--- /dev/null
+# -*- text -*-
+#
+# test configuration file. Do not install/
+#
+# $id: $
+#
+
+#
+# Minimal radiusd.conf for testing
+#
+
+testdir = $ENV{TESTDIR}
+output = $ENV{OUTPUT}
+run_dir = ${output}
+raddb = raddb
+pidfile = ${run_dir}/radiusd.pid
+panic_action = "gdb -batch -x src/tests/panic.gdb %e %p > ${run_dir}/gdb.log 2>&1; cat ${run_dir}/gdb.log"
+
+maindir = ${raddb}
+radacctdir = ${run_dir}/radacct
+modconfdir = ${maindir}/mods-config
+certdir = ${maindir}/certs
+cadir = ${maindir}/certs
+test_port = $ENV{TEST_PORT}
+
+# Only for testing!
+# Setting this on a production system is a BAD IDEA.
+security {
+ allow_vulnerable_openssl = yes
+}
+
+# Only during migration
+migrate {
+ tmpl_tokenize_all_nested = yes
+}
+
+global {
+ ldap {
+ ldap_debug = 0x0801
+ }
+}
+
+policy {
+ linelogprep {
+ &control.Tmp-String-0 := "%{Packet-Type} %{LDAP-Sync.DN} %{LDAP-Sync.Entry-DN} %{Proto.radius.User-Name} %{Tmp-Integer-0} %{Tmp-String-0}"
+ }
+
+ $INCLUDE ${maindir}/policy.d/
+}
+
+client localhost {
+ ipaddr = 127.0.0.1
+ secret = testing123
+}
+
+modules {
+
+ linelog {
+ format = "%{control.Tmp-String-0}"
+ destination = file
+
+ file {
+ filename = "${run_dir}/linelog.out"
+ }
+ }
+
+ always reject {
+ rcode = reject
+ }
+ always fail {
+ rcode = fail
+ }
+ always ok {
+ rcode = ok
+ }
+ always handled {
+ rcode = handled
+ }
+ always invalid {
+ rcode = invalid
+ }
+ always disallow {
+ rcode = disallow
+ }
+ always notfound {
+ rcode = notfound
+ }
+ always noop {
+ rcode = noop
+ }
+ always updated {
+ rcode = updated
+ }
+
+}
+
+#
+# This virtual server connects to an LDAP server and listens
+# for packets received as the result of directory changes.
+#
+server test {
+ namespace = ldap_sync
+
+ listen {
+ transport = ldap
+
+ ldap {
+ server = $ENV{ACTIVE_DIRECTORY_TEST_SERVER}
+ identity = 'administrator@example.com'
+ password = 'secret123!'
+
+ options {
+ res_timeout = 120
+ srv_timelimit = 60
+ idle = 60
+ probes = 3
+ interval = 3
+ reconnection_delay = 10
+ }
+ }
+
+ sync {
+ base_dn = "CN=Users,dc=example,dc=com"
+ filter = "(userAccountControl:1.2.840.113556.1.4.803:=512)"
+ scope = 'sub'
+
+ update {
+ &Proto.radius.User-Name = 'sAMAccountName'
+ &Tmp-Integer-0 = 'userAccountControl'
+ }
+ }
+
+ sync {
+ base_dn = "CN=Deleted Objects,dc=example,dc=com"
+ filter = "(userAccountControl:1.2.840.113556.1.4.803:=512)"
+ sub = "one"
+
+ update {
+ &Proto.radius.User-Name = 'sAMAccountName'
+ &Tmp-Integer-0 = 'userAccountControl'
+ &Tmp-String-0 = 'isDeleted'
+ }
+ }
+ }
+
+ load Cookie {
+ }
+
+ store Cookie {
+ }
+
+ recv Add {
+ linelogprep
+ linelog
+ }
+
+ recv Modify {
+ linelogprep
+ linelog
+ }
+
+ recv Delete {
+ #
+ # The DN changes for each deleted object - normalise the variable bit
+ # so we can check the output
+ #
+ if (&LDAP-Sync[0].Entry-DN =~ /(CN=.+:)[a-f0-9-]+(,CN=Deleted Objects,DC=example,DC=com)/) {
+ &request.LDAP-Sync[0].Entry-DN := "%{1}oldid%{2}"
+ }
+ linelogprep
+ linelog
+ }
+
+ recv Present {
+ }
+
+}
projects / thirdparty / freeradius-server.git / commitdiff
