summaryrefslogtreecommitdiffstats
path: root/tests/scripts/test071-dirsync
diff options
context:
space:
mode:
Diffstat (limited to 'tests/scripts/test071-dirsync')
-rwxr-xr-xtests/scripts/test071-dirsync377
1 files changed, 377 insertions, 0 deletions
diff --git a/tests/scripts/test071-dirsync b/tests/scripts/test071-dirsync
new file mode 100755
index 0000000..455629b
--- /dev/null
+++ b/tests/scripts/test071-dirsync
@@ -0,0 +1,377 @@
+#! /bin/sh
+# $OpenLDAP$
+## This work is part of OpenLDAP Software <http://www.openldap.org/>.
+##
+## Copyright 1998-2022 The OpenLDAP Foundation.
+## All rights reserved.
+##
+## Redistribution and use in source and binary forms, with or without
+## modification, are permitted only as authorized by the OpenLDAP
+## Public License.
+##
+## A copy of this license is available in the file LICENSE in the
+## top-level directory of the distribution or, alternatively, at
+## <http://www.OpenLDAP.org/license.html>.
+
+echo "running defines.sh"
+. $SRCDIR/scripts/defines.sh
+
+# requires MSAD_URI, MSAD_SUFFIX, MSAD_ADMINDN, MSAD_ADMINPW
+if test -z "$MSAD_URI"; then
+ echo "No MSAD envvars set, test skipped"
+ exit 0
+fi
+if test $SYNCPROV = syncprovno; then
+ echo "Syncrepl provider overlay not available, test skipped"
+ exit 0
+fi
+
+mkdir -p $TESTDIR $DBDIR2
+
+URI1=$MSAD_URI
+BASEDN="ou=OpenLDAPtest,$MSAD_SUFFIX"
+DC=`echo $MSAD_SUFFIX | sed -e 's/dc=//' -e 's/,.*//'`
+
+#
+# Test replication:
+# - populate MSAD over ldap
+# - start consumer
+# - perform some modifies and deletes
+# - attempt to modify the consumer (referral)
+# - retrieve database over ldap and compare against expected results
+#
+
+# Notes:
+# We use a separate OU under the MSAD suffix to contain our test objects,
+# since we can't just wipe out the entire directory when starting over.
+# The replication search filter is thus more convoluted than would normally
+# be needed. Typically it would only need (|(objectclass=user)(objectclass=group))
+#
+# MSAD does referential integrity by default, so to get 1-to-1 modifications
+# we must add users before creating groups that reference them, and we
+# should delete group memberships before deleting users. If we delete
+# users first, MSAD will automatically remove them from their groups,
+# but won't notify us of these changed groups.
+# We could use the refint overlay to duplicate this behavior, but that's
+# beyond the scope of this test.
+
+echo "Using ldapsearch to check that MSAD is running..."
+$LDAPSEARCH -D $MSAD_ADMINDN -w $MSAD_ADMINPW -s base -b "$MSAD_SUFFIX" -H $MSAD_URI 'objectclass=*' > /dev/null 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ exit $RC
+fi
+
+echo "Using ldapdelete to delete old MSAD test tree, if any..."
+$LDAPDELETE -D "$MSAD_ADMINDN" -H $MSAD_URI -w $MSAD_ADMINPW -r "$BASEDN"
+RC=$?
+
+echo "Using ldapadd to create the test context entry in MSAD..."
+sed -e "s/dc=example,dc=com/$MSAD_SUFFIX/" < $LDIFDIRSYNCCP | \
+ $LDAPADD -D "$MSAD_ADMINDN" -H $MSAD_URI -w $MSAD_ADMINPW > /dev/null 2>&1
+
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapadd failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
+
+echo "Starting consumer slapd on TCP/IP port $PORT2..."
+. $CONFFILTER $BACKEND < $DIRSYNC1CONF | . $CONFDIRSYNC > $CONF2
+$SLAPADD -f $CONF2 <<EOMODS
+dn: $MSAD_SUFFIX
+dc: $DC
+objectclass: organization
+objectclass: dcObject
+o: OpenLDAP Testing
+
+EOMODS
+RC=$?
+if test $RC != 0 ; then
+ echo "slapadd failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
+
+$SLAPD -f $CONF2 -h $URI2 -d $LVL > $LOG2 2>&1 &
+CONSUMERPID=$!
+if test $WAIT != 0 ; then
+ echo CONSUMERPID $CONSUMERPID
+ read foo
+fi
+KILLPIDS="$KILLPIDS $CONSUMERPID"
+
+sleep 1
+
+echo "Using ldapsearch to check that consumer slapd is running..."
+for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \
+ 'objectclass=*' > /dev/null 2>&1
+ RC=$?
+ if test $RC = 0 ; then
+ break
+ fi
+ echo "Waiting 5 seconds for slapd to start..."
+ sleep 5
+done
+
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
+
+
+echo "Using ldapsearch to check that consumer received context entry..."
+for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$BASEDN" -H $URI2 \
+ 'objectclass=*' > /dev/null 2>&1
+ RC=$?
+ if test $RC = 0 ; then
+ break
+ fi
+ echo "Waiting 5 seconds for syncrepl to catch up..."
+ sleep 5
+done
+
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
+
+echo "Using ldapadd to populate MSAD..."
+sed -e "s/dc=example,dc=com/$BASEDN/" < $LDIFDIRSYNCNOCP | \
+ $LDAPADD -D "$MSAD_ADMINDN" -H $MSAD_URI -w $MSAD_ADMINPW > /dev/null 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapadd failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
+
+echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
+sleep $SLEEP1
+
+echo "Using ldapmodify to modify provider directory..."
+
+#
+# Do some modifications
+#
+
+$LDAPMODIFY -v -H $MSAD_URI -D "$MSAD_ADMINDN" -w $MSAD_ADMINPW > \
+ $TESTOUT 2>&1 << EOMODS
+dn: cn=James A Jones 1, ou=Alumni Association, ou=People, $BASEDN
+changetype: modify
+add: carLicense
+carLicense: Orange Juice
+-
+delete: sn
+sn: Jones
+-
+add: sn
+sn: Jones
+
+dn: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, $BASEDN
+changetype: modify
+replace: carLicense
+carLicense: Iced Tea
+carLicense: Mad Dog 20/20
+
+dn: cn=ITD Staff,ou=Groups,$BASEDN
+changetype: modify
+delete: uniquemember
+uniquemember: cn=James A Jones 2, ou=Information Technology Division, ou=People, $BASEDN
+uniquemember: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, $BASEDN
+-
+add: uniquemember
+uniquemember: cn=Dorothy Stevens, ou=Alumni Association, ou=People, $BASEDN
+uniquemember: cn=James A Jones 1, ou=Alumni Association, ou=People, $BASEDN
+
+dn: cn=All Staff,ou=Groups,$BASEDN
+changetype: modify
+replace: description
+description: The whole universe
+-
+delete: member
+member: cn=James A Jones 2,ou=Information Technology Division,ou=People,$BASEDN
+
+dn: cn=Gern Jensen, ou=Information Technology Division, ou=People, $BASEDN
+changetype: add
+objectclass: inetorgperson
+objectclass: domainrelatedobject
+cn: Gern Jensen
+sn: Jensen
+uid: gjensen
+title: Chief Investigator, ITD
+postaladdress: ITD $ 535 W. William St $ Ann Arbor, MI 48103
+seealso: cn=All Staff, ou=Groups, $BASEDN
+carLicense: Coffee
+homepostaladdress: 844 Brown St. Apt. 4 $ Ann Arbor, MI 48104
+description: Very odd
+facsimiletelephonenumber: +1 313 555 7557
+telephonenumber: +1 313 555 8343
+mail: gjensen@mailgw.example.com
+homephone: +1 313 555 8844
+associateddomain: test.openldap.org
+
+dn: ou=Retired, ou=People, $BASEDN
+changetype: add
+objectclass: organizationalUnit
+ou: Retired
+
+dn: cn=Rosco P. Coltrane, ou=Information Technology Division, ou=People, $BASEDN
+changetype: add
+objectclass: inetorgperson
+objectclass: domainrelatedobject
+cn: Rosco P. Coltrane
+sn: Coltrane
+uid: rosco
+associateddomain: test.openldap.org
+
+dn: cn=Rosco P. Coltrane, ou=Information Technology Division, ou=People, $BASEDN
+changetype: modrdn
+newrdn: cn=Rosco P. Coltrane
+deleteoldrdn: 1
+newsuperior: ou=Retired, ou=People, $BASEDN
+
+dn: ou=testdomain1,$BASEDN
+changetype: modrdn
+newrdn: ou=itsdomain1
+deleteoldrdn: 1
+
+dn: ou=itsdomain1,$BASEDN
+changetype: modify
+replace: description
+description: Example, Inc. ITS test domain
+
+EOMODS
+
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapmodify failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
+
+echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
+sleep $SLEEP1
+
+echo "Performing modrdn alone on the provider..."
+$LDAPMODIFY -v -H $MSAD_URI -D "$MSAD_ADMINDN" -w $MSAD_ADMINPW > \
+ $TESTOUT 2>&1 << EOMODS
+dn: ou=testdomain2,$BASEDN
+changetype: modrdn
+newrdn: ou=itsdomain2
+deleteoldrdn: 1
+
+EOMODS
+
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapmodify failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
+
+echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
+sleep $SLEEP1
+
+echo "Performing modify alone on the provider..."
+$LDAPMODIFY -v -H $MSAD_URI -D "$MSAD_ADMINDN" -w $MSAD_ADMINPW > \
+ $TESTOUT 2>&1 << EOMODS
+dn: ou=itsdomain2,$BASEDN
+changetype: modify
+replace: description
+description: Example, Inc. itsdomain2 test domain
+
+EOMODS
+
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapmodify failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
+
+echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
+sleep $SLEEP1
+
+echo "Performing larger modify on the provider..."
+$LDAPMODIFY -v -H $MSAD_URI -D "$MSAD_ADMINDN" -w $MSAD_ADMINPW > \
+ $TESTOUT 2>&1 << EOMODS
+dn: cn=James A Jones 2, ou=Information Technology Division, ou=People, $BASEDN
+changetype: delete
+
+dn: cn=Alumni Assoc Staff,ou=Groups,$BASEDN
+changetype: modify
+replace: description
+description: blablabla
+-
+replace: member
+member: cn=Manager,$BASEDN
+member: cn=Dorothy Stevens,ou=Alumni Association,ou=People,$BASEDN
+member: cn=James A Jones 1,ou=Alumni Association,ou=People,$BASEDN
+member: cn=Jane Doe,ou=Alumni Association,ou=People,$BASEDN
+member: cn=Jennifer Smith,ou=Alumni Association,ou=People,$BASEDN
+member: cn=Mark Elliot,ou=Alumni Association,ou=People,$BASEDN
+member: cn=Ursula Hampster,ou=Alumni Association,ou=People,$BASEDN
+
+EOMODS
+
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapmodify failed ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
+
+echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
+sleep $SLEEP1
+
+OPATTRS="entryUUID creatorsName createTimestamp modifiersName modifyTimestamp"
+
+echo "Using ldapsearch to read all the entries from the provider..."
+$LDAPSEARCH -D $MSAD_ADMINDN -w $MSAD_ADMINPW -S "" -H $MSAD_URI -b "$MSAD_SUFFIX" -E \!dirsync=0/0 -o ldif_wrap=120 \
+ '(associatedDomain=test.openldap.org)' > $PROVIDEROUT 2>&1
+RC=$?
+
+if test $RC != 0 ; then
+ echo "ldapsearch failed at provider ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
+
+echo "Using ldapsearch to read all the entries from the consumer..."
+$LDAPSEARCH -S "" -b "$BASEDN" -H $URI2 -o ldif_wrap=120 \
+ '(objectclass=*)' > $CONSUMEROUT 2>&1
+RC=$?
+
+if test $RC != 0 ; then
+ echo "ldapsearch failed at consumer ($RC)!"
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
+ exit $RC
+fi
+
+test $KILLSERVERS != no && kill -HUP $KILLPIDS
+
+echo "Filtering provider results..."
+$LDIFFILTER -s a < $PROVIDEROUT | sed -e 's/CN=/cn=/g' -e 's/OU=/ou=/g' -e 's/DC=/dc=/g' > $PROVIDERFLT
+echo "Filtering consumer results..."
+$LDIFFILTER -s a < $CONSUMEROUT > $CONSUMERFLT
+
+echo "Comparing retrieved entries from provider and consumer..."
+$CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT
+
+if test $? != 0 ; then
+ echo "test failed - provider and consumer databases differ"
+ exit 1
+fi
+
+echo ">>>>> Test succeeded"
+
+test $KILLSERVERS != no && wait
+
+exit 0