is over|The servers are no longer available.}}
| |
|
| |
|
| {| | | {| |
Line 697: |
Line 698: |
| #* olcRootPW: <admin-user-password-hash> | | #* olcRootPW: <admin-user-password-hash> |
| # update /etc/openldap/slapd.d/cn=config/olcDatabase={2}monitor.ldif | | # update /etc/openldap/slapd.d/cn=config/olcDatabase={2}monitor.ldif |
| #* olcAccess: {0}to * by dn.base="cn=manager,dc=copper,dc=testday" read by * none | | #* olcAccess: {0}to * by dn.base="cn=manager,dc=copper,dc=testday" read by * non |
| # start your server: <code>service slapd start</code> | | # start your server: <code>service slapd start</code> |
| # try your serve functionality | | # try your serve functionality |
Line 705: |
Line 706: |
| #* download example [http://jvcelak.fedorapeople.org/testday-101014/root_copper.ldif root DN nodes] (LDIF) | | #* download example [http://jvcelak.fedorapeople.org/testday-101014/root_copper.ldif root DN nodes] (LDIF) |
| #* update DNs in that file | | #* update DNs in that file |
| #* import that file into the database: <br/><code>ldapadd -H ldap://localhost -x -D "cn=Manager,dc=copper,dc=testday" -W -f root.ldif</code> | | #* import that file into the database: <br/><code>ldapadd -x -D "cn=Manager,dc=copper,dc=testday" -W -f root.ldif</code> |
| # install BDB configuration file | | # install BDB configuration file |
| #* <code>cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG</code> | | #* <code>cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_EXAMPLE</code> |
| # restart your server: <code>service slapd restart</code> | | # restart your server: <code>service slapd restart</code> |
| # '''your server is now configured and running without TLS''' | | # '''your server is now configured and running without TLS''' |
Line 800: |
Line 801: |
| * output looked fine | | * output looked fine |
|
| |
|
| '''[jvcelak] Tested program: openldap-2.4.23-1.fc15.x86_64 openldap-2.4.21-10.fc13.x86_64''' | | '''[jvcelak] Tested openldap-servers''' |
| * reported bug #641946 (slapd init script gets stuck in an infinite loop) | | * reported bug #641946 (slapd init script gets stuck in an infinite loop) |
| * OK: CA signed certificates (now used on silver and bronze) | | * OK: CA signed certificates (now used on silver and bronze) |
Line 807: |
Line 808: |
| * OK: Ldap backend with TLS, works as a proxy (tested including loops) | | * OK: Ldap backend with TLS, works as a proxy (tested including loops) |
| * OK: self-signed certificates | | * OK: self-signed certificates |
| * OK: delta-syncrepl with TLS
| |
| ** verification with OpenSSL fails when connecting to localhost (host name doesn't match) | | ** verification with OpenSSL fails when connecting to localhost (host name doesn't match) |
| ** verification with MozNSS works well when connecting to localhost or hostname | | ** verification with MozNSS works well when connecting to localhost or hostname |
Line 840: |
Line 840: |
| debug1: LDAP do close | | debug1: LDAP do close |
| debug2: LDAP do close OK | | debug2: LDAP do close OK |
|
| |
| '''[jvcelak] Tested program: python-ldap-2.3.12-1.fc15.x86_64'''
| |
|
| |
| * not tested very deeply, basic operations work:
| |
| #!/usr/bin/python
| |
|
| |
| import ldap
| |
| import ldap.modlist as modlist
| |
|
| |
| l = ldap.initialize("ldaps://openldap03.fedoraproject.org", trace_level = 1)
| |
| l.simple_bind_s("cn=Tester,dc=gold,dc=testday", "openldap")
| |
|
| |
| ldif = modlist.addModlist({
| |
| "objectClass" : [ "organizationalUnit", "top" ],
| |
| "ou" : [ "jvcelak" ],
| |
| })
| |
| l.add_s("ou=jvcelak,ou=free,dc=gold,dc=testday", ldif)
| |
|
| |
| print l.search_s("dc=gold,dc=testday", ldap.SCOPE_SUBTREE, "(cn=Manager)")
| |
|
| |
| l.delete_s("ou=jvcelak,ou=free,dc=gold,dc=testday")
| |
|
| |
| l.unbind_s()
| |
|
| |
| '''[mvadkert] Tested program: libuser-0.56.18-2.fc14'''
| |
| * tested all libuser commands - found bug in lpasswd #643022
| |
| * generally works well after good setup in /etc/libuser.conf
| |
|
| |
| '''[omoris] Tested program: pam_ldap-185-5.fc14'''
| |
| * tested password change, ssh connection, password change via ssh connection
| |
| * no problems, works fine
| |
| * testes via beakerlib using already prepared testcases
| |
|
| |
| '''[omoris] Tested program: nss_ldap-265-6.fc14 & nss-pam-ldapd.i686 0:0.7.7-1.fc14 '''
| |
| * tested getent, id of ldap users
| |
| * no problems, works fine
| |
| * testes via beakerlib using already prepared testcases
| |
|
| |
| '''[mvadkert] Tested program: quota-3.17-13.fc14.x86_64'''
| |
| * mail stored in surname in LDAP user, quota works as expected with ldaps :)
| |
|
| |
| '''[amarecek] Tested program: sudo-1.7.4p4-3.fc14.x86_64'''
| |
| * rights escalation with ldap users only
| |
| * rights escalation with local users and ldap groups
| |
| * rights escalation with ldap users containing white spaces (also "su" tested)
| |
| * rights escalation with ldap groups containing white spaces
| |
|
| |
| '''[jgorig] Tested program: php-ldap-5.3.3-1.fc14.x86_64'''
| |
| * basic operations works
| |
| <?php
| |
| $conn = ldap_connect("openldap03.fedoraproject.org");
| |
| if(!$conn) exit(ldap_error($conn));
| |
|
| |
| $ret = ldap_start_tls($conn);
| |
| if(!$ret) exit(ldap_error($conn));
| |
|
| |
| $r = ldap_bind($conn, "cn=Tester,dc=gold,dc=testday", "openldap");
| |
| if(!$r) exit(ldap_error($conn));
| |
|
| |
| $data["objectClass"][0] = "organizationalUnit";
| |
| $data["objectClass"][1] = "top";
| |
| $data["ou"] = "Testovac";
| |
|
| |
| ldap_add($conn, "ou=Testovac,ou=free,dc=gold,dc=testday", $data);
| |
|
| |
| $sr = ldap_search($conn, "dc=gold,dc=testday", "ou=Testovac");
| |
| print_r(ldap_get_entries($conn, $sr));
| |
|
| |
| ldap_delete($conn, "ou=Testovac,ou=free,dc=gold,dc=testday");
| |
|
| |
| ldap_close($conn);
| |
|
| |
| '''[amarecek] Tested program: ruby-1.8.7.302-1.fc14.x86_64, ruby-ldap-0.9.7-10.fc12.x86_64'''
| |
| * simple connection works
| |
| #!/bin/env ruby
| |
| require 'ldap'
| |
| _host = 'openldap03.fedoraproject.org'
| |
| _port = 389
| |
| _binddn = 'cn=Tester,dc=gold,dc=testday'
| |
| _bindpw = 'openldap'
| |
| _base = 'ou=alich,ou=free,dc=gold,dc=testday'
| |
| connection = LDAP::Conn.new(_host, _port)
| |
| connection.bind(_binddn, _bindpw)
| |
| connection.perror("bind")
| |
| scope = LDAP::LDAP_SCOPE_SUBTREE
| |
| attrs = ['dn', 'cn']
| |
| items = ['posixAccount', 'posixGroup']
| |
| items.each { |item|
| |
| filter = "(objectClass=#{item})"
| |
| begin
| |
| connection.search(_base, scope, filter) { |record|
| |
| print "DN: #{record.dn}\n"
| |
| print "ATTRS: #{record.attrs}\n"
| |
| print "\tCN: #{record.vals('cn')}\n"
| |
| print "#{record.to_hash}\n"
| |
| }
| |
| rescue LDAP::ResultError
| |
| connection.perror("search")
| |
| exit 1
| |
| end
| |
| connection.perror("search")
| |
| }
| |
| connection.unbind
| |
| * all data were found successfully
| |
|
| |
| '''[jvcelak] Tested program: autofs-5.0.5-31.fc15.x86_64'''
| |
| * reported bug #643045 (outdated autofs.schema in openldap-servers)
| |
| * automounter connects to LDAP server with TLS (ldap:// + requiretls, ldaps://)
| |
| * automountMap successfully found
| |
| * referring to another server using ldap:server:dn works
| |
| * volumes mounted as expected
| |
|
| |
| '''[shanks] Tested program: sssd-1.3.0-35.fc14.x86_64
| |
| * Not tested deeply, basic operation of LDAP ID and auth works:
| |
| [sssd[be[LDAP]]] [get_server_status] (7): Status of server 'fed14sssdldap.gsr.pnq.redhat.com' is 'working'
| |
| [sssd[be[LDAP]]] [be_resolve_server_done] (4): Found address for server fed14sssdldap.gsr.pnq.redhat.com: [10.65.201.183]
| |
| [sssd[be[LDAP]]] [sdap_connect_send] (4): Executing START TLS
| |
| [sssd[be[LDAP]]] [sdap_ldap_connect_callback_add] (9): New LDAP connection to [ldap://fed14sssdldap.gsr.pnq.redhat.com:389] with fd [26].
| |
| [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: sh[0xe9d210], connected[1], ops[0xe7e280], ldap[0xea1220]
| |
| [sssd[be[LDAP]]] [sdap_connect_done] (3): START TLS result: Success(0), Start TLS request accepted.Server willing to negotiate SSL.
| |
| [sssd[be[LDAP]]] [fo_set_port_status] (4): Marking port 389 of server 'fed14sssdldap.gsr.pnq.redhat.com' as 'working'
| |
| [sssd[be[LDAP]]] [set_server_common_status] (4): Marking server 'fed14sssdldap.gsr.pnq.redhat.com' as 'working'
| |
| [sssd[be[LDAP]]] [ldb] (9): tevent: Added timed event "ltdb_callback": 0xec7d50
| |
|
| |
| [sssd[be[LDAP]]] [ldb] (9): tevent: Added timed event "ltdb_timeout": 0xec78c0
| |
|
| |
| [sssd[be[LDAP]]] [ldb] (9): tevent: Destroying timer event 0xec78c0 "ltdb_timeout"
| |
|
| |
| [sssd[be[LDAP]]] [ldb] (9): tevent: Ending timer event 0xec7d50 "ltdb_callback"
| |
|
| |
| [sssd[be[LDAP]]] [find_password_expiration_attributes] (9): No password policy requested.
| |
| [sssd[be[LDAP]]] [simple_bind_send] (4): Executing simple bind as: uid=puser1,ou=People,dc=example,dc=com
| |
| [sssd[be[LDAP]]] [simple_bind_send] (8): ldap simple bind sent, msgid = 2
| |
| [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: sh[0xe9d210], connected[1], ops[0xec79e0], ldap[0xea1220]
| |
| [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: ldap_result found nothing!
| |
| [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: sh[0xe9d210], connected[1], ops[0xec79e0], ldap[0xea1220]
| |
| [sssd[be[LDAP]]] [simple_bind_done] (5): Server returned no controls.
| |
| [sssd[be[LDAP]]] [simple_bind_done] (3): Bind result: Success(0), (null)
| |
|
| |
|
| |
| '''[jgorig] Tested program: proftpd-1.3.3b-1.fc14.x86_64'''
| |
| * user authentication works
| |
| * [http://www.mustuniversityaccreditation.com Mustuniversity]
| |
| * [http://www.aboutmustuniversity.com Must University]
| |
|
| |
| [[Category:Fedora 14 Test Days]]
| |