Latest revision |
Your text |
Line 1: |
Line 1: |
| | [[Category:Test Days]] |
| | [[Category:QA Templates]] |
| | |
| {|border="1" | | {|border="1" |
| |-style="color: white; background-color: #3074c2; font-weight: bold" | | |-style="color: white; background-color: #3074c2; font-weight: bold" |
Line 55: |
Line 58: |
| | autofs | | | autofs |
| | jvcelak | | | jvcelak |
| | {{result|pass}} | | | |
| |- | | |- |
| | krb5-workstation | | | krb5-workstation |
Line 83: |
Line 86: |
| | ruby-ldap | | | ruby-ldap |
| | alich | | | alich |
| | {{result|pass}} | | | |
| |- | | |- |
| | sssd | | | sssd |
| | shanks | | | shanks |
| | {{result|pass}} | | | |
| |- | | |- |
| | sudo | | | sudo |
Line 179: |
Line 182: |
| | proftpd | | | proftpd |
| | jgorig | | | jgorig |
| | {{result|pass}} | | | |
| |- | | |- |
| | pure-ftpd | | | pure-ftpd |
Line 494: |
Line 497: |
|
| |
|
| {{admon/warning|Test OpenLDAP with MozNSS primarily|Please, use mainly openldap03. The other servers are only for reference, to reveal possible behavior changes.}} | | {{admon/warning|Test OpenLDAP with MozNSS primarily|Please, use mainly openldap03. The other servers are only for reference, to reveal possible behavior changes.}} |
|
| |
| {{admon/caution|Test Day is over|The servers are no longer available.}}
| |
|
| |
|
| {| | | {| |
Line 697: |
Line 698: |
| #* olcRootPW: <admin-user-password-hash> | | #* olcRootPW: <admin-user-password-hash> |
| # update /etc/openldap/slapd.d/cn=config/olcDatabase={2}monitor.ldif | | # update /etc/openldap/slapd.d/cn=config/olcDatabase={2}monitor.ldif |
| #* olcAccess: {0}to * by dn.base="cn=manager,dc=copper,dc=testday" read by * none | | #* olcAccess: {0}to * by dn.base="cn=manager,dc=copper,dc=testday" read by * non |
| # start your server: <code>service slapd start</code> | | # start your server: <code>service slapd start</code> |
| # try your serve functionality | | # try your serve functionality |
Line 705: |
Line 706: |
| #* download example [http://jvcelak.fedorapeople.org/testday-101014/root_copper.ldif root DN nodes] (LDIF) | | #* download example [http://jvcelak.fedorapeople.org/testday-101014/root_copper.ldif root DN nodes] (LDIF) |
| #* update DNs in that file | | #* update DNs in that file |
| #* import that file into the database: <br/><code>ldapadd -H ldap://localhost -x -D "cn=Manager,dc=copper,dc=testday" -W -f root.ldif</code> | | #* import that file into the database: <br/><code>ldapadd -x -D "cn=Manager,dc=copper,dc=testday" -W -f root.ldif</code> |
| # install BDB configuration file | | # install BDB configuration file |
| #* <code>cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG</code> | | #* <code>cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_EXAMPLE</code> |
| # restart your server: <code>service slapd restart</code> | | # restart your server: <code>service slapd restart</code> |
| # '''your server is now configured and running without TLS''' | | # '''your server is now configured and running without TLS''' |
Line 807: |
Line 808: |
| * OK: Ldap backend with TLS, works as a proxy (tested including loops) | | * OK: Ldap backend with TLS, works as a proxy (tested including loops) |
| * OK: self-signed certificates | | * OK: self-signed certificates |
| * OK: delta-syncrepl with TLS
| |
| ** verification with OpenSSL fails when connecting to localhost (host name doesn't match) | | ** verification with OpenSSL fails when connecting to localhost (host name doesn't match) |
| ** verification with MozNSS works well when connecting to localhost or hostname | | ** verification with MozNSS works well when connecting to localhost or hostname |
Line 882: |
Line 882: |
|
| |
|
| '''[amarecek] Tested program: sudo-1.7.4p4-3.fc14.x86_64''' | | '''[amarecek] Tested program: sudo-1.7.4p4-3.fc14.x86_64''' |
| * rights escalation with ldap users only | | * rights escalation with ldap users only, local users and ldap groups, ldap groups with white spaces. |
| * rights escalation with local users and ldap groups
| |
| * rights escalation with ldap users containing white spaces (also "su" tested)
| |
| * rights escalation with ldap groups containing white spaces
| |
|
| |
|
| '''[jgorig] Tested program: php-ldap-5.3.3-1.fc14.x86_64''' | | '''[jgorig] Tested program: php-ldap-5.3.3-1.fc14.x86_64''' |
Line 911: |
Line 908: |
| | | |
| ldap_close($conn); | | ldap_close($conn); |
|
| |
| '''[amarecek] Tested program: ruby-1.8.7.302-1.fc14.x86_64, ruby-ldap-0.9.7-10.fc12.x86_64'''
| |
| * simple connection works
| |
| #!/bin/env ruby
| |
| require 'ldap'
| |
| _host = 'openldap03.fedoraproject.org'
| |
| _port = 389
| |
| _binddn = 'cn=Tester,dc=gold,dc=testday'
| |
| _bindpw = 'openldap'
| |
| _base = 'ou=alich,ou=free,dc=gold,dc=testday'
| |
| connection = LDAP::Conn.new(_host, _port)
| |
| connection.bind(_binddn, _bindpw)
| |
| connection.perror("bind")
| |
| scope = LDAP::LDAP_SCOPE_SUBTREE
| |
| attrs = ['dn', 'cn']
| |
| items = ['posixAccount', 'posixGroup']
| |
| items.each { |item|
| |
| filter = "(objectClass=#{item})"
| |
| begin
| |
| connection.search(_base, scope, filter) { |record|
| |
| print "DN: #{record.dn}\n"
| |
| print "ATTRS: #{record.attrs}\n"
| |
| print "\tCN: #{record.vals('cn')}\n"
| |
| print "#{record.to_hash}\n"
| |
| }
| |
| rescue LDAP::ResultError
| |
| connection.perror("search")
| |
| exit 1
| |
| end
| |
| connection.perror("search")
| |
| }
| |
| connection.unbind
| |
| * all data were found successfully
| |
|
| |
| '''[jvcelak] Tested program: autofs-5.0.5-31.fc15.x86_64'''
| |
| * reported bug #643045 (outdated autofs.schema in openldap-servers)
| |
| * automounter connects to LDAP server with TLS (ldap:// + requiretls, ldaps://)
| |
| * automountMap successfully found
| |
| * referring to another server using ldap:server:dn works
| |
| * volumes mounted as expected
| |
|
| |
| '''[shanks] Tested program: sssd-1.3.0-35.fc14.x86_64
| |
| * Not tested deeply, basic operation of LDAP ID and auth works:
| |
| [sssd[be[LDAP]]] [get_server_status] (7): Status of server 'fed14sssdldap.gsr.pnq.redhat.com' is 'working'
| |
| [sssd[be[LDAP]]] [be_resolve_server_done] (4): Found address for server fed14sssdldap.gsr.pnq.redhat.com: [10.65.201.183]
| |
| [sssd[be[LDAP]]] [sdap_connect_send] (4): Executing START TLS
| |
| [sssd[be[LDAP]]] [sdap_ldap_connect_callback_add] (9): New LDAP connection to [ldap://fed14sssdldap.gsr.pnq.redhat.com:389] with fd [26].
| |
| [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: sh[0xe9d210], connected[1], ops[0xe7e280], ldap[0xea1220]
| |
| [sssd[be[LDAP]]] [sdap_connect_done] (3): START TLS result: Success(0), Start TLS request accepted.Server willing to negotiate SSL.
| |
| [sssd[be[LDAP]]] [fo_set_port_status] (4): Marking port 389 of server 'fed14sssdldap.gsr.pnq.redhat.com' as 'working'
| |
| [sssd[be[LDAP]]] [set_server_common_status] (4): Marking server 'fed14sssdldap.gsr.pnq.redhat.com' as 'working'
| |
| [sssd[be[LDAP]]] [ldb] (9): tevent: Added timed event "ltdb_callback": 0xec7d50
| |
|
| |
| [sssd[be[LDAP]]] [ldb] (9): tevent: Added timed event "ltdb_timeout": 0xec78c0
| |
|
| |
| [sssd[be[LDAP]]] [ldb] (9): tevent: Destroying timer event 0xec78c0 "ltdb_timeout"
| |
|
| |
| [sssd[be[LDAP]]] [ldb] (9): tevent: Ending timer event 0xec7d50 "ltdb_callback"
| |
|
| |
| [sssd[be[LDAP]]] [find_password_expiration_attributes] (9): No password policy requested.
| |
| [sssd[be[LDAP]]] [simple_bind_send] (4): Executing simple bind as: uid=puser1,ou=People,dc=example,dc=com
| |
| [sssd[be[LDAP]]] [simple_bind_send] (8): ldap simple bind sent, msgid = 2
| |
| [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: sh[0xe9d210], connected[1], ops[0xec79e0], ldap[0xea1220]
| |
| [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: ldap_result found nothing!
| |
| [sssd[be[LDAP]]] [sdap_process_result] (8): Trace: sh[0xe9d210], connected[1], ops[0xec79e0], ldap[0xea1220]
| |
| [sssd[be[LDAP]]] [simple_bind_done] (5): Server returned no controls.
| |
| [sssd[be[LDAP]]] [simple_bind_done] (3): Bind result: Success(0), (null)
| |
|
| |
|
| |
| '''[jgorig] Tested program: proftpd-1.3.3b-1.fc14.x86_64'''
| |
| * user authentication works
| |
| * [http://www.mustuniversityaccreditation.com Mustuniversity]
| |
| * [http://www.aboutmustuniversity.com Must University]
| |
|
| |
| [[Category:Fedora 14 Test Days]]
| |