Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Paste
P8321
LDAP ppolicy tests
Active
Public
Actions
Authored by
akosiaris
on Apr 1 2019, 1:18 PM.
Edit Paste
Archive Paste
View Raw File
Subscribe
Mute Notifications
Award Token
Flag For Later
Tags
None
Subscribers
None
vagrant@m1:/vagrant$ make all
sudo service slapd stop
sudo -u openldap find /var/lib/slapd -type f -exec rm
{}
\;
sudo -u openldap slapadd -l init_data.ldif
5ca22d74 /etc/ldap/slapd.conf: line
70
: rootdn is always granted unlimited privileges.
5ca22d74 /etc/ldap/acls.conf: line
10
: rootdn is always granted unlimited privileges.
5ca22d74 /etc/ldap/acls.conf: line
21
: rootdn is always granted unlimited privileges.
5ca22d74 The first database does not allow slapadd
;
using the first available one
(
2
)
_####################
100
.00% eta none elapsed none fast!
Closing DB...
sudo service slapd start
ldapadd -x -D
"cn=admin,dc=example,dc=com"
-w admin -f user.ldif
adding new entry
"uid=user1,ou=people,dc=example,dc=com"
adding new entry
"uid=user2,ou=people,dc=example,dc=com"
adding new entry
"uid=user3,ou=people,dc=example,dc=com"
adding new entry
"uid=user4,ou=people,dc=example,dc=com"
adding new entry
"uid=user5,ou=people,dc=example,dc=com"
admin account resets pass. Note we dont reset the pass
for
user2
Succesful Auth: user1
Succesful Auth: user2
Succesful Auth: user3
Succesful Auth: user4
Succesful Auth: user5
Set maxage
for
user1, user2
Set pwdAccountLockedTime: 000001010000Z
for
user3, pwdLockout: TRUE
Set pwdAccountLockedTime: 000001010000Z
for
user4, pwdLockout: FALSE
Set pwdAccountLockedTime: 000001010000Z
for
user5, pwdLockout: TRUE, maxage:
1
Failed auth: user1
Succesful Auth: user2
Failed auth: user3
Succesful Auth: user4
Failed auth: user5
admin account resets pass. Note we dont reset the pass
for
user2
Succesful Auth: user1
Succesful Auth: user2
Succesful Auth: user3
Succesful Auth: user4
Succesful Auth: user5
User accounts resets pass
ldappasswd -x -D
"uid=user1,ou=people,dc=example,dc=com"
-w user1 -s user1
uid
=
user1,ou
=
people,dc
=
example,dc
=
com
ldappasswd -x -D
"uid=user2,ou=people,dc=example,dc=com"
-w user2 -s user2
uid
=
user2,ou
=
people,dc
=
example,dc
=
com
ldappasswd -x -D
"uid=user3,ou=people,dc=example,dc=com"
-w user3 -s user3
uid
=
user3,ou
=
people,dc
=
example,dc
=
com
ldappasswd -x -D
"uid=user4,ou=people,dc=example,dc=com"
-w user4 -s user4
uid
=
user4,ou
=
people,dc
=
example,dc
=
com
ldappasswd -x -D
"uid=user5,ou=people,dc=example,dc=com"
-w user5 -s user5
uid
=
user5,ou
=
people,dc
=
example,dc
=
com
Succesful Auth: user1
Succesful Auth: user2
Succesful Auth: user3
Succesful Auth: user4
Succesful Auth: user5
vagrant@m1:/vagrant$ vi Makefile
vagrant@m1:/vagrant$ make all
sudo service slapd stop
sudo -u openldap find /var/lib/slapd -type f -exec rm
{}
\;
sudo -u openldap slapadd -l init_data.ldif
5ca22d9c /etc/ldap/slapd.conf: line
70
: rootdn is always granted unlimited privileges.
5ca22d9c /etc/ldap/acls.conf: line
10
: rootdn is always granted unlimited privileges.
5ca22d9c /etc/ldap/acls.conf: line
21
: rootdn is always granted unlimited privileges.
5ca22d9c The first database does not allow slapadd
;
using the first available one
(
2
)
_####################
100
.00% eta none elapsed none fast!
Closing DB...
sudo service slapd start
ldapadd -x -D
"cn=admin,dc=example,dc=com"
-w admin -f user.ldif
adding new entry
"uid=user1,ou=people,dc=example,dc=com"
adding new entry
"uid=user2,ou=people,dc=example,dc=com"
adding new entry
"uid=user3,ou=people,dc=example,dc=com"
adding new entry
"uid=user4,ou=people,dc=example,dc=com"
adding new entry
"uid=user5,ou=people,dc=example,dc=com"
admin account resets pass. Note we dont reset the pass
for
user2
Succesful Auth: user1
Succesful Auth: user2
Succesful Auth: user3
Succesful Auth: user4
Succesful Auth: user5
Set maxage
for
user1, user2
Set pwdAccountLockedTime: 000001010000Z
for
user3, pwdLockout: TRUE
Set pwdAccountLockedTime: 000001010000Z
for
user4, pwdLockout: FALSE
Set pwdAccountLockedTime: 000001010000Z
for
user5, pwdLockout: TRUE, maxage:
1
Failed auth: user1
Succesful Auth: user2
Failed auth: user3
Succesful Auth: user4
Failed auth: user5
admin account resets pass. Note we dont reset the pass
for
user2
Failed auth: user1
Succesful Auth: user2
Succesful Auth: user3
Succesful Auth: user4
Failed auth: user5
User accounts resets pass
ldappasswd -x -D
"uid=user1,ou=people,dc=example,dc=com"
-w user1 -s user1
uid
=
user1,ou
=
people,dc
=
example,dc
=
com
ldap_bind: Invalid credentials
(
49
)
Makefile:50: recipe
for
target
'resetpass_by_user'
failed
make:
[
resetpass_by_user
]
Error
49
(
ignored
)
ldappasswd -x -D
"uid=user2,ou=people,dc=example,dc=com"
-w user2 -s user2
uid
=
user2,ou
=
people,dc
=
example,dc
=
com
ldappasswd -x -D
"uid=user3,ou=people,dc=example,dc=com"
-w user3 -s user3
uid
=
user3,ou
=
people,dc
=
example,dc
=
com
ldappasswd -x -D
"uid=user4,ou=people,dc=example,dc=com"
-w user4 -s user4
uid
=
user4,ou
=
people,dc
=
example,dc
=
com
ldappasswd -x -D
"uid=user5,ou=people,dc=example,dc=com"
-w user5 -s user5
uid
=
user5,ou
=
people,dc
=
example,dc
=
com
ldap_bind: Invalid credentials
(
49
)
Makefile:50: recipe
for
target
'resetpass_by_user'
failed
make:
[
resetpass_by_user
]
Error
49
(
ignored
)
Failed auth: user1
Succesful Auth: user2
Succesful Auth: user3
Succesful Auth: user4
Failed auth: user5
Event Timeline
akosiaris
created this paste.
Apr 1 2019, 1:18 PM
2019-04-01 13:18:42 (UTC+0)
akosiaris
edited the content of this paste.
(Show Details)
Apr 1 2019, 2:03 PM
2019-04-01 14:03:28 (UTC+0)
akosiaris
mentioned this in
T168692: Blocking an account on wikitech should disable LDAP logins
.
Apr 1 2019, 3:18 PM
2019-04-01 15:18:33 (UTC+0)
akosiaris
edited the content of this paste.
(Show Details)
Apr 1 2019, 3:28 PM
2019-04-01 15:28:02 (UTC+0)
Log In to Comment