diff --git a/.gitignore b/.gitignore index 4ed824d..42934af 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,3 @@ .env /target -config.yaml /tests/environment/zitadel/service-user.json diff --git a/src/lib.rs b/src/lib.rs index 68e5cc1..31c12a6 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -38,7 +38,10 @@ async fn get_user_changes( ReceiverStream::new(ldap_receiver) .fold((vec![], vec![], vec![]), |(mut added, mut changed, mut removed), entry_status| { match entry_status { - EntryStatus::New(entry) => added.push(entry), + EntryStatus::New(entry) => { + tracing::debug!("New entry: {:?}", entry); + added.push(entry); + } EntryStatus::Changed { old: _, new } => changed.push(new), EntryStatus::Removed(entry) => removed.push(entry), }; diff --git a/tests/e2e.rs b/tests/e2e.rs index bfe636b..303815d 100644 --- a/tests/e2e.rs +++ b/tests/e2e.rs @@ -2,7 +2,7 @@ use std::{collections::HashSet, path::Path, time::Duration}; -use ldap3::{Ldap, LdapConnAsync, LdapConnSettings}; +use ldap3::{Ldap, LdapConnAsync, LdapConnSettings, SearchEntry}; use test_log::test; use tokio::sync::OnceCell; @@ -16,15 +16,17 @@ async fn test_e2e_simple_sync() { let mut ldap = open_ldap_connection().await; ldap.add( - "uid=bobby,ou=people,dc=example,dc=com", + &format!("cn=Bob,{}", config().await.ldap.base_dn.as_str()), vec![ - ("givenname", HashSet::from(["Bob"])), - ("sn", HashSet::from(["Wopper"])), - ("cn", HashSet::from(["Bobby"])), + ("objectClass", HashSet::from(["inetOrgPerson", "shadowAccount"])), + ("cn", HashSet::from(["Bob"])), + ("sn", HashSet::from(["Tables"])), + ("displayName", HashSet::from(["Bobby"])), ("mail", HashSet::from(["bobby@famedly.de"])), - ("entryuuid", HashSet::from(["8bd4ac58-c5e9-4e9e-b937-35f5a764874d"])), - ("telephonenumber", HashSet::from(["+4255123541"])), - ("useraccountcontrol", HashSet::from(["512"])), + // ("ObjectGUID", HashSet::from(["8bd4ac58-c5e9-4e9e-b937-35f5a764874d"])), + ("telephoneNumber", HashSet::from(["+4255123541"])), + ("uid", HashSet::from(["bobby"])), + ("shadowInactive", HashSet::from(["512"])), ], ) .await @@ -55,7 +57,7 @@ async fn open_ldap_connection() -> Ldap { ldap3::drive!(conn); - ldap.simple_bind("cn=admin,ou=people,dc=example,dc=com", "password") + ldap.simple_bind(&config.ldap.bind_dn, &config.ldap.bind_password) .await .expect("could not authenticate to ldap"); diff --git a/tests/environment/certs/test-ldap-ca.crt b/tests/environment/certs/test-ldap-ca.crt new file mode 100644 index 0000000..3f339d2 --- /dev/null +++ b/tests/environment/certs/test-ldap-ca.crt @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFDTCCAvWgAwIBAgIUM4mnmTsMjzz2blsXTuiU415vPw0wDQYJKoZIhvcNAQEL +BQAwFjEUMBIGA1UEAwwLZXhhbXBsZS5vcmcwHhcNMjQwNzE5MTUyOTUyWhcNMjQw +ODE4MTUyOTUyWjAWMRQwEgYDVQQDDAtleGFtcGxlLm9yZzCCAiIwDQYJKoZIhvcN +AQEBBQADggIPADCCAgoCggIBAPexEcZ80b6nczjeCvoXwuFhXLpGrXGC0YJlf/Tf +TqusBW6vz6R0S/XzIVrVhNgLby3et4WwIderkECRtt4+KSxlXdh3gbS3oNpVPxI1 +KF/m9RMnesDv+iSSchDSOSHmfU+96dDy1FcDEQebD+S9C2ZWh+K30oL/zI3r9/jc +L8XLBukz4QYsk+Pnj8wkgYfcYDllrY9P1k8Cl/h6VB0kiAO+C1QWWILHyBA7A8TL +VbLapwLGx6FiX6ENqhbo2kixauwNuOa/y2TMgGCAXI1lPKRzn13uPbURR3zuHngt +yfdmOw660tJV8ZV09YTQQfnLffcPAsZ3vEU9Bo1WXcwRpF4557b+bN5SvQgggI3j +nlctHBPgxb0dqDdYrWoFshK4tD81fqqUuDIFI384+WLtsrYlL+qVOMYTb0KbI1UP +ZbJHi6GM6FJR+cT3WppAd63umK3m5RcJrPohBh3rApfDHl84CzdSkAsS3vPQVGN5 +DXc5CY7UGpG/wSgdDkTL9hi5srgvaenxngHhSh8Of01AlGC2DaU9IcTrmD2fXWmK ++xflxqB+YQ1hM1e3OZqHde5y+tDT4L5E6OERekBKNq8lGE+wQe6loVD6mJ51GVp9 +ONFX2O9xO/1Hnc88IT8+z5GhHj6soorYTnW3LX0TcyHI4LhoiN/hWX/SYlxs++Tw +XWY7AgMBAAGjUzBRMB0GA1UdDgQWBBTuqAwYCSvqgfgZTOl8LrfZZdrZJjAfBgNV +HSMEGDAWgBTuqAwYCSvqgfgZTOl8LrfZZdrZJjAPBgNVHRMBAf8EBTADAQH/MA0G +CSqGSIb3DQEBCwUAA4ICAQCrfR4dHwrKLF0244Q+Q+66W0/baiaiulgWdQLqy07W +/xjK2w6+vG1oszbwA6fFuIVipiNV7g8nmYaPEI8EA/MyWEx/UPQHtIKZhZsS+7my +S8wR3aXV6/bmgILTCgk++1ZWIODVOJyD7mR/TjbJcRHXJlO8Ri1uIMhFyBeiUC84 +jWDBJgnDefr63A6lxlTusvJ2CuIwhh3RuqDc4iJzgSuzI+PcAeceAerIHRPgu6qh +SjZ1rFdwkVPzqM+snwlCk65Xv5F73SrFJKBIq/NN7vIx6zpVSOUJx6vlgwATNWuM +LF6jTATwAOl3w1aaHIrlzwNauwRjaY5H8SkAr5HluBs0DtLQPKUkl2WOyxIpDjCm +4BiBlu+sxvauLQpRo+RiBjnJvW5/cjGgIShtrd0fDlq1inupApAT3jGEZJtQYwlF +pGm1McXJ0kYKJUo+nsuETY+OmCmgF70Je6G1yCgWpPdY5r47n2UwQB7MZpXCQ1L7 +/Wh0V5L9rV626OfEWFZYGxE02G60/QyQQXCGusrfvJVRX3FoB9tAXvfaoruuXx+d +UOP0VrM/HP6EnieiZXCMzWWfiPyV3ZCI/wn0xUGQDJATZkXfOb5nxdh/zfT9eWUR +cB8JaHufyGdt8JMyrm1Sd629bG5A3AfIiKOxmSzssBIn407Dy/z/OQLPmVB8km1g +/w== +-----END CERTIFICATE----- diff --git a/tests/environment/certs/test-ldap-ca.key b/tests/environment/certs/test-ldap-ca.key new file mode 100644 index 0000000..8883b85 --- /dev/null +++ b/tests/environment/certs/test-ldap-ca.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQD3sRHGfNG+p3M4 +3gr6F8LhYVy6Rq1xgtGCZX/0306rrAVur8+kdEv18yFa1YTYC28t3reFsCHXq5BA +kbbePiksZV3Yd4G0t6DaVT8SNShf5vUTJ3rA7/okknIQ0jkh5n1PvenQ8tRXAxEH +mw/kvQtmVofit9KC/8yN6/f43C/FywbpM+EGLJPj54/MJIGH3GA5Za2PT9ZPApf4 +elQdJIgDvgtUFliCx8gQOwPEy1Wy2qcCxsehYl+hDaoW6NpIsWrsDbjmv8tkzIBg +gFyNZTykc59d7j21EUd87h54Lcn3ZjsOutLSVfGVdPWE0EH5y333DwLGd7xFPQaN +Vl3MEaReOee2/mzeUr0IIICN455XLRwT4MW9Hag3WK1qBbISuLQ/NX6qlLgyBSN/ +OPli7bK2JS/qlTjGE29CmyNVD2WyR4uhjOhSUfnE91qaQHet7pit5uUXCaz6IQYd +6wKXwx5fOAs3UpALEt7z0FRjeQ13OQmO1BqRv8EoHQ5Ey/YYubK4L2np8Z4B4Uof +Dn9NQJRgtg2lPSHE65g9n11pivsX5cagfmENYTNXtzmah3XucvrQ0+C+ROjhEXpA +SjavJRhPsEHupaFQ+piedRlafTjRV9jvcTv9R53PPCE/Ps+RoR4+rKKK2E51ty19 +E3MhyOC4aIjf4Vl/0mJcbPvk8F1mOwIDAQABAoICAHVF/6IIWDCaTNooe28FEA6x +D/vcWeOMKlFAaHCSyEdM57eMA1acf5igOHMu9DpsU4QW1rKz/ZoFD4Qa2cfpC4qL +Jf9HOgDMDptBUF75Dzg0/GVIxHyUQs3NDre7KTTNUhiO1SVKy9G00HvW5ZQKE9ss +7iKgoUnH/lxV1K8d5XqTUZ7ZotnPAmieKz3fLPscEu0qIJ5hkRkQo86QcMHpmYKY +GPoDqH2nRKi2oGatVVKc5wVQA5X8I0X4V8eIEU3ovrSsHJcYSR9dGg1WyTtjKu68 +FcEd+1Z/K2dRwNhq6Zy66Qxk1UukSIFYgqSTDCHOwMHYeBpq95eauL7znO5xje3m +pkCYFA0DBLjpLWnDkw2xuwcAqKnljBRfsnzL9pnSmQV8wJpKeHM6dYKZwIRZHXc1 +EP9bL8YD9GQTweFYSr6CN2Bdz4nDXyL68JP+3NfBt0L+dimUt426qFsjz4JvtBWK +gLOiTSBSI3c1M2oTJ1MmIkn4wKdh8r5/6TNm/gLfkXk1PvrtWOYtvLD4bgs9hpBA +3bku+UqKBPMKtB+4hhcqtzZEl4aPJCGNChqXkWxOl80hQxY6r8gfgfjjwgMBt1n0 +LrLtuId3jUp3Iqb6vAw1W+tk5UQObcLnRJE10W2lUmCDs1ugJN49YE/nzYcs50WZ +6u8fSlkJ4GsudHsZjE+dAoIBAQD/39IYG6ti8pHobyUPku0WB61SpJkEkCdiikL9 +KicNV9WH+NmDfbYEV/O3WPQX10tcEGqNhvzzZdFZl968e9SUCiRfNxO2BIXEeetL +zn4DheDVBiQf2bkrPk0/qlx+CGLJQl+nvGbr0TB6a2CNfT12I0fDqkHtnZcBAE3D +nY2bUcC7PSnD40SqxtRmLOoa+0W1RGAB/3QCkVLUqxaL4n9crESmbzlmP86BfXcF +wtxzVUNA+vxYUkw6wmpnZaOoLQtHj9d8NUY329PDTMs636NTg4Dnp/huqBgipd3f +EOZBuE3gzfmYSw52oeiir3t202mwibnWH+CtwCHCD3/8T479AoIBAQD30Dg9mFG2 +qhnVfeVqNU6JRe/lHC6izGqy/GBjo45y1f/nWQSE5xf9mrtot+RAVws+aAlgyqVg +Ba4Xhc09C61SgDFpPkGxAED+FpQW4UZ4QD3S2bBjhvGf0RTvMGW/mwKvidjJAPzN +k+zWP+ApVWQPfasLSRGMIoPuxpXuHGRpgajxZizE9RFidntBH7io5dBMR6z4v7jG +FVV6aIOovQ/xR4dgnYFoGZ4MbMEJ9soB0ugfnp2x+oWdXa+udid6o5V2gVjojhn7 +Tpscrfqvpq25BlOfY/QeW6XjrJ838uGWPLhCz9VMPGz2oIQ9gInbm7TFtl1pzkeP +pLlxBabklvuXAoIBADjrnn4UcaziT0kIqJLtWWaEMK9oxE16j/hgz4QoA2X5exvz +ZNfWeE5BDotj83D2SOJjGIEBXXX72XV3zmnZljGUjADObMkZ+nP5tzk251t7Rce9 +xP183q9a/a5DBK5YyTkCVesngzHEaGdjSahQCwMj2AwT7PSiEPx9B8+TVfQOXLSK +Z6cXAKiI8KkGJtH3wcsQOddX74O+tlFu+eYGbdS80czAg2FWoma19WtHrOjPN9XV +v5saO7D6nNcBikWYN6Ekw4fzBfrZISOaCr+/DkM+xsdB24cqR6w1f8TmqoJGMLTo +vTR+xenoHKtMJEgLwcAu8zNKBh5A1oGoFw2W2TUCggEBAJ+cggzSJZdUWg1S6EeP +DAWIgSn9C+CZbwPXX7Htb1txkECO6kU7nw0d8yVQg/gY2EoasiegfgGpxuaprHZs +JfdkT+7sRV1ev32oRzuxXzUmk2tSALUp/kikXypr7q0JhyJO080rEKjMZRfdzmBw ++mCr3VYIev/aX0WUrI7PxLDb7VeGKsG04rybeWmJp+NJGe93nuYcfkM/DG4qENrG +4xTRsFU/PVEyZsSz62WiiZvBHvb2r7UpmZOw+u2Qdn8cC7FnQD+Q/xUJHQjM2hD2 +dyAb/hJES8Cd4OwSi/56NmgQtdF6kXRn2vrCikoelyxWTomlmucCEL9pJnOwYz0K +LgMCggEBAIKnc/0ts32PY8fu9j3e2Q5TU2fQFKy2viLkJT4nv/5XwPu/cSKlofOT +mLCg4s5pEsBBxIihBRprigXOhQBHqrpe2lvQ7up4pFC11ulQnhIwrtiCfPzbse/e +zQX45yvCQwBOsl0HGGtKuTo5UdkjpPoRJKJ+ecH7iKnJoQ1T2xJS/dcE7rznUit+ +OOV8/cZojEPhvJUmlyo95kp2ZLXBUNkM+chG+5LEolJzg30FDORpama8aOy6T7T7 +AWramVl+72I31by+nxImshjFhrz8xaMnOuXdi8H13reEgtc0RAWarYCZCYL6utIO +08isjrfAlOAloLVCtbPANf5rprdU9GA= +-----END PRIVATE KEY----- diff --git a/tests/environment/certs/test-ldap-ca.srl b/tests/environment/certs/test-ldap-ca.srl new file mode 100644 index 0000000..0d7eb71 --- /dev/null +++ b/tests/environment/certs/test-ldap-ca.srl @@ -0,0 +1 @@ +05E122B52753904ACA28C23A58D56B85D2B62BD2 diff --git a/tests/environment/certs/test-ldap.crt b/tests/environment/certs/test-ldap.crt index 5c7189a..661e94c 100644 --- a/tests/environment/certs/test-ldap.crt +++ b/tests/environment/certs/test-ldap.crt @@ -1,32 +1,28 @@ -----BEGIN CERTIFICATE----- -MIIFlzCCA3+gAwIBAgIUf89hfKJzNvATyaFTF7mPD5KrWaAwDQYJKoZIhvcNAQEL -BQAwWzELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJlcmxpbjEPMA0GA1UEBwwGQmVy -bGluMRUwEwYDVQQKDAxGYW1lZGx5IEdtYkgxEzARBgNVBAMMCmZhbWVkbHkuZGUw -HhcNMjQwNzEyMTM1NjIzWhcNMjQwODExMTM1NjIzWjBbMQswCQYDVQQGEwJERTEP -MA0GA1UECAwGQmVybGluMQ8wDQYDVQQHDAZCZXJsaW4xFTATBgNVBAoMDEZhbWVk -bHkgR21iSDETMBEGA1UEAwwKZmFtZWRseS5kZTCCAiIwDQYJKoZIhvcNAQEBBQAD -ggIPADCCAgoCggIBAM8tm6nExsIlJkwWv1N9kHaNGXikJh1w8fvhRz4Yw15NxnvG -2VzKKrb/Wz12ybQhJopNf41aR7GpYH4rGynQvNoVnwtFF2BnAD1F/cU1a/rDgTrL -MJs7pitmN3zqD9M0R8vk9rKvGG1ejWTccOYsAgBJyOXUvU778DXiiVyETy8bY1dw -F++omhGc2pypKSUnp68zcifI1ZZZHnfMoppSj+Iehp31xXF2jS0tBBh+ZlUeUBGP -FRvYOLV1e1onXp8p9TO0+tiX6jFywbHRtBi5Eeu7lR0w2QuU1REvTx3mIJCqecA+ -Yt966YT6H//6jkS4e3G8Ofm8We6OTS6lMQAKhyL4Vkhl0WMJLnItuRwJqJAXD3C/ -Ay/Bz07/jg2GKt9lMHyWEeWM1uA6IsaetKBXcgSfJfxKJbK8Rk8dndbdrhE/5GdW -B3p8kTfUrLjOpUsQSW8Neal0cQDyZnptED47wrB+Y7ElJLSpvNtHJP6UDNyvkcRy -n4UBkyc5GVVSyzHcm7uLdD42d6ySySkjoTLsTnpkplOhKwrPAWuy33teq85kSVnY -K9nx2KV2CLUgpgjC3/ni+/c35vAceF8g1aTu6JV9V4smFDcVFxJGGGv8wPI9lXAK -LX2fVRIft3WZrDFFP4E7j+iDUduTu7erWUuDrqLn/Hpv6gEy0vqMpQ4bWIHLAgMB -AAGjUzBRMB0GA1UdDgQWBBQFavOS1GsBqW4f24Vu59rS6oEwxjAfBgNVHSMEGDAW -gBQFavOS1GsBqW4f24Vu59rS6oEwxjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3 -DQEBCwUAA4ICAQC1p1VnLJY1IXilitkt+PZYtSHz2IMygfr68fjQCz6GQrT67RY2 -OhmZP8EZtT7k9N16Cs7Itwq3fvh4PsX19XaWLJhIddIr9n+9+SQHisK6rhqM0JNG -/MmFi3dxbNmpK2EePceB2UCMcWLrMRAyhT6jRkKrJOrt/cyT21aA3tpFzgkrz9QD -p1nxsIFJ6vRhXrX0UPKjnP+oN53CK7dPZivz2O0ys3EEgzCrGODLMtxLOoCehTRb -TOoDNVY/fLDXvE1phAxTdeSGiE1wM2A3EKRjhSG5vo7vWr9Eh15triePezdj/aW3 -Rux5floyS3esBoRPrPO/NXffjxYRDl3N9AbstL2VxBYd++zOHFOYPpKnKpr1/lC9 -kYQmhYgk8U6OHoxB0ZdHrIxH1m49ETMo8Z4vkMZODYIunVZMth8uvFQLFlo0yuUE -NSAa7lW3HZ0TYk3Jf9sZ0h0uROj0HIyRck/4lbYk7MYi9d82/HGhR82TcsXEoNnQ -hPQDhMJTUaHVG3RDUve5DAt+cyquh8yu4Egg+BGy5pQmexVAyuVWN9Qwet/hkZ/5 -1tGazJAUFQT48s5gBqS62JBfVvFkq8zLu0Ay6+HHETHy5szSrBREux7ehRyHr0C3 -zljV0sFxGTTR+Hbuov45sVEt2mtipVAfKraB/GO1A1eBWQ2ElJtbu7fzow== +MIIEszCCApsCFAXhIrUnU5BKyijCOljVa4XStivSMA0GCSqGSIb3DQEBCwUAMBYx +FDASBgNVBAMMC2V4YW1wbGUub3JnMB4XDTI0MDcxOTE1MzI0MloXDTI0MDgxODE1 +MzI0MlowFjEUMBIGA1UEAwwLZXhhbXBsZS5vcmcwggIiMA0GCSqGSIb3DQEBAQUA +A4ICDwAwggIKAoICAQCR6q9Y/dU2bUO5CJYnSWTkopJY92jYi+WBYw+8j+5zrWPO +BskCcIOfpYvJKGciAmpK/gMw6dRmTAiN21jop1wVZia7jxoWLXJqsqnIJw2TRt7+ +4LyVppkRxKSsYN7KSxtOq+aq3jQTqIhsolwFSbKdkD57R9vYRcKu/TTWGbqXXgw8 +JWqh4FDly0gFenXyRNl3sSNWfGrPTRBZrqBgQ7t7+HE3LJihexQUhiEGsIXJC/qB +txDBc3Al3eejYMqPhDCGZhU45h+WnaGQl9PNhJsvXZ/YP67YHcoKP/n3gUgl4NE3 +A1hsUJSxxSLnrvFTR8dW2DH5AQDrxxoQYR+y/kTOATDTDOPBGBJOj/edXsxe/2SG +ruJqomAr1Whezy/22Yk5K9YMQXY1Nia5swJPjR13jb5l4unczNbcVDjInPRnAToX +H+xlsJaBPvfB9vChunjSPZVjI31VysQ0WQDg0RVpFlF3CRSK+ECu5DGXO8jCCr6+ +H/Xl9jr79i5csQMyqE6/HReVQ+Qtl/6NFcK9+o9hruigbe3FgV2QBcGLgvrQmBzS +3405G02MlgynNlaR+oAWPPBCMycbSHeeygPrNBefQ/at24gG22y2tuiBwjYiKc2m +h8wyNejGOGxJYO16v5szKCUMOArZ7by2H+V4RxWOucQp7QzSnm01eiNQn54AnQID +AQABMA0GCSqGSIb3DQEBCwUAA4ICAQA7KuYGmP7KeZ3YpCKP/qTkfPw97WouCDjB +3T0mCExIsQTXdzVAwRYnyCTHYrGBLMHJrY+2BTyFa7AoEd7nFNUpHab3lXnpeOTK +LcPn8UcBwy+mR7ncXkMHRmppPFuofXYGl7wx8b8/qaJijIj9gp1dEnXlViLsPU64 +Z3GO29bnHQpCr/KvyxPEmi6YE9WzdrhhMpCdwgYlQHzzIIzgbFMbpvS1Q8o5+zFN +PuZRxY7tgCn1SdGIJenbk01QvgoChvGSQnfSR2CynJgjSvjqSlg8h/b1OsBCy589 +68O1V4+tjcxybm7dPM97mF1H+j3lVzILlp23W+scfpaLzkEVl+AT0a6zte9NCQyA +xzlaQjDpWgAInEheFunOFrv5PDg0V4kT6Jdtmc2JD434wvETgV1C0yy2vt5MU3D+ +GtzEIHlUui3FxxjlAenMI16sa+Zeqjoy4TDeenHLs/cYUxweIGTwcLSj0lIOrROR +5J7DWa0S7iD96wME6nLchEsk6/zf6w2CKCP2izHUpMTwz2K6egfLYP/S2/BJ4kdj +iE5M8Tj3jiN1iPfnok5feCu3A1NyRqwYg6zki6Rp42B2fqG0CisvfWUOBIUpdb7G +gLSiP/PU5uWdb2cPRIC6cavSBfD/yVUCFH6zyydDrgEmK04LXTX9Mg2ccunzoPTn +Rih/3NpgMQ== -----END CERTIFICATE----- diff --git a/tests/environment/certs/test-ldap.csr b/tests/environment/certs/test-ldap.csr new file mode 100644 index 0000000..c63c6a5 --- /dev/null +++ b/tests/environment/certs/test-ldap.csr @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIEWzCCAkMCAQAwFjEUMBIGA1UEAwwLZXhhbXBsZS5vcmcwggIiMA0GCSqGSIb3 +DQEBAQUAA4ICDwAwggIKAoICAQCR6q9Y/dU2bUO5CJYnSWTkopJY92jYi+WBYw+8 +j+5zrWPOBskCcIOfpYvJKGciAmpK/gMw6dRmTAiN21jop1wVZia7jxoWLXJqsqnI +Jw2TRt7+4LyVppkRxKSsYN7KSxtOq+aq3jQTqIhsolwFSbKdkD57R9vYRcKu/TTW +GbqXXgw8JWqh4FDly0gFenXyRNl3sSNWfGrPTRBZrqBgQ7t7+HE3LJihexQUhiEG +sIXJC/qBtxDBc3Al3eejYMqPhDCGZhU45h+WnaGQl9PNhJsvXZ/YP67YHcoKP/n3 +gUgl4NE3A1hsUJSxxSLnrvFTR8dW2DH5AQDrxxoQYR+y/kTOATDTDOPBGBJOj/ed +Xsxe/2SGruJqomAr1Whezy/22Yk5K9YMQXY1Nia5swJPjR13jb5l4unczNbcVDjI +nPRnAToXH+xlsJaBPvfB9vChunjSPZVjI31VysQ0WQDg0RVpFlF3CRSK+ECu5DGX +O8jCCr6+H/Xl9jr79i5csQMyqE6/HReVQ+Qtl/6NFcK9+o9hruigbe3FgV2QBcGL +gvrQmBzS3405G02MlgynNlaR+oAWPPBCMycbSHeeygPrNBefQ/at24gG22y2tuiB +wjYiKc2mh8wyNejGOGxJYO16v5szKCUMOArZ7by2H+V4RxWOucQp7QzSnm01eiNQ +n54AnQIDAQABoAAwDQYJKoZIhvcNAQELBQADggIBABfO8Sdp4bXJvXoXr2KKYkoJ +Jq2mhbSzIWPdenjOy4AUz1ydSLT9fdnXC0dDortmc072uR+wMKlbph0u6fX66O+i +bu7kCEYxHndfOl8ODx67hoURdISlU48WVEC3DdD3LmTF0RoscSCmjUYIJ6h7dqF6 +0Ujl4KfSHXy1iz/tvZo8b2cyhBgJ1ve4cnNze/Q42Z9FdABKVxnZc85kiJGOzPcH +BHtF6r7pwda7yDQtaMLClUziEO5XutCevlGE5sv/MSRHsNDf4eIa8U4pEr9tFAF0 +m0N8EMQbaQwenfQA/pqxKqdqUe8IpPXjZEuDbBQ9TT5HZiX7bcmOLEwY5x22kRsz +97/8ztnR72BZ2NRzblYh4sRa9GrX2w++MvbcredNYA9vxeChGGK51EGvE+WLHDaG +IBA3x1z1vKGIBCzmfFEbm/ZCMS4L+D4L7DhdCVEgTU6z6B5uLmdS7Cvmc+a8/47g +lYP+tdhSRi/gPRurrrdzvrxPB3SOfmhfF4XAiG4mqk7gMu+qbCTvrt9LO+DXcU7W +teNvThkD4/rcS/dg4H7K6uXYFiA0v5Dcho7jK/oJcAodOszO7t/VmSYrTWqPZ3jm +AMRfUmxZIaumnumbJ1MyIpGFcG9MO4QdLXYWyJLHHc7eulf3Ro1yET3/pI2eNeBI +U8pxR7RHsrRNJMPpSGXe +-----END CERTIFICATE REQUEST----- diff --git a/tests/environment/certs/test-ldap.key b/tests/environment/certs/test-ldap.key index 30da2cf..c2603f2 100644 --- a/tests/environment/certs/test-ldap.key +++ b/tests/environment/certs/test-ldap.key @@ -1,52 +1,52 @@ -----BEGIN PRIVATE KEY----- -MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQDPLZupxMbCJSZM -Fr9TfZB2jRl4pCYdcPH74Uc+GMNeTcZ7xtlcyiq2/1s9dsm0ISaKTX+NWkexqWB+ -Kxsp0LzaFZ8LRRdgZwA9Rf3FNWv6w4E6yzCbO6YrZjd86g/TNEfL5PayrxhtXo1k -3HDmLAIAScjl1L1O+/A14olchE8vG2NXcBfvqJoRnNqcqSklJ6evM3InyNWWWR53 -zKKaUo/iHoad9cVxdo0tLQQYfmZVHlARjxUb2Di1dXtaJ16fKfUztPrYl+oxcsGx -0bQYuRHru5UdMNkLlNURL08d5iCQqnnAPmLfeumE+h//+o5EuHtxvDn5vFnujk0u -pTEACoci+FZIZdFjCS5yLbkcCaiQFw9wvwMvwc9O/44NhirfZTB8lhHljNbgOiLG -nrSgV3IEnyX8SiWyvEZPHZ3W3a4RP+RnVgd6fJE31Ky4zqVLEElvDXmpdHEA8mZ6 -bRA+O8KwfmOxJSS0qbzbRyT+lAzcr5HEcp+FAZMnORlVUssx3Ju7i3Q+Nneskskp -I6Ey7E56ZKZToSsKzwFrst97XqvOZElZ2CvZ8dildgi1IKYIwt/54vv3N+bwHHhf -INWk7uiVfVeLJhQ3FRcSRhhr/MDyPZVwCi19n1USH7d1mawxRT+BO4/og1Hbk7u3 -q1lLg66i5/x6b+oBMtL6jKUOG1iBywIDAQABAoICADxoevvsUVvogxsqgszwTsAS -cjvX+PkapqQf0qsLg2Oq39XVbCl/FSdYm5z3Vua7x8YJxMhNa5wk2+rN3NS7dWVN -aptZoPBN+CblkpH++qYafULMXjbVFKWQ31r/0G9vzgNolnoRTdkN+cJP+GdUq5yz -5u0Es9Ik6ax8ijq8pW4B2Vx0ZbZOfeXmy2Nke4fG4UDXilCJYaW+BIE/3KWMr0Fq -Tywdrl1gCNgESS5vJJ1rAkOsaaY9zIM0ZywpUJCuJj3WZlHjMbkLUejsUUvoIo6O -mnLxfEfBNMMW/UWlhRdJbcidKC0rZI2OdOgpgXQOKohGLs1fmwVQ3rZcGkZ9y1rj -mA5ew6Z0qoM9sXgRRtvv95QDtWYRdMdgDEPbdeNk9GFETDjwFIxPY1IWWy7u4qnW -FgLtHEJpWdxTCeMcEj7zG6c5HkayTZpJQ4okcJ8luZZYqJdZtLGE/b6nIrG1KTDO -X9PIHhkVyxIdXQtcSgjsGK+o5b24RaP4B93ygACDcMwcHw/d+ngCjLsc+OZw7150 -888GJiuE4S5gB9XQYF0k+I7T8t19YUZn3bPwUqzQ7DpC9k7mV0o1wTb1pMjUgqMa -oo5dD1r2VQwWmGKtnFFQqREvmclIG3Kw8cerwsl2uedNL090oyZveKgGkORjinZK -3riU/Gy0PwkbXrvQsrlRAoIBAQDuElOaEC+BKuBAZLeDGjlkNNzCyT+GDolIQ6AH -QaJs/jR9PL/9OaCl/80PvcTwCswjcgRgbJRA01ye0VG4J0rXHmFNP57wfy0Sl/0E -vEzx5/0cyCf3fZYkc9+6QjnkPPYN43PI2blsxrcpzddRX9iQ3rMdsZUmbbQO3Kib -Lp4grSgsTuI3ZjlF053DxXxHzrM29XZkPzzXh6W+NuuZs4+OWr/Mc/wIRLopMNi2 -h6Skt6XxTdKPyVJpcs6L+RLr/KtB6i3chg1Xcw0gGGFZAEFY0jrlYbSkqmTvac3t -dLSssCWgIHUmbTdyRWTZ5aJh9cPjCCYnTVjsveJMfBCz8OPJAoIBAQDex7N9IODl -OsC4LMgN1pJNr/1jPg3h7eiTrGL4MiwlLC7gBgPkBWq3oThd+1rA1Rrrdh12cOBa -Wu5bZtKiaC0ogDi+jjoYHe42FiKAofRtmYKFrit9Z99xBhMcWo1CaQvN4bnwOOgH -ThsbKwO21Z559sPgepT8NHAMRT+6p0R/1GCjkxs43vinBB/sJlCZ5DIG+9+VPmny -ABmP/eo1ZL1Iqp2TZFvJJbFiP/hp3o2nQpVN/XsmvW7L4WyIU1qLamLd728p8Uyd -7icMFZfoxfGMB7wDmVxppk/Vlkw3/j0x/SvYppHr9pCrkaILRguJ/d34TsB0HIHl -cPBLvLNoTvrzAoIBAGmW8UN0iE1Gwf1tbkMUf33lQECYV7dSfSry62gsgSjMOmWN -ay2ZwJm/cajYpx87+ryB1lUZ80spM3wxJIiDzNrKW6eSXyEVlt0XUh4mkg38sbNx -RuCq78utJP6MXvbO3ubcCb98aZRIMna1GBm8Y+YlD9ZMq/VGVMT+sz1YmMOvaRD1 -z7l4elBxAhkRXwTONYhbqC3gKlEBlc5et3INRM+DimvYyWC1csfQJV4XnTt9RHlY -5dnmFco1JEzKpMzL3P04Ky0Su5ocqiahCZQa2+DUJVEVW7Ro6qmRCMeXqoao/Zce -rjbj2+KvyoImKjY+daodNCbcVGNz+ImpwRK99ZkCggEAORMEguwncdLJiOXAIvtz -4/9QdVpyiA1BZoPlnxyLfsKBB9fCq2pP2tes7zb0Gy79hJFwHuXwNHXTVwtSr1Tt -LNEcuIULkR4p5yVolXfofSO08raaYbh44CXkQ4FXa0oqQgawckDCAQ0bmKw+eVrl -DO4RZLNC9BIjGqGrIBC2VeF9GKsZcEp/fZpq6z8tqx9xSaTBtSSWU+9+nQs6M4+p -hrJfSGGPukqz1S36YHUp6U3/nklwgY5KkmUgPxTLv6fzyFQNMLunG1bmHgxyLKp5 -pZxdqLZjnJWFIn0s7bNuzh3EW+7gt4klqy7WSvkY/7NQaMsUNysOhE+Y4G5psDF7 -zQKCAQBPeAGo/p/W/vfXxVDpWa5k1IBa4u6A8Bk2Cfad4oXDbasLDxFxZzGsKpFl -NVqIEE0wKNW8lgRxpN3QlxPYUIo3XvCiz7TLUfCYOlIMsLRsKuhWpl4C5S5NrXIB -IOFCmbz0B7YsrCx7i0QbbuwLlGEhVLtVAcvbgnFEg8hA7zCmTlqbLzULA5SwmP7R -4wxb7PEItfy2joTLxrrnAWIY3+TF9t1RecYJNtEI4lxqOM0XxJtqAKxBWzSVyi7w -8rjpq5SgCCPHne/rNJNZA0hl/skrEUX1J7JbivYJ4IKjeaD+lhvU4jrQgC4xwset -QVAamXhC9JDVLNWSM45dRxQqBQJi +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCR6q9Y/dU2bUO5 +CJYnSWTkopJY92jYi+WBYw+8j+5zrWPOBskCcIOfpYvJKGciAmpK/gMw6dRmTAiN +21jop1wVZia7jxoWLXJqsqnIJw2TRt7+4LyVppkRxKSsYN7KSxtOq+aq3jQTqIhs +olwFSbKdkD57R9vYRcKu/TTWGbqXXgw8JWqh4FDly0gFenXyRNl3sSNWfGrPTRBZ +rqBgQ7t7+HE3LJihexQUhiEGsIXJC/qBtxDBc3Al3eejYMqPhDCGZhU45h+WnaGQ +l9PNhJsvXZ/YP67YHcoKP/n3gUgl4NE3A1hsUJSxxSLnrvFTR8dW2DH5AQDrxxoQ +YR+y/kTOATDTDOPBGBJOj/edXsxe/2SGruJqomAr1Whezy/22Yk5K9YMQXY1Nia5 +swJPjR13jb5l4unczNbcVDjInPRnAToXH+xlsJaBPvfB9vChunjSPZVjI31VysQ0 +WQDg0RVpFlF3CRSK+ECu5DGXO8jCCr6+H/Xl9jr79i5csQMyqE6/HReVQ+Qtl/6N +FcK9+o9hruigbe3FgV2QBcGLgvrQmBzS3405G02MlgynNlaR+oAWPPBCMycbSHee +ygPrNBefQ/at24gG22y2tuiBwjYiKc2mh8wyNejGOGxJYO16v5szKCUMOArZ7by2 +H+V4RxWOucQp7QzSnm01eiNQn54AnQIDAQABAoICAAEKPxmsKePL8CRq1W8DnlKp +di2syiq8j1Q6vk8N1tc1Mw46fg1icvNSPG4CxI+uxzlntlF6JkCpI7V4ESbYkMw0 ++16Goav8GE7LjD2MfU9uVrPKAAyBWTLJZ/CaQuMxEMDpWKblj1GhSNZyDRMF+W8w +1ZdOuQcsJh4inR4LnO9OKVFlkAJ07bJqq0n2kvAStR8ZmBG8bEBnTim2RxuW8ZmS +FtbCSTs3JuEaxSuojWeP9QLi192MDYoyfPT1o2crO/voczGBz9wgYapnr7J32zYs +KlhIUnOYUuTZpGLQ4UxIe+shtmOlyIUAlhc4fUavIiwDLKPgS1ai4ROP+jC2oXpF +dU7fie1RkOLU2GFtl/+piDgVRZ3zcq4ujbUL8Sj/JEdSoXvHcOLVwNlp9xYNP8ky +EiIDQbZDmLfY4HyTC2pWAOPA4ul9qNJfKdHbGvS+nup23OUEQJPB154kJoHUFs4U +lLoNpU58vcciyq6piFhXmZVGU/3iH69wQVLALM81YKxH/odqcZni3/qGHHsK1PfH ++9HGLTfKUaM5bqVIictDJ8bSTMmww1YewL55dCAQPi9zBLhW45xjHwqMCuKIBFNj +Q8+ATE3A2dNf0JTcKZB8pwq2aZSlmm8JjSkOmAV3ETyKDZnTBeYj4VKufG300TAP +KBw7WhISWaYzxvO0Q6ThAoIBAQDEnhqqf3DySmjzvzgxcmozdeH6GXv8fUH4W5A4 +B2PnwbQrR3ZlKW7dHR4cW3+pOLwbDSOSoJ2nHRCpifwpVFIK961UBaSY4LU7g38Q +izO9oPPfX07K/qqV9ccR5cvKmuW2LYlt+k/URhYliyVa+WyfjCM5PG3JC32geXou +DiPKDYzlO5a1ZDqBuQObs374nPptt5AP9cUsFTtY56dfHBEWkJkwhirWwwyOnuUg +yaxVd6xsDITqTI3AVSsIP540VBwH+7UaRnsUR6KrAUB2rUIaRCAAoni3tTbpDDg8 +uJazCiYmeJ4JRenL4spOzDo67ORkf2Z9S7RfIFqEg8aCfkh9AoIBAQC9/IoMjMgw +6/yqassSiZPwx7JUebWNTseJkiCiBjfJHne+Vz70ddYeddrl1atquAPJNnqheWrb +tpMe28h6wWeIVdsZZ4eJS1TlN0pGlJINbx5PEj1U9pynetT8JL+WZQKVgbT4uJaV +KOQwu86lAVjmy37c3B4m5nXFs60IWsGn8dNXr5jtihltNeQcQnDFrMIXh+pTbrK4 +Ha2vTm7ge3zv/AU/sle5KLFb1n4Qb3w1onj1SY1mHCOh29hXQWM9UHB4DlFlaRYn +/ttWoo2tZtnufiLfh422kbD8foGR9HalzG16F9dGbD+QcGqcV+f4VQPXN5kxrZOg +betShfccUjKhAoIBAAXv7Eg3vvZiDtdFb/H2TYSuS5ucx2Sxd5uDUFCQ0JCABevE +pauaW7Grnmwmyy0V/IAonmlgFkKkmwszknzBAhU4s3A1F2pSZsacSur5+R8BzDtz +ilKQ7B/JIzDEKqo8kTE2IM9EXsK/Nw39LKyZmZEbzzh8Pahzg2CkKm9Xl/cS/60w +ZnWlyCqApr495liljN5hS6Vfu4uAPKGLpT82/sEarrWLZ6HClA9+dtbNoDmYeols +u1rD4wfqynjeSu2zmIEZNbfMZw0OuLfHOuYah0N5ySmbvl91xmm1J8GVpV9UsCA7 +RjJrfQreF1PX0O5UlvT9799auOCifnk/7W+lVpUCggEBALrV2eURpeYGjYoCUAbA +6Y5GtOdCcfqvWKe/3vu35bCRl+zF3BGIuLNn74dLI7JlmMOOIfcecqnz2KbmOTgP +bwOyey92kuHABZMNVqwme6NefY4BP/OIOvKxZzc35HnAiFQDJLfcv6mcdxw99bBr +rMP7p50Hk1dqGLP+SNIIfp3swYxgEaK4xtyRvOzVohWkGZQOg7DdEkDiXuYh2gRF +LM7NJ1RGzOI4VIMeYwdCvAH67705QicC0T/h9dWJZlDsBE7stbtnJvTaO1Xtsiqv +FO7neOAebIz4pfcJad7hbLUMXzVMsNZ+qdwf0ZhDEssyv/4snSkvrBh/QIb9W9Cs +PUECggEAZd14iL+PcA8x8oCb7JtuSg/kN4pHseDBySLxuS8a8jontQLho9N4IrqO +rm/X/sHYLy2WBxqD7W2LQru5qOc4vAEEdxyK3JXSGC903/ogsP/cV5WH+GaCPJym +bZ42TKyOmgsuEI9ueTVtYhuvUsO37BVgdU9uMQYehunXJNhCGIDTrtmqgNb7aeAf +mn9b4SWAqBvP2Gp8UixF6r8XULdEihVGhIGp7C/PmnEQKoJ+xBBUHJAH9fxKtMpG +iD5ksICn6VKkO+zUvewUQq7Pi07lfo2nPVK5cHmTimKuy2k5DS6jsIjjCKTV+R3B +ib79sndnqe6Oi1eJEy9gFYGCfoABYQ== -----END PRIVATE KEY----- diff --git a/tests/environment/config.yaml b/tests/environment/config.yaml new file mode 100644 index 0000000..a382fc3 --- /dev/null +++ b/tests/environment/config.yaml @@ -0,0 +1,31 @@ +ldap: + url: ldap://localhost:1389 + start_tls: false + no_tls_verify: true + # root_certificates_path: ./tests/environment/certs/test-ldap.crt + base_dn: ou=testorg,dc=example,dc=org + bind_dn: cn=admin,dc=example,dc=org + bind_password: adminpassword + user_filter: "(objectClass=shadowAccount)" + timeout: 5 + check_for_deleted_entries: true + attributes: + first_name: "cn" # objectClass: person + last_name: "sn" # objectClass: person + preferred_username: "displayName" # objectClass: inetOrgPerson + email: "mail" # objectClass: inetOrgPerson + phone: "telephoneNumber" # objectClass: person + user_id: "uid" + status: "shadowInactive" # objectClass: shadowAccount + enable_value: 512 + disable_value: 514 + +famedly: + url: http://localhost:8080 + key_file: tests/environment/zitadel/service-user.json + organization_id: tbd + project_id: tbd + idp_id: tbd + +feature_flags: [] +cache_path: ./test diff --git a/tests/environment/docker-compose.yaml b/tests/environment/docker-compose.yaml index b81e620..cd33d64 100644 --- a/tests/environment/docker-compose.yaml +++ b/tests/environment/docker-compose.yaml @@ -1,34 +1,37 @@ services: ldap: - image: lldap/lldap:2024-06-16-debian + image: bitnami/openldap:latest ports: - - 3890:3890 - - 6360:6360 - - 17170:17170 # web front-end for debugging + - 1389:1389 + - 1636:1636 + environment: + - LDAP_ENABLE_TLS=yes + - LDAP_TLS_CERT_FILE=/certs/test-ldap.crt + - LDAP_TLS_KEY_FILE=/certs/test-ldap.key + - LDAP_TLS_CA_FILE=/certs/test-ldap-ca.crt volumes: - type: bind source: ./certs target: /certs read_only: true - environment: - - LLDAP_LDAP_BASE_DN=dc=example,dc=com - - LLDAP_LDAPS_OPTIONS__ENABLED=true - - LLDAP_LDAPS_OPTIONS__CERT_FILE=/certs/test-ldap.crt - - LLDAP_LDAPS_OPTIONS__KEY_FILE=/certs/test-ldap.key - ldap-config: - image: famedly/ldap-config - build: - context: ldap-setup - depends_on: - ldap: - condition: 'service_healthy' + ldap-setup: + image: bitnami/openldap:latest + command: /ldap-setup/ldap-setup.sh + volumes: + - type: bind + source: ./ldap-setup + target: /ldap-setup + read_only: true healthcheck: - test: ["CMD-SHELL", "cat", "/ready"] + test: ["CMD", "test", "-f", "/tmp/ready"] interval: '5s' timeout: '30s' retries: 5 - start_period: '5s' + start_period: '10s' + depends_on: + ldap: + condition: 'service_started' zitadel: image: ghcr.io/zitadel/zitadel:latest diff --git a/tests/environment/ldap-setup/Dockerfile b/tests/environment/ldap-setup/Dockerfile deleted file mode 100644 index 6a0c1aa..0000000 --- a/tests/environment/ldap-setup/Dockerfile +++ /dev/null @@ -1,8 +0,0 @@ -FROM alpine:3.19 - -RUN wget -O /usr/local/bin/lldap-cli 'https://github.com/Zepmann/lldap-cli/raw/6d9efd5d83492878886a556159a3be90472c5d84/lldap-cli'; \ - chmod +x /usr/local/bin/lldap-cli; \ - apk add --no-cache bash curl jq -ADD ldap-setup.sh /ldap-setup.sh -CMD /ldap-setup.sh -HEALTHCHECK CMD ["test" "-f" "/ready"] diff --git a/tests/environment/ldap-setup/ldap-setup.sh b/tests/environment/ldap-setup/ldap-setup.sh index 12890de..175d786 100755 --- a/tests/environment/ldap-setup/ldap-setup.sh +++ b/tests/environment/ldap-setup/ldap-setup.sh @@ -1,11 +1,39 @@ #!/bin/sh -# Extend lldap with the extra attributes we need -lldap-cli -H ldap:17170 -D admin -w password schema attribute user add telephonenumber string -v -e -lldap-cli -H ldap:17170 -D admin -w password schema attribute user add useraccountcontrol integer -v -e +set -eu + +# Script to wait for an ldap server to be up, clean up any existing +# data and then to do some basic initialization. +# +# This is intended for test suite setup, don't use this in production. + +LDAP_HOST='ldap://ldap:1389' + +# Obviously only use this for testing +LDAP_BASE='dc=example,dc=org' +LDAP_ADMIN='cn=admin,dc=example,dc=org' +LDAP_PASSWORD='adminpassword' + +# Wait for ldap to be ready +retries=5 + +while [ $retries -gt 0 ]; do + sleep 5 + retries=$((retries - 1)) + + if ldapsearch -D "${LDAP_ADMIN}" -w "${LDAP_PASSWORD}" -H "${LDAP_HOST}" -b "${LDAP_BASE}" 'objectclass=*'; then + break + fi +done + +# Delete the previous testorg recursively +ldapdelete -D "${LDAP_ADMIN}" -w "${LDAP_PASSWORD}" -H "${LDAP_HOST}" -r 'ou=testorg,dc=example,dc=org' + +# Add the test org +ldapadd -D "${LDAP_ADMIN}" -w "${LDAP_PASSWORD}" -H "${LDAP_HOST}" -f /ldap-setup/testorg.ldif # Signify that the script has completed -echo "ready" > /ready +echo "ready" > /tmp/ready # Sleep long enough for docker to pick up the health file sleep 60 diff --git a/tests/environment/ldap-setup/testorg.ldif b/tests/environment/ldap-setup/testorg.ldif new file mode 100644 index 0000000..241c150 --- /dev/null +++ b/tests/environment/ldap-setup/testorg.ldif @@ -0,0 +1,3 @@ +dn: ou=testorg,dc=example,dc=org +objectClass: organizationalUnit +ou: testorg \ No newline at end of file diff --git a/tests/environment/test-user.ldif b/tests/environment/test-user.ldif new file mode 100644 index 0000000..0623aff --- /dev/null +++ b/tests/environment/test-user.ldif @@ -0,0 +1,10 @@ +dn: uid=bobby,ou=testorg,dc=example,dc=org +objectclass: inetOrgPerson +objectclass: shadowAccount +cn: Bob +sn: Tables +uid: bobby +telephoneNumber: +445678652346 +mail: bobby@example.com +displayName: Bobby +shadowInactive: 512