12de962bdSlukem#! /bin/sh 2d11b170bStron# $OpenLDAP$ 32de962bdSlukem## This work is part of OpenLDAP Software <http://www.openldap.org/>. 42de962bdSlukem## 5*e670fd5cSchristos## Copyright 2004-2021 The OpenLDAP Foundation. 62de962bdSlukem## All rights reserved. 72de962bdSlukem## 82de962bdSlukem## Redistribution and use in source and binary forms, with or without 92de962bdSlukem## modification, are permitted only as authorized by the OpenLDAP 102de962bdSlukem## Public License. 112de962bdSlukem## 122de962bdSlukem## A copy of this license is available in the file LICENSE in the 132de962bdSlukem## top-level directory of the distribution or, alternatively, at 142de962bdSlukem## <http://www.OpenLDAP.org/license.html>. 152de962bdSlukem 162de962bdSlukemecho "running defines.sh" 172de962bdSlukem. $SRCDIR/scripts/defines.sh 182de962bdSlukem 192de962bdSlukemif test $UNIQUE = uniqueno; then 202de962bdSlukem echo "Attribute Uniqueness overlay not available, test skipped" 212de962bdSlukem exit 0 222de962bdSlukemfi 232de962bdSlukem 24ef2f90d3SadamRCODEconstraint=19 25*e670fd5cSchristosRCODEnorelax=50 26ef2f90d3Sadamtest $BACKEND = null && RCODEconstraint=0 27ef2f90d3Sadam 282de962bdSlukemmkdir -p $TESTDIR $DBDIR1 292de962bdSlukem 302de962bdSlukem$SLAPPASSWD -g -n >$CONFIGPWF 312de962bdSlukemecho "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf 322de962bdSlukem 332de962bdSlukemecho "Running slapadd to build slapd database..." 34*e670fd5cSchristos. $CONFFILTER $BACKEND < $UNIQUECONF > $CONF1 352de962bdSlukem$SLAPADD -f $CONF1 -l $LDIFUNIQUE 362de962bdSlukemRC=$? 372de962bdSlukemif test $RC != 0 ; then 382de962bdSlukem echo "slapadd failed ($RC)!" 392de962bdSlukem exit $RC 402de962bdSlukemfi 412de962bdSlukem 422de962bdSlukemecho "Starting slapd on TCP/IP port $PORT1..." 432de962bdSlukemmkdir $TESTDIR/confdir 44*e670fd5cSchristos$SLAPD -f $CONF1 -F $TESTDIR/confdir -h $URI1 -d $LVL > $LOG1 2>&1 & 452de962bdSlukemPID=$! 462de962bdSlukemif test $WAIT != 0 ; then 472de962bdSlukem echo PID $PID 482de962bdSlukem read foo 492de962bdSlukemfi 502de962bdSlukemKILLPIDS="$PID" 512de962bdSlukem 522de962bdSlukemsleep 1 532de962bdSlukem 542de962bdSlukemecho "Testing slapd attribute uniqueness operations..." 552de962bdSlukemfor i in 0 1 2 3 4 5; do 56*e670fd5cSchristos $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ 572de962bdSlukem 'objectclass=*' > /dev/null 2>&1 582de962bdSlukem RC=$? 592de962bdSlukem if test $RC = 0 ; then 602de962bdSlukem break 612de962bdSlukem fi 622de962bdSlukem echo "Waiting 5 seconds for slapd to start..." 632de962bdSlukem sleep 5 642de962bdSlukemdone 652de962bdSlukem 662de962bdSlukemif test $RC != 0 ; then 672de962bdSlukem echo "ldapsearch failed ($RC)!" 682de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 692de962bdSlukem exit $RC 702de962bdSlukemfi 712de962bdSlukem 722de962bdSlukemecho "Adding a unique record..." 73*e670fd5cSchristos$LDAPADD -D "$UNIQUEDN" -H $URI1 -w $PASSWD \ 742de962bdSlukem > /dev/null << EOTUNIQ1 752de962bdSlukemdn: uid=dave,ou=users,o=unique 762de962bdSlukemobjectClass: inetOrgPerson 77376af7d7SchristosobjectClass: simpleSecurityObject 782de962bdSlukemuid: dave 792de962bdSlukemsn: nothere 802de962bdSlukemcn: dave 812de962bdSlukembusinessCategory: otest 822de962bdSlukemcarLicense: TEST 832de962bdSlukemdepartmentNumber: 42 842de962bdSlukem# NOTE: use special chars in attr value to be used 852de962bdSlukem# in internal searches ITS#4212 862de962bdSlukemdisplayName: Dave (ITS#4212) 872de962bdSlukememployeeNumber: 69 882de962bdSlukememployeeType: contractor 892de962bdSlukemgivenName: Dave 90376af7d7Schristosuserpassword: $PASSWD 912de962bdSlukemEOTUNIQ1 922de962bdSlukemRC=$? 932de962bdSlukemif test $RC != 0 ; then 942de962bdSlukem echo "ldapadd failed ($RC)!" 952de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 962de962bdSlukem exit $RC 972de962bdSlukemfi 982de962bdSlukem 992de962bdSlukemecho "Adding a non-unique record..." 100*e670fd5cSchristos$LDAPADD -D "uid=dave,ou=users,o=unique" -H $URI1 -w $PASSWD > \ 1012de962bdSlukem $TESTOUT 2>&1 << EOTUNIQ2 1022de962bdSlukemdn: uid=bill,ou=users,o=unique 1032de962bdSlukemobjectClass: inetOrgPerson 1042de962bdSlukemuid: bill 1052de962bdSlukemsn: johnson 1062de962bdSlukemcn: bill 1072de962bdSlukembusinessCategory: rtest 1082de962bdSlukemcarLicense: ABC123 1092de962bdSlukemdepartmentNumber: 42 1102de962bdSlukemdisplayName: Bill 1112de962bdSlukememployeeNumber: 5150 1122de962bdSlukememployeeType: contractor 1132de962bdSlukemgivenName: Bill 1142de962bdSlukemEOTUNIQ2 1152de962bdSlukemRC=$? 116ef2f90d3Sadamif test $RC != $RCODEconstraint ; then 1172de962bdSlukem echo "unique check failed ($RC)!" 1182de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 1192de962bdSlukem exit -1 1202de962bdSlukemfi 1212de962bdSlukem 122*e670fd5cSchristos# ITS#6641/8057/8245 123376af7d7Schristosecho "Trying to bypass uniqueness as a normal user..." 124*e670fd5cSchristos$LDAPADD -e \!relax -D "uid=dave,ou=users,o=unique" -H $URI1 -w $PASSWD > \ 125*e670fd5cSchristos $TESTOUT 2>&1 << EOTUNIQ2 126*e670fd5cSchristosdn: uid=bill,ou=users,o=unique 127*e670fd5cSchristosobjectClass: inetOrgPerson 128*e670fd5cSchristosuid: bill 129*e670fd5cSchristossn: johnson 130*e670fd5cSchristoscn: bill 131*e670fd5cSchristosbusinessCategory: rtest 132*e670fd5cSchristoscarLicense: ABC123 133*e670fd5cSchristosdepartmentNumber: 42 134*e670fd5cSchristosdisplayName: Bill 135*e670fd5cSchristosemployeeNumber: 5150 136*e670fd5cSchristosemployeeType: contractor 137*e670fd5cSchristosgivenName: Bill 138*e670fd5cSchristosEOTUNIQ2 139*e670fd5cSchristosRC=$? 140*e670fd5cSchristosif test $RC != $RCODEnorelax && test $RC != $RCODEconstraint ; then 141*e670fd5cSchristos echo "unique check failed ($RC)!" 142*e670fd5cSchristos test $KILLSERVERS != no && kill -HUP $KILLPIDS 143*e670fd5cSchristos exit -1 144*e670fd5cSchristosfi 145*e670fd5cSchristos 146*e670fd5cSchristosecho "Trying to bypass uniqueness as a normal user with ManageDSAIt..." 147*e670fd5cSchristos$LDAPADD -M -D "uid=dave,ou=users,o=unique" -H $URI1 -w $PASSWD > \ 148376af7d7Schristos $TESTOUT 2>&1 << EOTUNIQ2 149376af7d7Schristosdn: uid=bill,ou=users,o=unique 150376af7d7SchristosobjectClass: inetOrgPerson 151376af7d7Schristosuid: bill 152376af7d7Schristossn: johnson 153376af7d7Schristoscn: bill 154376af7d7SchristosbusinessCategory: rtest 155376af7d7SchristoscarLicense: ABC123 156376af7d7SchristosdepartmentNumber: 42 157376af7d7SchristosdisplayName: Bill 158376af7d7SchristosemployeeNumber: 5150 159376af7d7SchristosemployeeType: contractor 160376af7d7SchristosgivenName: Bill 161376af7d7SchristosEOTUNIQ2 162376af7d7SchristosRC=$? 163376af7d7Schristosif test $RC != $RCODEconstraint ; then 164376af7d7Schristos echo "unique check failed ($RC)!" 165376af7d7Schristos test $KILLSERVERS != no && kill -HUP $KILLPIDS 166376af7d7Schristos exit -1 167376af7d7Schristosfi 168376af7d7Schristos 169376af7d7Schristosecho "Bypassing uniqueness as an admin user..." 170*e670fd5cSchristos$LDAPADD -e \!relax -D "$UNIQUEDN" -H $URI1 -w $PASSWD > \ 171376af7d7Schristos $TESTOUT 2>&1 << EOTUNIQ2 172376af7d7Schristosdn: uid=bill,ou=users,o=unique 173376af7d7SchristosobjectClass: inetOrgPerson 174376af7d7Schristosuid: bill 175376af7d7Schristossn: johnson 176376af7d7Schristoscn: bill 177376af7d7SchristosbusinessCategory: rtest 178376af7d7SchristoscarLicense: ABC123 179376af7d7SchristosdepartmentNumber: 42 180376af7d7SchristosdisplayName: Bill 181376af7d7SchristosemployeeNumber: 5150 182376af7d7SchristosemployeeType: contractor 183376af7d7SchristosgivenName: Bill 184376af7d7SchristosEOTUNIQ2 185376af7d7SchristosRC=$? 186376af7d7Schristosif test $RC != 0 ; then 187376af7d7Schristos echo "spurious unique error ($RC)!" 188376af7d7Schristos test $KILLSERVERS != no && kill -HUP $KILLPIDS 189376af7d7Schristos exit $RC 190376af7d7Schristosfi 191376af7d7Schristos 192376af7d7Schristosecho "Cleaning up" 193*e670fd5cSchristos$LDAPDELETE -D "$UNIQUEDN" -H $URI1 -w $PASSWD \ 194376af7d7Schristos "uid=bill,ou=users,o=unique" > $TESTOUT 2>&1 195376af7d7SchristosRC=$? 196376af7d7Schristosif test $RC != 0; then 197376af7d7Schristos echo "ldapdelete failed ($RC)!" 198376af7d7Schristos test $KILLSERVERS != no && kill -HUP $KILLPIDS 199376af7d7Schristos exit $RC 200376af7d7Schristosfi 201376af7d7Schristos 2022de962bdSlukemecho Dynamically retrieving initial configuration... 203*e670fd5cSchristos$LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -H $URI1 -LLL | tr -d \\r >$TESTDIR/initial-config.ldif 2042de962bdSlukemcat <<EOF >$TESTDIR/initial-reference.ldif 2052de962bdSlukemdn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 2062de962bdSlukemobjectClass: olcOverlayConfig 2072de962bdSlukemobjectClass: olcUniqueConfig 2082de962bdSlukemolcOverlay: {0}unique 2092de962bdSlukemolcUniqueBase: o=unique 2102de962bdSlukemolcUniqueAttribute: employeeNumber 2112de962bdSlukemolcUniqueAttribute: displayName 2122de962bdSlukem 2132de962bdSlukemEOF 2142de962bdSlukemdiff $TESTDIR/initial-config.ldif $TESTDIR/initial-reference.ldif > /dev/null 2>&1 2152de962bdSlukemRC=$? 2162de962bdSlukemif test $RC != 0 ; then 2172de962bdSlukem echo "Initial configuration is not reported correctly." 2182de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2192de962bdSlukem exit -1 2202de962bdSlukemfi 2212de962bdSlukem 2222de962bdSlukemecho Dynamically trying to add a URI with legacy attrs present... 223*e670fd5cSchristos$LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF \ 2242de962bdSlukem > $TESTOUT 2>&1 <<EOF 2252de962bdSlukemdn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 2262de962bdSlukemchangetype: modify 2272de962bdSlukemadd: olcUniqueURI 2282de962bdSlukemolcUniqueURI: ldap:///?employeeNumber,displayName?sub 2292de962bdSlukemEOF 2302de962bdSlukemRC=$? 2312de962bdSlukemif test $RC != 80 ; then 2322de962bdSlukem echo "legacy and unique_uri allowed together" 2332de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2342de962bdSlukem exit -1 2352de962bdSlukemfi 2362de962bdSlukem 2372de962bdSlukemecho Dynamically trying to add legacy ignored attrs with legacy attrs present... 238*e670fd5cSchristos$LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF \ 2392de962bdSlukem > $TESTOUT 2>&1 <<EOF 2402de962bdSlukemdn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 2412de962bdSlukemchangetype: modify 2422de962bdSlukemadd: olcUniqueIgnore 2432de962bdSlukemolcUniqueIgnore: objectClass 2442de962bdSlukemEOF 2452de962bdSlukemRC=$? 2462de962bdSlukemif test $RC != 80 ; then 2472de962bdSlukem echo "legacy attrs and legacy ignore attrs allowed together" 2482de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2492de962bdSlukem exit -1 2502de962bdSlukemfi 2512de962bdSlukem 2522de962bdSlukemecho Verifying initial configuration intact... 253*e670fd5cSchristos$LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -H $URI1 -LLL | tr -d \\r >$TESTDIR/initial-config-recheck.ldif 2542de962bdSlukemdiff $TESTDIR/initial-config-recheck.ldif $TESTDIR/initial-reference.ldif > /dev/null 2>&1 2552de962bdSlukemRC=$? 2562de962bdSlukemif test $RC != 0 ; then 2572de962bdSlukem echo "Initial configuration damaged by unsuccessful modifies." 2582de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2592de962bdSlukem exit -1 2602de962bdSlukemfi 2612de962bdSlukem 2622de962bdSlukemecho Dynamically removing legacy base... 263*e670fd5cSchristos$LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF \ 2642de962bdSlukem > $TESTOUT 2>&1 <<EOF 2652de962bdSlukemdn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 2662de962bdSlukemchangetype: modify 2672de962bdSlukemdelete: olcUniqueBase 2682de962bdSlukemEOF 2692de962bdSlukemRC=$? 2702de962bdSlukemif test $RC != 0 ; then 2712de962bdSlukem echo "base removal failed" 2722de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2732de962bdSlukem exit -1 2742de962bdSlukemfi 2752de962bdSlukem 2762de962bdSlukemecho Verifying base removal... 277*e670fd5cSchristos$LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -H $URI1 -LLL | tr -d \\r >$TESTDIR/baseremoval-config.ldif 2782de962bdSlukemcat >$TESTDIR/baseremoval-reference.ldif <<EOF 2792de962bdSlukemdn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 2802de962bdSlukemobjectClass: olcOverlayConfig 2812de962bdSlukemobjectClass: olcUniqueConfig 2822de962bdSlukemolcOverlay: {0}unique 2832de962bdSlukemolcUniqueAttribute: employeeNumber 2842de962bdSlukemolcUniqueAttribute: displayName 2852de962bdSlukem 2862de962bdSlukemEOF 2872de962bdSlukemdiff $TESTDIR/baseremoval-config.ldif $TESTDIR/baseremoval-reference.ldif > /dev/null 2>&1 2882de962bdSlukemRC=$? 2892de962bdSlukemif test $RC != 0 ; then 2902de962bdSlukem echo "Configuration damaged by base removal" 2912de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 2922de962bdSlukem exit -1 2932de962bdSlukemfi 2942de962bdSlukem 2952de962bdSlukemecho "Adding a non-unique record..." 296*e670fd5cSchristos$LDAPADD -D "uid=dave,ou=users,o=unique" -H $URI1 -w $PASSWD > \ 2972de962bdSlukem $TESTOUT 2>&1 << EOTUNIQ2 2982de962bdSlukemdn: uid=bill,ou=users,o=unique 2992de962bdSlukemobjectClass: inetOrgPerson 3002de962bdSlukemuid: bill 3012de962bdSlukemsn: johnson 3022de962bdSlukemcn: bill 3032de962bdSlukembusinessCategory: rtest 3042de962bdSlukemcarLicense: ABC123 3052de962bdSlukemdepartmentNumber: 42 3062de962bdSlukemdisplayName: Bill 3072de962bdSlukememployeeNumber: 5150 3082de962bdSlukememployeeType: contractor 3092de962bdSlukemgivenName: Bill 3102de962bdSlukemEOTUNIQ2 3112de962bdSlukemRC=$? 312ef2f90d3Sadamif test $RC != $RCODEconstraint ; then 3132de962bdSlukem echo "unique check failed ($RC)!" 3142de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3152de962bdSlukem exit -1 3162de962bdSlukemfi 3172de962bdSlukem 3182de962bdSlukemecho Trying a legacy base outside of the backend... 319*e670fd5cSchristos$LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF \ 3202de962bdSlukem > $TESTOUT 2>&1 <<EOF 3212de962bdSlukemdn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 3222de962bdSlukemchangetype: modify 3232de962bdSlukemadd: olcUniqueBase 3242de962bdSlukemolcUniqueBase: cn=config 3252de962bdSlukemEOF 3262de962bdSlukemRC=$? 3272de962bdSlukemif test $RC != 80 ; then 3282de962bdSlukem echo "out of backend scope base allowed" 3292de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3302de962bdSlukem exit -1 3312de962bdSlukemfi 3322de962bdSlukem 3332de962bdSlukemecho "Adding and removing attrs..." 334*e670fd5cSchristos$LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF \ 3352de962bdSlukem > $TESTOUT 2>&1 <<EOF 3362de962bdSlukemdn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 3372de962bdSlukemchangetype: modify 3382de962bdSlukemadd: olcUniqueAttribute 3392de962bdSlukemolcUniqueAttribute: description 3402de962bdSlukemolcUniqueAttribute: telephoneNumber 3412de962bdSlukem- 3422de962bdSlukemdelete: olcUniqueAttribute 3432de962bdSlukemolcUniqueAttribute: displayName 3442de962bdSlukemEOF 3452de962bdSlukemRC=$? 3462de962bdSlukemif test $RC != 0 ; then 3472de962bdSlukem echo "Unable to remove an attribute" 3482de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3492de962bdSlukem exit -1 3502de962bdSlukemfi 3512de962bdSlukem 3522de962bdSlukemecho "Verifying we removed the right attr..." 353*e670fd5cSchristos$LDAPADD -D "uid=dave,ou=users,o=unique" -H $URI1 -w $PASSWD > \ 3542de962bdSlukem $TESTOUT 2>&1 << EOTUNIQ2 3552de962bdSlukemdn: uid=bill,ou=users,o=unique 3562de962bdSlukemobjectClass: inetOrgPerson 3572de962bdSlukemuid: bill 3582de962bdSlukemsn: johnson 3592de962bdSlukemcn: bill 3602de962bdSlukembusinessCategory: rtest 3612de962bdSlukemcarLicense: ABC123 3622de962bdSlukemdepartmentNumber: 42 3632de962bdSlukemdisplayName: Bill 3642de962bdSlukememployeeNumber: 5150 3652de962bdSlukememployeeType: contractor 3662de962bdSlukemgivenName: Bill 3672de962bdSlukemEOTUNIQ2 3682de962bdSlukemRC=$? 369ef2f90d3Sadamif test $RC != $RCODEconstraint ; then 370*e670fd5cSchristos echo "olcUniqueAttribute single deletion hit the wrong value" 3712de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3722de962bdSlukem exit -1 3732de962bdSlukemfi 3742de962bdSlukem 3752de962bdSlukemecho Removing legacy config and adding URIs... 376*e670fd5cSchristos$LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF \ 3772de962bdSlukem > $TESTOUT 2>&1 <<EOF 3782de962bdSlukemdn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 3792de962bdSlukemchangetype: modify 3802de962bdSlukemdelete: olcUniqueAttribute 3812de962bdSlukem- 3822de962bdSlukemadd: olcUniqueURI 3832de962bdSlukemolcUniqueURI: ldap:///?employeeNumber,displayName?sub 3842de962bdSlukemolcUniqueURI: ldap:///?description?one 3852de962bdSlukemEOF 3862de962bdSlukemRC=$? 3872de962bdSlukemif test $RC != 0 ; then 3882de962bdSlukem echo "Reconfiguration to URIs failed" 3892de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 3902de962bdSlukem exit -1 3912de962bdSlukemfi 3922de962bdSlukem 3932de962bdSlukemecho Dynamically retrieving second configuration... 394*e670fd5cSchristos$LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -H $URI1 -LLL | tr -d \\r >$TESTDIR/second-config.ldif 3952de962bdSlukemcat >$TESTDIR/second-reference.ldif <<EOF 3962de962bdSlukemdn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 3972de962bdSlukemobjectClass: olcOverlayConfig 3982de962bdSlukemobjectClass: olcUniqueConfig 3992de962bdSlukemolcOverlay: {0}unique 4002de962bdSlukemolcUniqueURI: ldap:///?employeeNumber,displayName?sub 4012de962bdSlukemolcUniqueURI: ldap:///?description?one 4022de962bdSlukem 4032de962bdSlukemEOF 4042de962bdSlukemdiff $TESTDIR/second-config.ldif $TESTDIR/second-reference.ldif > /dev/null 2>&1 4052de962bdSlukemRC=$? 4062de962bdSlukemif test $RC != 0 ; then 4072de962bdSlukem echo "Second configuration is not reported correctly." 4082de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 4092de962bdSlukem exit -1 4102de962bdSlukemfi 4112de962bdSlukem 4122de962bdSlukemecho "Adding a non-unique record..." 413*e670fd5cSchristos$LDAPADD -D "uid=dave,ou=users,o=unique" -H $URI1 -w $PASSWD > \ 4142de962bdSlukem $TESTOUT 2>&1 << EOTUNIQ2 4152de962bdSlukemdn: uid=bill,ou=users,o=unique 4162de962bdSlukemobjectClass: inetOrgPerson 4172de962bdSlukemuid: bill 4182de962bdSlukemsn: johnson 4192de962bdSlukemcn: bill 4202de962bdSlukembusinessCategory: rtest 4212de962bdSlukemcarLicense: ABC123 4222de962bdSlukemdepartmentNumber: 42 4232de962bdSlukemdisplayName: Bill 4242de962bdSlukememployeeNumber: 5150 4252de962bdSlukememployeeType: contractor 4262de962bdSlukemgivenName: Bill 4272de962bdSlukemEOTUNIQ2 4282de962bdSlukemRC=$? 429ef2f90d3Sadamif test $RC != $RCODEconstraint ; then 4302de962bdSlukem echo "unique check failed ($RC)!" 4312de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 4322de962bdSlukem exit -1 4332de962bdSlukemfi 4342de962bdSlukem 4352de962bdSlukemecho Dynamically trying to add legacy base 436*e670fd5cSchristos$LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF \ 4372de962bdSlukem > $TESTOUT 2>&1 <<EOF 4382de962bdSlukemdn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 4392de962bdSlukemchangetype: modify 4402de962bdSlukemadd: olcUniqueBase 4412de962bdSlukemolcUniqueBase: o=unique 4422de962bdSlukemEOF 4432de962bdSlukemRC=$? 4442de962bdSlukemif test $RC != 80 ; then 4452de962bdSlukem echo "legacy base allowed with URIs" 4462de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 4472de962bdSlukem exit -1 4482de962bdSlukemfi 4492de962bdSlukem 4502de962bdSlukemecho Dynamically trying to add legacy attrs 451*e670fd5cSchristos$LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF \ 4522de962bdSlukem > $TESTOUT 2>&1 <<EOF 4532de962bdSlukemdn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 4542de962bdSlukemchangetype: modify 4552de962bdSlukemadd: olcUniqueAttribute 4562de962bdSlukemolcUniqueAttribute: description 4572de962bdSlukemEOF 4582de962bdSlukemRC=$? 4592de962bdSlukemif test $RC != 80 ; then 4602de962bdSlukem echo "legacy attributes allowed with URIs" 4612de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 4622de962bdSlukem exit -1 4632de962bdSlukemfi 4642de962bdSlukem 4652de962bdSlukemecho Dynamically trying to add legacy strictness 466*e670fd5cSchristos$LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF \ 4672de962bdSlukem > $TESTOUT 2>&1 <<EOF 4682de962bdSlukemdn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 4692de962bdSlukemchangetype: modify 4702de962bdSlukemadd: olcUniqueStrict 4712de962bdSlukemolcUniqueStrict: TRUE 4722de962bdSlukemEOF 4732de962bdSlukemRC=$? 4742de962bdSlukemif test $RC != 80 ; then 4752de962bdSlukem echo "legacy strictness allowed with URIs" 4762de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 4772de962bdSlukem exit -1 4782de962bdSlukemfi 4792de962bdSlukem 4802de962bdSlukem#echo ---------------------- 4812de962bdSlukemecho Dynamically trying a bad filter... 482*e670fd5cSchristos$LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF \ 4832de962bdSlukem > $TESTOUT 2>&1 <<EOF 4842de962bdSlukemdn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 4852de962bdSlukemchangetype: modify 4862de962bdSlukemreplace: olcUniqueURI 4872de962bdSlukemolcUniqueURI: ldap:///?sn?sub?((cn=e*)) 4882de962bdSlukemEOF 4892de962bdSlukemRC=$? 4902de962bdSlukemif test $RC != 80 ; then 4912de962bdSlukem echo "bad filter allowed" 4922de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 4932de962bdSlukem exit -1 4942de962bdSlukemfi 4952de962bdSlukem 4962de962bdSlukemecho Verifying second configuration intact... 497*e670fd5cSchristos$LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -H $URI1 -LLL | tr -d \\r >$TESTDIR/second-config-recheck.ldif 4982de962bdSlukemdiff $TESTDIR/second-config-recheck.ldif $TESTDIR/second-reference.ldif > /dev/null 2>&1 4992de962bdSlukemRC=$? 5002de962bdSlukemif test $RC != 0 ; then 5012de962bdSlukem echo "Second configuration damaged by rejected modifies." 5022de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 5032de962bdSlukem exit -1 5042de962bdSlukemfi 5052de962bdSlukem 5062de962bdSlukem#echo ---------------------- 5072de962bdSlukemecho Dynamically reconfiguring to use different URIs... 508*e670fd5cSchristos$LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF \ 5092de962bdSlukem > $TESTOUT 2>&1 <<EOF 5102de962bdSlukemdn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 5112de962bdSlukemchangetype: modify 5122de962bdSlukemadd: olcUniqueURI 5132de962bdSlukemolcUniqueURI: ldap:///?sn?sub?(cn=e*) 5144e6df137SlukemolcUniqueURI: ldap:///?uid?sub?(cn=edgar) 5152de962bdSlukem- 5162de962bdSlukemdelete: olcUniqueURI 5172de962bdSlukemolcUniqueURI: ldap:///?description?one 5182de962bdSlukemEOF 5192de962bdSlukemRC=$? 5202de962bdSlukemif test $RC != 0 ; then 5212de962bdSlukem echo "unable to reconfigure" 5222de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 5232de962bdSlukem exit -1 5242de962bdSlukemfi 5252de962bdSlukem 5262de962bdSlukemecho Dynamically retrieving third configuration... 527*e670fd5cSchristos$LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -H $URI1 -LLL | tr -d \\r >$TESTDIR/third-config.ldif 5282de962bdSlukemcat >$TESTDIR/third-reference.ldif <<EOF 5292de962bdSlukemdn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 5302de962bdSlukemobjectClass: olcOverlayConfig 5312de962bdSlukemobjectClass: olcUniqueConfig 5322de962bdSlukemolcOverlay: {0}unique 5332de962bdSlukemolcUniqueURI: ldap:///?employeeNumber,displayName?sub 5342de962bdSlukemolcUniqueURI: ldap:///?sn?sub?(cn=e*) 5354e6df137SlukemolcUniqueURI: ldap:///?uid?sub?(cn=edgar) 5362de962bdSlukem 5372de962bdSlukemEOF 5382de962bdSlukemdiff $TESTDIR/third-config.ldif $TESTDIR/third-reference.ldif > /dev/null 2>&1 5392de962bdSlukemRC=$? 5402de962bdSlukemif test $RC != 0 ; then 5412de962bdSlukem echo "Third configuration is not reported correctly." 5422de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 5432de962bdSlukem exit -1 5442de962bdSlukemfi 5452de962bdSlukem 5462de962bdSlukemecho "Adding a record unique in both domains if filtered..." 5472de962bdSlukem 548*e670fd5cSchristos$LDAPADD -D "$UNIQUEDN" -H $URI1 -w $PASSWD > \ 5492de962bdSlukem $TESTOUT 2>&1 << EOF 5502de962bdSlukemdn: uid=edgar,ou=users,o=unique 5512de962bdSlukemobjectClass: inetOrgPerson 5522de962bdSlukemuid: edgar 5532de962bdSlukemsn: johnson 5542de962bdSlukemcn: edgar 5552de962bdSlukemEOF 5562de962bdSlukem 5572de962bdSlukemRC=$? 5582de962bdSlukemif test $RC != 0 ; then 5592de962bdSlukem echo "unique check failed ($RC)!" 5602de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 5612de962bdSlukem exit -1 5622de962bdSlukemfi 5632de962bdSlukem 5644e6df137Slukemecho "Adding a record unique in all domains because of filter conditions " 565*e670fd5cSchristos$LDAPADD -D "$UNIQUEDN" -H $URI1 -w $PASSWD > \ 5664e6df137Slukem $TESTOUT 2>&1 << EOF 5674e6df137Slukemdn: uid=empty,ou=users,o=unique 5684e6df137SlukemobjectClass: inetOrgPerson 5694e6df137Slukemuid: edgar 5704e6df137Slukemcn: empty 5714e6df137Slukemsn: empty 5724e6df137SlukemEOF 5734e6df137Slukem 5744e6df137SlukemRC=$? 5754e6df137Slukemif test $RC != 0 ; then 5764e6df137Slukem echo "spurious unique error ($RC)!" 5774e6df137Slukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 5784e6df137Slukem exit -1 5794e6df137Slukemfi 5804e6df137Slukem 581648e71e5Schristosecho "Sending an empty modification" 582648e71e5Schristos 583*e670fd5cSchristos$LDAPMODIFY -D "$UNIQUEDN" -H $URI1 -w $PASSWD > \ 584648e71e5Schristos $TESTOUT 2>&1 << EOF 585648e71e5Schristosdn: uid=empty,ou=users,o=unique 586648e71e5Schristoschangetype: modify 587648e71e5SchristosEOF 588648e71e5Schristos 589648e71e5SchristosRC=$? 590648e71e5Schristosif test $RC != 0 ; then 591648e71e5Schristos echo "spurious unique error ($RC)!" 592648e71e5Schristos test $KILLSERVERS != no && kill -HUP $KILLPIDS 593648e71e5Schristos exit -1 594648e71e5Schristosfi 595648e71e5Schristos 596376af7d7Schristosecho "Making a record non-unique" 597*e670fd5cSchristos$LDAPMODIFY -D "uid=dave,ou=users,o=unique" -H $URI1 -w $PASSWD > \ 598376af7d7Schristos $TESTOUT 2>&1 << EOF 599376af7d7Schristosdn: uid=empty,ou=users,o=unique 600376af7d7Schristoschangetype: modify 601376af7d7Schristosreplace: sn 602376af7d7Schristossn: johnson 603376af7d7SchristosEOF 604376af7d7Schristos 605376af7d7SchristosRC=$? 606376af7d7Schristosif test $RC != $RCODEconstraint ; then 607376af7d7Schristos echo "unique check failed ($RC)!" 608376af7d7Schristos test $KILLSERVERS != no && kill -HUP $KILLPIDS 609376af7d7Schristos exit -1 610376af7d7Schristosfi 611376af7d7Schristos 612*e670fd5cSchristos# ITS#6641/8057/8245 613376af7d7Schristosecho "Trying to bypass uniqueness as a normal user..." 614*e670fd5cSchristos$LDAPMODIFY -e \!relax -D "uid=dave,ou=users,o=unique" -H $URI1 -w $PASSWD > \ 615*e670fd5cSchristos $TESTOUT 2>&1 << EOF 616*e670fd5cSchristosdn: uid=empty,ou=users,o=unique 617*e670fd5cSchristoschangetype: modify 618*e670fd5cSchristosreplace: sn 619*e670fd5cSchristossn: johnson 620*e670fd5cSchristosEOF 621*e670fd5cSchristos 622*e670fd5cSchristosRC=$? 623*e670fd5cSchristosif test $RC != $RCODEnorelax && test $RC != $RCODEconstraint ; then 624*e670fd5cSchristos echo "unique check failed ($RC)!" 625*e670fd5cSchristos test $KILLSERVERS != no && kill -HUP $KILLPIDS 626*e670fd5cSchristos exit -1 627*e670fd5cSchristosfi 628*e670fd5cSchristos 629*e670fd5cSchristosecho "Trying to bypass uniqueness as a normal user with ManageDSAIt..." 630*e670fd5cSchristos$LDAPMODIFY -M -D "uid=dave,ou=users,o=unique" -H $URI1 -w $PASSWD > \ 631376af7d7Schristos $TESTOUT 2>&1 << EOF 632376af7d7Schristosdn: uid=empty,ou=users,o=unique 633376af7d7Schristoschangetype: modify 634376af7d7Schristosreplace: sn 635376af7d7Schristossn: johnson 636376af7d7SchristosEOF 637376af7d7Schristos 638376af7d7SchristosRC=$? 639376af7d7Schristosif test $RC != $RCODEconstraint ; then 640376af7d7Schristos echo "unique check failed ($RC)!" 641376af7d7Schristos test $KILLSERVERS != no && kill -HUP $KILLPIDS 642376af7d7Schristos exit -1 643376af7d7Schristosfi 644376af7d7Schristos 645376af7d7Schristosecho "Bypassing uniqueness as an admin user..." 646*e670fd5cSchristos$LDAPMODIFY -e \!relax -D "$UNIQUEDN" -H $URI1 -w $PASSWD > \ 647376af7d7Schristos $TESTOUT 2>&1 << EOF 648376af7d7Schristosdn: uid=empty,ou=users,o=unique 649376af7d7Schristoschangetype: modify 650376af7d7Schristosreplace: sn 651376af7d7Schristossn: johnson 652376af7d7SchristosEOF 653376af7d7Schristos 654376af7d7SchristosRC=$? 655376af7d7Schristosif test $RC != 0 ; then 656376af7d7Schristos echo "spurious unique error ($RC)!" 657376af7d7Schristos test $KILLSERVERS != no && kill -HUP $KILLPIDS 658376af7d7Schristos exit $RC 659376af7d7Schristosfi 660376af7d7Schristos 661376af7d7Schristosecho "Cleaning up" 662*e670fd5cSchristos$LDAPMODIFY -D "$UNIQUEDN" -H $URI1 -w $PASSWD > \ 663376af7d7Schristos $TESTOUT 2>&1 << EOF 664376af7d7Schristosdn: uid=empty,ou=users,o=unique 665376af7d7Schristoschangetype: modify 666376af7d7Schristosreplace: sn 667376af7d7Schristossn: empty 668376af7d7SchristosEOF 669376af7d7Schristos 670376af7d7SchristosRC=$? 671376af7d7Schristosif test $RC != 0; then 672376af7d7Schristos echo "ldapmodify failed ($RC)!" 673376af7d7Schristos test $KILLSERVERS != no && kill -HUP $KILLPIDS 674376af7d7Schristos exit $RC 675376af7d7Schristosfi 676376af7d7Schristos 677376af7d7Schristosecho "Adding another unique record..." 678*e670fd5cSchristos$LDAPADD -D "$UNIQUEDN" -H $URI1 -w $PASSWD > \ 679376af7d7Schristos $TESTOUT 2>&1 << EOF 680376af7d7Schristosdn: uid=not edgar,uid=edgar,ou=users,o=unique 681376af7d7SchristosobjectClass: inetOrgPerson 682376af7d7Schristosuid: not edgar 683376af7d7Schristossn: Alan 684376af7d7Schristoscn: not edgar 685376af7d7SchristosEOF 686376af7d7Schristos 687376af7d7SchristosRC=$? 688376af7d7Schristosif test $RC != 0 ; then 689376af7d7Schristos echo "unique check failed ($RC)!" 690376af7d7Schristos test $KILLSERVERS != no && kill -HUP $KILLPIDS 691376af7d7Schristos exit -1 692376af7d7Schristosfi 693376af7d7Schristos 694376af7d7Schristosecho "Making the record non-unique with modrdn..." 695*e670fd5cSchristos$LDAPMODRDN -D "uid=dave,ou=users,o=unique" -H $URI1 -w $PASSWD \ 696376af7d7Schristos "uid=not edgar,uid=edgar,ou=users,o=unique" "uid=edgar" > $TESTOUT 2>&1 697376af7d7Schristos 698376af7d7SchristosRC=$? 699376af7d7Schristosif test $RC != $RCODEconstraint ; then 700376af7d7Schristos echo "unique check failed ($RC)!" 701376af7d7Schristos test $KILLSERVERS != no && kill -HUP $KILLPIDS 702376af7d7Schristos exit -1 703376af7d7Schristosfi 704376af7d7Schristos 705*e670fd5cSchristos# ITS#6641/8057/8245 706376af7d7Schristosecho "Trying to bypass uniqueness as a normal user..." 707*e670fd5cSchristos$LDAPMODRDN -e \!relax -D "uid=dave,ou=users,o=unique" -H $URI1 -w $PASSWD \ 708*e670fd5cSchristos "uid=not edgar,uid=edgar,ou=users,o=unique" "uid=edgar" > $TESTOUT 2>&1 709*e670fd5cSchristos 710*e670fd5cSchristosRC=$? 711*e670fd5cSchristosif test $RC != $RCODEnorelax && test $RC != $RCODEconstraint ; then 712*e670fd5cSchristos echo "unique check failed ($RC)!" 713*e670fd5cSchristos test $KILLSERVERS != no && kill -HUP $KILLPIDS 714*e670fd5cSchristos exit -1 715*e670fd5cSchristosfi 716*e670fd5cSchristos 717*e670fd5cSchristosecho "Trying to bypass uniqueness as a normal user with a ManageDSAIt control..." 718*e670fd5cSchristos$LDAPMODRDN -M -D "uid=dave,ou=users,o=unique" -H $URI1 -w $PASSWD \ 719376af7d7Schristos "uid=not edgar,uid=edgar,ou=users,o=unique" "uid=edgar" > $TESTOUT 2>&1 720376af7d7Schristos 721376af7d7SchristosRC=$? 722376af7d7Schristosif test $RC != $RCODEconstraint ; then 723376af7d7Schristos echo "unique check failed ($RC)!" 724376af7d7Schristos test $KILLSERVERS != no && kill -HUP $KILLPIDS 725376af7d7Schristos exit -1 726376af7d7Schristosfi 727376af7d7Schristos 728376af7d7Schristosecho "Bypassing uniqueness as an admin user..." 729*e670fd5cSchristos$LDAPMODRDN -e \!relax -D "$UNIQUEDN" -H $URI1 -w $PASSWD \ 730376af7d7Schristos "uid=not edgar,uid=edgar,ou=users,o=unique" "uid=edgar" > $TESTOUT 2>&1 731376af7d7Schristos 732376af7d7SchristosRC=$? 733376af7d7Schristosif test $RC != 0 ; then 734376af7d7Schristos echo "spurious unique error ($RC)!" 735376af7d7Schristos test $KILLSERVERS != no && kill -HUP $KILLPIDS 736376af7d7Schristos exit $RC 737376af7d7Schristosfi 738376af7d7Schristos 739376af7d7Schristosecho "Cleaning up" 740*e670fd5cSchristos$LDAPDELETE -D "$UNIQUEDN" -H $URI1 -w $PASSWD \ 741376af7d7Schristos "uid=edgar,uid=edgar,ou=users,o=unique" > $TESTOUT 2>&1 742376af7d7SchristosRC=$? 743376af7d7Schristosif test $RC != 0; then 744376af7d7Schristos echo "ldapdelete failed ($RC)!" 745376af7d7Schristos test $KILLSERVERS != no && kill -HUP $KILLPIDS 746376af7d7Schristos exit $RC 747376af7d7Schristosfi 7484e6df137Slukem 7492de962bdSlukemecho "Adding a record unique in one domain, non-unique in the filtered domain..." 7502de962bdSlukem 751*e670fd5cSchristos$LDAPADD -D "uid=dave,ou=users,o=unique" -H $URI1 -w $PASSWD > \ 7522de962bdSlukem $TESTOUT 2>&1 << EOF 7532de962bdSlukemdn: uid=elvis,ou=users,o=unique 7542de962bdSlukemobjectClass: inetOrgPerson 7552de962bdSlukemuid: elvis 7562de962bdSlukemsn: johnson 7572de962bdSlukemcn: elvis 7582de962bdSlukemEOF 7592de962bdSlukem 7602de962bdSlukemRC=$? 761ef2f90d3Sadamif test $RC != $RCODEconstraint ; then 7622de962bdSlukem echo "unique check failed ($RC)!" 7632de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 7642de962bdSlukem exit -1 7652de962bdSlukemfi 7662de962bdSlukem 7672de962bdSlukem#echo ---------------------- 7682de962bdSlukemecho Dynamically reconfiguring to use attribute-ignore URIs... 769*e670fd5cSchristos$LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF \ 7702de962bdSlukem > $TESTOUT 2>&1 <<EOF 7712de962bdSlukemdn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 7722de962bdSlukemchangetype: modify 7732de962bdSlukemreplace: olcUniqueURI 7742de962bdSlukemolcUniqueURI: ignore ldap:///?objectClass,uid,cn,sn?sub 7752de962bdSlukemEOF 7762de962bdSlukemRC=$? 7772de962bdSlukemif test $RC != 0 ; then 7782de962bdSlukem echo "unable to reconfigure" 7792de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 7802de962bdSlukem exit -1 7812de962bdSlukemfi 7822de962bdSlukem 7832de962bdSlukemecho Dynamically retrieving fourth configuration... 784*e670fd5cSchristos$LDAPSEARCH -S "" -b olcOverlay='{0}'unique,olcDatabase='{1}'$BACKEND,cn=config -D cn=config -y $CONFIGPWF -H $URI1 -LLL | tr -d \\r >$TESTDIR/fourth-config.ldif 7852de962bdSlukemcat >$TESTDIR/fourth-reference.ldif <<EOF 7862de962bdSlukemdn: olcOverlay={0}unique,olcDatabase={1}$BACKEND,cn=config 7872de962bdSlukemobjectClass: olcOverlayConfig 7882de962bdSlukemobjectClass: olcUniqueConfig 7892de962bdSlukemolcOverlay: {0}unique 7902de962bdSlukemolcUniqueURI: ignore ldap:///?objectClass,uid,cn,sn?sub 7912de962bdSlukem 7922de962bdSlukemEOF 7932de962bdSlukemdiff $TESTDIR/fourth-config.ldif $TESTDIR/fourth-reference.ldif > /dev/null 2>&1 7942de962bdSlukemRC=$? 7952de962bdSlukemif test $RC != 0 ; then 7962de962bdSlukem echo "Fourth configuration is not reported correctly." 7972de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 7982de962bdSlukem exit -1 7992de962bdSlukemfi 8002de962bdSlukem 8012de962bdSlukemecho "Adding a record unique in the ignore-domain..." 8022de962bdSlukem 803*e670fd5cSchristos$LDAPADD -D "$UNIQUEDN" -H $URI1 -w $PASSWD > \ 8042de962bdSlukem $TESTOUT 2>&1 << EOF 8052de962bdSlukemdn: uid=elvis,ou=users,o=unique 8062de962bdSlukemobjectClass: inetOrgPerson 8072de962bdSlukemuid: elvis 8082de962bdSlukemsn: johnson 8092de962bdSlukemcn: elvis 8102de962bdSlukemdescription: left the building 8112de962bdSlukemEOF 8122de962bdSlukem 8132de962bdSlukemRC=$? 8142de962bdSlukemif test $RC != 0 ; then 8152de962bdSlukem echo "unique check failed ($RC)!" 8162de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 8172de962bdSlukem exit -1 8182de962bdSlukemfi 8192de962bdSlukem 8202de962bdSlukemecho "Adding a record non-unique in the ignore-domain..." 8212de962bdSlukem 822*e670fd5cSchristos$LDAPADD -D "uid=dave,ou=users,o=unique" -H $URI1 -w $PASSWD > \ 8232de962bdSlukem $TESTOUT 2>&1 << EOF 8242de962bdSlukemdn: uid=harry,ou=users,o=unique 8252de962bdSlukemobjectClass: inetOrgPerson 8262de962bdSlukemuid: harry 8272de962bdSlukemsn: johnson 8282de962bdSlukemcn: harry 8292de962bdSlukemdescription: left the building 8302de962bdSlukemEOF 8312de962bdSlukem 8322de962bdSlukemRC=$? 833ef2f90d3Sadamif test $RC != $RCODEconstraint ; then 8342de962bdSlukem echo "unique check failed ($RC)!" 8352de962bdSlukem test $KILLSERVERS != no && kill -HUP $KILLPIDS 8362de962bdSlukem exit -1 8372de962bdSlukemfi 8382de962bdSlukem 8392de962bdSlukemtest $KILLSERVERS != no && kill -HUP $KILLPIDS 8402de962bdSlukem 8412de962bdSlukemecho ">>>>> Test succeeded" 8422de962bdSlukem 8432de962bdSlukemtest $KILLSERVERS != no && wait 8442de962bdSlukem 8452de962bdSlukemexit 0 846