net-ldap 0.15.0 → 0.19.0

data/test/test_password.rb

@@ -1,10 +0,0 @@
-# $Id: testpsw.rb 72 2006-04-24 21:58:14Z blackhedd $
-
-require_relative 'test_helper'
-
-class TestPassword < Test::Unit::TestCase
-  def test_psw
-    assert_equal("{MD5}xq8jwrcfibi0sZdZYNkSng==", Net::LDAP::Password.generate( :md5, "cashflow" ))
-    assert_equal("{SHA}YE4eGkN4BvwNN1f5R7CZz0kFn14=", Net::LDAP::Password.generate( :sha, "cashflow" ))
-  end
-end

data/test/test_rename.rb

@@ -1,77 +0,0 @@
-require_relative 'test_helper'
-
-# Commented out since it assumes you have a live LDAP server somewhere. This
-# will be migrated to the integration specs, as soon as they are ready.
-=begin
-class TestRename < Test::Unit::TestCase
-  HOST= '10.10.10.71'
-  PORT = 389
-  BASE = "o=test"
-  AUTH = { :method => :simple, :username => "cn=testadmin,#{BASE}", :password => 'password' }
-  BASIC_USER = "cn=jsmith,ou=sales,#{BASE}"
-  RENAMED_USER = "cn=jbrown,ou=sales,#{BASE}"
-  MOVED_USER = "cn=jsmith,ou=marketing,#{BASE}"
-  RENAMED_MOVED_USER = "cn=jjones,ou=marketing,#{BASE}"
-
-  def setup
-    # create the entries we're going to manipulate
-    Net::LDAP::open(:host => HOST, :port => PORT, :auth => AUTH) do |ldap|
-      if ldap.add(:dn => "ou=sales,#{BASE}", :attributes => { :ou => "sales", :objectclass => "organizationalUnit" })
-        puts "Add failed: #{ldap.get_operation_result.message} - code: #{ldap.get_operation_result.code}"
-      end
-      ldap.add(:dn => "ou=marketing,#{BASE}", :attributes => { :ou => "marketing", :objectclass => "organizationalUnit" })
-      ldap.add(:dn => BASIC_USER, :attributes => { :cn => "jsmith", :objectclass => "inetOrgPerson", :sn => "Smith" })
-    end
-  end
-
-  def test_rename_entry
-    dn = nil
-    Net::LDAP::open(:host => HOST, :port => PORT, :auth => AUTH) do |ldap|
-      ldap.rename(:olddn => BASIC_USER, :newrdn => "cn=jbrown")
-
-      ldap.search(:base => RENAMED_USER) do |entry|
-        dn = entry.dn
-      end
-    end
-    assert_equal(RENAMED_USER, dn)
-  end
-
-  def test_move_entry
-    dn = nil
-    Net::LDAP::open(:host => HOST, :port => PORT, :auth => AUTH) do |ldap|
-      ldap.rename(:olddn => BASIC_USER, :newrdn => "cn=jsmith", :new_superior => "ou=marketing,#{BASE}")
-
-      ldap.search(:base => MOVED_USER) do |entry|
-        dn = entry.dn
-      end
-    end
-    assert_equal(MOVED_USER, dn)
-  end
-
-  def test_move_and_rename_entry
-    dn = nil
-    Net::LDAP::open(:host => HOST, :port => PORT, :auth => AUTH) do |ldap|
-      ldap.rename(:olddn => BASIC_USER, :newrdn => "cn=jjones", :new_superior => "ou=marketing,#{BASE}")
-
-      ldap.search(:base => RENAMED_MOVED_USER) do |entry|
-        dn = entry.dn
-      end
-    end
-    assert_equal(RENAMED_MOVED_USER, dn)
-  end
-
-  def teardown
-    # delete the entries
-    # note: this doesn't always completely clear up on eDirectory as objects get locked while
-    # the rename/move is being completed on the server and this prevents the delete from happening
-    Net::LDAP::open(:host => HOST, :port => PORT, :auth => AUTH) do |ldap|
-      ldap.delete(:dn => BASIC_USER)
-      ldap.delete(:dn => RENAMED_USER)
-      ldap.delete(:dn => MOVED_USER)
-      ldap.delete(:dn => RENAMED_MOVED_USER)
-      ldap.delete(:dn => "ou=sales,#{BASE}")
-      ldap.delete(:dn => "ou=marketing,#{BASE}")
-    end
-  end
-end
-=end

data/test/test_search.rb

@@ -1,39 +0,0 @@
-# -*- ruby encoding: utf-8 -*-
-require_relative 'test_helper'
-
-class TestSearch < Test::Unit::TestCase
-  class FakeConnection
-    def search(args)
-      OpenStruct.new(:result_code => Net::LDAP::ResultCodeOperationsError, :message => "error", :success? => false)
-    end
-  end
-
-  def setup
-    @service = MockInstrumentationService.new
-    @connection = Net::LDAP.new :instrumentation_service => @service
-    @connection.instance_variable_set(:@open_connection, FakeConnection.new)
-  end
-
-  def test_true_result
-    assert_nil @connection.search(:return_result => true)
-  end
-
-  def test_false_result
-    refute @connection.search(:return_result => false)
-  end
-
-  def test_no_result
-    assert_nil @connection.search
-  end
-
-  def test_instrumentation_publishes_event
-    events = @service.subscribe "search.net_ldap"
-
-    @connection.search(:filter => "test")
-
-    payload, result = events.pop
-    assert payload.key?(:result)
-    assert payload.key?(:filter)
-    assert_equal "test", payload[:filter]
-  end
-end

data/test/test_snmp.rb

@@ -1,119 +0,0 @@
-# $Id: testsnmp.rb 231 2006-12-21 15:09:29Z blackhedd $
-
-require_relative 'test_helper'
-require 'net/snmp'
-
-class TestSnmp < Test::Unit::TestCase
-  def self.raw_string(s)
-    # Conveniently, String#b only needs to be called when it exists
-    s.respond_to?(:b) ? s.b : s
-  end
-
-  SnmpGetRequest = raw_string("0'\002\001\000\004\006public\240\032\002\002?*\002\001\000\002\001\0000\0160\f\006\b+\006\001\002\001\001\001\000\005\000")
-  SnmpGetResponse = raw_string("0+\002\001\000\004\006public\242\036\002\002'\017\002\001\000\002\001\0000\0220\020\006\b+\006\001\002\001\001\001\000\004\004test")
-
-  SnmpGetRequestXXX = raw_string("0'\002\001\000\004\006xxxxxx\240\032\002\002?*\002\001\000\002\001\0000\0160\f\006\b+\006\001\002\001\001\001\000\005\000")
-
-  def test_invalid_packet
-    data = "xxxx"
-    assert_raise(Net::BER::BerError) do
-ary = data.read_ber(Net::SNMP::AsnSyntax)
-    end
-  end
-
-  # The method String#read_ber! added by Net::BER consumes a well-formed BER
-  # object from the head of a string. If it doesn't find a complete,
-  # well-formed BER object, it returns nil and leaves the string unchanged.
-  # If it finds an object, it returns the object and removes it from the
-  # head of the string. This is good for handling partially-received data
-  # streams, such as from network connections.
-  def _test_consume_string
-    data = "xxx"
-    assert_equal(nil, data.read_ber!)
-    assert_equal("xxx", data)
-
-    data = SnmpGetRequest + "!!!"
-    ary = data.read_ber!(Net::SNMP::AsnSyntax)
-    assert_equal("!!!", data)
-    assert ary.is_a?(Array)
-    assert ary.is_a?(Net::BER::BerIdentifiedArray)
-  end
-
-  def test_weird_packet
-    assert_raise(Net::SnmpPdu::Error) do
-Net::SnmpPdu.parse("aaaaaaaaaaaaaa")
-    end
-  end
-
-  def test_get_request
-    data = SnmpGetRequest.dup
-    pkt = data.read_ber(Net::SNMP::AsnSyntax)
-    assert pkt.is_a?(Net::BER::BerIdentifiedArray)
-    assert_equal(48, pkt.ber_identifier) # Constructed [0], signifies GetRequest
-
-    pdu = Net::SnmpPdu.parse(pkt)
-    assert_equal(:get_request, pdu.pdu_type)
-    assert_equal(16170, pdu.request_id) # whatever was in the test data. 16170 is not magic.
-    assert_equal([[[1, 3, 6, 1, 2, 1, 1, 1, 0], nil]], pdu.variables)
-
-    assert_equal(pdu.to_ber_string, SnmpGetRequest)
-  end
-
-  def test_empty_pdu
-    pdu = Net::SnmpPdu.new
-    assert_raise(Net::SnmpPdu::Error) { pdu.to_ber_string }
-  end
-
-  def test_malformations
-    pdu = Net::SnmpPdu.new
-    pdu.version = 0
-    pdu.version = 2
-    assert_raise(Net::SnmpPdu::Error) { pdu.version = 100 }
-
-    pdu.pdu_type = :get_request
-    pdu.pdu_type = :get_next_request
-    pdu.pdu_type = :get_response
-    pdu.pdu_type = :set_request
-    pdu.pdu_type = :trap
-    assert_raise(Net::SnmpPdu::Error) { pdu.pdu_type = :something_else }
-  end
-
-  def test_make_response
-    pdu = Net::SnmpPdu.new
-    pdu.version = 0
-    pdu.community = "public"
-    pdu.pdu_type = :get_response
-    pdu.request_id = 9999
-    pdu.error_status = 0
-    pdu.error_index = 0
-    pdu.add_variable_binding [1, 3, 6, 1, 2, 1, 1, 1, 0], "test"
-
-    assert_equal(SnmpGetResponse, pdu.to_ber_string)
-  end
-
-  def test_make_bad_response
-    pdu = Net::SnmpPdu.new
-    assert_raise(Net::SnmpPdu::Error) {pdu.to_ber_string}
-    pdu.pdu_type = :get_response
-    pdu.request_id = 999
-    pdu.to_ber_string
-    # Not specifying variables doesn't create an error. (Maybe it should?)
-  end
-
-  def test_snmp_integers
-    c32 = Net::SNMP::Counter32.new(100)
-    assert_equal("A\001d", c32.to_ber)
-    g32 = Net::SNMP::Gauge32.new(100)
-    assert_equal("B\001d", g32.to_ber)
-    t32 = Net::SNMP::TimeTicks32.new(100)
-    assert_equal("C\001d", t32.to_ber)
-  end
-
-  def test_community
-    data = SnmpGetRequestXXX.dup
-    ary = data.read_ber(Net::SNMP::AsnSyntax)
-    pdu = Net::SnmpPdu.parse(ary)
-    assert_equal("xxxxxx", pdu.community)
-  end
-
-end

data/test/test_ssl_ber.rb

@@ -1,40 +0,0 @@
-require_relative 'test_helper'
-require 'timeout'
-
-class TestSSLBER < Test::Unit::TestCase
-  # Transmits str to @to and reads it back from @from.
-  #
-  def transmit(str)
-    Timeout::timeout(1) do
-      @to.write(str)
-      @to.close
-
-      @from.read
-    end
-  end
-
-  def setup
-    @from, @to = IO.pipe
-
-    # The production code operates on sockets, which do need #connect called
-    # on them to work. Pipes are more robust for this test, so we'll skip
-    # the #connect call since it fails.
-    #
-    # TODO: Replace test with real socket
-    # https://github.com/ruby-ldap/ruby-net-ldap/pull/121#discussion_r18746386
-    flexmock(OpenSSL::SSL::SSLSocket).
-      new_instances.should_receive(:connect => nil)
-
-    @to   = Net::LDAP::Connection.wrap_with_ssl(@to)
-    @from = Net::LDAP::Connection.wrap_with_ssl(@from)
-  end
-
-  def test_transmit_strings
-    assert_equal "foo", transmit("foo")
-  end
-
-  def test_transmit_ber_encoded_numbers
-    @to.write 1234.to_ber
-    assert_equal 1234, @from.read_ber
-  end
-end

data/test/testdata.ldif

@@ -1,101 +0,0 @@
-# $Id: testdata.ldif 50 2006-04-17 17:57:33Z blackhedd $
-#
-# This is test-data for an LDAP server in LDIF format.
-#
-dn: dc=bayshorenetworks,dc=com
-objectClass: dcObject
-objectClass: organization
-o: Bayshore Networks LLC
-dc: bayshorenetworks
-
-dn: cn=Manager,dc=bayshorenetworks,dc=com
-objectClass: organizationalrole
-cn: Manager
-
-dn: ou=people,dc=bayshorenetworks,dc=com
-objectClass: organizationalunit
-ou: people
-
-dn: ou=privileges,dc=bayshorenetworks,dc=com
-objectClass: organizationalunit
-ou: privileges
-
-dn: ou=roles,dc=bayshorenetworks,dc=com
-objectClass: organizationalunit
-ou: roles
-
-dn: ou=office,dc=bayshorenetworks,dc=com
-objectClass: organizationalunit
-ou: office
-
-dn: mail=nogoodnik@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
-cn: Bob Fosse
-mail: nogoodnik@steamheat.net
-sn: Fosse
-ou: people
-objectClass: top
-objectClass: inetorgperson
-objectClass: authorizedperson
-hasAccessRole: uniqueIdentifier=engineer,ou=roles
-hasAccessRole: uniqueIdentifier=ldapadmin,ou=roles
-hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
-hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
-hasAccessRole: uniqueIdentifier=ogilvy_eagle_user,ou=roles
-hasAccessRole: uniqueIdentifier=greenplug_user,ou=roles
-hasAccessRole: uniqueIdentifier=brandplace_logging_user,ou=roles
-hasAccessRole: uniqueIdentifier=brandplace_report_user,ou=roles
-hasAccessRole: uniqueIdentifier=workorder_user,ou=roles
-hasAccessRole: uniqueIdentifier=bayshore_eagle_user,ou=roles
-hasAccessRole: uniqueIdentifier=bayshore_eagle_superuser,ou=roles
-hasAccessRole: uniqueIdentifier=kledaras_user,ou=roles
-
-dn: mail=elephant@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
-cn: Gwen Verdon
-mail: elephant@steamheat.net
-sn: Verdon
-ou: people
-objectClass: top
-objectClass: inetorgperson
-objectClass: authorizedperson
-hasAccessRole: uniqueIdentifier=brandplace_report_user,ou=roles
-hasAccessRole: uniqueIdentifier=engineer,ou=roles
-hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
-hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
-hasAccessRole: uniqueIdentifier=ldapadmin,ou=roles
-
-dn: uniqueIdentifier=engineering,ou=privileges,dc=bayshorenetworks,dc=com
-uniqueIdentifier: engineering
-ou: privileges
-objectClass: accessPrivilege
-
-dn: uniqueIdentifier=engineer,ou=roles,dc=bayshorenetworks,dc=com
-uniqueIdentifier: engineer
-ou: roles
-objectClass: accessRole
-hasAccessPrivilege: uniqueIdentifier=engineering,ou=privileges
-
-dn: uniqueIdentifier=ldapadmin,ou=roles,dc=bayshorenetworks,dc=com
-uniqueIdentifier: ldapadmin
-ou: roles
-objectClass: accessRole
-
-dn: uniqueIdentifier=ldapsuperadmin,ou=roles,dc=bayshorenetworks,dc=com
-uniqueIdentifier: ldapsuperadmin
-ou: roles
-objectClass: accessRole
-
-dn: mail=catperson@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
-cn: Sid Sorokin
-mail: catperson@steamheat.net
-sn: Sorokin
-ou: people
-objectClass: top
-objectClass: inetorgperson
-objectClass: authorizedperson
-hasAccessRole: uniqueIdentifier=engineer,ou=roles
-hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
-hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
-hasAccessRole: uniqueIdentifier=ogilvy_eagle_user,ou=roles
-hasAccessRole: uniqueIdentifier=greenplug_user,ou=roles
-hasAccessRole: uniqueIdentifier=workorder_user,ou=roles
-

data/testserver/ldapserver.rb

@@ -1,209 +0,0 @@
-# $Id$
-#
-# Copyright (C) 2006 by Francis Cianfrocca. All Rights Reserved.
-# Gmail account: garbagecat10.
-#
-# This is an LDAP server intended for unit testing of Net::LDAP.
-# It implements as much of the protocol as we have the stomach
-# to implement but serves static data. Use ldapsearch to test
-# this server!
-#
-# To make this easier to write, we use the Ruby/EventMachine
-# reactor library.
-#
-
-#------------------------------------------------
-
-module LdapServer
-
-  LdapServerAsnSyntax = {
-    :application => {
-      :constructed => {
-        0 => :array,               # LDAP BindRequest
-        3 => :array                # LDAP SearchRequest
-      },
-      :primitive => {
-        2 => :string,              # ldapsearch sends this to unbind
-      },
-    },
-    :context_specific => {
-      :primitive => {
-        0 => :string,              # simple auth (password)
-        7 => :string               # present filter
-      },
-      :constructed => {
-        3 => :array                # equality filter
-      },
-    },
-  }
-
-  def post_init
-    $logger.info "Accepted LDAP connection"
-    @authenticated = false
-  end
-
-  def receive_data data
-    @data ||= ""; @data << data
-    while pdu = @data.read_ber!(LdapServerAsnSyntax)
-      begin
-      handle_ldap_pdu pdu
-      rescue
-        $logger.error "closing connection due to error #{$!}"
-        close_connection
-      end
-    end
-  end
-
-  def handle_ldap_pdu pdu
-    tag_id = pdu[1].ber_identifier
-    case tag_id
-    when 0x60
-      handle_bind_request pdu
-    when 0x63
-      handle_search_request pdu
-    when 0x42
-      # bizarre thing, it's a null object (primitive application-2)
-      # sent by ldapsearch to request an unbind (or a kiss-off, not sure which)
-      close_connection_after_writing
-    else
-      $logger.error "received unknown packet-type #{tag_id}"
-      close_connection_after_writing
-    end
-  end
-
-  def handle_bind_request pdu
-    # TODO, return a proper LDAP error instead of blowing up on version error
-    if pdu[1][0] != 3
-      send_ldap_response 1, pdu[0].to_i, 2, "", "We only support version 3"
-    elsif pdu[1][1] != "cn=bigshot,dc=bayshorenetworks,dc=com"
-      send_ldap_response 1, pdu[0].to_i, 48, "", "Who are you?"
-    elsif pdu[1][2].ber_identifier != 0x80
-      send_ldap_response 1, pdu[0].to_i, 7, "", "Keep it simple, man"
-    elsif pdu[1][2] != "opensesame"
-      send_ldap_response 1, pdu[0].to_i, 49, "", "Make my day"
-    else
-      @authenticated = true
-      send_ldap_response 1, pdu[0].to_i, 0, pdu[1][1], "I'll take it"
-    end
-  end
-
-
-
-  #--
-  # Search Response ::=
-  #       CHOICE {
-  #            entry          [APPLICATION 4] SEQUENCE {
-  #                                objectName     LDAPDN,
-  #                                attributes     SEQUENCE OF SEQUENCE {
-  #                                                    AttributeType,
-  #                                                    SET OF AttributeValue
-  #                                               }
-  #                           },
-  #            resultCode     [APPLICATION 5] LDAPResult
-  #        }
-  def handle_search_request pdu
-    unless @authenticated
-      # NOTE, early exit.
-      send_ldap_response 5, pdu[0].to_i, 50, "", "Who did you say you were?"
-      return
-    end
-
-    treebase = pdu[1][0]
-    if treebase != "dc=bayshorenetworks,dc=com"
-      send_ldap_response 5, pdu[0].to_i, 32, "", "unknown treebase"
-      return
-    end
-
-    msgid = pdu[0].to_i.to_ber
-
-    # pdu[1][7] is the list of requested attributes.
-    # If it's an empty array, that means that *all* attributes were requested.
-    requested_attrs = if pdu[1][7].length > 0
-      pdu[1][7].map(&:downcase)
-    else
-      :all
-    end
-
-    filters = pdu[1][6]
-    if filters.length == 0
-      # NOTE, early exit.
-      send_ldap_response 5, pdu[0].to_i, 53, "", "No filter specified"
-    end
-
-    # TODO, what if this returns nil?
-    filter = Net::LDAP::Filter.parse_ldap_filter( filters )
-
-    $ldif.each do |dn, entry|
-      if filter.match( entry )
-        attrs = []
-        entry.each do |k, v|
-          if requested_attrs == :all or requested_attrs.include?(k.downcase)
-            attrvals = v.map(&:to_ber).to_ber_set
-            attrs << [k.to_ber, attrvals].to_ber_sequence
-          end
-        end
-
-        appseq = [dn.to_ber, attrs.to_ber_sequence].to_ber_appsequence(4)
-        pkt = [msgid.to_ber, appseq].to_ber_sequence
-        send_data pkt
-      end
-    end
-
-
-    send_ldap_response 5, pdu[0].to_i, 0, "", "Was that what you wanted?"
-  end
-
-
-
-  def send_ldap_response pkt_tag, msgid, code, dn, text
-    send_data( [msgid.to_ber, [code.to_ber, dn.to_ber, text.to_ber].to_ber_appsequence(pkt_tag)].to_ber )
-  end
-
-end
-
-
-#------------------------------------------------
-
-# Rather bogus, a global method, which reads a HARDCODED filename
-# parses out LDIF data. It will be used to serve LDAP queries out of this server.
-#
-def load_test_data
-  ary = File.readlines( "./testdata.ldif" )
-  hash = {}
-  while line = ary.shift and line.chomp!
-    if line =~ /^dn:[\s]*/i
-      dn = $'
-      hash[dn] = {}
-      while attr = ary.shift and attr.chomp! and attr =~ /^([\w]+)[\s]*:[\s]*/
-        hash[dn][$1.downcase] ||= []
-        hash[dn][$1.downcase] << $'
-      end
-    end
-  end
-  hash
-end
-
-
-#------------------------------------------------
-
-if __FILE__ == $0
-
-  require 'rubygems'
-  require 'eventmachine'
-
-  require 'logger'
-  $logger = Logger.new $stderr
-
-  $logger.info "adding ../lib to loadpath, to pick up dev version of Net::LDAP."
-  $:.unshift "../lib"
-
-  $ldif = load_test_data
-
-  require 'net/ldap'
-
-  EventMachine.run do
-    $logger.info "starting LDAP server on 127.0.0.1 port 3890"
-    EventMachine.start_server "127.0.0.1", 3890, LdapServer
-    EventMachine.add_periodic_timer 60, proc {$logger.info "heartbeat"}
-  end
-end

data/testserver/testdata.ldif

@@ -1,101 +0,0 @@
-# $Id$
-#
-# This is test-data for an LDAP server in LDIF format.
-#
-dn: dc=bayshorenetworks,dc=com
-objectClass: dcObject
-objectClass: organization
-o: Bayshore Networks LLC
-dc: bayshorenetworks
-
-dn: cn=Manager,dc=bayshorenetworks,dc=com
-objectClass: organizationalrole
-cn: Manager
-
-dn: ou=people,dc=bayshorenetworks,dc=com
-objectClass: organizationalunit
-ou: people
-
-dn: ou=privileges,dc=bayshorenetworks,dc=com
-objectClass: organizationalunit
-ou: privileges
-
-dn: ou=roles,dc=bayshorenetworks,dc=com
-objectClass: organizationalunit
-ou: roles
-
-dn: ou=office,dc=bayshorenetworks,dc=com
-objectClass: organizationalunit
-ou: office
-
-dn: mail=nogoodnik@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
-cn: Bob Fosse
-mail: nogoodnik@steamheat.net
-sn: Fosse
-ou: people
-objectClass: top
-objectClass: inetorgperson
-objectClass: authorizedperson
-hasAccessRole: uniqueIdentifier=engineer,ou=roles
-hasAccessRole: uniqueIdentifier=ldapadmin,ou=roles
-hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
-hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
-hasAccessRole: uniqueIdentifier=ogilvy_eagle_user,ou=roles
-hasAccessRole: uniqueIdentifier=greenplug_user,ou=roles
-hasAccessRole: uniqueIdentifier=brandplace_logging_user,ou=roles
-hasAccessRole: uniqueIdentifier=brandplace_report_user,ou=roles
-hasAccessRole: uniqueIdentifier=workorder_user,ou=roles
-hasAccessRole: uniqueIdentifier=bayshore_eagle_user,ou=roles
-hasAccessRole: uniqueIdentifier=bayshore_eagle_superuser,ou=roles
-hasAccessRole: uniqueIdentifier=kledaras_user,ou=roles
-
-dn: mail=elephant@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
-cn: Gwen Verdon
-mail: elephant@steamheat.net
-sn: Verdon
-ou: people
-objectClass: top
-objectClass: inetorgperson
-objectClass: authorizedperson
-hasAccessRole: uniqueIdentifier=brandplace_report_user,ou=roles
-hasAccessRole: uniqueIdentifier=engineer,ou=roles
-hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
-hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
-hasAccessRole: uniqueIdentifier=ldapadmin,ou=roles
-
-dn: uniqueIdentifier=engineering,ou=privileges,dc=bayshorenetworks,dc=com
-uniqueIdentifier: engineering
-ou: privileges
-objectClass: accessPrivilege
-
-dn: uniqueIdentifier=engineer,ou=roles,dc=bayshorenetworks,dc=com
-uniqueIdentifier: engineer
-ou: roles
-objectClass: accessRole
-hasAccessPrivilege: uniqueIdentifier=engineering,ou=privileges
-
-dn: uniqueIdentifier=ldapadmin,ou=roles,dc=bayshorenetworks,dc=com
-uniqueIdentifier: ldapadmin
-ou: roles
-objectClass: accessRole
-
-dn: uniqueIdentifier=ldapsuperadmin,ou=roles,dc=bayshorenetworks,dc=com
-uniqueIdentifier: ldapsuperadmin
-ou: roles
-objectClass: accessRole
-
-dn: mail=catperson@steamheat.net,ou=people,dc=bayshorenetworks,dc=com
-cn: Sid Sorokin
-mail: catperson@steamheat.net
-sn: Sorokin
-ou: people
-objectClass: top
-objectClass: inetorgperson
-objectClass: authorizedperson
-hasAccessRole: uniqueIdentifier=engineer,ou=roles
-hasAccessRole: uniqueIdentifier=ogilvy_elephant_user,ou=roles
-hasAccessRole: uniqueIdentifier=ldapsuperadmin,ou=roles
-hasAccessRole: uniqueIdentifier=ogilvy_eagle_user,ou=roles
-hasAccessRole: uniqueIdentifier=greenplug_user,ou=roles
-hasAccessRole: uniqueIdentifier=workorder_user,ou=roles
-