test_ldap: Read a publicly accessible attribute when testing anonymous bind

The usercertificate attribute is slated to not be readable for
anonymous users. Use associateddomain in $SUFFIX instead.

Reviewed-By: Martin Kosek <mkosek@redhat.com>

1 files changed, 4 insertions, 5 deletions

diff --git a/ipatests/test_ipaserver/test_ldap.py b/ipatests/test_ipaserver/test_ldap.py
index 254461c80..7168a69b0 100644
--- a/ipatests/test_ipaserver/test_ldap.py
+++ b/ipatests/test_ipaserver/test_ldap.py
@@ -61,11 +61,10 @@ class test_ldap(object):
         """
         self.conn = ldap2(shared_instance=False, ldap_uri=self.ldapuri)
         self.conn.connect()
-        entry_attrs = self.conn.get_entry(self.dn, ['usercertificate'])
-        cert = entry_attrs.get('usercertificate')
-        cert = cert[0]
-        serial = unicode(x509.get_serial_number(cert, x509.DER))
-        assert serial is not None
+        dn = api.env.basedn
+        entry_attrs = self.conn.get_entry(dn, ['associateddomain'])
+        domain = entry_attrs.single_value['associateddomain']
+        assert domain == api.env.domain
 
     def test_GSSAPI(self):
         """