use as tester an identity that needs to be proxedauthz'ed (more representative and stressful)

tests/data/slapd-glue-ldap.conf

@@ -54,7 +54,7 @@ idassert-bind	bindmethod=simple
 		credentials="secret"
 		mode=self
 		flags=non-prescriptive
-idassert-authzfrom	"dn.exact:cn=Manager,dc=example,dc=com"
+idassert-authzfrom	"dn.exact:cn=Manager,o=Local"
 
 # local
 database	ldap
@@ -68,8 +68,15 @@ idassert-bind	bindmethod=simple
 		credentials="secret"
 		mode=self
 		flags=non-prescriptive
-idassert-authzfrom	"dn.exact:cn=Manager,dc=example,dc=com"
+idassert-authzfrom	"dn.exact:cn=Manager,o=Local"
 
 limits		dn.exact="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" time=1 size=8
 
+# This is only for binding as the rootdn
+database	ldap
+suffix		"o=Local"
+rootdn		"cn=Manager,o=Local"
+rootpw		secret
+uri		"@URI6@"
+
 #monitor#database	monitor

tests/data/slapd-meta-target1.conf

@@ -52,12 +52,15 @@ rootpw		secret
 # ITS#5154: force mixed success/failure of binds using same connection
 access to dn="cn=Barbara Jensen,ou=Information Technology DivisioN,ou=People,dc=example,dc=com"
 		attrs=userPassword
+	by dn="cn=Manager,o=Local" write
 	by * =r
 
 access to attrs=userPassword
+	by dn="cn=Manager,o=Local" write
 	by * =xr
 
 access to *
+	by dn="cn=Manager,o=Local" write
 	by * read
 
 #monitor#database	monitor

tests/data/slapd-meta-target2.conf

@@ -54,4 +54,8 @@ rootpw		secret
 #ndb#dbname db_2
 #ndb#include @DATADIR@/ndb.conf
 
+access to *
+	by dn="cn=Manager,o=Local" write
+	by * read
+
 #monitor#database	monitor

tests/data/slapd-meta.conf

@@ -58,7 +58,7 @@ idassert-bind	bindmethod=simple
 		credentials="secret"
 		mode=self
 		flags=non-prescriptive
-idassert-authzFrom	"dn.exact:cn=Manager,o=Example,c=US"
+idassert-authzFrom	"dn.exact:cn=Manager,o=Local"
 
 # remote
 uri		"@URI1@o=Example,c=US"
@@ -70,8 +70,15 @@ idassert-bind	bindmethod=simple
 		credentials="secret"
 		mode=self
 		flags=non-prescriptive
-idassert-authzFrom	"dn.exact:cn=Manager,o=Example,c=US"
+idassert-authzFrom	"dn.exact:cn=Manager,o=Local"
 
 limits		dn.exact="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,o=Example,c=US" time=1 size=8
 
+# This is only for binding as the rootdn
+database	meta
+suffix		"o=Local"
+rootdn		"cn=Manager,o=Local"
+rootpw		secret
+uri		"@URI6@o=Local"
+
 #monitor#database	monitor

tests/scripts/test036-meta-concurrency

@@ -197,9 +197,11 @@ done
 # NOTE: copies do_* files from $TESTDIR/$DATADIR to $TESTDIR
 $MONITORDATA "$MONITORDB" "$TESTDIR/$DATADIR" "$TESTDIR"
 
+BINDDN="cn=Manager,o=Local"
+PASSWD="secret"
 echo "Using tester for concurrent server access..."
 $SLAPDTESTER -P "$PROGDIR" -d "$TESTDIR" -h $LOCALHOST -p $PORT3 \
-	-D "cn=Manager,$METABASEDN" -w $PASSWD -l $TESTLOOPS -j $TESTCHILDREN \
+	-D "$BINDDN" -w $PASSWD -l $TESTLOOPS -j $TESTCHILDREN \
 	-r 20 -i '!REFERRAL' -i '*INVALID_CREDENTIALS' -SS
 RC=$?
 

tests/scripts/test039-glue-ldap-concurrency

@@ -36,6 +36,10 @@ if test x$TESTOLOOPS = x ; then
 	TESTOLOOPS=1
 fi
 
+if test x$TESTCHILDREN = x ; then
+	TESTCHILDREN=20
+fi
+
 rm -rf $TESTDIR
 
 mkdir -p $TESTDIR $DBDIR1 $DBDIR2
@@ -182,10 +186,12 @@ done
 $MONITORDATA "$MONITORDB" "$TESTDIR/$DATADIR" "$TESTDIR"
 
 echo "Using tester for concurrent server access..."
+BINDDN="cn=Manager,o=Local"
+PASSWD="secret"
 $SLAPDTESTER -P "$PROGDIR" -d "$TESTDIR" -h $LOCALHOST -p $PORT3 \
-	-D "cn=Manager,$METABASEDN" -w $PASSWD \
-	-l $TESTLOOPS -L $TESTOLOOPS -r 20 \
-	-i '!REFERRAL' -i '*INVALID_CREDENTIALS'
+	-D "$BINDDN" -w $PASSWD \
+	-l $TESTLOOPS -L $TESTOLOOPS -j $TESTCHILDREN -r 20 \
+	-i '!REFERRAL' -i '*INVALID_CREDENTIALS' -SS
 RC=$?
 
 if test $RC != 0 ; then