ATM_ID: B6325AB8-A6AB-11EC-96C2-7D98BEA7DE52 MFF: PLANNEDTIMESTAFF: ID: Not_to_use_for_any_Dashboard/Deprecated/FS_22.205_FIPS/14766 TESTCASE_HEADLINE: To check if Network authentication is successful for Secure LDAP user over LUI when device is configured in FIPS mode (Enable FIPS with Common Criteria (CC) compliance mode). GROUP: FEATURE: SUB_FEATURE: INPUT:

  1. Login as Admin in WebUI.

  2. Navigate to properties--security--Encryption--FIPS 140-3.

  3. Enable FIPS (Enable FIPS with Common Criteria (CC) compliance)

  4. Save the settings.

  5. Open the wireshark trace and start capturing the traces prior to running this test.

PROCEDURE:

  1. Login as Admin in WebUI.

  2. Navigate to Login/Permissions/Accounting--login methods--User Name / Password as
    Validate on the Network.

  3. Under Authentication Servers-- select edit link and choose LDAP as Authentication Type.

  4. Now click on "Add New" option and provide the below necessary details and save the settings.
    (i) Server Information - IPv4 Address.
    (ii) Friendly Name
    (iii) LDAP server
    (iv) Search Directory Root
    (v) Login Credentials to Access LDAP Server :- Device and provide valid user name and password.
    (vi) enable Secure Connection (LDAPS) option.
    (vii) select appropriate LDAP server CA cert under Validate Server Certificate (trusted; not expired; correct FQDN).

  5. In LUI ; login as Network user (LDAP) and check if the authentication is successful.

  6. Open the wireshark trace and check whether the Secure LDAP traffic is FIPS compliant and uses FIPS compliant algorithms.

OUTPUT:

 1. (STEP 5) Authentication should be successful for the Network user (LDAP).

  2. (STEP 6) Wireshark trace should have Secure LDAP traffic which should be FIPS compliant and should use FIPS compliant algorithms.

PROCESS: PRIORITY: TEST_TYPE: manual LOE: RESOURCE_HW: RESOURCE_CONSUMEABLES: RESOURCE_MEDIA: SKILL_SET: TEST_CASE_TYPE: testcases TESTCASE_SOURCE: SPEC: FIPS 140-3 Certification SPEC_VERSION: 1.0001 SPEC_TAG: [22.205.048] (FT-27164, FT-29598, FT-28756) {D7.6, D7.8} The MFP will utilize a FIPS 140-3 validated Mocana module with AES-256 encryption for all passwords stored within the device except those passwords encrypted by a Trusted Platform Module (TPM). ATM_OWNER: APPROVE_QE: APPROVED_QE: APPROVE_SE: APPROVED_SE: APPROVE_SPAR: APPROVED_SPAR: ASSOCIATED_TESTCASES: TRAINING: TESTCASE_VERSION: TESTCASE_STATE: TESTCASE_PLATFORM: TESTCASE_PRODUCT: canyon, carroll, corvo, kiska, mystic, melody TESTCASE_FAMILY: TESTCASE_APPROVALS: CDATE: 1647601696 MDATE: 1647601696, 1651240588, 1742818694 MUSER: USWU60000, USWU60000, w3K3WRKH AUTHOR: USWU60000 ATM_MCOMMENTS: Imported from spreadsheet, Renamed from "DPQA_NewFeature/D7.6/FT-27164_Mocana_TrustCore_2020_FIPS_140-3_modules_for_Alexandra/162002"., Renamed from "WFAST_Connectivity/Testcases/FS_22.205_FIPS_140-3_Certification/14766". HISTORY: ATM_LOCKED: ATM_REQLINK: 3C6544B2-1CF3-11EC-B707-61040BE4A572 ATM_REQCOUNT: 1 QA_TEAM: TC_WEIGHTAGE: FILENAME: FILEDESC: FILES: RELEASE: AUTOMATION_GROUP: TESTCASE_STEPS_ARE_RELATED_TO: REASON_FOR_AUTOMATABLE: PRECONDITION_TO_BE_DONE: ACTION_TO_BE_DONE: COMMON_FUNCTIONALITY: COMMONALITY_DETAILS: CONSTRAINTS_DAR: IMP-98 by Karthika dated on 09-01-2023 DEVELOPMENT_COMPLETE_TIME: PO_SIGNOFF_DATE: COMPLEXITY_PRECONDITIONS: COMPLEXITY_OUTPUT_VALIDATION: non_outliers AUTOMATABLE: yes TESTCASE_MODIFICATION_REQUIRED: APTEST_UPDATE_STATUS: DEVICE_CATEGORY: common TC_WORK_LOCATION_CAT: work_from_home_tc AUTOMATION_TC_VALIDATION: COMPETENCY: wfast_connectivity APTEST_TRACKING: yes AUTOMATION_CANDIDATE: no