1 #! /bin/sh 2 # $OpenLDAP$ 3 ## This work is part of OpenLDAP Software <http://www.openldap.org/>. 4 ## 5 ## Copyright 1998-2024 The OpenLDAP Foundation. 6 ## All rights reserved. 7 ## 8 ## Redistribution and use in source and binary forms, with or without 9 ## modification, are permitted only as authorized by the OpenLDAP 10 ## Public License. 11 ## 12 ## A copy of this license is available in the file LICENSE in the 13 ## top-level directory of the distribution or, alternatively, at 14 ## <http://www.OpenLDAP.org/license.html>. 15 16 echo "running defines.sh" 17 . $SRCDIR/scripts/defines.sh 18 19 # requires MSAD_URI, MSAD_SUFFIX, MSAD_ADMINDN, MSAD_ADMINPW 20 if test -z "$MSAD_URI"; then 21 echo "No MSAD envvars set, test skipped" 22 exit 0 23 fi 24 if test $SYNCPROV = syncprovno; then 25 echo "Syncrepl provider overlay not available, test skipped" 26 exit 0 27 fi 28 29 mkdir -p $TESTDIR $DBDIR2 30 31 URI1=$MSAD_URI 32 BASEDN="ou=OpenLDAPtest,$MSAD_SUFFIX" 33 DC=`echo $MSAD_SUFFIX | sed -e 's/dc=//' -e 's/,.*//'` 34 35 # 36 # Test replication: 37 # - populate MSAD over ldap 38 # - start consumer 39 # - perform some modifies and deletes 40 # - attempt to modify the consumer (referral) 41 # - retrieve database over ldap and compare against expected results 42 # 43 44 # Notes: 45 # We use a separate OU under the MSAD suffix to contain our test objects, 46 # since we can't just wipe out the entire directory when starting over. 47 # The replication search filter is thus more convoluted than would normally 48 # be needed. Typically it would only need (|(objectclass=user)(objectclass=group)) 49 # 50 # MSAD does referential integrity by default, so to get 1-to-1 modifications 51 # we must add users before creating groups that reference them, and we 52 # should delete group memberships before deleting users. If we delete 53 # users first, MSAD will automatically remove them from their groups, 54 # but won't notify us of these changed groups. 55 # We could use the refint overlay to duplicate this behavior, but that's 56 # beyond the scope of this test. 57 58 echo "Using ldapsearch to check that MSAD is running..." 59 $LDAPSEARCH -D $MSAD_ADMINDN -w $MSAD_ADMINPW -s base -b "$MSAD_SUFFIX" -H $MSAD_URI 'objectclass=*' > /dev/null 2>&1 60 RC=$? 61 if test $RC != 0 ; then 62 echo "ldapsearch failed ($RC)!" 63 exit $RC 64 fi 65 66 echo "Using ldapdelete to delete old MSAD test tree, if any..." 67 $LDAPDELETE -D "$MSAD_ADMINDN" -H $MSAD_URI -w $MSAD_ADMINPW -r "$BASEDN" 68 RC=$? 69 70 echo "Using ldapadd to create the test context entry in MSAD..." 71 sed -e "s/dc=example,dc=com/$MSAD_SUFFIX/" < $LDIFDIRSYNCCP | \ 72 $LDAPADD -D "$MSAD_ADMINDN" -H $MSAD_URI -w $MSAD_ADMINPW > /dev/null 2>&1 73 74 RC=$? 75 if test $RC != 0 ; then 76 echo "ldapadd failed ($RC)!" 77 test $KILLSERVERS != no && kill -HUP $KILLPIDS 78 exit $RC 79 fi 80 81 echo "Starting consumer slapd on TCP/IP port $PORT2..." 82 . $CONFFILTER $BACKEND < $DIRSYNC1CONF | . $CONFDIRSYNC > $CONF2 83 $SLAPADD -f $CONF2 <<EOMODS 84 dn: $MSAD_SUFFIX 85 dc: $DC 86 objectclass: organization 87 objectclass: dcObject 88 o: OpenLDAP Testing 89 90 EOMODS 91 RC=$? 92 if test $RC != 0 ; then 93 echo "slapadd failed ($RC)!" 94 test $KILLSERVERS != no && kill -HUP $KILLPIDS 95 exit $RC 96 fi 97 98 $SLAPD -f $CONF2 -h $URI2 -d $LVL > $LOG2 2>&1 & 99 CONSUMERPID=$! 100 if test $WAIT != 0 ; then 101 echo CONSUMERPID $CONSUMERPID 102 read foo 103 fi 104 KILLPIDS="$KILLPIDS $CONSUMERPID" 105 106 sleep 1 107 108 echo "Using ldapsearch to check that consumer slapd is running..." 109 for i in 0 1 2 3 4 5; do 110 $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \ 111 'objectclass=*' > /dev/null 2>&1 112 RC=$? 113 if test $RC = 0 ; then 114 break 115 fi 116 echo "Waiting 5 seconds for slapd to start..." 117 sleep 5 118 done 119 120 if test $RC != 0 ; then 121 echo "ldapsearch failed ($RC)!" 122 test $KILLSERVERS != no && kill -HUP $KILLPIDS 123 exit $RC 124 fi 125 126 127 echo "Using ldapsearch to check that consumer received context entry..." 128 for i in 0 1 2 3 4 5; do 129 $LDAPSEARCH -s base -b "$BASEDN" -H $URI2 \ 130 'objectclass=*' > /dev/null 2>&1 131 RC=$? 132 if test $RC = 0 ; then 133 break 134 fi 135 echo "Waiting 5 seconds for syncrepl to catch up..." 136 sleep 5 137 done 138 139 if test $RC != 0 ; then 140 echo "ldapsearch failed ($RC)!" 141 test $KILLSERVERS != no && kill -HUP $KILLPIDS 142 exit $RC 143 fi 144 145 echo "Using ldapadd to populate MSAD..." 146 sed -e "s/dc=example,dc=com/$BASEDN/" < $LDIFDIRSYNCNOCP | \ 147 $LDAPADD -D "$MSAD_ADMINDN" -H $MSAD_URI -w $MSAD_ADMINPW > /dev/null 2>&1 148 RC=$? 149 if test $RC != 0 ; then 150 echo "ldapadd failed ($RC)!" 151 test $KILLSERVERS != no && kill -HUP $KILLPIDS 152 exit $RC 153 fi 154 155 echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 156 sleep $SLEEP1 157 158 echo "Using ldapmodify to modify provider directory..." 159 160 # 161 # Do some modifications 162 # 163 164 $LDAPMODIFY -v -H $MSAD_URI -D "$MSAD_ADMINDN" -w $MSAD_ADMINPW > \ 165 $TESTOUT 2>&1 << EOMODS 166 dn: cn=James A Jones 1, ou=Alumni Association, ou=People, $BASEDN 167 changetype: modify 168 add: carLicense 169 carLicense: Orange Juice 170 - 171 delete: sn 172 sn: Jones 173 - 174 add: sn 175 sn: Jones 176 177 dn: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, $BASEDN 178 changetype: modify 179 replace: carLicense 180 carLicense: Iced Tea 181 carLicense: Mad Dog 20/20 182 183 dn: cn=ITD Staff,ou=Groups,$BASEDN 184 changetype: modify 185 delete: uniquemember 186 uniquemember: cn=James A Jones 2, ou=Information Technology Division, ou=People, $BASEDN 187 uniquemember: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, $BASEDN 188 - 189 add: uniquemember 190 uniquemember: cn=Dorothy Stevens, ou=Alumni Association, ou=People, $BASEDN 191 uniquemember: cn=James A Jones 1, ou=Alumni Association, ou=People, $BASEDN 192 193 dn: cn=All Staff,ou=Groups,$BASEDN 194 changetype: modify 195 replace: description 196 description: The whole universe 197 - 198 delete: member 199 member: cn=James A Jones 2,ou=Information Technology Division,ou=People,$BASEDN 200 201 dn: cn=Gern Jensen, ou=Information Technology Division, ou=People, $BASEDN 202 changetype: add 203 objectclass: inetorgperson 204 objectclass: domainrelatedobject 205 cn: Gern Jensen 206 sn: Jensen 207 uid: gjensen 208 title: Chief Investigator, ITD 209 postaladdress: ITD $ 535 W. William St $ Ann Arbor, MI 48103 210 seealso: cn=All Staff, ou=Groups, $BASEDN 211 carLicense: Coffee 212 homepostaladdress: 844 Brown St. Apt. 4 $ Ann Arbor, MI 48104 213 description: Very odd 214 facsimiletelephonenumber: +1 313 555 7557 215 telephonenumber: +1 313 555 8343 216 mail: gjensen@mailgw.example.com 217 homephone: +1 313 555 8844 218 associateddomain: test.openldap.org 219 220 dn: ou=Retired, ou=People, $BASEDN 221 changetype: add 222 objectclass: organizationalUnit 223 ou: Retired 224 225 dn: cn=Rosco P. Coltrane, ou=Information Technology Division, ou=People, $BASEDN 226 changetype: add 227 objectclass: inetorgperson 228 objectclass: domainrelatedobject 229 cn: Rosco P. Coltrane 230 sn: Coltrane 231 uid: rosco 232 associateddomain: test.openldap.org 233 234 dn: cn=Rosco P. Coltrane, ou=Information Technology Division, ou=People, $BASEDN 235 changetype: modrdn 236 newrdn: cn=Rosco P. Coltrane 237 deleteoldrdn: 1 238 newsuperior: ou=Retired, ou=People, $BASEDN 239 240 dn: ou=testdomain1,$BASEDN 241 changetype: modrdn 242 newrdn: ou=itsdomain1 243 deleteoldrdn: 1 244 245 dn: ou=itsdomain1,$BASEDN 246 changetype: modify 247 replace: description 248 description: Example, Inc. ITS test domain 249 250 EOMODS 251 252 RC=$? 253 if test $RC != 0 ; then 254 echo "ldapmodify failed ($RC)!" 255 test $KILLSERVERS != no && kill -HUP $KILLPIDS 256 exit $RC 257 fi 258 259 echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 260 sleep $SLEEP1 261 262 echo "Performing modrdn alone on the provider..." 263 $LDAPMODIFY -v -H $MSAD_URI -D "$MSAD_ADMINDN" -w $MSAD_ADMINPW > \ 264 $TESTOUT 2>&1 << EOMODS 265 dn: ou=testdomain2,$BASEDN 266 changetype: modrdn 267 newrdn: ou=itsdomain2 268 deleteoldrdn: 1 269 270 EOMODS 271 272 RC=$? 273 if test $RC != 0 ; then 274 echo "ldapmodify failed ($RC)!" 275 test $KILLSERVERS != no && kill -HUP $KILLPIDS 276 exit $RC 277 fi 278 279 echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 280 sleep $SLEEP1 281 282 echo "Performing modify alone on the provider..." 283 $LDAPMODIFY -v -H $MSAD_URI -D "$MSAD_ADMINDN" -w $MSAD_ADMINPW > \ 284 $TESTOUT 2>&1 << EOMODS 285 dn: ou=itsdomain2,$BASEDN 286 changetype: modify 287 replace: description 288 description: Example, Inc. itsdomain2 test domain 289 290 EOMODS 291 292 RC=$? 293 if test $RC != 0 ; then 294 echo "ldapmodify failed ($RC)!" 295 test $KILLSERVERS != no && kill -HUP $KILLPIDS 296 exit $RC 297 fi 298 299 echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 300 sleep $SLEEP1 301 302 echo "Performing larger modify on the provider..." 303 $LDAPMODIFY -v -H $MSAD_URI -D "$MSAD_ADMINDN" -w $MSAD_ADMINPW > \ 304 $TESTOUT 2>&1 << EOMODS 305 dn: cn=James A Jones 2, ou=Information Technology Division, ou=People, $BASEDN 306 changetype: delete 307 308 dn: cn=Alumni Assoc Staff,ou=Groups,$BASEDN 309 changetype: modify 310 replace: description 311 description: blablabla 312 - 313 replace: member 314 member: cn=Manager,$BASEDN 315 member: cn=Dorothy Stevens,ou=Alumni Association,ou=People,$BASEDN 316 member: cn=James A Jones 1,ou=Alumni Association,ou=People,$BASEDN 317 member: cn=Jane Doe,ou=Alumni Association,ou=People,$BASEDN 318 member: cn=Jennifer Smith,ou=Alumni Association,ou=People,$BASEDN 319 member: cn=Mark Elliot,ou=Alumni Association,ou=People,$BASEDN 320 member: cn=Ursula Hampster,ou=Alumni Association,ou=People,$BASEDN 321 322 EOMODS 323 324 RC=$? 325 if test $RC != 0 ; then 326 echo "ldapmodify failed ($RC)!" 327 test $KILLSERVERS != no && kill -HUP $KILLPIDS 328 exit $RC 329 fi 330 331 echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..." 332 sleep $SLEEP1 333 334 OPATTRS="entryUUID creatorsName createTimestamp modifiersName modifyTimestamp" 335 336 echo "Using ldapsearch to read all the entries from the provider..." 337 $LDAPSEARCH -D $MSAD_ADMINDN -w $MSAD_ADMINPW -S "" -H $MSAD_URI -b "$MSAD_SUFFIX" -E \!dirsync=0/0 -o ldif_wrap=120 \ 338 '(associatedDomain=test.openldap.org)' > $PROVIDEROUT 2>&1 339 RC=$? 340 341 if test $RC != 0 ; then 342 echo "ldapsearch failed at provider ($RC)!" 343 test $KILLSERVERS != no && kill -HUP $KILLPIDS 344 exit $RC 345 fi 346 347 echo "Using ldapsearch to read all the entries from the consumer..." 348 $LDAPSEARCH -S "" -b "$BASEDN" -H $URI2 -o ldif_wrap=120 \ 349 '(objectclass=*)' > $CONSUMEROUT 2>&1 350 RC=$? 351 352 if test $RC != 0 ; then 353 echo "ldapsearch failed at consumer ($RC)!" 354 test $KILLSERVERS != no && kill -HUP $KILLPIDS 355 exit $RC 356 fi 357 358 test $KILLSERVERS != no && kill -HUP $KILLPIDS 359 360 echo "Filtering provider results..." 361 $LDIFFILTER -s a < $PROVIDEROUT | sed -e 's/CN=/cn=/g' -e 's/OU=/ou=/g' -e 's/DC=/dc=/g' > $PROVIDERFLT 362 echo "Filtering consumer results..." 363 $LDIFFILTER -s a < $CONSUMEROUT > $CONSUMERFLT 364 365 echo "Comparing retrieved entries from provider and consumer..." 366 $CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT 367 368 if test $? != 0 ; then 369 echo "test failed - provider and consumer databases differ" 370 exit 1 371 fi 372 373 echo ">>>>> Test succeeded" 374 375 test $KILLSERVERS != no && wait 376 377 exit 0 378
Indexes created Sun Apr 19 00:22:55 UTC 2026