From 8081a5520a441b43a8a7a73f3a90c7aacfaa8e10 Mon Sep 17 00:00:00 2001 From: Timotej Lazar Date: Sun, 24 Feb 2019 21:05:27 +0100 Subject: Move everything one level up --- tasks/ldap_search/howtos/en/Pic1.jpg | Bin 0 -> 182463 bytes tasks/ldap_search/howtos/en/Pic2.1.jpg | Bin 0 -> 160469 bytes tasks/ldap_search/howtos/en/Pic2.2.jpg | Bin 0 -> 154389 bytes tasks/ldap_search/howtos/en/Pic2.3.jpg | Bin 0 -> 157859 bytes tasks/ldap_search/howtos/en/Pic3.1.jpg | Bin 0 -> 64216 bytes tasks/ldap_search/howtos/en/Pic3.2.jpg | Bin 0 -> 76701 bytes tasks/ldap_search/howtos/en/Pic3.3.jpg | Bin 0 -> 65002 bytes tasks/ldap_search/howtos/en/Pic3.4.jpg | Bin 0 -> 63397 bytes tasks/ldap_search/howtos/en/Pic3.5.jpg | Bin 0 -> 73509 bytes tasks/ldap_search/howtos/en/Pic3.6.jpg | Bin 0 -> 78701 bytes tasks/ldap_search/howtos/en/Pic3.7.jpg | Bin 0 -> 57151 bytes tasks/ldap_search/howtos/en/Pic3.8.jpg | Bin 0 -> 63569 bytes tasks/ldap_search/howtos/en/Pic4.jpg | Bin 0 -> 111844 bytes tasks/ldap_search/howtos/en/Pic5.jpg | Bin 0 -> 129138 bytes tasks/ldap_search/howtos/en/Pic6.jpg | Bin 0 -> 146213 bytes tasks/ldap_search/howtos/en/Pic7.jpg | Bin 0 -> 64296 bytes tasks/ldap_search/howtos/en/Pic8.jpg | Bin 0 -> 56538 bytes tasks/ldap_search/howtos/en/index.html | 74 ++++++++++ tasks/ldap_search/howtos/images/1.png | Bin 0 -> 179319 bytes tasks/ldap_search/howtos/images/2.png | Bin 0 -> 71542 bytes tasks/ldap_search/howtos/images/Pic1.jpg | Bin 0 -> 182463 bytes tasks/ldap_search/howtos/images/Pic2.1.jpg | Bin 0 -> 160469 bytes tasks/ldap_search/howtos/images/Pic2.2.jpg | Bin 0 -> 154389 bytes tasks/ldap_search/howtos/images/Pic2.3.jpg | Bin 0 -> 157859 bytes tasks/ldap_search/howtos/images/Pic3.1.jpg | Bin 0 -> 64216 bytes tasks/ldap_search/howtos/images/Pic3.2.jpg | Bin 0 -> 76701 bytes tasks/ldap_search/howtos/images/Pic3.3.jpg | Bin 0 -> 65002 bytes tasks/ldap_search/howtos/images/Pic3.4.jpg | Bin 0 -> 63397 bytes tasks/ldap_search/howtos/images/Pic3.5.jpg | Bin 0 -> 73509 bytes tasks/ldap_search/howtos/images/Pic3.6.jpg | Bin 0 -> 78701 bytes tasks/ldap_search/howtos/images/Pic3.7.jpg | Bin 0 -> 57151 bytes tasks/ldap_search/howtos/images/Pic3.8.jpg | Bin 0 -> 63569 bytes tasks/ldap_search/howtos/images/Pic4.jpg | Bin 0 -> 111844 bytes tasks/ldap_search/howtos/images/Pic5.jpg | Bin 0 -> 129138 bytes tasks/ldap_search/howtos/images/Pic6.jpg | Bin 0 -> 146213 bytes tasks/ldap_search/howtos/images/Pic7.jpg | Bin 0 -> 64296 bytes tasks/ldap_search/howtos/images/Pic8.jpg | Bin 0 -> 56538 bytes tasks/ldap_search/howtos/si/index.html | 23 ++++ tasks/ldap_search/task.py | 210 +++++++++++++++++++++++++++++ 39 files changed, 307 insertions(+) create mode 100644 tasks/ldap_search/howtos/en/Pic1.jpg create mode 100644 tasks/ldap_search/howtos/en/Pic2.1.jpg create mode 100644 tasks/ldap_search/howtos/en/Pic2.2.jpg create mode 100644 tasks/ldap_search/howtos/en/Pic2.3.jpg create mode 100644 tasks/ldap_search/howtos/en/Pic3.1.jpg create mode 100644 tasks/ldap_search/howtos/en/Pic3.2.jpg create mode 100644 tasks/ldap_search/howtos/en/Pic3.3.jpg create mode 100644 tasks/ldap_search/howtos/en/Pic3.4.jpg create mode 100644 tasks/ldap_search/howtos/en/Pic3.5.jpg create mode 100644 tasks/ldap_search/howtos/en/Pic3.6.jpg create mode 100644 tasks/ldap_search/howtos/en/Pic3.7.jpg create mode 100644 tasks/ldap_search/howtos/en/Pic3.8.jpg create mode 100644 tasks/ldap_search/howtos/en/Pic4.jpg create mode 100644 tasks/ldap_search/howtos/en/Pic5.jpg create mode 100644 tasks/ldap_search/howtos/en/Pic6.jpg create mode 100644 tasks/ldap_search/howtos/en/Pic7.jpg create mode 100644 tasks/ldap_search/howtos/en/Pic8.jpg create mode 100644 tasks/ldap_search/howtos/en/index.html create mode 100644 tasks/ldap_search/howtos/images/1.png create mode 100644 tasks/ldap_search/howtos/images/2.png create mode 100644 tasks/ldap_search/howtos/images/Pic1.jpg create mode 100644 tasks/ldap_search/howtos/images/Pic2.1.jpg create mode 100644 tasks/ldap_search/howtos/images/Pic2.2.jpg create mode 100644 tasks/ldap_search/howtos/images/Pic2.3.jpg create mode 100644 tasks/ldap_search/howtos/images/Pic3.1.jpg create mode 100644 tasks/ldap_search/howtos/images/Pic3.2.jpg create mode 100644 tasks/ldap_search/howtos/images/Pic3.3.jpg create mode 100644 tasks/ldap_search/howtos/images/Pic3.4.jpg create mode 100644 tasks/ldap_search/howtos/images/Pic3.5.jpg create mode 100644 tasks/ldap_search/howtos/images/Pic3.6.jpg create mode 100644 tasks/ldap_search/howtos/images/Pic3.7.jpg create mode 100644 tasks/ldap_search/howtos/images/Pic3.8.jpg create mode 100644 tasks/ldap_search/howtos/images/Pic4.jpg create mode 100644 tasks/ldap_search/howtos/images/Pic5.jpg create mode 100644 tasks/ldap_search/howtos/images/Pic6.jpg create mode 100644 tasks/ldap_search/howtos/images/Pic7.jpg create mode 100644 tasks/ldap_search/howtos/images/Pic8.jpg create mode 100644 tasks/ldap_search/howtos/si/index.html create mode 100644 tasks/ldap_search/task.py (limited to 'tasks/ldap_search') diff --git a/tasks/ldap_search/howtos/en/Pic1.jpg b/tasks/ldap_search/howtos/en/Pic1.jpg new file mode 100644 index 0000000..fecb706 Binary files /dev/null and b/tasks/ldap_search/howtos/en/Pic1.jpg differ diff --git a/tasks/ldap_search/howtos/en/Pic2.1.jpg b/tasks/ldap_search/howtos/en/Pic2.1.jpg new file mode 100644 index 0000000..085f1cc Binary files /dev/null and b/tasks/ldap_search/howtos/en/Pic2.1.jpg differ diff --git a/tasks/ldap_search/howtos/en/Pic2.2.jpg b/tasks/ldap_search/howtos/en/Pic2.2.jpg new file mode 100644 index 0000000..cb9975c Binary files /dev/null and b/tasks/ldap_search/howtos/en/Pic2.2.jpg differ diff --git a/tasks/ldap_search/howtos/en/Pic2.3.jpg b/tasks/ldap_search/howtos/en/Pic2.3.jpg new file mode 100644 index 0000000..1069e1a Binary files /dev/null and b/tasks/ldap_search/howtos/en/Pic2.3.jpg differ diff --git a/tasks/ldap_search/howtos/en/Pic3.1.jpg b/tasks/ldap_search/howtos/en/Pic3.1.jpg new file mode 100644 index 0000000..0c00ddd Binary files /dev/null and b/tasks/ldap_search/howtos/en/Pic3.1.jpg differ diff --git a/tasks/ldap_search/howtos/en/Pic3.2.jpg b/tasks/ldap_search/howtos/en/Pic3.2.jpg new file mode 100644 index 0000000..d488e43 Binary files /dev/null and b/tasks/ldap_search/howtos/en/Pic3.2.jpg differ diff --git a/tasks/ldap_search/howtos/en/Pic3.3.jpg b/tasks/ldap_search/howtos/en/Pic3.3.jpg new file mode 100644 index 0000000..2ea916c Binary files /dev/null and b/tasks/ldap_search/howtos/en/Pic3.3.jpg differ diff --git a/tasks/ldap_search/howtos/en/Pic3.4.jpg b/tasks/ldap_search/howtos/en/Pic3.4.jpg new file mode 100644 index 0000000..24db305 Binary files /dev/null and b/tasks/ldap_search/howtos/en/Pic3.4.jpg differ diff --git a/tasks/ldap_search/howtos/en/Pic3.5.jpg b/tasks/ldap_search/howtos/en/Pic3.5.jpg new file mode 100644 index 0000000..d2ff304 Binary files /dev/null and b/tasks/ldap_search/howtos/en/Pic3.5.jpg differ diff --git a/tasks/ldap_search/howtos/en/Pic3.6.jpg b/tasks/ldap_search/howtos/en/Pic3.6.jpg new file mode 100644 index 0000000..0ab07d0 Binary files /dev/null and b/tasks/ldap_search/howtos/en/Pic3.6.jpg differ diff --git a/tasks/ldap_search/howtos/en/Pic3.7.jpg b/tasks/ldap_search/howtos/en/Pic3.7.jpg new file mode 100644 index 0000000..44ca494 Binary files /dev/null and b/tasks/ldap_search/howtos/en/Pic3.7.jpg differ diff --git a/tasks/ldap_search/howtos/en/Pic3.8.jpg b/tasks/ldap_search/howtos/en/Pic3.8.jpg new file mode 100644 index 0000000..855353b Binary files /dev/null and b/tasks/ldap_search/howtos/en/Pic3.8.jpg differ diff --git a/tasks/ldap_search/howtos/en/Pic4.jpg b/tasks/ldap_search/howtos/en/Pic4.jpg new file mode 100644 index 0000000..4aab71d Binary files /dev/null and b/tasks/ldap_search/howtos/en/Pic4.jpg differ diff --git a/tasks/ldap_search/howtos/en/Pic5.jpg b/tasks/ldap_search/howtos/en/Pic5.jpg new file mode 100644 index 0000000..07a60de Binary files /dev/null and b/tasks/ldap_search/howtos/en/Pic5.jpg differ diff --git a/tasks/ldap_search/howtos/en/Pic6.jpg b/tasks/ldap_search/howtos/en/Pic6.jpg new file mode 100644 index 0000000..48c6606 Binary files /dev/null and b/tasks/ldap_search/howtos/en/Pic6.jpg differ diff --git a/tasks/ldap_search/howtos/en/Pic7.jpg b/tasks/ldap_search/howtos/en/Pic7.jpg new file mode 100644 index 0000000..58b8bdf Binary files /dev/null and b/tasks/ldap_search/howtos/en/Pic7.jpg differ diff --git a/tasks/ldap_search/howtos/en/Pic8.jpg b/tasks/ldap_search/howtos/en/Pic8.jpg new file mode 100644 index 0000000..c9d053e Binary files /dev/null and b/tasks/ldap_search/howtos/en/Pic8.jpg differ diff --git a/tasks/ldap_search/howtos/en/index.html b/tasks/ldap_search/howtos/en/index.html new file mode 100644 index 0000000..31bb1e9 --- /dev/null +++ b/tasks/ldap_search/howtos/en/index.html @@ -0,0 +1,74 @@ + + + + ldap_search + + + + +

ldap_search

+

Purpose of the exercise

+

How to setup a LDAP Server, to add entries to a LDAP Server, and to change users' rights to be able to add entries and change the attributes of entries.

+ +

How To

+ +
    +
  1. Create two virtual machines, SimpleArbiterDhcpGWLDAP(simpleArbiterDhcpGWLDAP.vdi) and LDAPServer(student-LDAPServer.vdi). +
    No img
  2. +
    +
  3. Change the network settings to both virtual machines. SimpleArbiterDhcpGWLDAP: Adapter 1 is set to "NAT" for internet access and + adapter 2 to "internal network" for local network. LDAPServer: Adapter 1 set to "internal network" sot that it is in the same internal network as SimpleArbiterDhcpGWLDAP. +
    No img +
    No img +
    No img
  4. +
    +
  5. In SimpleArbiterDhcpGWLDAP log in as user "tester", in LDAPServer log in as user "root", run the command "apt-get update" to update the list of packages and + open up another terminal by pressing "ALT+F2" and log in as user "student".
  6. +
    +
  7. In LDAPServer run the command "apt-get install slapd ldap-utils" to install these packages which are the LDAP server and tools to access and manage the LDAP server. +
    During the LDAP server installation you'll have to provide the password for the user "admin", the administrator of the server and confirm the password chosen.
  8. +
    +
  9. Configure the LDAP server by choosing the appropriate domain name and other configuration parameters. Execute the commmand "dpkg-reconfigure slapd". +
    No img +
    No img +
    No img +
    No img +
    No img +
    No img +
    No img +
    No img +
    a) If you will configure the "slapd" again don't forget to remove the old database "rm -rf /var/backups/unknown-2.4.44+dfsg-2.ldapdb".
  10. +
    +
  11. Now that the LDAP server is configured for use, try to open a third console and log in as user "student" and execute the command "ldapsearch -D cn=admin,dc=ceres-20,dc=kpov, + dc=lusy,dc=fri,dc=uni-lj,dc=si -W -b dc=ceres-20,dc=kpov,dc=lusy,dc=fri,dc=uni-lj,dc=si", which will show the entries in the server. +
    Because you will be using a lot the domain name to access the LDAP server you can set the environment variable "D", which will allow for quicker typing of commands. +
    "export D=dc=ceres-20,dc=kpov,dc=lusy,dc=fri,dc=uni-lj,dc=si" +
    "ldapsearch -D cn=admin,$D -wvaje -b $D"
  12. +
    +
  13. Create the file(LDIF format) "users.ldif" which will contain the objects(users) that we want to add to the LDAP server database. +
    No img +
    Execute the following command to add users to the LDAP server: +
    "ldapadd -D cn=admin,$D -wvaje -f users.ldif" +
    Add password to the users added to the LDAP server: +
    "ldappasswd -D cn=admin,$D -wvaje -sj2531e cn=ninavidmar,ou=users,$D" +
    "ldappasswd -D cn=admin,$D -wvaje -scTyRM0 cn=natalijaribnikar39,ou=users,$D" +
    Execute command "ldapsearch -D cn=natalijaribnikar39,ou=users,$D -wcTyRM0 -b $D" to bind to the LDAP server with the newly added user "natalijaribnikar39" and to see the entries currently in the LDAP server. +
    No img
  14. +
    +
  15. In order to change the users' rights settings, which allows a user to add entries to the directory and change values of attributes of entries in the directory you need to create an additional file acl.ldif: +
    To see which backend database is used and other settings related to the users' rights execute command "ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config" as root user in the system, which does not need the user authentication to the LDAP server. +
    No img +
    The settings in the acl.ldif file: +
    No img +
    Now to change users' rights run the command "ldapmodify -Y EXTERNAL -H ldapi:/// -f acl.ldif" as user "root" in the system.
  16. +
    +
  17. The user "natalijaribnikar39" has the right to add or change objects in the LDAP server. +
    Now try to bind to the LDAP server using "natalijaribnikar39" user's credentials and add a new user to the server directory. +
    "ldapadd -D cn=natalijaribnikar39,ou=users,$D -wcTyRM0 -f newuser.ldif"
  18. +
    +
  19. Now to test your result go to the SimpleArbiterDhcpGWLDAP virtual machine and run "./test_task.py" to run the test and see your score. +
    No img
  20. + +
+ + diff --git a/tasks/ldap_search/howtos/images/1.png b/tasks/ldap_search/howtos/images/1.png new file mode 100644 index 0000000..f4edca8 Binary files /dev/null and b/tasks/ldap_search/howtos/images/1.png differ diff --git a/tasks/ldap_search/howtos/images/2.png b/tasks/ldap_search/howtos/images/2.png new file mode 100644 index 0000000..4d4ebb5 Binary files /dev/null and b/tasks/ldap_search/howtos/images/2.png differ diff --git a/tasks/ldap_search/howtos/images/Pic1.jpg b/tasks/ldap_search/howtos/images/Pic1.jpg new file mode 100644 index 0000000..fecb706 Binary files /dev/null and b/tasks/ldap_search/howtos/images/Pic1.jpg differ diff --git a/tasks/ldap_search/howtos/images/Pic2.1.jpg b/tasks/ldap_search/howtos/images/Pic2.1.jpg new file mode 100644 index 0000000..085f1cc Binary files /dev/null and b/tasks/ldap_search/howtos/images/Pic2.1.jpg differ diff --git a/tasks/ldap_search/howtos/images/Pic2.2.jpg b/tasks/ldap_search/howtos/images/Pic2.2.jpg new file mode 100644 index 0000000..cb9975c Binary files /dev/null and b/tasks/ldap_search/howtos/images/Pic2.2.jpg differ diff --git a/tasks/ldap_search/howtos/images/Pic2.3.jpg b/tasks/ldap_search/howtos/images/Pic2.3.jpg new file mode 100644 index 0000000..1069e1a Binary files /dev/null and b/tasks/ldap_search/howtos/images/Pic2.3.jpg differ diff --git a/tasks/ldap_search/howtos/images/Pic3.1.jpg b/tasks/ldap_search/howtos/images/Pic3.1.jpg new file mode 100644 index 0000000..0c00ddd Binary files /dev/null and b/tasks/ldap_search/howtos/images/Pic3.1.jpg differ diff --git a/tasks/ldap_search/howtos/images/Pic3.2.jpg b/tasks/ldap_search/howtos/images/Pic3.2.jpg new file mode 100644 index 0000000..d488e43 Binary files /dev/null and b/tasks/ldap_search/howtos/images/Pic3.2.jpg differ diff --git a/tasks/ldap_search/howtos/images/Pic3.3.jpg b/tasks/ldap_search/howtos/images/Pic3.3.jpg new file mode 100644 index 0000000..2ea916c Binary files /dev/null and b/tasks/ldap_search/howtos/images/Pic3.3.jpg differ diff --git a/tasks/ldap_search/howtos/images/Pic3.4.jpg b/tasks/ldap_search/howtos/images/Pic3.4.jpg new file mode 100644 index 0000000..24db305 Binary files /dev/null and b/tasks/ldap_search/howtos/images/Pic3.4.jpg differ diff --git a/tasks/ldap_search/howtos/images/Pic3.5.jpg b/tasks/ldap_search/howtos/images/Pic3.5.jpg new file mode 100644 index 0000000..d2ff304 Binary files /dev/null and b/tasks/ldap_search/howtos/images/Pic3.5.jpg differ diff --git a/tasks/ldap_search/howtos/images/Pic3.6.jpg b/tasks/ldap_search/howtos/images/Pic3.6.jpg new file mode 100644 index 0000000..0ab07d0 Binary files /dev/null and b/tasks/ldap_search/howtos/images/Pic3.6.jpg differ diff --git a/tasks/ldap_search/howtos/images/Pic3.7.jpg b/tasks/ldap_search/howtos/images/Pic3.7.jpg new file mode 100644 index 0000000..44ca494 Binary files /dev/null and b/tasks/ldap_search/howtos/images/Pic3.7.jpg differ diff --git a/tasks/ldap_search/howtos/images/Pic3.8.jpg b/tasks/ldap_search/howtos/images/Pic3.8.jpg new file mode 100644 index 0000000..855353b Binary files /dev/null and b/tasks/ldap_search/howtos/images/Pic3.8.jpg differ diff --git a/tasks/ldap_search/howtos/images/Pic4.jpg b/tasks/ldap_search/howtos/images/Pic4.jpg new file mode 100644 index 0000000..4aab71d Binary files /dev/null and b/tasks/ldap_search/howtos/images/Pic4.jpg differ diff --git a/tasks/ldap_search/howtos/images/Pic5.jpg b/tasks/ldap_search/howtos/images/Pic5.jpg new file mode 100644 index 0000000..07a60de Binary files /dev/null and b/tasks/ldap_search/howtos/images/Pic5.jpg differ diff --git a/tasks/ldap_search/howtos/images/Pic6.jpg b/tasks/ldap_search/howtos/images/Pic6.jpg new file mode 100644 index 0000000..48c6606 Binary files /dev/null and b/tasks/ldap_search/howtos/images/Pic6.jpg differ diff --git a/tasks/ldap_search/howtos/images/Pic7.jpg b/tasks/ldap_search/howtos/images/Pic7.jpg new file mode 100644 index 0000000..58b8bdf Binary files /dev/null and b/tasks/ldap_search/howtos/images/Pic7.jpg differ diff --git a/tasks/ldap_search/howtos/images/Pic8.jpg b/tasks/ldap_search/howtos/images/Pic8.jpg new file mode 100644 index 0000000..c9d053e Binary files /dev/null and b/tasks/ldap_search/howtos/images/Pic8.jpg differ diff --git a/tasks/ldap_search/howtos/si/index.html b/tasks/ldap_search/howtos/si/index.html new file mode 100644 index 0000000..7370099 --- /dev/null +++ b/tasks/ldap_search/howtos/si/index.html @@ -0,0 +1,23 @@ + + + + + +

Naloga: ldap search

+

+

Povzetek naloge

+Ustvari 2 virtualna sistema SimpleArbiterDhcp ter LDAPServer ter se s SimpleArbiterDhcp povezi na LDAP server na drugem virtualnem sistemu. Ustvari uporabnika. +

+

+

Navodila

+ 1. Prenesite disk SimpleArbiterDhcp preko imenika s diski virtualnih naprav. + 2. V Virtualbox ustvarite nov racunalnik SimpleArbiterDhcp in uporabite prenešen disk.(Slika 1) + 3. Prav tako naredi drugi virtualni sistem poimenovan LDAPServer. + 4. Na oba sistema se prijavi kot uporabnik "root" z geslom "kaboom". + 5. Na sistemi LDAPServer namesti LDAP z ukazom 'apt-get install ldap-utils.(Slika 2) + 6. Po prenosu vkljucite LDAP server. + 7. S sistema SimpleArbiterDhcp se povezi na LDAP streznik na sistemu LDAPServer. + 8. Ustvari uporabnika na LDAP serverju. +

+ + diff --git a/tasks/ldap_search/task.py b/tasks/ldap_search/task.py new file mode 100644 index 0000000..29117db --- /dev/null +++ b/tasks/ldap_search/task.py @@ -0,0 +1,210 @@ +# kpov_util should be imported by add_assignment.py + +# Poveži se na strežnik LDAP prek spletnega vmesnika. Ustvari uporabnika z danim imenom in geslom. +# Napiši skripto, ki izpiše podatke o tem uporabniku z ldapsearch. + +# TODO: finish this! +instructions = { + 'si': '''\ +

+Ustvari dva navidezna računalnika: SimpleArbiter in LDAPServer. + +

+Na LDAPServer namesti strežnik LDAP. Strežnik naj skrbi za domeno + +

DC={{DOMAIN}},DC=kpov,DC=lusy,DC=fri,DC=uni-lj,DC=si
+ +

+V imeniku ustvari uporabnika + +

CN={{LDAP_USERNAME}},ou=users,DC={{DOMAIN}},DC=kpov,DC=lusy,DC=fri,DC=uni-lj,DC=si
+ +

+z geslom {{LDAP_PASSWORD}} in uporabnika + +

CN={{BIND_USERNAME}},ou=users,DC={{DOMAIN}},DC=kpov,DC=lusy,DC=fri,DC=uni-lj,DC=si
+ +

+z geslom {{BIND_PASSWORD}}. + +

+Poskrbi, da se bo lahko klient s SimpleArbiter povezal na LDAP strežnik na LDAPServer. +V primeru, da se klient poveže kot {{BIND_USERNAME}} z geslom {{BIND_PASSWORD}}, +naj strežnik omogoči spreminjanje podatkov za objekt + +

CN={{LDAP_USERNAME}},ou=users,DC={{DOMAIN}},DC=kpov,DC=lusy,DC=fri,DC=uni-lj,DC=si
+ +

+ter ustvarjanje novih objektov v + +

DC={{DOMAIN}},DC=kpov,DC=lusy,DC=fri,DC=uni-lj,DC=si
+
+CN = Common Name
+O = Organization
+OU = Organizational Unit
+DC = Domain Component
+
+''', + 'en': '''\ +

+Create two virtual machines: SimpleArbiter and LDAPServer. + +

+Set up an LDAP server on LDAPServer. Make it responsible for + +

DC={{DOMAIN}},DC=kpov,DC=lusy,DC=fri,DC=uni-lj,DC=si
+ +

+Create a user + +

CN={{LDAP_USERNAME}},ou=users,DC={{DOMAIN}},DC=kpov,DC=lusy,DC=fri,DC=uni-lj,DC=si
+ +

+with the password {{LDAP_PASSWORD}}, and a user + +

CN={{BIND_USERNAME}},ou=users,DC={{DOMAIN}},DC=kpov,DC=lusy,DC=fri,DC=uni-lj,DC=si
+ +

+with the password {{LDAP_PASSWORD}} . + +

+Make sure that a client from SimpleArbiter can connect to the LDAP server on LDAPServer. If the client identifies themself as {{BIND_USERNAME}} with the password {{BIND_PASSWORD}}, allow it to change data for the object + +

CN={{LDAP_USERNAME}},ou=users,DC={{DOMAIN}},DC=kpov,DC=lusy,DC=fri,DC=uni-lj,DC=si
+ +

+and to create objects in + +

DC={{DOMAIN}},DC=kpov,DC=lusy,DC=fri,DC=uni-lj,DC=si
+
+CN = Common Name
+O = Organization
+OU = Organizational Unit
+DC = Domain Component
+
+''', +} + +computers = { + 'LDAPServer': { + 'disks': [ + { 'name': 'student-LDAPServer', + }, + #{ 'name': 'CDROM', + # 'options':{'readonly': True}, + # 'parts': [],# no parts, no mounting. + #} + ], + 'network_interfaces': [{'network': 'net1'}], + 'flavor': 'm1.tiny', + 'config_drive': False + + }, + 'SimpleArbiter': { + 'disks': [ + { 'name': 'simpleArbiterDhcpGWLDAP', + # attempt automount + }, + #{ 'name': 'CDROM', + # 'options': {'readonly': True}, + # 'parts': [{'dev': 'b1', 'path': '/cdrom'}], + #}, + ], + 'network_interfaces': [{'network': 'net1'}, {'network': 'test-net'}], + 'flavor': 'm1.tiny', + 'config_drive': False + } +} + +networks = { 'net1': {'public': False}, 'test-net': {'public': True} } + +params_meta = { + 'LDAP_IP': {'descriptions': {'si': 'IP strežnika', 'en': 'Server IP'}, 'w': True, 'public':True, 'type': 'IP', 'generated': False}, + 'DOMAIN': {'descriptions': {'si': 'Domena (poddomena kpov.lusy.fri.uni-lj.si)', 'en': 'Domain (subdomain of kpov.lusy.fri.uni-lj.si)'}, 'w': False, 'public':True, 'type': 'username', 'generated': True}, + 'LDAP_USERNAME': {'descriptions': {'si': 'Uporabniško ime v LDAP', 'en': 'Username in LDAP'}, 'w': False, 'public':True, 'type': 'username', 'generated': True}, + 'LDAP_PASSWORD': {'descriptions': {'si': 'Geslo v LDAP', 'en': 'LDAP password'}, 'w': False, 'public':True, 'type': 'password', 'generated': True}, + 'BIND_USERNAME': {'descriptions': {'si': 'Uporabniško ime za dostop do LDAP (bind)', 'en': 'Bind username in LDAP'}, 'w': False, 'public':True, 'type': 'username', 'generated': True}, + 'BIND_PASSWORD': {'descriptions': {'si': 'Geslo za dostop do LDAP (bind)', 'en': 'Bind password in LDAP'}, 'w': False, 'public':True, 'type': 'password', 'generated': True}, +} + +def task(LDAP_IP, DOMAIN, LDAP_USERNAME, LDAP_PASSWORD, BIND_USERNAME, BIND_PASSWORD): + from pexpect import pxssh + import pexpect + results = dict() + FULLDOMAIN = "dc={DOMAIN},dc=kpov,dc=lusy,dc=fri,dc=uni-lj,dc=si".format( + **locals()) + BIND_DN = "cn={BIND_USERNAME},ou=Users,{FULLDOMAIN}".format(**locals()) + s = "ldapsearch -D {BIND_DN} -b {FULLDOMAIN} -w {BIND_PASSWORD}\ + -h {LDAP_IP}".format( + **locals()) + results['ldapsearch_before'] = pexpect.run(s) + s = "ldapmodify -D {BIND_DN} -w {BIND_PASSWORD} -h {LDAP_IP}".format( + **locals()) + modify = pexpect.spawn(s) + FORTUNE = kpov_util.hostname_gen(random.Random(str(LDAP_USERNAME))) + results['fortune'] = FORTUNE + s1 = """ +dn: cn={LDAP_USERNAME},ou=Users,{FULLDOMAIN} +changetype: modify +replace: description +description: {FORTUNE} +""".format(**locals()) + modify.write(s1) + modify.sendeof() + modify.expect(pexpect.EOF) + results['modify'] = modify.before + s = "ldapsearch -D {BIND_DN} -b {FULLDOMAIN} -w {BIND_PASSWORD}\ + -h {LDAP_IP}".format(**locals()) + results['ldapsearch_after'] = pexpect.run(s) + return results + +def gen_params(user_id, params_meta): + params = dict() + r = random.Random(user_id) + params['DOMAIN'] = kpov_util.hostname_gen(r) + params['LDAP_USERNAME'] = kpov_util.username_gen(r) + params['LDAP_PASSWORD'] = kpov_util.alnum_gen(r, 6) + params['BIND_USERNAME'] = kpov_util.username_gen(r) + params['BIND_PASSWORD'] = kpov_util.alnum_gen(r, 6) + return params + +def task_check(results, params): + import re + score = 0 + hints = [] + s = """.*dn: dc={DOMAIN},dc=kpov,dc=lusy,dc=fri,dc=uni-lj,dc=si\r[^#]* +objectClass: top\r +objectClass: dcObject\r +objectClass: organization\r +.*""".format(**params) +#dc: {DOMAIN}\r + if re.match(s, results['ldapsearch_before'], re.DOTALL): + score += 2 + else: + hints += ["domain missing in ldapsearch result"] + s = ".*cn: {}.*".format(re.escape(params['LDAP_USERNAME'])) + if re.search(s, results['ldapsearch_before']): + score += 2 + else: + hints += ["LDAP_USERNAME missing in: " + s + str(results['ldapsearch_before'])] + fortune = kpov_util.hostname_gen(random.Random(str(params['LDAP_USERNAME']))) + s = ".*cn: {0}.*description: {1}.*".format( + re.escape(params['LDAP_USERNAME']), re.escape(fortune)) + if re.match(s, results['ldapsearch_after'], re.DOTALL): + score += 2 + else: + hints += ["description missing after update:" + fortune + "\n" + s + str(results['modify']) + str(results['ldapsearch_after'])] + if results['ldapsearch_before'][:100] == results['ldapsearch_after'][:100]: + score += 2 + else: + hints += ["ldapsearch before equals after. This should not happen."] + s = '.*\r\nmodifying entry "cn={LDAP_USERNAME},ou=Users,dc={DOMAIN},dc=kpov,dc=lusy,dc=fri,dc=uni-lj,dc=si".*'.format( + **params) + if re.match(s, results['modify'], re.DOTALL): + score += 2 + else: + hints += ['Modify error' + s + str(results['modify'])] + return score, hints + +def prepare_disks(templates, task_params, global_params): + write_default_config(templates['simpleArbiterDhcpGWLDAP'], global_params) -- cgit v1.2.1