1a87b1b1fSAnves Kumar rayankula*** Settings *** 2a87b1b1fSAnves Kumar rayankulaDocumentation Test root user expire password. 3a87b1b1fSAnves Kumar rayankula 4a87b1b1fSAnves Kumar rayankulaResource ../lib/resource.robot 5a9d9341cSshrsuman123Resource ../gui/lib/gui_resource.robot 6a87b1b1fSAnves Kumar rayankulaResource ../lib/ipmi_client.robot 7a9d9341cSshrsuman123Resource ../lib/bmc_redfish_utils.robot 8a87b1b1fSAnves Kumar rayankulaLibrary ../lib/bmc_ssh_utils.py 9a87b1b1fSAnves Kumar rayankulaLibrary SSHLibrary 10a87b1b1fSAnves Kumar rayankula 114d4ef99fSGeorge KeishingTest Setup Set Account Lockout Threshold 12e6c745acSAnves Kumar rayankula 13*e18cdb56SMegha G NForce Tags BMC_Expire_Password 14*e18cdb56SMegha G N 15*e18cdb56SMegha G N 1668f985b3SAnves Kumar rayankula*** Variables *** 179f42121dSAnvesh Kumar 1868f985b3SAnves Kumar rayankula# If user re-tries more than 5 time incorrectly, the user gets locked for 5 minutes. 1968f985b3SAnves Kumar rayankula${default_lockout_duration} ${300} 20*e18cdb56SMegha G N${admin_user} admin_user 21*e18cdb56SMegha G N${default_adminuser_passwd} AdminUser1 22*e18cdb56SMegha G N${admin_password} AdminUser2 2368f985b3SAnves Kumar rayankula 24a87b1b1fSAnves Kumar rayankula 25a87b1b1fSAnves Kumar rayankula*** Test Cases *** 26a87b1b1fSAnves Kumar rayankula 27a87b1b1fSAnves Kumar rayankulaExpire Root Password And Check IPMI Access Fails 28a87b1b1fSAnves Kumar rayankula [Documentation] Expire root user password and expect an error while access via IPMI. 29a87b1b1fSAnves Kumar rayankula [Tags] Expire_Root_Password_And_Check_IPMI_Access_Fails 3068f985b3SAnves Kumar rayankula [Teardown] Test Teardown Execution 31a87b1b1fSAnves Kumar rayankula 32*e18cdb56SMegha G N Expire Password ${OPENBMC_USERNAME} 33a87b1b1fSAnves Kumar rayankula 34a87b1b1fSAnves Kumar rayankula ${status}= Run Keyword And Return Status Run External IPMI Standard Command lan print -v 35a87b1b1fSAnves Kumar rayankula Should Be Equal ${status} ${False} 36a87b1b1fSAnves Kumar rayankula 375df05f7dSAnves Kumar rayankula 385df05f7dSAnves Kumar rayankulaExpire Root Password And Check SSH Access Fails 395df05f7dSAnves Kumar rayankula [Documentation] Expire root user password and expect an error while access via SSH. 405df05f7dSAnves Kumar rayankula [Tags] Expire_Root_Password_And_Check_SSH_Access_Fails 4168f985b3SAnves Kumar rayankula [Teardown] Test Teardown Execution 425df05f7dSAnves Kumar rayankula 43*e18cdb56SMegha G N Expire Password ${OPENBMC_USERNAME} 445df05f7dSAnves Kumar rayankula 455df05f7dSAnves Kumar rayankula ${status}= Run Keyword And Return Status 465df05f7dSAnves Kumar rayankula ... Open Connection And Log In ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} 475df05f7dSAnves Kumar rayankula Should Be Equal ${status} ${False} 485df05f7dSAnves Kumar rayankula 495df05f7dSAnves Kumar rayankula 5067921144SAnves Kumar rayankulaExpire And Change Root User Password And Access Via SSH 5167921144SAnves Kumar rayankula [Documentation] Expire and change root user password and access via SSH. 52b98036a9SGeorge Keishing [Tags] Expire_And_Change_Root_User_Password_And_Access_Via_SSH 5367921144SAnves Kumar rayankula [Teardown] Run Keywords Wait Until Keyword Succeeds 1 min 10 sec 5467921144SAnves Kumar rayankula ... Restore Default Password For Root User AND FFDC On Test Case Fail 5567921144SAnves Kumar rayankula 56*e18cdb56SMegha G N Expire Password ${OPENBMC_USERNAME} 5767921144SAnves Kumar rayankula 589f42121dSAnvesh Kumar Redfish.Login 5967921144SAnves Kumar rayankula # Change to a valid password. 6067921144SAnves Kumar rayankula ${resp}= Redfish.Patch /redfish/v1/AccountService/Accounts/${OPENBMC_USERNAME} 6167921144SAnves Kumar rayankula ... body={'Password': '0penBmc123'} valid_status_codes=[${HTTP_OK}] 6267921144SAnves Kumar rayankula 6367921144SAnves Kumar rayankula # Verify login with the new password through SSH. 6467921144SAnves Kumar rayankula Open Connection And Log In ${OPENBMC_USERNAME} 0penBmc123 6567921144SAnves Kumar rayankula 6667921144SAnves Kumar rayankula 6767921144SAnves Kumar rayankulaExpire Root Password And Update Bad Password Length Via Redfish 6867921144SAnves Kumar rayankula [Documentation] Expire root password and update bad password via Redfish and expect an error. 6967921144SAnves Kumar rayankula [Tags] Expire_Root_Password_And_Update_Bad_Password_Length_Via_Redfish 7067921144SAnves Kumar rayankula [Teardown] Run Keywords Wait Until Keyword Succeeds 1 min 10 sec 7167921144SAnves Kumar rayankula ... Restore Default Password For Root User AND FFDC On Test Case Fail 7267921144SAnves Kumar rayankula 73*e18cdb56SMegha G N Expire Password ${OPENBMC_USERNAME} 7467921144SAnves Kumar rayankula 759f42121dSAnvesh Kumar Redfish.Login 7667921144SAnves Kumar rayankula ${status}= Run Keyword And Return Status 7767921144SAnves Kumar rayankula ... Redfish.Patch /redfish/v1/AccountService/Accounts/${OPENBMC_USERNAME} 7867921144SAnves Kumar rayankula ... body={'Password': '0penBmc0penBmc0penBmc'} 7967921144SAnves Kumar rayankula Should Be Equal ${status} ${False} 80a87b1b1fSAnves Kumar rayankula 819f42121dSAnvesh Kumar 829f42121dSAnvesh KumarExpire And Change Root User Password Via Redfish And Verify 839f42121dSAnvesh Kumar [Documentation] Expire and change root user password via Redfish and verify. 849f42121dSAnvesh Kumar [Tags] Expire_And_Change_Root_User_Password_Via_Redfish_And_Verify 859f42121dSAnvesh Kumar [Teardown] Run Keywords FFDC On Test Case Fail AND 869f42121dSAnvesh Kumar ... Wait Until Keyword Succeeds 1 min 10 sec 879f42121dSAnvesh Kumar ... Restore Default Password For Root User 889f42121dSAnvesh Kumar 89*e18cdb56SMegha G N Expire Password ${OPENBMC_USERNAME} 909f42121dSAnvesh Kumar 91a9d9341cSshrsuman123 Verify User Password Expired Using Redfish ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} 929f42121dSAnvesh Kumar # Change to a valid password. 939f42121dSAnvesh Kumar Redfish.Patch /redfish/v1/AccountService/Accounts/${OPENBMC_USERNAME} 949f42121dSAnvesh Kumar ... body={'Password': '0penBmc123'} 959f42121dSAnvesh Kumar Redfish.Logout 969f42121dSAnvesh Kumar 979f42121dSAnvesh Kumar # Verify login with the new password. 989f42121dSAnvesh Kumar Redfish.Login ${OPENBMC_USERNAME} 0penBmc123 999f42121dSAnvesh Kumar 1009f42121dSAnvesh Kumar 101322e3aa9SAnves Kumar rayankulaVerify Error While Creating User With Expired Password 102322e3aa9SAnves Kumar rayankula [Documentation] Expire root password and expect an error while creating new user. 103322e3aa9SAnves Kumar rayankula [Tags] Verify_Error_While_Creating_User_With_Expired_Password 104322e3aa9SAnves Kumar rayankula [Teardown] Run Keywords Wait Until Keyword Succeeds 1 min 10 sec 105322e3aa9SAnves Kumar rayankula ... Restore Default Password For Root User AND FFDC On Test Case Fail 106322e3aa9SAnves Kumar rayankula 107*e18cdb56SMegha G N Expire Password ${OPENBMC_USERNAME} 108322e3aa9SAnves Kumar rayankula 109a9d9341cSshrsuman123 Verify User Password Expired Using Redfish ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} 110322e3aa9SAnves Kumar rayankula Redfish.Login 111322e3aa9SAnves Kumar rayankula ${payload}= Create Dictionary 112322e3aa9SAnves Kumar rayankula ... UserName=admin_user Password=TestPwd123 RoleId=Administrator Enabled=${True} 113322e3aa9SAnves Kumar rayankula Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload} 114322e3aa9SAnves Kumar rayankula ... valid_status_codes=[${HTTP_FORBIDDEN}] 115322e3aa9SAnves Kumar rayankula 116322e3aa9SAnves Kumar rayankula 1179233ce15SAnves Kumar rayankulaExpire And Change Root Password Via GUI 1189233ce15SAnves Kumar rayankula [Documentation] Expire and change root password via GUI. 1199233ce15SAnves Kumar rayankula [Tags] Expire_And_Change_Root_Password_Via_GUI 120a9d9341cSshrsuman123 [Setup] Launch Browser And Login GUI 121a9d9341cSshrsuman123 [Teardown] Run Keywords Logout GUI AND Close Browser 1229233ce15SAnves Kumar rayankula ... AND Restore Default Password For Root User AND FFDC On Test Case Fail 1239233ce15SAnves Kumar rayankula 124*e18cdb56SMegha G N Expire Password ${OPENBMC_USERNAME} 1259233ce15SAnves Kumar rayankula 126a9d9341cSshrsuman123 Wait Until Page Contains Element ${xpath_root_button_menu} 127a9d9341cSshrsuman123 Click Element ${xpath_root_button_menu} 128a9d9341cSshrsuman123 Click Element ${xpath_profile_settings} 129a9d9341cSshrsuman123 Wait Until Page Contains Change password 130a9d9341cSshrsuman123 1319233ce15SAnves Kumar rayankula # Change valid password. 1329233ce15SAnves Kumar rayankula Input Text ${xpath_input_password} 0penBmc123 1339233ce15SAnves Kumar rayankula Input Text ${xpath_input_confirm_password} 0penBmc123 134a9d9341cSshrsuman123 Click Button ${xpath_profile_save_button} 135a9d9341cSshrsuman123 Wait Until Page Contains Successfully saved account settings. 136a9d9341cSshrsuman123 Wait Until Page Does Not Contain Successfully saved account settings. timeout=20 137a9d9341cSshrsuman123 Logout GUI 1389233ce15SAnves Kumar rayankula 1399233ce15SAnves Kumar rayankula # Verify valid password. 140a9d9341cSshrsuman123 Login GUI ${OPENBMC_USERNAME} 0penBmc123 1419233ce15SAnves Kumar rayankula Redfish.Login ${OPENBMC_USERNAME} 0penBmc123 1429233ce15SAnves Kumar rayankula 1439233ce15SAnves Kumar rayankula 14468f985b3SAnves Kumar rayankulaVerify Maximum Failed Attempts And Check Root User Account Locked 14568f985b3SAnves Kumar rayankula [Documentation] Verify maximum failed attempts and locks out root user account. 14668f985b3SAnves Kumar rayankula [Tags] Verify_Maximum_Failed_Attempts_And_Check_Root_User_Account_Locked 1474d4ef99fSGeorge Keishing [Setup] Set Account Lockout Threshold account_lockout_threshold=${5} 14868f985b3SAnves Kumar rayankula 14968f985b3SAnves Kumar rayankula # Make maximum failed login attempts. 15068f985b3SAnves Kumar rayankula Repeat Keyword ${5} times 15168f985b3SAnves Kumar rayankula ... Run Keyword And Expect Error InvalidCredentialsError* Redfish.Login root 0penBmc123 15268f985b3SAnves Kumar rayankula 15368f985b3SAnves Kumar rayankula # Verify that legitimate login fails due to lockout. 15468f985b3SAnves Kumar rayankula Run Keyword And Expect Error InvalidCredentialsError* 15568f985b3SAnves Kumar rayankula ... Redfish.Login ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} 15668f985b3SAnves Kumar rayankula 15768f985b3SAnves Kumar rayankula # Wait for lockout duration to expire and then verify that login works. 15868f985b3SAnves Kumar rayankula Sleep ${default_lockout_duration}s 15968f985b3SAnves Kumar rayankula Redfish.Login 16068f985b3SAnves Kumar rayankula Redfish.Logout 16168f985b3SAnves Kumar rayankula 162c46a8960SAnves Kumar rayankulaVerify New Password Persistency After BMC Reboot 163c46a8960SAnves Kumar rayankula [Documentation] Verify new password persistency after BMC reboot. 164c46a8960SAnves Kumar rayankula [Tags] Verify_New_Password_Persistency_After_BMC_Reboot 165e6c745acSAnves Kumar rayankula [Teardown] Test Teardown Execution 166c46a8960SAnves Kumar rayankula 167c46a8960SAnves Kumar rayankula Redfish.Login 168e6c745acSAnves Kumar rayankula 169e6c745acSAnves Kumar rayankula # Make sure the user account in question does not already exist. 170e6c745acSAnves Kumar rayankula Redfish.Delete /redfish/v1/AccountService/Accounts/admin_user 171e6c745acSAnves Kumar rayankula ... valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}] 172e6c745acSAnves Kumar rayankula 173e6c745acSAnves Kumar rayankula # Create specified user. 174e6c745acSAnves Kumar rayankula ${payload}= Create Dictionary 175e6c745acSAnves Kumar rayankula ... UserName=admin_user Password=TestPwd123 RoleId=Administrator Enabled=${True} 176e6c745acSAnves Kumar rayankula Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload} 177e6c745acSAnves Kumar rayankula ... valid_status_codes=[${HTTP_CREATED}] 178e6c745acSAnves Kumar rayankula Redfish.Logout 179e6c745acSAnves Kumar rayankula 180e6c745acSAnves Kumar rayankula Redfish.Login admin_user TestPwd123 181e6c745acSAnves Kumar rayankula 182c46a8960SAnves Kumar rayankula # Change to a valid password. 183e6c745acSAnves Kumar rayankula Redfish.Patch /redfish/v1/AccountService/Accounts/admin_user 184c46a8960SAnves Kumar rayankula ... body={'Password': '0penBmc123'} 185c46a8960SAnves Kumar rayankula 186c46a8960SAnves Kumar rayankula # Reboot BMC and verify persistency. 187e6c745acSAnves Kumar rayankula Redfish OBMC Reboot (off) 188c46a8960SAnves Kumar rayankula 189c46a8960SAnves Kumar rayankula # verify new password 190e6c745acSAnves Kumar rayankula Redfish.Login admin_user 0penBmc123 191c46a8960SAnves Kumar rayankula 19268f985b3SAnves Kumar rayankula 193*e18cdb56SMegha G NVerify Expire And Change Admin User Password Via GUI 194*e18cdb56SMegha G N [Documentation] Force expire admin password and update admin password via GUI. 195*e18cdb56SMegha G N [Tags] Verify_Expire_And_Change_Admin_User_Password_Via_GUI 196*e18cdb56SMegha G N [Setup] Run Keywords Launch Browser And Login GUI AND 197*e18cdb56SMegha G N ... Redfish Create User ${admin_user} ${default_adminuser_passwd} Administrator ${True} 198*e18cdb56SMegha G N [Teardown] Run Keywords Logout GUI AND Close Browser 199*e18cdb56SMegha G N 200*e18cdb56SMegha G N Expire Password ${admin_user} 201*e18cdb56SMegha G N 202*e18cdb56SMegha G N Logout GUI 203*e18cdb56SMegha G N 204*e18cdb56SMegha G N # Verify that admin user should not be able to login with expired password. 205*e18cdb56SMegha G N Login GUI ${admin_user} ${default_adminuser_passwd} 206*e18cdb56SMegha G N 207*e18cdb56SMegha G N # Verify error message to update the password. 208*e18cdb56SMegha G N Wait Until Page Contains The password is expired and must be changed. timeout=10 209*e18cdb56SMegha G N 210*e18cdb56SMegha G N # Update a valid acceptable password. 211*e18cdb56SMegha G N Input Text ${xpath_input_password} ${admin_password} 212*e18cdb56SMegha G N Input Text ${xpath_input_confirm_password} ${admin_password} 213*e18cdb56SMegha G N Click Button ${xpath_confirm_password_button} 214*e18cdb56SMegha G N Wait Until Page Contains Overview timeout=20 215*e18cdb56SMegha G N 216*e18cdb56SMegha G N # Verify valid password. 217*e18cdb56SMegha G N Redfish.Login ${admin_user} ${admin_password} 218*e18cdb56SMegha G N 219*e18cdb56SMegha G N 220a87b1b1fSAnves Kumar rayankula*** Keywords *** 221a87b1b1fSAnves Kumar rayankula 2224d4ef99fSGeorge KeishingSet Account Lockout Threshold 223e6c745acSAnves Kumar rayankula [Documentation] Set user account lockout threshold. 224a9d9341cSshrsuman123 [Arguments] ${account_lockout_threshold}=${0} ${account_lockout_duration}=${50} 225e6c745acSAnves Kumar rayankula 226e6c745acSAnves Kumar rayankula # Description of argument(s): 227e6c745acSAnves Kumar rayankula # account_lockout_threshold Set lockout threshold value. 228a9d9341cSshrsuman123 # account_lockout_duration Set lockout duration value. 229a87b1b1fSAnves Kumar rayankula 230a87b1b1fSAnves Kumar rayankula Redfish.login 231a9d9341cSshrsuman123 ${payload}= Create Dictionary AccountLockoutThreshold=${account_lockout_threshold} 232a9d9341cSshrsuman123 ... AccountLockoutDuration=${account_lockout_duration} 233a9d9341cSshrsuman123 Redfish.Patch /redfish/v1/AccountService/ body=&{payload} 234e6c745acSAnves Kumar rayankula gen_robot_valid.Valid Length OPENBMC_PASSWORD min_length=8 2359f42121dSAnvesh Kumar Redfish.Logout 2369f42121dSAnvesh Kumar 237a87b1b1fSAnves Kumar rayankulaRestore Default Password For Root User 238a87b1b1fSAnves Kumar rayankula [Documentation] Restore default password for root user (i.e. 0penBmc). 239a87b1b1fSAnves Kumar rayankula 240a87b1b1fSAnves Kumar rayankula # Set default password for root user. 24167921144SAnves Kumar rayankula Redfish.Patch /redfish/v1/AccountService/Accounts/${OPENBMC_USERNAME} 24267921144SAnves Kumar rayankula ... body={'Password': '${OPENBMC_PASSWORD}'} valid_status_codes=[${HTTP_OK}] 243a87b1b1fSAnves Kumar rayankula # Verify that root user is able to run Redfish command using default password. 2449f42121dSAnvesh Kumar Redfish.Logout 2459f42121dSAnvesh Kumar 2469f42121dSAnvesh Kumar 2479f42121dSAnvesh KumarTest Teardown Execution 2489f42121dSAnvesh Kumar [Documentation] Do test teardown task. 2499f42121dSAnvesh Kumar 2509f42121dSAnvesh Kumar Redfish.Login 2519f42121dSAnvesh Kumar Wait Until Keyword Succeeds 1 min 10 sec Restore Default Password For Root User 2529f42121dSAnvesh Kumar Redfish.Logout 2534d4ef99fSGeorge Keishing Set Account Lockout Threshold account_lockout_threshold=${5} 25468f985b3SAnves Kumar rayankula FFDC On Test Case Fail 255*e18cdb56SMegha G N 256*e18cdb56SMegha G N 257*e18cdb56SMegha G NExpire Password 258*e18cdb56SMegha G N [Documentation] Force expire password. 259*e18cdb56SMegha G N [Arguments] ${username} 260*e18cdb56SMegha G N 261*e18cdb56SMegha G N # Description of argument(s): 262*e18cdb56SMegha G N # username User to be created and expire. 263*e18cdb56SMegha G N 264*e18cdb56SMegha G N # Expire the password. 265*e18cdb56SMegha G N Open Connection And Log In ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD} 266*e18cdb56SMegha G N 267*e18cdb56SMegha G N ${output} ${stderr} ${rc}= BMC Execute Command passwd --expire ${username} 268*e18cdb56SMegha G N Should Contain Any ${output} password expiry information changed password changed 269*e18cdb56SMegha G N 270*e18cdb56SMegha G N # Example output: 271*e18cdb56SMegha G N # passwd --expire admin 272*e18cdb56SMegha G N # passwd: password changed. 273*e18cdb56SMegha G N 274*e18cdb56SMegha G N Close All Connections 275