From edee79a32f85da95198fc59eb94f5460d39eb872 Mon Sep 17 00:00:00 2001
From: Petr Viktorin <pviktori@redhat.com>
Date: Wed, 23 Apr 2014 19:09:31 +0200
Subject: test_ldap: Read a publicly accessible attribute when testing
 anonymous bind

The usercertificate attribute is slated to not be readable for
anonymous users. Use associateddomain in $SUFFIX instead.

Reviewed-By: Martin Kosek <mkosek@redhat.com>
---
 ipatests/test_ipaserver/test_ldap.py | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

(limited to 'ipatests/test_ipaserver/test_ldap.py')

diff --git a/ipatests/test_ipaserver/test_ldap.py b/ipatests/test_ipaserver/test_ldap.py
index 254461c80..7168a69b0 100644
--- a/ipatests/test_ipaserver/test_ldap.py
+++ b/ipatests/test_ipaserver/test_ldap.py
@@ -61,11 +61,10 @@ class test_ldap(object):
         """
         self.conn = ldap2(shared_instance=False, ldap_uri=self.ldapuri)
         self.conn.connect()
-        entry_attrs = self.conn.get_entry(self.dn, ['usercertificate'])
-        cert = entry_attrs.get('usercertificate')
-        cert = cert[0]
-        serial = unicode(x509.get_serial_number(cert, x509.DER))
-        assert serial is not None
+        dn = api.env.basedn
+        entry_attrs = self.conn.get_entry(dn, ['associateddomain'])
+        domain = entry_attrs.single_value['associateddomain']
+        assert domain == api.env.domain
 
     def test_GSSAPI(self):
         """
-- 
cgit