Skip to content

Commit

Permalink
DS - Enable LDAPS support for AD Connector (#8340)
Browse files Browse the repository at this point in the history
  • Loading branch information
zkarpinski authored Nov 20, 2024
1 parent 8d67306 commit c7a8f47
Show file tree
Hide file tree
Showing 2 changed files with 33 additions and 2 deletions.
4 changes: 2 additions & 2 deletions moto/ds/models.py
Original file line number Diff line number Diff line change
Expand Up @@ -222,7 +222,7 @@ def enable_ldaps(self, enable: bool) -> None:
"""Enable/disable ldaps based on whether new_state is True or False.
This method is only for MicrosoftAD.
"""
if self.directory_type != "MicrosoftAD":
if self.directory_type not in ("MicrosoftAD", "ADConnector"):
raise UnsupportedOperationException(
"LDAPS operations are not supported for this Directory Type."
)
Expand Down Expand Up @@ -673,7 +673,7 @@ def describe_ldaps_settings(
"""Describe LDAPS settings for a Directory"""
self._validate_directory_id(directory_id)
directory = self.directories[directory_id]
if directory.directory_type != "MicrosoftAD":
if directory.directory_type not in ("MicrosoftAD", "ADConnector"):
raise UnsupportedOperationException(
"LDAPS operations are not supported for this Directory Type."
)
Expand Down
31 changes: 31 additions & 0 deletions tests/test_ds/test_ds_ad_connect.py
Original file line number Diff line number Diff line change
Expand Up @@ -287,3 +287,34 @@ def test_ds_get_connect_directory_limits():
assert limits["ConnectedDirectoriesLimitReached"]
assert not limits["CloudOnlyDirectoriesCurrentCount"]
assert not limits["CloudOnlyMicrosoftADCurrentCount"]


@mock_aws
def test_enable_describe_disable_ldaps():
"""Test good and bad invocations of describe_directories()."""
client = boto3.client("ds", region_name=TEST_REGION)
ec2_client = boto3.client("ec2", region_name=TEST_REGION)

directory_id = create_test_ad_connector(client, ec2_client)

# Describe LDAPS settings for AD Connector without LDAPS enabled
ldaps = client.describe_ldaps_settings(DirectoryId=directory_id)[
"LDAPSSettingsInfo"
]
assert ldaps == []

# Enable LDAPS for AD Connector and verify it is enabled
client.enable_ldaps(DirectoryId=directory_id, Type="Client")
ldaps = client.describe_ldaps_settings(DirectoryId=directory_id)[
"LDAPSSettingsInfo"
]
assert len(ldaps) == 1
assert ldaps[0]["LDAPSStatus"] == "Enabled"

# Disable LDAPS for AD Connector and verify it is disabled
client.disable_ldaps(DirectoryId=directory_id, Type="Client")
ldaps = client.describe_ldaps_settings(DirectoryId=directory_id)[
"LDAPSSettingsInfo"
]
assert len(ldaps) == 1
assert ldaps[0]["LDAPSStatus"] == "Disabled"

0 comments on commit c7a8f47

Please sign in to comment.