2 Unix SMB/CIFS implementation.
3 test suite for samr rpc operations
5 Copyright (C) Andrew Tridgell 2003
6 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2003
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "torture/torture.h"
25 #include "system/time.h"
26 #include "librpc/gen_ndr/lsa.h"
27 #include "librpc/gen_ndr/ndr_samr_c.h"
28 #include "lib/crypto/crypto.h"
29 #include "libcli/auth/libcli_auth.h"
30 #include "libcli/security/security.h"
31 #include "torture/rpc/rpc.h"
33 #define TEST_ACCOUNT_NAME "samrtorturetest"
34 #define TEST_ALIASNAME "samrtorturetestalias"
35 #define TEST_GROUPNAME "samrtorturetestgroup"
36 #define TEST_MACHINENAME "samrtestmach$"
37 #define TEST_DOMAINNAME "samrtestdom$"
39 enum torture_samr_choice {
40 TORTURE_SAMR_PASSWORDS,
41 TORTURE_SAMR_USER_ATTRIBUTES,
45 static BOOL test_QueryUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
46 struct policy_handle *handle);
48 static BOOL test_QueryUserInfo2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
49 struct policy_handle *handle);
51 static BOOL test_QueryAliasInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
52 struct policy_handle *handle);
54 static BOOL test_ChangePassword(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
55 const char *acct_name,
56 struct policy_handle *domain_handle, char **password);
58 static void init_lsa_String(struct lsa_String *string, const char *s)
63 BOOL test_samr_handle_Close(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
64 struct policy_handle *handle)
70 r.out.handle = handle;
72 status = dcerpc_samr_Close(p, mem_ctx, &r);
73 if (!NT_STATUS_IS_OK(status)) {
74 printf("Close handle failed - %s\n", nt_errstr(status));
81 static BOOL test_Shutdown(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
82 struct policy_handle *handle)
85 struct samr_Shutdown r;
87 if (!lp_parm_bool(-1, "torture", "dangerous", False)) {
88 printf("samr_Shutdown disabled - enable dangerous tests to use\n");
92 r.in.connect_handle = handle;
94 printf("testing samr_Shutdown\n");
96 status = dcerpc_samr_Shutdown(p, mem_ctx, &r);
97 if (!NT_STATUS_IS_OK(status)) {
98 printf("samr_Shutdown failed - %s\n", nt_errstr(status));
105 static BOOL test_SetDsrmPassword(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
106 struct policy_handle *handle)
109 struct samr_SetDsrmPassword r;
110 struct lsa_String string;
111 struct samr_Password hash;
113 if (!lp_parm_bool(-1, "torture", "dangerous", False)) {
114 printf("samr_SetDsrmPassword disabled - enable dangerous tests to use\n");
118 E_md4hash("TeSTDSRM123", hash.hash);
120 init_lsa_String(&string, "Administrator");
126 printf("testing samr_SetDsrmPassword\n");
128 status = dcerpc_samr_SetDsrmPassword(p, mem_ctx, &r);
129 if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
130 printf("samr_SetDsrmPassword failed - %s\n", nt_errstr(status));
138 static BOOL test_QuerySecurity(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
139 struct policy_handle *handle)
142 struct samr_QuerySecurity r;
143 struct samr_SetSecurity s;
145 r.in.handle = handle;
148 status = dcerpc_samr_QuerySecurity(p, mem_ctx, &r);
149 if (!NT_STATUS_IS_OK(status)) {
150 printf("QuerySecurity failed - %s\n", nt_errstr(status));
154 if (r.out.sdbuf == NULL) {
158 s.in.handle = handle;
160 s.in.sdbuf = r.out.sdbuf;
162 if (lp_parm_bool(-1, "target", "samba4", False)) {
163 printf("skipping SetSecurity test against Samba4\n");
167 status = dcerpc_samr_SetSecurity(p, mem_ctx, &s);
168 if (!NT_STATUS_IS_OK(status)) {
169 printf("SetSecurity failed - %s\n", nt_errstr(status));
173 status = dcerpc_samr_QuerySecurity(p, mem_ctx, &r);
174 if (!NT_STATUS_IS_OK(status)) {
175 printf("QuerySecurity failed - %s\n", nt_errstr(status));
183 static BOOL test_SetUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
184 struct policy_handle *handle, uint32_t base_acct_flags,
185 const char *base_account_name)
188 struct samr_SetUserInfo s;
189 struct samr_SetUserInfo2 s2;
190 struct samr_QueryUserInfo q;
191 struct samr_QueryUserInfo q0;
192 union samr_UserInfo u;
194 const char *test_account_name;
196 uint32_t user_extra_flags = 0;
197 if (base_acct_flags == ACB_NORMAL) {
198 /* When created, accounts are expired by default */
199 user_extra_flags = ACB_PW_EXPIRED;
202 s.in.user_handle = handle;
205 s2.in.user_handle = handle;
208 q.in.user_handle = handle;
212 #define TESTCALL(call, r) \
213 status = dcerpc_samr_ ##call(p, mem_ctx, &r); \
214 if (!NT_STATUS_IS_OK(status)) { \
215 printf(#call " level %u failed - %s (%s)\n", \
216 r.in.level, nt_errstr(status), __location__); \
221 #define STRING_EQUAL(s1, s2, field) \
222 if ((s1 && !s2) || (s2 && !s1) || strcmp(s1, s2)) { \
223 printf("Failed to set %s to '%s' (%s)\n", \
224 #field, s2, __location__); \
229 #define INT_EQUAL(i1, i2, field) \
231 printf("Failed to set %s to 0x%x - got 0x%x (%s)\n", \
232 #field, i2, i1, __location__); \
237 #define TEST_USERINFO_STRING(lvl1, field1, lvl2, field2, value, fpval) do { \
238 printf("field test %d/%s vs %d/%s\n", lvl1, #field1, lvl2, #field2); \
240 TESTCALL(QueryUserInfo, q) \
242 s2.in.level = lvl1; \
245 ZERO_STRUCT(u.info21); \
246 u.info21.fields_present = fpval; \
248 init_lsa_String(&u.info ## lvl1.field1, value); \
249 TESTCALL(SetUserInfo, s) \
250 TESTCALL(SetUserInfo2, s2) \
251 init_lsa_String(&u.info ## lvl1.field1, ""); \
252 TESTCALL(QueryUserInfo, q); \
254 STRING_EQUAL(u.info ## lvl1.field1.string, value, field1); \
256 TESTCALL(QueryUserInfo, q) \
258 STRING_EQUAL(u.info ## lvl2.field2.string, value, field2); \
261 #define TEST_USERINFO_INT_EXP(lvl1, field1, lvl2, field2, value, exp_value, fpval) do { \
262 printf("field test %d/%s vs %d/%s\n", lvl1, #field1, lvl2, #field2); \
264 TESTCALL(QueryUserInfo, q) \
266 s2.in.level = lvl1; \
269 uint8_t *bits = u.info21.logon_hours.bits; \
270 ZERO_STRUCT(u.info21); \
271 if (fpval == SAMR_FIELD_LOGON_HOURS) { \
272 u.info21.logon_hours.units_per_week = 168; \
273 u.info21.logon_hours.bits = bits; \
275 u.info21.fields_present = fpval; \
277 u.info ## lvl1.field1 = value; \
278 TESTCALL(SetUserInfo, s) \
279 TESTCALL(SetUserInfo2, s2) \
280 u.info ## lvl1.field1 = 0; \
281 TESTCALL(QueryUserInfo, q); \
283 INT_EQUAL(u.info ## lvl1.field1, exp_value, field1); \
285 TESTCALL(QueryUserInfo, q) \
287 INT_EQUAL(u.info ## lvl2.field2, exp_value, field1); \
290 #define TEST_USERINFO_INT(lvl1, field1, lvl2, field2, value, fpval) do { \
291 TEST_USERINFO_INT_EXP(lvl1, field1, lvl2, field2, value, value, fpval); \
295 do { TESTCALL(QueryUserInfo, q0) } while (0);
297 TEST_USERINFO_STRING(2, comment, 1, comment, "xx2-1 comment", 0);
298 TEST_USERINFO_STRING(2, comment, 21, comment, "xx2-21 comment", 0);
299 TEST_USERINFO_STRING(21, comment, 21, comment, "xx21-21 comment",
302 test_account_name = talloc_asprintf(mem_ctx, "%sxx7-1", base_account_name);
303 TEST_USERINFO_STRING(7, account_name, 1, account_name, base_account_name, 0);
304 test_account_name = talloc_asprintf(mem_ctx, "%sxx7-3", base_account_name);
305 TEST_USERINFO_STRING(7, account_name, 3, account_name, base_account_name, 0);
306 test_account_name = talloc_asprintf(mem_ctx, "%sxx7-5", base_account_name);
307 TEST_USERINFO_STRING(7, account_name, 5, account_name, base_account_name, 0);
308 test_account_name = talloc_asprintf(mem_ctx, "%sxx7-6", base_account_name);
309 TEST_USERINFO_STRING(7, account_name, 6, account_name, base_account_name, 0);
310 test_account_name = talloc_asprintf(mem_ctx, "%sxx7-7", base_account_name);
311 TEST_USERINFO_STRING(7, account_name, 7, account_name, base_account_name, 0);
312 test_account_name = talloc_asprintf(mem_ctx, "%sxx7-21", base_account_name);
313 TEST_USERINFO_STRING(7, account_name, 21, account_name, base_account_name, 0);
314 test_account_name = base_account_name;
315 TEST_USERINFO_STRING(21, account_name, 21, account_name, base_account_name,
316 SAMR_FIELD_ACCOUNT_NAME);
318 TEST_USERINFO_STRING(6, full_name, 1, full_name, "xx6-1 full_name", 0);
319 TEST_USERINFO_STRING(6, full_name, 3, full_name, "xx6-3 full_name", 0);
320 TEST_USERINFO_STRING(6, full_name, 5, full_name, "xx6-5 full_name", 0);
321 TEST_USERINFO_STRING(6, full_name, 6, full_name, "xx6-6 full_name", 0);
322 TEST_USERINFO_STRING(6, full_name, 8, full_name, "xx6-8 full_name", 0);
323 TEST_USERINFO_STRING(6, full_name, 21, full_name, "xx6-21 full_name", 0);
324 TEST_USERINFO_STRING(8, full_name, 21, full_name, "xx8-21 full_name", 0);
325 TEST_USERINFO_STRING(21, full_name, 21, full_name, "xx21-21 full_name",
326 SAMR_FIELD_FULL_NAME);
328 TEST_USERINFO_STRING(11, logon_script, 3, logon_script, "xx11-3 logon_script", 0);
329 TEST_USERINFO_STRING(11, logon_script, 5, logon_script, "xx11-5 logon_script", 0);
330 TEST_USERINFO_STRING(11, logon_script, 21, logon_script, "xx11-21 logon_script", 0);
331 TEST_USERINFO_STRING(21, logon_script, 21, logon_script, "xx21-21 logon_script",
332 SAMR_FIELD_LOGON_SCRIPT);
334 TEST_USERINFO_STRING(12, profile_path, 3, profile_path, "xx12-3 profile_path", 0);
335 TEST_USERINFO_STRING(12, profile_path, 5, profile_path, "xx12-5 profile_path", 0);
336 TEST_USERINFO_STRING(12, profile_path, 21, profile_path, "xx12-21 profile_path", 0);
337 TEST_USERINFO_STRING(21, profile_path, 21, profile_path, "xx21-21 profile_path",
338 SAMR_FIELD_PROFILE_PATH);
340 TEST_USERINFO_STRING(13, description, 1, description, "xx13-1 description", 0);
341 TEST_USERINFO_STRING(13, description, 5, description, "xx13-5 description", 0);
342 TEST_USERINFO_STRING(13, description, 21, description, "xx13-21 description", 0);
343 TEST_USERINFO_STRING(21, description, 21, description, "xx21-21 description",
344 SAMR_FIELD_DESCRIPTION);
346 TEST_USERINFO_STRING(14, workstations, 3, workstations, "14workstation3", 0);
347 TEST_USERINFO_STRING(14, workstations, 5, workstations, "14workstation4", 0);
348 TEST_USERINFO_STRING(14, workstations, 21, workstations, "14workstation21", 0);
349 TEST_USERINFO_STRING(21, workstations, 21, workstations, "21workstation21",
350 SAMR_FIELD_WORKSTATIONS);
352 TEST_USERINFO_STRING(20, parameters, 21, parameters, "xx20-21 parameters", 0);
353 TEST_USERINFO_STRING(21, parameters, 21, parameters, "xx21-21 parameters",
354 SAMR_FIELD_PARAMETERS);
356 TEST_USERINFO_INT(2, country_code, 21, country_code, __LINE__, 0);
357 TEST_USERINFO_INT(21, country_code, 21, country_code, __LINE__,
358 SAMR_FIELD_COUNTRY_CODE);
360 TEST_USERINFO_INT(2, code_page, 21, code_page, __LINE__, 0);
361 TEST_USERINFO_INT(21, code_page, 21, code_page, __LINE__,
362 SAMR_FIELD_CODE_PAGE);
364 TEST_USERINFO_INT(4, logon_hours.bits[3], 3, logon_hours.bits[3], 1, 0);
365 TEST_USERINFO_INT(4, logon_hours.bits[3], 5, logon_hours.bits[3], 2, 0);
366 TEST_USERINFO_INT(4, logon_hours.bits[3], 21, logon_hours.bits[3], 3, 0);
367 TEST_USERINFO_INT(21, logon_hours.bits[3], 21, logon_hours.bits[3], 4,
368 SAMR_FIELD_LOGON_HOURS);
370 if (lp_parm_bool(-1, "target", "samba4", False)) {
371 printf("skipping Set Account Flag tests against Samba4\n");
375 TEST_USERINFO_INT_EXP(16, acct_flags, 5, acct_flags,
376 (base_acct_flags | ACB_DISABLED | ACB_HOMDIRREQ),
377 (base_acct_flags | ACB_DISABLED | ACB_HOMDIRREQ | user_extra_flags),
379 TEST_USERINFO_INT_EXP(16, acct_flags, 5, acct_flags,
380 (base_acct_flags | ACB_DISABLED),
381 (base_acct_flags | ACB_DISABLED | user_extra_flags),
384 /* Setting PWNOEXP clears the magic ACB_PW_EXPIRED flag */
385 TEST_USERINFO_INT_EXP(16, acct_flags, 5, acct_flags,
386 (base_acct_flags | ACB_DISABLED | ACB_PWNOEXP),
387 (base_acct_flags | ACB_DISABLED | ACB_PWNOEXP),
389 TEST_USERINFO_INT_EXP(16, acct_flags, 21, acct_flags,
390 (base_acct_flags | ACB_DISABLED | ACB_HOMDIRREQ),
391 (base_acct_flags | ACB_DISABLED | ACB_HOMDIRREQ | user_extra_flags),
395 /* The 'autolock' flag doesn't stick - check this */
396 TEST_USERINFO_INT_EXP(16, acct_flags, 21, acct_flags,
397 (base_acct_flags | ACB_DISABLED | ACB_AUTOLOCK),
398 (base_acct_flags | ACB_DISABLED | user_extra_flags),
401 /* Removing the 'disabled' flag doesn't stick - check this */
402 TEST_USERINFO_INT_EXP(16, acct_flags, 21, acct_flags,
404 (base_acct_flags | ACB_DISABLED | user_extra_flags),
407 /* The 'store plaintext' flag does stick */
408 TEST_USERINFO_INT_EXP(16, acct_flags, 21, acct_flags,
409 (base_acct_flags | ACB_DISABLED | ACB_ENC_TXT_PWD_ALLOWED),
410 (base_acct_flags | ACB_DISABLED | ACB_ENC_TXT_PWD_ALLOWED | user_extra_flags),
412 /* The 'use DES' flag does stick */
413 TEST_USERINFO_INT_EXP(16, acct_flags, 21, acct_flags,
414 (base_acct_flags | ACB_DISABLED | ACB_USE_DES_KEY_ONLY),
415 (base_acct_flags | ACB_DISABLED | ACB_USE_DES_KEY_ONLY | user_extra_flags),
417 /* The 'don't require kerberos pre-authentication flag does stick */
418 TEST_USERINFO_INT_EXP(16, acct_flags, 21, acct_flags,
419 (base_acct_flags | ACB_DISABLED | ACB_DONT_REQUIRE_PREAUTH),
420 (base_acct_flags | ACB_DISABLED | ACB_DONT_REQUIRE_PREAUTH | user_extra_flags),
422 /* The 'no kerberos PAC required' flag sticks */
423 TEST_USERINFO_INT_EXP(16, acct_flags, 21, acct_flags,
424 (base_acct_flags | ACB_DISABLED | ACB_NO_AUTH_DATA_REQD),
425 (base_acct_flags | ACB_DISABLED | ACB_NO_AUTH_DATA_REQD | user_extra_flags),
428 TEST_USERINFO_INT_EXP(21, acct_flags, 21, acct_flags,
429 (base_acct_flags | ACB_DISABLED),
430 (base_acct_flags | ACB_DISABLED | user_extra_flags),
431 SAMR_FIELD_ACCT_FLAGS);
434 /* these fail with win2003 - it appears you can't set the primary gid?
435 the set succeeds, but the gid isn't changed. Very weird! */
436 TEST_USERINFO_INT(9, primary_gid, 1, primary_gid, 513);
437 TEST_USERINFO_INT(9, primary_gid, 3, primary_gid, 513);
438 TEST_USERINFO_INT(9, primary_gid, 5, primary_gid, 513);
439 TEST_USERINFO_INT(9, primary_gid, 21, primary_gid, 513);
446 generate a random password for password change tests
448 static char *samr_rand_pass(TALLOC_CTX *mem_ctx, int min_len)
450 size_t len = MAX(8, min_len) + (random() % 6);
451 char *s = generate_random_str(mem_ctx, len);
452 printf("Generated password '%s'\n", s);
457 generate a random password for password change tests (fixed length)
459 static char *samr_rand_pass_fixed_len(TALLOC_CTX *mem_ctx, int len)
461 char *s = generate_random_str(mem_ctx, len);
462 printf("Generated password '%s'\n", s);
466 static BOOL test_SetUserPass(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
467 struct policy_handle *handle, char **password)
470 struct samr_SetUserInfo s;
471 union samr_UserInfo u;
473 DATA_BLOB session_key;
475 struct samr_GetUserPwInfo pwp;
476 int policy_min_pw_len = 0;
477 pwp.in.user_handle = handle;
479 status = dcerpc_samr_GetUserPwInfo(p, mem_ctx, &pwp);
480 if (NT_STATUS_IS_OK(status)) {
481 policy_min_pw_len = pwp.out.info.min_password_length;
483 newpass = samr_rand_pass(mem_ctx, policy_min_pw_len);
485 s.in.user_handle = handle;
489 encode_pw_buffer(u.info24.password.data, newpass, STR_UNICODE);
490 /* w2k3 ignores this length */
491 u.info24.pw_len = strlen_m(newpass) * 2;
493 status = dcerpc_fetch_session_key(p, &session_key);
494 if (!NT_STATUS_IS_OK(status)) {
495 printf("SetUserInfo level %u - no session key - %s\n",
496 s.in.level, nt_errstr(status));
500 arcfour_crypt_blob(u.info24.password.data, 516, &session_key);
502 printf("Testing SetUserInfo level 24 (set password)\n");
504 status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
505 if (!NT_STATUS_IS_OK(status)) {
506 printf("SetUserInfo level %u failed - %s\n",
507 s.in.level, nt_errstr(status));
517 static BOOL test_SetUserPass_23(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
518 struct policy_handle *handle, uint32_t fields_present,
522 struct samr_SetUserInfo s;
523 union samr_UserInfo u;
525 DATA_BLOB session_key;
527 struct samr_GetUserPwInfo pwp;
528 int policy_min_pw_len = 0;
529 pwp.in.user_handle = handle;
531 status = dcerpc_samr_GetUserPwInfo(p, mem_ctx, &pwp);
532 if (NT_STATUS_IS_OK(status)) {
533 policy_min_pw_len = pwp.out.info.min_password_length;
535 newpass = samr_rand_pass(mem_ctx, policy_min_pw_len);
537 s.in.user_handle = handle;
543 u.info23.info.fields_present = fields_present;
545 encode_pw_buffer(u.info23.password.data, newpass, STR_UNICODE);
547 status = dcerpc_fetch_session_key(p, &session_key);
548 if (!NT_STATUS_IS_OK(status)) {
549 printf("SetUserInfo level %u - no session key - %s\n",
550 s.in.level, nt_errstr(status));
554 arcfour_crypt_blob(u.info23.password.data, 516, &session_key);
556 printf("Testing SetUserInfo level 23 (set password)\n");
558 status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
559 if (!NT_STATUS_IS_OK(status)) {
560 printf("SetUserInfo level %u failed - %s\n",
561 s.in.level, nt_errstr(status));
571 static BOOL test_SetUserPassEx(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
572 struct policy_handle *handle, char **password)
575 struct samr_SetUserInfo s;
576 union samr_UserInfo u;
578 DATA_BLOB session_key;
579 DATA_BLOB confounded_session_key = data_blob_talloc(mem_ctx, NULL, 16);
580 uint8_t confounder[16];
582 struct MD5Context ctx;
583 struct samr_GetUserPwInfo pwp;
584 int policy_min_pw_len = 0;
585 pwp.in.user_handle = handle;
587 status = dcerpc_samr_GetUserPwInfo(p, mem_ctx, &pwp);
588 if (NT_STATUS_IS_OK(status)) {
589 policy_min_pw_len = pwp.out.info.min_password_length;
591 newpass = samr_rand_pass(mem_ctx, policy_min_pw_len);
593 s.in.user_handle = handle;
597 encode_pw_buffer(u.info26.password.data, newpass, STR_UNICODE);
598 u.info26.pw_len = strlen(newpass);
600 status = dcerpc_fetch_session_key(p, &session_key);
601 if (!NT_STATUS_IS_OK(status)) {
602 printf("SetUserInfo level %u - no session key - %s\n",
603 s.in.level, nt_errstr(status));
607 generate_random_buffer((uint8_t *)confounder, 16);
610 MD5Update(&ctx, confounder, 16);
611 MD5Update(&ctx, session_key.data, session_key.length);
612 MD5Final(confounded_session_key.data, &ctx);
614 arcfour_crypt_blob(u.info26.password.data, 516, &confounded_session_key);
615 memcpy(&u.info26.password.data[516], confounder, 16);
617 printf("Testing SetUserInfo level 26 (set password ex)\n");
619 status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
620 if (!NT_STATUS_IS_OK(status)) {
621 printf("SetUserInfo level %u failed - %s\n",
622 s.in.level, nt_errstr(status));
631 static BOOL test_SetUserPass_25(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
632 struct policy_handle *handle, uint32_t fields_present,
636 struct samr_SetUserInfo s;
637 union samr_UserInfo u;
639 DATA_BLOB session_key;
640 DATA_BLOB confounded_session_key = data_blob_talloc(mem_ctx, NULL, 16);
641 struct MD5Context ctx;
642 uint8_t confounder[16];
644 struct samr_GetUserPwInfo pwp;
645 int policy_min_pw_len = 0;
646 pwp.in.user_handle = handle;
648 status = dcerpc_samr_GetUserPwInfo(p, mem_ctx, &pwp);
649 if (NT_STATUS_IS_OK(status)) {
650 policy_min_pw_len = pwp.out.info.min_password_length;
652 newpass = samr_rand_pass(mem_ctx, policy_min_pw_len);
654 s.in.user_handle = handle;
660 u.info25.info.fields_present = fields_present;
662 encode_pw_buffer(u.info25.password.data, newpass, STR_UNICODE);
664 status = dcerpc_fetch_session_key(p, &session_key);
665 if (!NT_STATUS_IS_OK(status)) {
666 printf("SetUserInfo level %u - no session key - %s\n",
667 s.in.level, nt_errstr(status));
671 generate_random_buffer((uint8_t *)confounder, 16);
674 MD5Update(&ctx, confounder, 16);
675 MD5Update(&ctx, session_key.data, session_key.length);
676 MD5Final(confounded_session_key.data, &ctx);
678 arcfour_crypt_blob(u.info25.password.data, 516, &confounded_session_key);
679 memcpy(&u.info25.password.data[516], confounder, 16);
681 printf("Testing SetUserInfo level 25 (set password ex)\n");
683 status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
684 if (!NT_STATUS_IS_OK(status)) {
685 printf("SetUserInfo level %u failed - %s\n",
686 s.in.level, nt_errstr(status));
695 static BOOL test_SetAliasInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
696 struct policy_handle *handle)
699 struct samr_SetAliasInfo r;
700 struct samr_QueryAliasInfo q;
701 uint16_t levels[] = {2, 3};
705 /* Ignoring switch level 1, as that includes the number of members for the alias
706 * and setting this to a wrong value might have negative consequences
709 for (i=0;i<ARRAY_SIZE(levels);i++) {
710 printf("Testing SetAliasInfo level %u\n", levels[i]);
712 r.in.alias_handle = handle;
713 r.in.level = levels[i];
714 r.in.info = talloc(mem_ctx, union samr_AliasInfo);
715 switch (r.in.level) {
716 case ALIASINFONAME: init_lsa_String(&r.in.info->name,TEST_ALIASNAME); break;
717 case ALIASINFODESCRIPTION: init_lsa_String(&r.in.info->description,
718 "Test Description, should test I18N as well"); break;
721 status = dcerpc_samr_SetAliasInfo(p, mem_ctx, &r);
722 if (!NT_STATUS_IS_OK(status)) {
723 printf("SetAliasInfo level %u failed - %s\n",
724 levels[i], nt_errstr(status));
728 q.in.alias_handle = handle;
729 q.in.level = levels[i];
731 status = dcerpc_samr_QueryAliasInfo(p, mem_ctx, &q);
732 if (!NT_STATUS_IS_OK(status)) {
733 printf("QueryAliasInfo level %u failed - %s\n",
734 levels[i], nt_errstr(status));
742 static BOOL test_GetGroupsForUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
743 struct policy_handle *user_handle)
745 struct samr_GetGroupsForUser r;
749 printf("testing GetGroupsForUser\n");
751 r.in.user_handle = user_handle;
753 status = dcerpc_samr_GetGroupsForUser(p, mem_ctx, &r);
754 if (!NT_STATUS_IS_OK(status)) {
755 printf("GetGroupsForUser failed - %s\n",nt_errstr(status));
763 static BOOL test_GetDomPwInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
764 struct lsa_String *domain_name)
767 struct samr_GetDomPwInfo r;
770 r.in.domain_name = domain_name;
771 printf("Testing GetDomPwInfo with name %s\n", r.in.domain_name->string);
773 status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &r);
774 if (!NT_STATUS_IS_OK(status)) {
775 printf("GetDomPwInfo failed - %s\n", nt_errstr(status));
779 r.in.domain_name->string = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
780 printf("Testing GetDomPwInfo with name %s\n", r.in.domain_name->string);
782 status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &r);
783 if (!NT_STATUS_IS_OK(status)) {
784 printf("GetDomPwInfo failed - %s\n", nt_errstr(status));
788 r.in.domain_name->string = "\\\\__NONAME__";
789 printf("Testing GetDomPwInfo with name %s\n", r.in.domain_name->string);
791 status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &r);
792 if (!NT_STATUS_IS_OK(status)) {
793 printf("GetDomPwInfo failed - %s\n", nt_errstr(status));
797 r.in.domain_name->string = "\\\\Builtin";
798 printf("Testing GetDomPwInfo with name %s\n", r.in.domain_name->string);
800 status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &r);
801 if (!NT_STATUS_IS_OK(status)) {
802 printf("GetDomPwInfo failed - %s\n", nt_errstr(status));
810 static BOOL test_GetUserPwInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
811 struct policy_handle *handle)
814 struct samr_GetUserPwInfo r;
817 printf("Testing GetUserPwInfo\n");
819 r.in.user_handle = handle;
821 status = dcerpc_samr_GetUserPwInfo(p, mem_ctx, &r);
822 if (!NT_STATUS_IS_OK(status)) {
823 printf("GetUserPwInfo failed - %s\n", nt_errstr(status));
830 static NTSTATUS test_LookupName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
831 struct policy_handle *domain_handle, const char *name,
835 struct samr_LookupNames n;
836 struct lsa_String sname[2];
838 init_lsa_String(&sname[0], name);
840 n.in.domain_handle = domain_handle;
843 status = dcerpc_samr_LookupNames(p, mem_ctx, &n);
844 if (NT_STATUS_IS_OK(status)) {
845 *rid = n.out.rids.ids[0];
850 init_lsa_String(&sname[1], "xxNONAMExx");
852 status = dcerpc_samr_LookupNames(p, mem_ctx, &n);
853 if (!NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
854 printf("LookupNames[2] failed - %s\n", nt_errstr(status));
858 init_lsa_String(&sname[1], "xxNONAMExx");
860 status = dcerpc_samr_LookupNames(p, mem_ctx, &n);
861 if (!NT_STATUS_IS_OK(status)) {
862 printf("LookupNames[0] failed - %s\n", nt_errstr(status));
868 static NTSTATUS test_OpenUser_byname(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
869 struct policy_handle *domain_handle,
870 const char *name, struct policy_handle *user_handle)
873 struct samr_OpenUser r;
876 status = test_LookupName(p, mem_ctx, domain_handle, name, &rid);
877 if (!NT_STATUS_IS_OK(status)) {
881 r.in.domain_handle = domain_handle;
882 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
884 r.out.user_handle = user_handle;
885 status = dcerpc_samr_OpenUser(p, mem_ctx, &r);
886 if (!NT_STATUS_IS_OK(status)) {
887 printf("OpenUser_byname(%s -> %d) failed - %s\n", name, rid, nt_errstr(status));
894 static BOOL test_ChangePasswordNT3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
895 struct policy_handle *handle)
898 struct samr_ChangePasswordUser r;
900 struct samr_Password hash1, hash2, hash3, hash4, hash5, hash6;
901 struct policy_handle user_handle;
902 char *oldpass = "test";
903 char *newpass = "test2";
904 uint8_t old_nt_hash[16], new_nt_hash[16];
905 uint8_t old_lm_hash[16], new_lm_hash[16];
907 status = test_OpenUser_byname(p, mem_ctx, handle, "testuser", &user_handle);
908 if (!NT_STATUS_IS_OK(status)) {
912 printf("Testing ChangePasswordUser for user 'testuser'\n");
914 printf("old password: %s\n", oldpass);
915 printf("new password: %s\n", newpass);
917 E_md4hash(oldpass, old_nt_hash);
918 E_md4hash(newpass, new_nt_hash);
919 E_deshash(oldpass, old_lm_hash);
920 E_deshash(newpass, new_lm_hash);
922 E_old_pw_hash(new_lm_hash, old_lm_hash, hash1.hash);
923 E_old_pw_hash(old_lm_hash, new_lm_hash, hash2.hash);
924 E_old_pw_hash(new_nt_hash, old_nt_hash, hash3.hash);
925 E_old_pw_hash(old_nt_hash, new_nt_hash, hash4.hash);
926 E_old_pw_hash(old_lm_hash, new_nt_hash, hash5.hash);
927 E_old_pw_hash(old_nt_hash, new_lm_hash, hash6.hash);
929 r.in.handle = &user_handle;
931 r.in.old_lm_crypted = &hash1;
932 r.in.new_lm_crypted = &hash2;
934 r.in.old_nt_crypted = &hash3;
935 r.in.new_nt_crypted = &hash4;
936 r.in.cross1_present = 1;
937 r.in.nt_cross = &hash5;
938 r.in.cross2_present = 1;
939 r.in.lm_cross = &hash6;
941 status = dcerpc_samr_ChangePasswordUser(p, mem_ctx, &r);
942 if (!NT_STATUS_IS_OK(status)) {
943 printf("ChangePasswordUser failed - %s\n", nt_errstr(status));
947 if (!test_samr_handle_Close(p, mem_ctx, &user_handle)) {
955 static BOOL test_ChangePasswordUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
956 const char *acct_name,
957 struct policy_handle *handle, char **password)
960 struct samr_ChangePasswordUser r;
962 struct samr_Password hash1, hash2, hash3, hash4, hash5, hash6;
963 struct policy_handle user_handle;
965 uint8_t old_nt_hash[16], new_nt_hash[16];
966 uint8_t old_lm_hash[16], new_lm_hash[16];
969 struct samr_GetUserPwInfo pwp;
970 int policy_min_pw_len = 0;
972 status = test_OpenUser_byname(p, mem_ctx, handle, acct_name, &user_handle);
973 if (!NT_STATUS_IS_OK(status)) {
976 pwp.in.user_handle = &user_handle;
978 status = dcerpc_samr_GetUserPwInfo(p, mem_ctx, &pwp);
979 if (NT_STATUS_IS_OK(status)) {
980 policy_min_pw_len = pwp.out.info.min_password_length;
982 newpass = samr_rand_pass(mem_ctx, policy_min_pw_len);
984 printf("Testing ChangePasswordUser\n");
987 printf("Failing ChangePasswordUser as old password was NULL. Previous test failed?\n");
993 E_md4hash(oldpass, old_nt_hash);
994 E_md4hash(newpass, new_nt_hash);
995 E_deshash(oldpass, old_lm_hash);
996 E_deshash(newpass, new_lm_hash);
998 E_old_pw_hash(new_lm_hash, old_lm_hash, hash1.hash);
999 E_old_pw_hash(old_lm_hash, new_lm_hash, hash2.hash);
1000 E_old_pw_hash(new_nt_hash, old_nt_hash, hash3.hash);
1001 E_old_pw_hash(old_nt_hash, new_nt_hash, hash4.hash);
1002 E_old_pw_hash(old_lm_hash, new_nt_hash, hash5.hash);
1003 E_old_pw_hash(old_nt_hash, new_lm_hash, hash6.hash);
1005 r.in.user_handle = &user_handle;
1006 r.in.lm_present = 1;
1007 r.in.old_lm_crypted = &hash1;
1008 r.in.new_lm_crypted = &hash2;
1009 r.in.nt_present = 1;
1010 r.in.old_nt_crypted = &hash3;
1011 r.in.new_nt_crypted = &hash4;
1012 r.in.cross1_present = 1;
1013 r.in.nt_cross = &hash5;
1014 r.in.cross2_present = 1;
1015 r.in.lm_cross = &hash6;
1017 status = dcerpc_samr_ChangePasswordUser(p, mem_ctx, &r);
1018 if (NT_STATUS_EQUAL(status, NT_STATUS_PASSWORD_RESTRICTION)) {
1019 printf("ChangePasswordUser returned: %s perhaps min password age? (not fatal)\n", nt_errstr(status));
1020 } else if (!NT_STATUS_IS_OK(status)) {
1021 printf("ChangePasswordUser failed - %s\n", nt_errstr(status));
1024 *password = newpass;
1027 if (!test_samr_handle_Close(p, mem_ctx, &user_handle)) {
1035 static BOOL test_OemChangePasswordUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1036 const char *acct_name,
1037 struct policy_handle *handle, char **password)
1040 struct samr_OemChangePasswordUser2 r;
1042 struct samr_Password lm_verifier;
1043 struct samr_CryptPassword lm_pass;
1044 struct lsa_AsciiString server, account, account_bad;
1047 uint8_t old_lm_hash[16], new_lm_hash[16];
1049 struct samr_GetDomPwInfo dom_pw_info;
1050 int policy_min_pw_len = 0;
1052 struct lsa_String domain_name;
1054 domain_name.string = "";
1055 dom_pw_info.in.domain_name = &domain_name;
1057 printf("Testing OemChangePasswordUser2\n");
1060 printf("Failing OemChangePasswordUser2 as old password was NULL. Previous test failed?\n");
1064 oldpass = *password;
1066 status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &dom_pw_info);
1067 if (NT_STATUS_IS_OK(status)) {
1068 policy_min_pw_len = dom_pw_info.out.info.min_password_length;
1071 newpass = samr_rand_pass(mem_ctx, policy_min_pw_len);
1073 server.string = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1074 account.string = acct_name;
1076 E_deshash(oldpass, old_lm_hash);
1077 E_deshash(newpass, new_lm_hash);
1079 encode_pw_buffer(lm_pass.data, newpass, STR_ASCII);
1080 arcfour_crypt(lm_pass.data, old_lm_hash, 516);
1081 E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash);
1083 r.in.server = &server;
1084 r.in.account = &account;
1085 r.in.password = &lm_pass;
1086 r.in.hash = &lm_verifier;
1088 /* Break the verification */
1089 lm_verifier.hash[0]++;
1091 status = dcerpc_samr_OemChangePasswordUser2(p, mem_ctx, &r);
1093 if (!NT_STATUS_EQUAL(status, NT_STATUS_PASSWORD_RESTRICTION)
1094 && !NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD)) {
1095 printf("ChangePasswordUser3 failed, should have returned WRONG_PASSWORD (or at least 'PASSWORD_RESTRICTON') for invalid password verifier - %s\n",
1100 /* This shouldn't be a valid name */
1101 account_bad.string = TEST_ACCOUNT_NAME "XX";
1102 r.in.account = &account_bad;
1104 status = dcerpc_samr_OemChangePasswordUser2(p, mem_ctx, &r);
1106 if (!NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD)) {
1107 printf("ChangePasswordUser3 failed, should have returned WRONG_PASSWORD for invalid user - %s\n",
1112 E_deshash(oldpass, old_lm_hash);
1113 E_deshash(newpass, new_lm_hash);
1115 encode_pw_buffer(lm_pass.data, newpass, STR_ASCII);
1116 arcfour_crypt(lm_pass.data, old_lm_hash, 516);
1117 E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash);
1119 r.in.server = &server;
1120 r.in.account = &account;
1121 r.in.password = &lm_pass;
1122 r.in.hash = &lm_verifier;
1124 status = dcerpc_samr_OemChangePasswordUser2(p, mem_ctx, &r);
1125 if (NT_STATUS_EQUAL(status, NT_STATUS_PASSWORD_RESTRICTION)) {
1126 printf("OemChangePasswordUser2 returned: %s perhaps min password age? (not fatal)\n", nt_errstr(status));
1127 } else if (!NT_STATUS_IS_OK(status)) {
1128 printf("OemChangePasswordUser2 failed - %s\n", nt_errstr(status));
1131 *password = newpass;
1138 static BOOL test_ChangePasswordUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1139 const char *acct_name,
1140 struct policy_handle *handle, char **password)
1143 struct samr_ChangePasswordUser2 r;
1145 struct lsa_String server, account;
1146 struct samr_CryptPassword nt_pass, lm_pass;
1147 struct samr_Password nt_verifier, lm_verifier;
1150 uint8_t old_nt_hash[16], new_nt_hash[16];
1151 uint8_t old_lm_hash[16], new_lm_hash[16];
1153 struct samr_GetDomPwInfo dom_pw_info;
1154 int policy_min_pw_len = 0;
1156 struct lsa_String domain_name;
1159 domain_name.string = "";
1160 dom_pw_info.in.domain_name = &domain_name;
1162 printf("Testing ChangePasswordUser2\n");
1165 printf("Failing ChangePasswordUser3 as old password was NULL. Previous test failed?\n");
1168 oldpass = *password;
1170 status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &dom_pw_info);
1171 if (NT_STATUS_IS_OK(status)) {
1172 policy_min_pw_len = dom_pw_info.out.info.min_password_length;
1175 newpass = samr_rand_pass(mem_ctx, policy_min_pw_len);
1177 server.string = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1178 init_lsa_String(&account, acct_name);
1180 E_md4hash(oldpass, old_nt_hash);
1181 E_md4hash(newpass, new_nt_hash);
1183 E_deshash(oldpass, old_lm_hash);
1184 E_deshash(newpass, new_lm_hash);
1186 encode_pw_buffer(lm_pass.data, newpass, STR_ASCII|STR_TERMINATE);
1187 arcfour_crypt(lm_pass.data, old_lm_hash, 516);
1188 E_old_pw_hash(new_nt_hash, old_lm_hash, lm_verifier.hash);
1190 encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE);
1191 arcfour_crypt(nt_pass.data, old_nt_hash, 516);
1192 E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash);
1194 r.in.server = &server;
1195 r.in.account = &account;
1196 r.in.nt_password = &nt_pass;
1197 r.in.nt_verifier = &nt_verifier;
1199 r.in.lm_password = &lm_pass;
1200 r.in.lm_verifier = &lm_verifier;
1202 status = dcerpc_samr_ChangePasswordUser2(p, mem_ctx, &r);
1203 if (NT_STATUS_EQUAL(status, NT_STATUS_PASSWORD_RESTRICTION)) {
1204 printf("ChangePasswordUser2 returned: %s perhaps min password age? (not fatal)\n", nt_errstr(status));
1205 } else if (!NT_STATUS_IS_OK(status)) {
1206 printf("ChangePasswordUser2 failed - %s\n", nt_errstr(status));
1209 *password = newpass;
1216 BOOL test_ChangePasswordUser3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1217 const char *account_string,
1218 int policy_min_pw_len,
1220 const char *newpass,
1221 NTTIME last_password_change,
1222 BOOL handle_reject_reason)
1225 struct samr_ChangePasswordUser3 r;
1227 struct lsa_String server, account, account_bad;
1228 struct samr_CryptPassword nt_pass, lm_pass;
1229 struct samr_Password nt_verifier, lm_verifier;
1231 uint8_t old_nt_hash[16], new_nt_hash[16];
1232 uint8_t old_lm_hash[16], new_lm_hash[16];
1235 printf("Testing ChangePasswordUser3\n");
1237 if (newpass == NULL) {
1238 if (policy_min_pw_len == 0) {
1239 newpass = samr_rand_pass(mem_ctx, policy_min_pw_len);
1241 newpass = samr_rand_pass_fixed_len(mem_ctx, policy_min_pw_len);
1244 printf("Using password '%s'\n", newpass);
1248 printf("Failing ChangePasswordUser3 as old password was NULL. Previous test failed?\n");
1252 oldpass = *password;
1253 server.string = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1254 init_lsa_String(&account, account_string);
1256 E_md4hash(oldpass, old_nt_hash);
1257 E_md4hash(newpass, new_nt_hash);
1259 E_deshash(oldpass, old_lm_hash);
1260 E_deshash(newpass, new_lm_hash);
1262 encode_pw_buffer(lm_pass.data, newpass, STR_UNICODE);
1263 arcfour_crypt(lm_pass.data, old_nt_hash, 516);
1264 E_old_pw_hash(new_nt_hash, old_lm_hash, lm_verifier.hash);
1266 encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE);
1267 arcfour_crypt(nt_pass.data, old_nt_hash, 516);
1268 E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash);
1270 /* Break the verification */
1271 nt_verifier.hash[0]++;
1273 r.in.server = &server;
1274 r.in.account = &account;
1275 r.in.nt_password = &nt_pass;
1276 r.in.nt_verifier = &nt_verifier;
1278 r.in.lm_password = &lm_pass;
1279 r.in.lm_verifier = &lm_verifier;
1280 r.in.password3 = NULL;
1282 status = dcerpc_samr_ChangePasswordUser3(p, mem_ctx, &r);
1283 if (!NT_STATUS_EQUAL(status, NT_STATUS_PASSWORD_RESTRICTION) &&
1284 (!NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD))) {
1285 printf("ChangePasswordUser3 failed, should have returned WRONG_PASSWORD (or at least 'PASSWORD_RESTRICTON') for invalid password verifier - %s\n",
1290 /* This shouldn't be a valid name */
1291 init_lsa_String(&account_bad, talloc_asprintf(mem_ctx, "%sXX", account_string));
1293 r.in.account = &account_bad;
1294 status = dcerpc_samr_ChangePasswordUser3(p, mem_ctx, &r);
1295 if (!NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD)) {
1296 printf("ChangePasswordUser3 failed, should have returned WRONG_PASSWORD for invalid username - %s\n",
1301 E_md4hash(oldpass, old_nt_hash);
1302 E_md4hash(newpass, new_nt_hash);
1304 E_deshash(oldpass, old_lm_hash);
1305 E_deshash(newpass, new_lm_hash);
1307 encode_pw_buffer(lm_pass.data, newpass, STR_UNICODE);
1308 arcfour_crypt(lm_pass.data, old_nt_hash, 516);
1309 E_old_pw_hash(new_nt_hash, old_lm_hash, lm_verifier.hash);
1311 encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE);
1312 arcfour_crypt(nt_pass.data, old_nt_hash, 516);
1313 E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash);
1315 r.in.server = &server;
1316 r.in.account = &account;
1317 r.in.nt_password = &nt_pass;
1318 r.in.nt_verifier = &nt_verifier;
1320 r.in.lm_password = &lm_pass;
1321 r.in.lm_verifier = &lm_verifier;
1322 r.in.password3 = NULL;
1324 unix_to_nt_time(&t, time(NULL));
1326 status = dcerpc_samr_ChangePasswordUser3(p, mem_ctx, &r);
1328 if (NT_STATUS_EQUAL(status, NT_STATUS_PASSWORD_RESTRICTION) &&
1329 r.out.dominfo && r.out.reject && handle_reject_reason) {
1331 if (r.out.dominfo->password_properties & DOMAIN_REFUSE_PASSWORD_CHANGE ) {
1333 if (r.out.reject && (r.out.reject->reason != SAMR_REJECT_OTHER)) {
1334 printf("expected SAMR_REJECT_OTHER (%d), got %d\n",
1335 SAMR_REJECT_OTHER, r.out.reject->reason);
1340 /* We tested the order of precendence which is as follows:
1349 if ((r.out.dominfo->min_password_age > 0) && !null_nttime(last_password_change) &&
1350 (last_password_change + r.out.dominfo->min_password_age > t)) {
1352 if (r.out.reject->reason != SAMR_REJECT_OTHER) {
1353 printf("expected SAMR_REJECT_OTHER (%d), got %d\n",
1354 SAMR_REJECT_OTHER, r.out.reject->reason);
1358 } else if ((r.out.dominfo->min_password_length > 0) &&
1359 (strlen(newpass) < r.out.dominfo->min_password_length)) {
1361 if (r.out.reject->reason != SAMR_REJECT_TOO_SHORT) {
1362 printf("expected SAMR_REJECT_TOO_SHORT (%d), got %d\n",
1363 SAMR_REJECT_TOO_SHORT, r.out.reject->reason);
1367 } else if (r.out.dominfo->password_properties & DOMAIN_PASSWORD_COMPLEX) {
1369 if (r.out.reject->reason != SAMR_REJECT_COMPLEXITY) {
1370 printf("expected SAMR_REJECT_COMPLEXITY (%d), got %d\n",
1371 SAMR_REJECT_COMPLEXITY, r.out.reject->reason);
1375 } else if ((r.out.dominfo->password_history_length > 0) &&
1376 strequal(oldpass, newpass)) {
1378 if (r.out.reject->reason != SAMR_REJECT_IN_HISTORY) {
1379 printf("expected SAMR_REJECT_IN_HISTORY (%d), got %d\n",
1380 SAMR_REJECT_IN_HISTORY, r.out.reject->reason);
1385 if (r.out.reject->reason == SAMR_REJECT_TOO_SHORT) {
1386 /* retry with adjusted size */
1387 return test_ChangePasswordUser3(p, mem_ctx, account_string,
1388 r.out.dominfo->min_password_length,
1389 password, NULL, 0, False);
1393 } else if (!NT_STATUS_IS_OK(status)) {
1394 printf("ChangePasswordUser3 failed - %s\n", nt_errstr(status));
1397 *password = talloc_strdup(mem_ctx, newpass);
1404 static BOOL test_GetMembersInAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1405 struct policy_handle *alias_handle)
1407 struct samr_GetMembersInAlias r;
1408 struct lsa_SidArray sids;
1412 printf("Testing GetMembersInAlias\n");
1414 r.in.alias_handle = alias_handle;
1417 status = dcerpc_samr_GetMembersInAlias(p, mem_ctx, &r);
1418 if (!NT_STATUS_IS_OK(status)) {
1419 printf("GetMembersInAlias failed - %s\n",
1427 static BOOL test_AddMemberToAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1428 struct policy_handle *alias_handle,
1429 const struct dom_sid *domain_sid)
1431 struct samr_AddAliasMember r;
1432 struct samr_DeleteAliasMember d;
1435 struct dom_sid *sid;
1437 sid = dom_sid_add_rid(mem_ctx, domain_sid, 512);
1439 printf("testing AddAliasMember\n");
1440 r.in.alias_handle = alias_handle;
1443 status = dcerpc_samr_AddAliasMember(p, mem_ctx, &r);
1444 if (!NT_STATUS_IS_OK(status)) {
1445 printf("AddAliasMember failed - %s\n", nt_errstr(status));
1449 d.in.alias_handle = alias_handle;
1452 status = dcerpc_samr_DeleteAliasMember(p, mem_ctx, &d);
1453 if (!NT_STATUS_IS_OK(status)) {
1454 printf("DelAliasMember failed - %s\n", nt_errstr(status));
1461 static BOOL test_AddMultipleMembersToAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1462 struct policy_handle *alias_handle)
1464 struct samr_AddMultipleMembersToAlias a;
1465 struct samr_RemoveMultipleMembersFromAlias r;
1468 struct lsa_SidArray sids;
1470 printf("testing AddMultipleMembersToAlias\n");
1471 a.in.alias_handle = alias_handle;
1475 sids.sids = talloc_array(mem_ctx, struct lsa_SidPtr, 3);
1477 sids.sids[0].sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-1-2-3-1");
1478 sids.sids[1].sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-1-2-3-2");
1479 sids.sids[2].sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-1-2-3-3");
1481 status = dcerpc_samr_AddMultipleMembersToAlias(p, mem_ctx, &a);
1482 if (!NT_STATUS_IS_OK(status)) {
1483 printf("AddMultipleMembersToAlias failed - %s\n", nt_errstr(status));
1488 printf("testing RemoveMultipleMembersFromAlias\n");
1489 r.in.alias_handle = alias_handle;
1492 status = dcerpc_samr_RemoveMultipleMembersFromAlias(p, mem_ctx, &r);
1493 if (!NT_STATUS_IS_OK(status)) {
1494 printf("RemoveMultipleMembersFromAlias failed - %s\n", nt_errstr(status));
1498 /* strange! removing twice doesn't give any error */
1499 status = dcerpc_samr_RemoveMultipleMembersFromAlias(p, mem_ctx, &r);
1500 if (!NT_STATUS_IS_OK(status)) {
1501 printf("RemoveMultipleMembersFromAlias failed - %s\n", nt_errstr(status));
1505 /* but removing an alias that isn't there does */
1506 sids.sids[2].sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-1-2-3-4");
1508 status = dcerpc_samr_RemoveMultipleMembersFromAlias(p, mem_ctx, &r);
1509 if (!NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_NOT_FOUND, status)) {
1510 printf("RemoveMultipleMembersFromAlias failed - %s\n", nt_errstr(status));
1517 static BOOL test_TestPrivateFunctionsUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1518 struct policy_handle *user_handle)
1520 struct samr_TestPrivateFunctionsUser r;
1524 printf("Testing TestPrivateFunctionsUser\n");
1526 r.in.user_handle = user_handle;
1528 status = dcerpc_samr_TestPrivateFunctionsUser(p, mem_ctx, &r);
1529 if (!NT_STATUS_EQUAL(NT_STATUS_NOT_IMPLEMENTED, status)) {
1530 printf("TestPrivateFunctionsUser failed - %s\n", nt_errstr(status));
1538 static BOOL test_user_ops(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1539 struct policy_handle *user_handle,
1540 struct policy_handle *domain_handle,
1541 uint32_t base_acct_flags,
1542 const char *base_acct_name, enum torture_samr_choice which_ops)
1544 TALLOC_CTX *user_ctx;
1545 char *password = NULL;
1549 const uint32_t password_fields[] = {
1550 SAMR_FIELD_PASSWORD,
1551 SAMR_FIELD_PASSWORD2,
1552 SAMR_FIELD_PASSWORD | SAMR_FIELD_PASSWORD2,
1556 user_ctx = talloc_named(mem_ctx, 0, "test_user_ops per-user context");
1557 switch (which_ops) {
1558 case TORTURE_SAMR_USER_ATTRIBUTES:
1559 if (!test_QuerySecurity(p, user_ctx, user_handle)) {
1563 if (!test_QueryUserInfo(p, user_ctx, user_handle)) {
1567 if (!test_QueryUserInfo2(p, user_ctx, user_handle)) {
1571 if (!test_SetUserInfo(p, user_ctx, user_handle, base_acct_flags,
1576 if (!test_GetUserPwInfo(p, user_ctx, user_handle)) {
1580 if (!test_TestPrivateFunctionsUser(p, user_ctx, user_handle)) {
1584 if (!test_SetUserPass(p, user_ctx, user_handle, &password)) {
1588 case TORTURE_SAMR_PASSWORDS:
1589 for (i = 0; password_fields[i]; i++) {
1590 if (!test_SetUserPass_23(p, user_ctx, user_handle, password_fields[i], &password)) {
1594 /* check it was set right */
1595 if (!test_ChangePasswordUser3(p, user_ctx, base_acct_name, 0, &password, NULL, 0, False)) {
1600 for (i = 0; password_fields[i]; i++) {
1601 if (!test_SetUserPass_25(p, user_ctx, user_handle, password_fields[i], &password)) {
1605 /* check it was set right */
1606 if (!test_ChangePasswordUser3(p, user_ctx, base_acct_name, 0, &password, NULL, 0, False)) {
1611 if (!test_SetUserPassEx(p, user_ctx, user_handle, &password)) {
1615 if (!test_ChangePassword(p, user_ctx, base_acct_name, domain_handle, &password)) {
1619 case TORTURE_SAMR_OTHER:
1620 /* We just need the account to exist */
1623 talloc_free(user_ctx);
1627 static BOOL test_alias_ops(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1628 struct policy_handle *alias_handle,
1629 const struct dom_sid *domain_sid)
1633 if (!test_QuerySecurity(p, mem_ctx, alias_handle)) {
1637 if (!test_QueryAliasInfo(p, mem_ctx, alias_handle)) {
1641 if (!test_SetAliasInfo(p, mem_ctx, alias_handle)) {
1645 if (!test_AddMemberToAlias(p, mem_ctx, alias_handle, domain_sid)) {
1649 if (lp_parm_bool(-1, "target", "samba4", False)) {
1650 printf("skipping MultipleMembers Alias tests against Samba4\n");
1654 if (!test_AddMultipleMembersToAlias(p, mem_ctx, alias_handle)) {
1662 static BOOL test_DeleteUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1663 struct policy_handle *user_handle)
1665 struct samr_DeleteUser d;
1668 printf("Testing DeleteUser\n");
1670 d.in.user_handle = user_handle;
1671 d.out.user_handle = user_handle;
1673 status = dcerpc_samr_DeleteUser(p, mem_ctx, &d);
1674 if (!NT_STATUS_IS_OK(status)) {
1675 printf("DeleteUser failed - %s\n", nt_errstr(status));
1682 BOOL test_DeleteUser_byname(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1683 struct policy_handle *handle, const char *name)
1686 struct samr_DeleteUser d;
1687 struct policy_handle user_handle;
1690 status = test_LookupName(p, mem_ctx, handle, name, &rid);
1691 if (!NT_STATUS_IS_OK(status)) {
1695 status = test_OpenUser_byname(p, mem_ctx, handle, name, &user_handle);
1696 if (!NT_STATUS_IS_OK(status)) {
1700 d.in.user_handle = &user_handle;
1701 d.out.user_handle = &user_handle;
1702 status = dcerpc_samr_DeleteUser(p, mem_ctx, &d);
1703 if (!NT_STATUS_IS_OK(status)) {
1710 printf("DeleteUser_byname(%s) failed - %s\n", name, nt_errstr(status));
1715 static BOOL test_DeleteGroup_byname(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1716 struct policy_handle *handle, const char *name)
1719 struct samr_OpenGroup r;
1720 struct samr_DeleteDomainGroup d;
1721 struct policy_handle group_handle;
1724 status = test_LookupName(p, mem_ctx, handle, name, &rid);
1725 if (!NT_STATUS_IS_OK(status)) {
1729 r.in.domain_handle = handle;
1730 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1732 r.out.group_handle = &group_handle;
1733 status = dcerpc_samr_OpenGroup(p, mem_ctx, &r);
1734 if (!NT_STATUS_IS_OK(status)) {
1738 d.in.group_handle = &group_handle;
1739 d.out.group_handle = &group_handle;
1740 status = dcerpc_samr_DeleteDomainGroup(p, mem_ctx, &d);
1741 if (!NT_STATUS_IS_OK(status)) {
1748 printf("DeleteGroup_byname(%s) failed - %s\n", name, nt_errstr(status));
1753 static BOOL test_DeleteAlias_byname(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1754 struct policy_handle *domain_handle, const char *name)
1757 struct samr_OpenAlias r;
1758 struct samr_DeleteDomAlias d;
1759 struct policy_handle alias_handle;
1762 printf("testing DeleteAlias_byname\n");
1764 status = test_LookupName(p, mem_ctx, domain_handle, name, &rid);
1765 if (!NT_STATUS_IS_OK(status)) {
1769 r.in.domain_handle = domain_handle;
1770 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1772 r.out.alias_handle = &alias_handle;
1773 status = dcerpc_samr_OpenAlias(p, mem_ctx, &r);
1774 if (!NT_STATUS_IS_OK(status)) {
1778 d.in.alias_handle = &alias_handle;
1779 d.out.alias_handle = &alias_handle;
1780 status = dcerpc_samr_DeleteDomAlias(p, mem_ctx, &d);
1781 if (!NT_STATUS_IS_OK(status)) {
1788 printf("DeleteAlias_byname(%s) failed - %s\n", name, nt_errstr(status));
1792 static BOOL test_DeleteAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1793 struct policy_handle *alias_handle)
1795 struct samr_DeleteDomAlias d;
1798 printf("Testing DeleteAlias\n");
1800 d.in.alias_handle = alias_handle;
1801 d.out.alias_handle = alias_handle;
1803 status = dcerpc_samr_DeleteDomAlias(p, mem_ctx, &d);
1804 if (!NT_STATUS_IS_OK(status)) {
1805 printf("DeleteAlias failed - %s\n", nt_errstr(status));
1812 static BOOL test_CreateAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1813 struct policy_handle *domain_handle,
1814 struct policy_handle *alias_handle,
1815 const struct dom_sid *domain_sid)
1818 struct samr_CreateDomAlias r;
1819 struct lsa_String name;
1823 init_lsa_String(&name, TEST_ALIASNAME);
1824 r.in.domain_handle = domain_handle;
1825 r.in.alias_name = &name;
1826 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1827 r.out.alias_handle = alias_handle;
1830 printf("Testing CreateAlias (%s)\n", r.in.alias_name->string);
1832 status = dcerpc_samr_CreateDomAlias(p, mem_ctx, &r);
1834 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
1835 printf("Server refused create of '%s'\n", r.in.alias_name->string);
1839 if (NT_STATUS_EQUAL(status, NT_STATUS_ALIAS_EXISTS)) {
1840 if (!test_DeleteAlias_byname(p, mem_ctx, domain_handle, r.in.alias_name->string)) {
1843 status = dcerpc_samr_CreateDomAlias(p, mem_ctx, &r);
1846 if (!NT_STATUS_IS_OK(status)) {
1847 printf("CreateAlias failed - %s\n", nt_errstr(status));
1851 if (!test_alias_ops(p, mem_ctx, alias_handle, domain_sid)) {
1858 static BOOL test_ChangePassword(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1859 const char *acct_name,
1860 struct policy_handle *domain_handle, char **password)
1868 if (!test_ChangePasswordUser(p, mem_ctx, acct_name, domain_handle, password)) {
1872 if (!test_ChangePasswordUser2(p, mem_ctx, acct_name, domain_handle, password)) {
1876 if (!test_OemChangePasswordUser2(p, mem_ctx, acct_name, domain_handle, password)) {
1880 /* test what happens when setting the old password again */
1881 if (!test_ChangePasswordUser3(p, mem_ctx, acct_name, 0, password, *password, 0, True)) {
1885 /* test what happens when picking a simple password (FIXME) */
1886 if (!test_ChangePasswordUser3(p, mem_ctx, acct_name, 0, password, "simple", 0, True)) {
1890 /* set samr_SetDomainInfo level 1 with min_length 5 */
1892 struct samr_QueryDomainInfo r;
1893 struct samr_SetDomainInfo s;
1894 uint16_t len_old, len;
1899 r.in.domain_handle = domain_handle;
1902 printf("testing samr_QueryDomainInfo level 1\n");
1903 status = dcerpc_samr_QueryDomainInfo(p, mem_ctx, &r);
1904 if (!NT_STATUS_IS_OK(status)) {
1908 s.in.domain_handle = domain_handle;
1910 s.in.info = r.out.info;
1912 len_old = s.in.info->info1.min_password_length;
1913 s.in.info->info1.min_password_length = len;
1915 printf("testing samr_SetDomainInfo level 1\n");
1916 status = dcerpc_samr_SetDomainInfo(p, mem_ctx, &s);
1917 if (!NT_STATUS_IS_OK(status)) {
1921 printf("calling test_ChangePasswordUser3 with too short password\n");
1923 if (!test_ChangePasswordUser3(p, mem_ctx, acct_name, len - 1, password, NULL, 0, True)) {
1927 s.in.info->info1.min_password_length = len_old;
1929 printf("testing samr_SetDomainInfo level 1\n");
1930 status = dcerpc_samr_SetDomainInfo(p, mem_ctx, &s);
1931 if (!NT_STATUS_IS_OK(status)) {
1939 struct samr_OpenUser r;
1940 struct samr_QueryUserInfo q;
1941 struct samr_LookupNames n;
1942 struct policy_handle user_handle;
1944 n.in.domain_handle = domain_handle;
1946 n.in.names = talloc_array(mem_ctx, struct lsa_String, 1);
1947 n.in.names[0].string = acct_name;
1949 status = dcerpc_samr_LookupNames(p, mem_ctx, &n);
1950 if (!NT_STATUS_IS_OK(status)) {
1951 printf("LookupNames failed - %s\n", nt_errstr(status));
1955 r.in.domain_handle = domain_handle;
1956 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1957 r.in.rid = n.out.rids.ids[0];
1958 r.out.user_handle = &user_handle;
1960 status = dcerpc_samr_OpenUser(p, mem_ctx, &r);
1961 if (!NT_STATUS_IS_OK(status)) {
1962 printf("OpenUser(%u) failed - %s\n", n.out.rids.ids[0], nt_errstr(status));
1966 q.in.user_handle = &user_handle;
1969 status = dcerpc_samr_QueryUserInfo(p, mem_ctx, &q);
1970 if (!NT_STATUS_IS_OK(status)) {
1971 printf("QueryUserInfo failed - %s\n", nt_errstr(status));
1975 printf("calling test_ChangePasswordUser3 with too early password change\n");
1977 if (!test_ChangePasswordUser3(p, mem_ctx, acct_name, 0, password, NULL,
1978 q.out.info->info5.last_password_change, True)) {
1985 /* we change passwords twice - this has the effect of verifying
1986 they were changed correctly for the final call */
1987 if (!test_ChangePasswordUser3(p, mem_ctx, acct_name, 0, password, NULL, 0, True)) {
1991 if (!test_ChangePasswordUser3(p, mem_ctx, acct_name, 0, password, NULL, 0, True)) {
1998 static BOOL test_CreateUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1999 struct policy_handle *domain_handle,
2000 struct policy_handle *user_handle_out,
2001 enum torture_samr_choice which_ops)
2004 TALLOC_CTX *user_ctx;
2007 struct samr_CreateUser r;
2008 struct samr_QueryUserInfo q;
2009 struct samr_DeleteUser d;
2012 /* This call creates a 'normal' account - check that it really does */
2013 const uint32_t acct_flags = ACB_NORMAL;
2014 struct lsa_String name;
2017 struct policy_handle user_handle;
2018 user_ctx = talloc_named(mem_ctx, 0, "test_CreateUser2 per-user context");
2019 init_lsa_String(&name, TEST_ACCOUNT_NAME);
2021 r.in.domain_handle = domain_handle;
2022 r.in.account_name = &name;
2023 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
2024 r.out.user_handle = &user_handle;
2027 printf("Testing CreateUser(%s)\n", r.in.account_name->string);
2029 status = dcerpc_samr_CreateUser(p, user_ctx, &r);
2031 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
2032 printf("Server refused create of '%s': %s\n", r.in.account_name->string, nt_errstr(status));
2033 talloc_free(user_ctx);
2037 if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
2038 if (!test_DeleteUser_byname(p, user_ctx, domain_handle, r.in.account_name->string)) {
2039 talloc_free(user_ctx);
2042 status = dcerpc_samr_CreateUser(p, user_ctx, &r);
2044 if (!NT_STATUS_IS_OK(status)) {
2045 talloc_free(user_ctx);
2046 printf("CreateUser failed - %s\n", nt_errstr(status));
2049 q.in.user_handle = &user_handle;
2052 status = dcerpc_samr_QueryUserInfo(p, user_ctx, &q);
2053 if (!NT_STATUS_IS_OK(status)) {
2054 printf("QueryUserInfo level %u failed - %s\n",
2055 q.in.level, nt_errstr(status));
2058 if ((q.out.info->info16.acct_flags & acct_flags) != acct_flags) {
2059 printf("QuerUserInfo level 16 failed, it returned 0x%08x when we expected flags of 0x%08x\n",
2060 q.out.info->info16.acct_flags,
2066 if (!test_user_ops(p, user_ctx, &user_handle, domain_handle,
2067 acct_flags, name.string, which_ops)) {
2071 if (user_handle_out) {
2072 *user_handle_out = user_handle;
2074 printf("Testing DeleteUser (createuser test)\n");
2076 d.in.user_handle = &user_handle;
2077 d.out.user_handle = &user_handle;
2079 status = dcerpc_samr_DeleteUser(p, user_ctx, &d);
2080 if (!NT_STATUS_IS_OK(status)) {
2081 printf("DeleteUser failed - %s\n", nt_errstr(status));
2088 talloc_free(user_ctx);
2094 static BOOL test_CreateUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2095 struct policy_handle *domain_handle, enum torture_samr_choice which_ops)
2098 struct samr_CreateUser2 r;
2099 struct samr_QueryUserInfo q;
2100 struct samr_DeleteUser d;
2101 struct policy_handle user_handle;
2103 struct lsa_String name;
2108 uint32_t acct_flags;
2109 const char *account_name;
2111 } account_types[] = {
2112 { ACB_NORMAL, TEST_ACCOUNT_NAME, NT_STATUS_OK },
2113 { ACB_NORMAL | ACB_DISABLED, TEST_ACCOUNT_NAME, NT_STATUS_INVALID_PARAMETER },
2114 { ACB_NORMAL | ACB_PWNOEXP, TEST_ACCOUNT_NAME, NT_STATUS_INVALID_PARAMETER },
2115 { ACB_WSTRUST, TEST_MACHINENAME, NT_STATUS_OK },
2116 { ACB_WSTRUST | ACB_DISABLED, TEST_MACHINENAME, NT_STATUS_INVALID_PARAMETER },
2117 { ACB_WSTRUST | ACB_PWNOEXP, TEST_MACHINENAME, NT_STATUS_INVALID_PARAMETER },
2118 { ACB_SVRTRUST, TEST_MACHINENAME, NT_STATUS_OK },
2119 { ACB_SVRTRUST | ACB_DISABLED, TEST_MACHINENAME, NT_STATUS_INVALID_PARAMETER },
2120 { ACB_SVRTRUST | ACB_PWNOEXP, TEST_MACHINENAME, NT_STATUS_INVALID_PARAMETER },
2121 { ACB_DOMTRUST, TEST_DOMAINNAME, NT_STATUS_OK },
2122 { ACB_DOMTRUST | ACB_DISABLED, TEST_DOMAINNAME, NT_STATUS_INVALID_PARAMETER },
2123 { ACB_DOMTRUST | ACB_PWNOEXP, TEST_DOMAINNAME, NT_STATUS_INVALID_PARAMETER },
2124 { 0, TEST_ACCOUNT_NAME, NT_STATUS_INVALID_PARAMETER },
2125 { ACB_DISABLED, TEST_ACCOUNT_NAME, NT_STATUS_INVALID_PARAMETER },
2126 { 0, NULL, NT_STATUS_INVALID_PARAMETER }
2129 for (i = 0; account_types[i].account_name; i++) {
2130 TALLOC_CTX *user_ctx;
2131 uint32_t acct_flags = account_types[i].acct_flags;
2132 uint32_t access_granted;
2133 user_ctx = talloc_named(mem_ctx, 0, "test_CreateUser2 per-user context");
2134 init_lsa_String(&name, account_types[i].account_name);
2136 r.in.domain_handle = domain_handle;
2137 r.in.account_name = &name;
2138 r.in.acct_flags = acct_flags;
2139 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
2140 r.out.user_handle = &user_handle;
2141 r.out.access_granted = &access_granted;
2144 printf("Testing CreateUser2(%s, 0x%x)\n", r.in.account_name->string, acct_flags);
2146 status = dcerpc_samr_CreateUser2(p, user_ctx, &r);
2148 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
2149 talloc_free(user_ctx);
2150 printf("Server refused create of '%s'\n", r.in.account_name->string);
2153 } else if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
2154 if (!test_DeleteUser_byname(p, user_ctx, domain_handle, r.in.account_name->string)) {
2155 talloc_free(user_ctx);
2159 status = dcerpc_samr_CreateUser2(p, user_ctx, &r);
2162 if (!NT_STATUS_EQUAL(status, account_types[i].nt_status)) {
2163 printf("CreateUser2 failed gave incorrect error return - %s (should be %s)\n",
2164 nt_errstr(status), nt_errstr(account_types[i].nt_status));
2168 if (NT_STATUS_IS_OK(status)) {
2169 q.in.user_handle = &user_handle;
2172 status = dcerpc_samr_QueryUserInfo(p, user_ctx, &q);
2173 if (!NT_STATUS_IS_OK(status)) {
2174 printf("QueryUserInfo level %u failed - %s\n",
2175 q.in.level, nt_errstr(status));
2178 if ((q.out.info->info16.acct_flags & acct_flags) != acct_flags) {
2179 printf("QuerUserInfo level 16 failed, it returned 0x%08x when we expected flags of 0x%08x\n",
2180 q.out.info->info16.acct_flags,
2186 if (!test_user_ops(p, user_ctx, &user_handle, domain_handle,
2187 acct_flags, name.string, which_ops)) {
2191 printf("Testing DeleteUser (createuser2 test)\n");
2193 d.in.user_handle = &user_handle;
2194 d.out.user_handle = &user_handle;
2196 status = dcerpc_samr_DeleteUser(p, user_ctx, &d);
2197 if (!NT_STATUS_IS_OK(status)) {
2198 printf("DeleteUser failed - %s\n", nt_errstr(status));
2202 talloc_free(user_ctx);
2208 static BOOL test_QueryAliasInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2209 struct policy_handle *handle)
2212 struct samr_QueryAliasInfo r;
2213 uint16_t levels[] = {1, 2, 3};
2217 for (i=0;i<ARRAY_SIZE(levels);i++) {
2218 printf("Testing QueryAliasInfo level %u\n", levels[i]);
2220 r.in.alias_handle = handle;
2221 r.in.level = levels[i];
2223 status = dcerpc_samr_QueryAliasInfo(p, mem_ctx, &r);
2224 if (!NT_STATUS_IS_OK(status)) {
2225 printf("QueryAliasInfo level %u failed - %s\n",
2226 levels[i], nt_errstr(status));
2234 static BOOL test_QueryGroupInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2235 struct policy_handle *handle)
2238 struct samr_QueryGroupInfo r;
2239 uint16_t levels[] = {1, 2, 3, 4, 5};
2243 for (i=0;i<ARRAY_SIZE(levels);i++) {
2244 printf("Testing QueryGroupInfo level %u\n", levels[i]);
2246 r.in.group_handle = handle;
2247 r.in.level = levels[i];
2249 status = dcerpc_samr_QueryGroupInfo(p, mem_ctx, &r);
2250 if (!NT_STATUS_IS_OK(status)) {
2251 printf("QueryGroupInfo level %u failed - %s\n",
2252 levels[i], nt_errstr(status));
2260 static BOOL test_QueryGroupMember(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2261 struct policy_handle *handle)
2264 struct samr_QueryGroupMember r;
2267 printf("Testing QueryGroupMember\n");
2269 r.in.group_handle = handle;
2271 status = dcerpc_samr_QueryGroupMember(p, mem_ctx, &r);
2272 if (!NT_STATUS_IS_OK(status)) {
2273 printf("QueryGroupInfo failed - %s\n", nt_errstr(status));
2281 static BOOL test_SetGroupInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2282 struct policy_handle *handle)
2285 struct samr_QueryGroupInfo r;
2286 struct samr_SetGroupInfo s;
2287 uint16_t levels[] = {1, 2, 3, 4};
2288 uint16_t set_ok[] = {0, 1, 1, 1};
2292 for (i=0;i<ARRAY_SIZE(levels);i++) {
2293 printf("Testing QueryGroupInfo level %u\n", levels[i]);
2295 r.in.group_handle = handle;
2296 r.in.level = levels[i];
2298 status = dcerpc_samr_QueryGroupInfo(p, mem_ctx, &r);
2299 if (!NT_STATUS_IS_OK(status)) {
2300 printf("QueryGroupInfo level %u failed - %s\n",
2301 levels[i], nt_errstr(status));
2305 printf("Testing SetGroupInfo level %u\n", levels[i]);
2307 s.in.group_handle = handle;
2308 s.in.level = levels[i];
2309 s.in.info = r.out.info;
2312 /* disabled this, as it changes the name only from the point of view of samr,
2313 but leaves the name from the point of view of w2k3 internals (and ldap). This means
2314 the name is still reserved, so creating the old name fails, but deleting by the old name
2316 if (s.in.level == 2) {
2317 init_lsa_String(&s.in.info->string, "NewName");
2321 if (s.in.level == 4) {
2322 init_lsa_String(&s.in.info->description, "test description");
2325 status = dcerpc_samr_SetGroupInfo(p, mem_ctx, &s);
2327 if (!NT_STATUS_IS_OK(status)) {
2328 printf("SetGroupInfo level %u failed - %s\n",
2329 r.in.level, nt_errstr(status));
2334 if (!NT_STATUS_EQUAL(NT_STATUS_INVALID_INFO_CLASS, status)) {
2335 printf("SetGroupInfo level %u gave %s - should have been NT_STATUS_INVALID_INFO_CLASS\n",
2336 r.in.level, nt_errstr(status));
2346 static BOOL test_QueryUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2347 struct policy_handle *handle)
2350 struct samr_QueryUserInfo r;
2351 uint16_t levels[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10,
2352 11, 12, 13, 14, 16, 17, 20, 21};
2356 for (i=0;i<ARRAY_SIZE(levels);i++) {
2357 printf("Testing QueryUserInfo level %u\n", levels[i]);
2359 r.in.user_handle = handle;
2360 r.in.level = levels[i];
2362 status = dcerpc_samr_QueryUserInfo(p, mem_ctx, &r);
2363 if (!NT_STATUS_IS_OK(status)) {
2364 printf("QueryUserInfo level %u failed - %s\n",
2365 levels[i], nt_errstr(status));
2373 static BOOL test_QueryUserInfo2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2374 struct policy_handle *handle)
2377 struct samr_QueryUserInfo2 r;
2378 uint16_t levels[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10,
2379 11, 12, 13, 14, 16, 17, 20, 21};
2383 for (i=0;i<ARRAY_SIZE(levels);i++) {
2384 printf("Testing QueryUserInfo2 level %u\n", levels[i]);
2386 r.in.user_handle = handle;
2387 r.in.level = levels[i];
2389 status = dcerpc_samr_QueryUserInfo2(p, mem_ctx, &r);
2390 if (!NT_STATUS_IS_OK(status)) {
2391 printf("QueryUserInfo2 level %u failed - %s\n",
2392 levels[i], nt_errstr(status));
2400 static BOOL test_OpenUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2401 struct policy_handle *handle, uint32_t rid)
2404 struct samr_OpenUser r;
2405 struct policy_handle user_handle;
2408 printf("Testing OpenUser(%u)\n", rid);
2410 r.in.domain_handle = handle;
2411 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
2413 r.out.user_handle = &user_handle;
2415 status = dcerpc_samr_OpenUser(p, mem_ctx, &r);
2416 if (!NT_STATUS_IS_OK(status)) {
2417 printf("OpenUser(%u) failed - %s\n", rid, nt_errstr(status));
2421 if (!test_QuerySecurity(p, mem_ctx, &user_handle)) {
2425 if (!test_QueryUserInfo(p, mem_ctx, &user_handle)) {
2429 if (!test_QueryUserInfo2(p, mem_ctx, &user_handle)) {
2433 if (!test_GetUserPwInfo(p, mem_ctx, &user_handle)) {
2437 if (!test_GetGroupsForUser(p,mem_ctx, &user_handle)) {
2441 if (!test_samr_handle_Close(p, mem_ctx, &user_handle)) {
2448 static BOOL test_OpenGroup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2449 struct policy_handle *handle, uint32_t rid)
2452 struct samr_OpenGroup r;
2453 struct policy_handle group_handle;
2456 printf("Testing OpenGroup(%u)\n", rid);
2458 r.in.domain_handle = handle;
2459 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
2461 r.out.group_handle = &group_handle;
2463 status = dcerpc_samr_OpenGroup(p, mem_ctx, &r);
2464 if (!NT_STATUS_IS_OK(status)) {
2465 printf("OpenGroup(%u) failed - %s\n", rid, nt_errstr(status));
2469 if (!test_QuerySecurity(p, mem_ctx, &group_handle)) {
2473 if (!test_QueryGroupInfo(p, mem_ctx, &group_handle)) {
2477 if (!test_QueryGroupMember(p, mem_ctx, &group_handle)) {
2481 if (!test_samr_handle_Close(p, mem_ctx, &group_handle)) {
2488 static BOOL test_OpenAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2489 struct policy_handle *handle, uint32_t rid)
2492 struct samr_OpenAlias r;
2493 struct policy_handle alias_handle;
2496 printf("Testing OpenAlias(%u)\n", rid);
2498 r.in.domain_handle = handle;
2499 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
2501 r.out.alias_handle = &alias_handle;
2503 status = dcerpc_samr_OpenAlias(p, mem_ctx, &r);
2504 if (!NT_STATUS_IS_OK(status)) {
2505 printf("OpenAlias(%u) failed - %s\n", rid, nt_errstr(status));
2509 if (!test_QuerySecurity(p, mem_ctx, &alias_handle)) {
2513 if (!test_QueryAliasInfo(p, mem_ctx, &alias_handle)) {
2517 if (!test_GetMembersInAlias(p, mem_ctx, &alias_handle)) {
2521 if (!test_samr_handle_Close(p, mem_ctx, &alias_handle)) {
2528 static BOOL test_EnumDomainUsers(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2529 struct policy_handle *handle)
2532 struct samr_EnumDomainUsers r;
2533 uint32_t resume_handle=0;
2536 struct samr_LookupNames n;
2537 struct samr_LookupRids lr ;
2539 printf("Testing EnumDomainUsers\n");
2541 r.in.domain_handle = handle;
2542 r.in.resume_handle = &resume_handle;
2543 r.in.acct_flags = 0;
2544 r.in.max_size = (uint32_t)-1;
2545 r.out.resume_handle = &resume_handle;
2547 status = dcerpc_samr_EnumDomainUsers(p, mem_ctx, &r);
2548 if (!NT_STATUS_IS_OK(status)) {
2549 printf("EnumDomainUsers failed - %s\n", nt_errstr(status));
2557 if (r.out.sam->count == 0) {
2561 for (i=0;i<r.out.sam->count;i++) {
2562 if (!test_OpenUser(p, mem_ctx, handle, r.out.sam->entries[i].idx)) {
2567 printf("Testing LookupNames\n");
2568 n.in.domain_handle = handle;
2569 n.in.num_names = r.out.sam->count;
2570 n.in.names = talloc_array(mem_ctx, struct lsa_String, r.out.sam->count);
2571 for (i=0;i<r.out.sam->count;i++) {
2572 n.in.names[i].string = r.out.sam->entries[i].name.string;
2574 status = dcerpc_samr_LookupNames(p, mem_ctx, &n);
2575 if (!NT_STATUS_IS_OK(status)) {
2576 printf("LookupNames failed - %s\n", nt_errstr(status));
2581 printf("Testing LookupRids\n");
2582 lr.in.domain_handle = handle;
2583 lr.in.num_rids = r.out.sam->count;
2584 lr.in.rids = talloc_array(mem_ctx, uint32_t, r.out.sam->count);
2585 for (i=0;i<r.out.sam->count;i++) {
2586 lr.in.rids[i] = r.out.sam->entries[i].idx;
2588 status = dcerpc_samr_LookupRids(p, mem_ctx, &lr);
2589 if (!NT_STATUS_IS_OK(status)) {
2590 printf("LookupRids failed - %s\n", nt_errstr(status));
2598 try blasting the server with a bunch of sync requests
2600 static BOOL test_EnumDomainUsers_async(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2601 struct policy_handle *handle)
2604 struct samr_EnumDomainUsers r;
2605 uint32_t resume_handle=0;
2607 #define ASYNC_COUNT 100
2608 struct rpc_request *req[ASYNC_COUNT];
2610 if (!lp_parm_bool(-1, "torture", "dangerous", False)) {
2611 printf("samr async test disabled - enable dangerous tests to use\n");
2615 printf("Testing EnumDomainUsers_async\n");
2617 r.in.domain_handle = handle;
2618 r.in.resume_handle = &resume_handle;
2619 r.in.acct_flags = 0;
2620 r.in.max_size = (uint32_t)-1;
2621 r.out.resume_handle = &resume_handle;
2623 for (i=0;i<ASYNC_COUNT;i++) {
2624 req[i] = dcerpc_samr_EnumDomainUsers_send(p, mem_ctx, &r);
2627 for (i=0;i<ASYNC_COUNT;i++) {
2628 status = dcerpc_ndr_request_recv(req[i]);
2629 if (!NT_STATUS_IS_OK(status)) {
2630 printf("EnumDomainUsers[%d] failed - %s\n",
2631 i, nt_errstr(status));
2636 printf("%d async requests OK\n", i);
2641 static BOOL test_EnumDomainGroups(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2642 struct policy_handle *handle)
2645 struct samr_EnumDomainGroups r;
2646 uint32_t resume_handle=0;
2650 printf("Testing EnumDomainGroups\n");
2652 r.in.domain_handle = handle;
2653 r.in.resume_handle = &resume_handle;
2654 r.in.max_size = (uint32_t)-1;
2655 r.out.resume_handle = &resume_handle;
2657 status = dcerpc_samr_EnumDomainGroups(p, mem_ctx, &r);
2658 if (!NT_STATUS_IS_OK(status)) {
2659 printf("EnumDomainGroups failed - %s\n", nt_errstr(status));
2667 for (i=0;i<r.out.sam->count;i++) {
2668 if (!test_OpenGroup(p, mem_ctx, handle, r.out.sam->entries[i].idx)) {
2676 static BOOL test_EnumDomainAliases(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2677 struct policy_handle *handle)
2680 struct samr_EnumDomainAliases r;
2681 uint32_t resume_handle=0;
2685 printf("Testing EnumDomainAliases\n");
2687 r.in.domain_handle = handle;
2688 r.in.resume_handle = &resume_handle;
2689 r.in.acct_flags = (uint32_t)-1;
2690 r.out.resume_handle = &resume_handle;
2692 status = dcerpc_samr_EnumDomainAliases(p, mem_ctx, &r);
2693 if (!NT_STATUS_IS_OK(status)) {
2694 printf("EnumDomainAliases failed - %s\n", nt_errstr(status));
2702 for (i=0;i<r.out.sam->count;i++) {
2703 if (!test_OpenAlias(p, mem_ctx, handle, r.out.sam->entries[i].idx)) {
2711 static BOOL test_GetDisplayEnumerationIndex(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2712 struct policy_handle *handle)
2715 struct samr_GetDisplayEnumerationIndex r;
2717 uint16_t levels[] = {1, 2, 3, 4, 5};
2718 uint16_t ok_lvl[] = {1, 1, 1, 0, 0};
2721 for (i=0;i<ARRAY_SIZE(levels);i++) {
2722 printf("Testing GetDisplayEnumerationIndex level %u\n", levels[i]);
2724 r.in.domain_handle = handle;
2725 r.in.level = levels[i];
2726 init_lsa_String(&r.in.name, TEST_ACCOUNT_NAME);
2728 status = dcerpc_samr_GetDisplayEnumerationIndex(p, mem_ctx, &r);
2731 !NT_STATUS_IS_OK(status) &&
2732 !NT_STATUS_EQUAL(NT_STATUS_NO_MORE_ENTRIES, status)) {
2733 printf("GetDisplayEnumerationIndex level %u failed - %s\n",
2734 levels[i], nt_errstr(status));
2738 init_lsa_String(&r.in.name, "zzzzzzzz");
2740 status = dcerpc_samr_GetDisplayEnumerationIndex(p, mem_ctx, &r);
2742 if (ok_lvl[i] && !NT_STATUS_EQUAL(NT_STATUS_NO_MORE_ENTRIES, status)) {
2743 printf("GetDisplayEnumerationIndex level %u failed - %s\n",
2744 levels[i], nt_errstr(status));
2752 static BOOL test_GetDisplayEnumerationIndex2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2753 struct policy_handle *handle)
2756 struct samr_GetDisplayEnumerationIndex2 r;
2758 uint16_t levels[] = {1, 2, 3, 4, 5};
2759 uint16_t ok_lvl[] = {1, 1, 1, 0, 0};
2762 for (i=0;i<ARRAY_SIZE(levels);i++) {
2763 printf("Testing GetDisplayEnumerationIndex2 level %u\n", levels[i]);
2765 r.in.domain_handle = handle;
2766 r.in.level = levels[i];
2767 init_lsa_String(&r.in.name, TEST_ACCOUNT_NAME);
2769 status = dcerpc_samr_GetDisplayEnumerationIndex2(p, mem_ctx, &r);
2771 !NT_STATUS_IS_OK(status) &&
2772 !NT_STATUS_EQUAL(NT_STATUS_NO_MORE_ENTRIES, status)) {
2773 printf("GetDisplayEnumerationIndex2 level %u failed - %s\n",
2774 levels[i], nt_errstr(status));
2778 init_lsa_String(&r.in.name, "zzzzzzzz");
2780 status = dcerpc_samr_GetDisplayEnumerationIndex2(p, mem_ctx, &r);
2781 if (ok_lvl[i] && !NT_STATUS_EQUAL(NT_STATUS_NO_MORE_ENTRIES, status)) {
2782 printf("GetDisplayEnumerationIndex2 level %u failed - %s\n",
2783 levels[i], nt_errstr(status));
2791 static BOOL test_QueryDisplayInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2792 struct policy_handle *handle)
2795 struct samr_QueryDisplayInfo r;
2797 uint16_t levels[] = {1, 2, 3, 4, 5};
2800 for (i=0;i<ARRAY_SIZE(levels);i++) {
2801 printf("Testing QueryDisplayInfo level %u\n", levels[i]);
2803 r.in.domain_handle = handle;
2804 r.in.level = levels[i];
2806 r.in.max_entries = 1000;
2807 r.in.buf_size = (uint32_t)-1;
2809 status = dcerpc_samr_QueryDisplayInfo(p, mem_ctx, &r);
2810 if (!NT_STATUS_IS_OK(status)) {
2811 printf("QueryDisplayInfo level %u failed - %s\n",
2812 levels[i], nt_errstr(status));
2820 static BOOL test_QueryDisplayInfo2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2821 struct policy_handle *handle)
2824 struct samr_QueryDisplayInfo2 r;
2826 uint16_t levels[] = {1, 2, 3, 4, 5};
2829 for (i=0;i<ARRAY_SIZE(levels);i++) {
2830 printf("Testing QueryDisplayInfo2 level %u\n", levels[i]);
2832 r.in.domain_handle = handle;
2833 r.in.level = levels[i];
2835 r.in.max_entries = 1000;
2836 r.in.buf_size = (uint32_t)-1;
2838 status = dcerpc_samr_QueryDisplayInfo2(p, mem_ctx, &r);
2839 if (!NT_STATUS_IS_OK(status)) {
2840 printf("QueryDisplayInfo2 level %u failed - %s\n",
2841 levels[i], nt_errstr(status));
2849 static BOOL test_QueryDisplayInfo3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2850 struct policy_handle *handle)
2853 struct samr_QueryDisplayInfo3 r;
2855 uint16_t levels[] = {1, 2, 3, 4, 5};
2858 for (i=0;i<ARRAY_SIZE(levels);i++) {
2859 printf("Testing QueryDisplayInfo3 level %u\n", levels[i]);
2861 r.in.domain_handle = handle;
2862 r.in.level = levels[i];
2864 r.in.max_entries = 1000;
2865 r.in.buf_size = (uint32_t)-1;
2867 status = dcerpc_samr_QueryDisplayInfo3(p, mem_ctx, &r);
2868 if (!NT_STATUS_IS_OK(status)) {
2869 printf("QueryDisplayInfo3 level %u failed - %s\n",
2870 levels[i], nt_errstr(status));
2879 static BOOL test_QueryDisplayInfo_continue(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2880 struct policy_handle *handle)
2883 struct samr_QueryDisplayInfo r;
2886 printf("Testing QueryDisplayInfo continuation\n");
2888 r.in.domain_handle = handle;
2891 r.in.max_entries = 1;
2892 r.in.buf_size = (uint32_t)-1;
2895 status = dcerpc_samr_QueryDisplayInfo(p, mem_ctx, &r);
2896 if (NT_STATUS_IS_OK(status) && r.out.returned_size != 0) {
2897 if (r.out.info.info1.entries[0].idx != r.in.start_idx + 1) {
2898 printf("expected idx %d but got %d\n",
2900 r.out.info.info1.entries[0].idx);
2904 if (!NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES) &&
2905 !NT_STATUS_IS_OK(status)) {
2906 printf("QueryDisplayInfo level %u failed - %s\n",
2907 r.in.level, nt_errstr(status));
2912 } while ((NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES) ||
2913 NT_STATUS_IS_OK(status)) &&
2914 r.out.returned_size != 0);
2919 static BOOL test_QueryDomainInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2920 struct policy_handle *handle)
2923 struct samr_QueryDomainInfo r;
2924 struct samr_SetDomainInfo s;
2925 uint16_t levels[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13};
2926 uint16_t set_ok[] = {1, 0, 1, 1, 0, 1, 1, 0, 1, 0, 1, 0};
2929 const char *domain_comment = talloc_asprintf(mem_ctx,
2930 "Tortured by Samba4 RPC-SAMR: %s",
2931 timestring(mem_ctx, time(NULL)));
2933 s.in.domain_handle = handle;
2935 s.in.info = talloc(mem_ctx, union samr_DomainInfo);
2937 s.in.info->info4.comment.string = domain_comment;
2938 status = dcerpc_samr_SetDomainInfo(p, mem_ctx, &s);
2939 if (!NT_STATUS_IS_OK(status)) {
2940 printf("SetDomainInfo level %u (set comment) failed - %s\n",
2941 r.in.level, nt_errstr(status));
2945 for (i=0;i<ARRAY_SIZE(levels);i++) {
2946 printf("Testing QueryDomainInfo level %u\n", levels[i]);
2948 r.in.domain_handle = handle;
2949 r.in.level = levels[i];
2951 status = dcerpc_samr_QueryDomainInfo(p, mem_ctx, &r);
2952 if (!NT_STATUS_IS_OK(status)) {
2953 printf("QueryDomainInfo level %u failed - %s\n",
2954 r.in.level, nt_errstr(status));
2959 switch (levels[i]) {
2961 if (strcmp(r.out.info->info2.comment.string, domain_comment) != 0) {
2962 printf("QueryDomainInfo level %u returned different comment (%s, expected %s)\n",
2963 levels[i], r.out.info->info2.comment.string, domain_comment);
2968 if (strcmp(r.out.info->info4.comment.string, domain_comment) != 0) {
2969 printf("QueryDomainInfo level %u returned different comment (%s, expected %s)\n",
2970 levels[i], r.out.info->info4.comment.string, domain_comment);
2975 if (strcmp(r.out.info->info11.info2.comment.string, domain_comment) != 0) {
2976 printf("QueryDomainInfo level %u returned different comment (%s, expected %s)\n",
2977 levels[i], r.out.info->info11.info2.comment.string, domain_comment);
2983 printf("Testing SetDomainInfo level %u\n", levels[i]);
2985 s.in.domain_handle = handle;
2986 s.in.level = levels[i];
2987 s.in.info = r.out.info;
2989 status = dcerpc_samr_SetDomainInfo(p, mem_ctx, &s);
2991 if (!NT_STATUS_IS_OK(status)) {
2992 printf("SetDomainInfo level %u failed - %s\n",
2993 r.in.level, nt_errstr(status));
2998 if (!NT_STATUS_EQUAL(NT_STATUS_INVALID_INFO_CLASS, status)) {
2999 printf("SetDomainInfo level %u gave %s - should have been NT_STATUS_INVALID_INFO_CLASS\n",
3000 r.in.level, nt_errstr(status));
3006 status = dcerpc_samr_QueryDomainInfo(p, mem_ctx, &r);
3007 if (!NT_STATUS_IS_OK(status)) {
3008 printf("QueryDomainInfo level %u failed - %s\n",
3009 r.in.level, nt_errstr(status));
3019 static BOOL test_QueryDomainInfo2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3020 struct policy_handle *handle)
3023 struct samr_QueryDomainInfo2 r;
3024 uint16_t levels[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13};
3028 for (i=0;i<ARRAY_SIZE(levels);i++) {
3029 printf("Testing QueryDomainInfo2 level %u\n", levels[i]);
3031 r.in.domain_handle = handle;
3032 r.in.level = levels[i];
3034 status = dcerpc_samr_QueryDomainInfo2(p, mem_ctx, &r);
3035 if (!NT_STATUS_IS_OK(status)) {
3036 printf("QueryDomainInfo2 level %u failed - %s\n",
3037 r.in.level, nt_errstr(status));
3046 /* Test whether querydispinfo level 5 and enumdomgroups return the same
3047 set of group names. */
3048 static BOOL test_GroupList(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3049 struct policy_handle *handle)
3051 struct samr_EnumDomainGroups q1;
3052 struct samr_QueryDisplayInfo q2;
3054 uint32_t resume_handle=0;
3059 const char **names = NULL;
3061 printf("Testing coherency of querydispinfo vs enumdomgroups\n");
3063 q1.in.domain_handle = handle;
3064 q1.in.resume_handle = &resume_handle;
3066 q1.out.resume_handle = &resume_handle;
3068 status = STATUS_MORE_ENTRIES;
3069 while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
3070 status = dcerpc_samr_EnumDomainGroups(p, mem_ctx, &q1);
3072 if (!NT_STATUS_IS_OK(status) &&
3073 !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES))
3076 for (i=0; i<q1.out.num_entries; i++) {
3077 add_string_to_array(mem_ctx,
3078 q1.out.sam->entries[i].name.string,
3079 &names, &num_names);
3083 if (!NT_STATUS_IS_OK(status)) {
3084 printf("EnumDomainGroups failed - %s\n", nt_errstr(status));
3092 q2.in.domain_handle = handle;
3094 q2.in.start_idx = 0;
3095 q2.in.max_entries = 5;
3096 q2.in.buf_size = (uint32_t)-1;
3098 status = STATUS_MORE_ENTRIES;
3099 while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
3100 status = dcerpc_samr_QueryDisplayInfo(p, mem_ctx, &q2);
3102 if (!NT_STATUS_IS_OK(status) &&
3103 !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES))
3106 for (i=0; i<q2.out.info.info5.count; i++) {
3108 const char *name = q2.out.info.info5.entries[i].account_name.string;
3110 for (j=0; j<num_names; j++) {
3111 if (names[j] == NULL)
3113 /* Hmm. No strequal in samba4 */
3114 if (strequal(names[j], name)) {
3122 printf("QueryDisplayInfo gave name [%s] that EnumDomainGroups did not\n",
3127 q2.in.start_idx += q2.out.info.info5.count;
3130 if (!NT_STATUS_IS_OK(status)) {
3131 printf("QueryDisplayInfo level 5 failed - %s\n",
3136 for (i=0; i<num_names; i++) {
3137 if (names[i] != NULL) {
3138 printf("EnumDomainGroups gave name [%s] that QueryDisplayInfo did not\n",
3147 static BOOL test_DeleteDomainGroup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3148 struct policy_handle *group_handle)
3150 struct samr_DeleteDomainGroup d;
3154 printf("Testing DeleteDomainGroup\n");
3156 d.in.group_handle = group_handle;
3157 d.out.group_handle = group_handle;
3159 status = dcerpc_samr_DeleteDomainGroup(p, mem_ctx, &d);
3160 if (!NT_STATUS_IS_OK(status)) {
3161 printf("DeleteDomainGroup failed - %s\n", nt_errstr(status));
3168 static BOOL test_TestPrivateFunctionsDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3169 struct policy_handle *domain_handle)
3171 struct samr_TestPrivateFunctionsDomain r;
3175 printf("Testing TestPrivateFunctionsDomain\n");
3177 r.in.domain_handle = domain_handle;
3179 status = dcerpc_samr_TestPrivateFunctionsDomain(p, mem_ctx, &r);
3180 if (!NT_STATUS_EQUAL(NT_STATUS_NOT_IMPLEMENTED, status)) {
3181 printf("TestPrivateFunctionsDomain failed - %s\n", nt_errstr(status));
3188 static BOOL test_RidToSid(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3189 struct dom_sid *domain_sid,
3190 struct policy_handle *domain_handle)
3192 struct samr_RidToSid r;
3195 struct dom_sid *calc_sid;
3196 int rids[] = { 0, 42, 512, 10200 };
3199 for (i=0;i<ARRAY_SIZE(rids);i++) {
3201 printf("Testing RidToSid\n");
3203 calc_sid = dom_sid_dup(mem_ctx, domain_sid);
3204 r.in.domain_handle = domain_handle;
3207 status = dcerpc_samr_RidToSid(p, mem_ctx, &r);
3208 if (!NT_STATUS_IS_OK(status)) {
3209 printf("RidToSid for %d failed - %s\n", rids[i], nt_errstr(status));
3212 calc_sid = dom_sid_add_rid(calc_sid, calc_sid, rids[i]);
3214 if (!dom_sid_equal(calc_sid, r.out.sid)) {
3215 printf("RidToSid for %d failed - got %s, expected %s\n", rids[i],
3216 dom_sid_string(mem_ctx, r.out.sid),
3217 dom_sid_string(mem_ctx, calc_sid));
3226 static BOOL test_GetBootKeyInformation(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3227 struct policy_handle *domain_handle)
3229 struct samr_GetBootKeyInformation r;
3233 printf("Testing GetBootKeyInformation\n");
3235 r.in.domain_handle = domain_handle;
3237 status = dcerpc_samr_GetBootKeyInformation(p, mem_ctx, &r);
3238 if (!NT_STATUS_IS_OK(status)) {
3239 /* w2k3 seems to fail this sometimes and pass it sometimes */
3240 printf("GetBootKeyInformation (ignored) - %s\n", nt_errstr(status));
3246 static BOOL test_AddGroupMember(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3247 struct policy_handle *domain_handle,
3248 struct policy_handle *group_handle)
3251 struct samr_AddGroupMember r;
3252 struct samr_DeleteGroupMember d;
3253 struct samr_QueryGroupMember q;
3254 struct samr_SetMemberAttributesOfGroup s;
3258 status = test_LookupName(p, mem_ctx, domain_handle, TEST_ACCOUNT_NAME, &rid);
3259 if (!NT_STATUS_IS_OK(status)) {
3260 printf("test_AddGroupMember looking up name " TEST_ACCOUNT_NAME " failed - %s\n", nt_errstr(status));
3264 r.in.group_handle = group_handle;
3266 r.in.flags = 0; /* ??? */
3268 printf("Testing AddGroupMember and DeleteGroupMember\n");
3270 d.in.group_handle = group_handle;
3273 status = dcerpc_samr_DeleteGroupMember(p, mem_ctx, &d);
3274 if (!NT_STATUS_EQUAL(NT_STATUS_MEMBER_NOT_IN_GROUP, status)) {
3275 printf("DeleteGroupMember gave %s - should be NT_STATUS_MEMBER_NOT_IN_GROUP\n",
3280 status = dcerpc_samr_AddGroupMember(p, mem_ctx, &r);
3281 if (!NT_STATUS_IS_OK(status)) {
3282 printf("AddGroupMember failed - %s\n", nt_errstr(status));
3286 status = dcerpc_samr_AddGroupMember(p, mem_ctx, &r);
3287 if (!NT_STATUS_EQUAL(NT_STATUS_MEMBER_IN_GROUP, status)) {
3288 printf("AddGroupMember gave %s - should be NT_STATUS_MEMBER_IN_GROUP\n",
3293 if (lp_parm_bool(-1, "target", "samba4", False)) {
3294 printf("skipping SetMemberAttributesOfGroup test against Samba4\n");
3296 /* this one is quite strange. I am using random inputs in the
3297 hope of triggering an error that might give us a clue */
3299 s.in.group_handle = group_handle;
3300 s.in.unknown1 = random();
3301 s.in.unknown2 = random();
3303 status = dcerpc_samr_SetMemberAttributesOfGroup(p, mem_ctx, &s);
3304 if (!NT_STATUS_IS_OK(status)) {
3305 printf("SetMemberAttributesOfGroup failed - %s\n", nt_errstr(status));
3310 q.in.group_handle = group_handle;
3312 status = dcerpc_samr_QueryGroupMember(p, mem_ctx, &q);
3313 if (!NT_STATUS_IS_OK(status)) {
3314 printf("QueryGroupMember failed - %s\n", nt_errstr(status));
3318 status = dcerpc_samr_DeleteGroupMember(p, mem_ctx, &d);
3319 if (!NT_STATUS_IS_OK(status)) {
3320 printf("DeleteGroupMember failed - %s\n", nt_errstr(status));
3324 status = dcerpc_samr_AddGroupMember(p, mem_ctx, &r);
3325 if (!NT_STATUS_IS_OK(status)) {
3326 printf("AddGroupMember failed - %s\n", nt_errstr(status));
3334 static BOOL test_CreateDomainGroup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3335 struct policy_handle *domain_handle, struct policy_handle *group_handle)
3338 struct samr_CreateDomainGroup r;
3340 struct lsa_String name;
3343 init_lsa_String(&name, TEST_GROUPNAME);
3345 r.in.domain_handle = domain_handle;
3347 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
3348 r.out.group_handle = group_handle;
3351 printf("Testing CreateDomainGroup(%s)\n", r.in.name->string);
3353 status = dcerpc_samr_CreateDomainGroup(p, mem_ctx, &r);
3355 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
3356 printf("Server refused create of '%s'\n", r.in.name->string);
3357 ZERO_STRUCTP(group_handle);
3361 if (NT_STATUS_EQUAL(status, NT_STATUS_GROUP_EXISTS)) {
3362 if (!test_DeleteGroup_byname(p, mem_ctx, domain_handle, r.in.name->string)) {
3364 printf("CreateDomainGroup failed: Could not delete domain group %s - %s\n", r.in.name->string,
3368 status = dcerpc_samr_CreateDomainGroup(p, mem_ctx, &r);
3370 if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
3371 if (!test_DeleteUser_byname(p, mem_ctx, domain_handle, r.in.name->string)) {
3373 printf("CreateDomainGroup failed: Could not delete user %s - %s\n", r.in.name->string,
3377 status = dcerpc_samr_CreateDomainGroup(p, mem_ctx, &r);
3379 if (!NT_STATUS_IS_OK(status)) {
3380 printf("CreateDomainGroup failed - %s\n", nt_errstr(status));
3384 if (!test_AddGroupMember(p, mem_ctx, domain_handle, group_handle)) {
3385 printf("CreateDomainGroup failed - %s\n", nt_errstr(status));
3389 if (!test_SetGroupInfo(p, mem_ctx, group_handle)) {
3398 its not totally clear what this does. It seems to accept any sid you like.
3400 static BOOL test_RemoveMemberFromForeignDomain(struct dcerpc_pipe *p,
3401 TALLOC_CTX *mem_ctx,
3402 struct policy_handle *domain_handle)
3405 struct samr_RemoveMemberFromForeignDomain r;
3407 r.in.domain_handle = domain_handle;
3408 r.in.sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-12-34-56-78");
3410 status = dcerpc_samr_RemoveMemberFromForeignDomain(p, mem_ctx, &r);
3411 if (!NT_STATUS_IS_OK(status)) {
3412 printf("RemoveMemberFromForeignDomain failed - %s\n", nt_errstr(status));
3421 static BOOL test_Connect(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3422 struct policy_handle *handle);
3424 static BOOL test_OpenDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3425 struct policy_handle *handle, struct dom_sid *sid,
3426 enum torture_samr_choice which_ops)
3429 struct samr_OpenDomain r;
3430 struct policy_handle domain_handle;
3431 struct policy_handle alias_handle;
3432 struct policy_handle user_handle;
3433 struct policy_handle group_handle;
3436 ZERO_STRUCT(alias_handle);
3437 ZERO_STRUCT(user_handle);
3438 ZERO_STRUCT(group_handle);
3439 ZERO_STRUCT(domain_handle);
3441 printf("Testing OpenDomain\n");
3443 r.in.connect_handle = handle;
3444 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
3446 r.out.domain_handle = &domain_handle;
3448 status = dcerpc_samr_OpenDomain(p, mem_ctx, &r);
3449 if (!NT_STATUS_IS_OK(status)) {
3450 printf("OpenDomain failed - %s\n", nt_errstr(status));
3454 /* run the domain tests with the main handle closed - this tests
3455 the servers reference counting */
3456 ret &= test_samr_handle_Close(p, mem_ctx, handle);
3458 switch (which_ops) {
3459 case TORTURE_SAMR_USER_ATTRIBUTES:
3460 case TORTURE_SAMR_PASSWORDS:
3461 ret &= test_CreateUser(p, mem_ctx, &domain_handle, NULL, which_ops);
3462 ret &= test_CreateUser2(p, mem_ctx, &domain_handle, which_ops);
3464 case TORTURE_SAMR_OTHER:
3465 ret &= test_CreateUser(p, mem_ctx, &domain_handle, &user_handle, which_ops);
3466 ret &= test_QuerySecurity(p, mem_ctx, &domain_handle);
3467 ret &= test_RemoveMemberFromForeignDomain(p, mem_ctx, &domain_handle);
3468 ret &= test_CreateAlias(p, mem_ctx, &domain_handle, &alias_handle, sid);
3469 ret &= test_CreateDomainGroup(p, mem_ctx, &domain_handle, &group_handle);
3470 ret &= test_QueryDomainInfo(p, mem_ctx, &domain_handle);
3471 ret &= test_QueryDomainInfo2(p, mem_ctx, &domain_handle);
3472 ret &= test_EnumDomainUsers(p, mem_ctx, &domain_handle);
3473 ret &= test_EnumDomainUsers_async(p, mem_ctx, &domain_handle);
3474 ret &= test_EnumDomainGroups(p, mem_ctx, &domain_handle);
3475 ret &= test_EnumDomainAliases(p, mem_ctx, &domain_handle);
3476 ret &= test_QueryDisplayInfo(p, mem_ctx, &domain_handle);
3477 ret &= test_QueryDisplayInfo2(p, mem_ctx, &domain_handle);
3478 ret &= test_QueryDisplayInfo3(p, mem_ctx, &domain_handle);
3479 ret &= test_QueryDisplayInfo_continue(p, mem_ctx, &domain_handle);
3481 if (lp_parm_bool(-1, "target", "samba4", False)) {
3482 printf("skipping GetDisplayEnumerationIndex test against Samba4\n");
3484 ret &= test_GetDisplayEnumerationIndex(p, mem_ctx, &domain_handle);
3485 ret &= test_GetDisplayEnumerationIndex2(p, mem_ctx, &domain_handle);
3487 ret &= test_GroupList(p, mem_ctx, &domain_handle);
3488 ret &= test_TestPrivateFunctionsDomain(p, mem_ctx, &domain_handle);
3489 ret &= test_RidToSid(p, mem_ctx, sid, &domain_handle);
3490 ret &= test_GetBootKeyInformation(p, mem_ctx, &domain_handle);
3494 if (!policy_handle_empty(&user_handle) &&
3495 !test_DeleteUser(p, mem_ctx, &user_handle)) {
3499 if (!policy_handle_empty(&alias_handle) &&
3500 !test_DeleteAlias(p, mem_ctx, &alias_handle)) {
3504 if (!policy_handle_empty(&group_handle) &&
3505 !test_DeleteDomainGroup(p, mem_ctx, &group_handle)) {
3509 ret &= test_samr_handle_Close(p, mem_ctx, &domain_handle);
3511 /* reconnect the main handle */
3512 ret &= test_Connect(p, mem_ctx, handle);
3515 printf("Testing domain %s failed!\n", dom_sid_string(mem_ctx, sid));
3521 static BOOL test_LookupDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3522 struct policy_handle *handle, const char *domain,
3523 enum torture_samr_choice which_ops)
3526 struct samr_LookupDomain r;
3527 struct lsa_String n1;
3528 struct lsa_String n2;
3531 printf("Testing LookupDomain(%s)\n", domain);
3533 /* check for correct error codes */
3534 r.in.connect_handle = handle;
3535 r.in.domain_name = &n2;
3538 status = dcerpc_samr_LookupDomain(p, mem_ctx, &r);
3539 if (!NT_STATUS_EQUAL(NT_STATUS_INVALID_PARAMETER, status)) {
3540 printf("failed: LookupDomain expected NT_STATUS_INVALID_PARAMETER - %s\n", nt_errstr(status));
3544 init_lsa_String(&n2, "xxNODOMAINxx");
3546 status = dcerpc_samr_LookupDomain(p, mem_ctx, &r);
3547 if (!NT_STATUS_EQUAL(NT_STATUS_NO_SUCH_DOMAIN, status)) {
3548 printf("failed: LookupDomain expected NT_STATUS_NO_SUCH_DOMAIN - %s\n", nt_errstr(status));
3552 r.in.connect_handle = handle;
3554 init_lsa_String(&n1, domain);
3555 r.in.domain_name = &n1;
3557 status = dcerpc_samr_LookupDomain(p, mem_ctx, &r);
3558 if (!NT_STATUS_IS_OK(status)) {
3559 printf("LookupDomain failed - %s\n", nt_errstr(status));
3563 if (!test_GetDomPwInfo(p, mem_ctx, &n1)) {
3567 if (!test_OpenDomain(p, mem_ctx, handle, r.out.sid, which_ops)) {
3575 static BOOL test_EnumDomains(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3576 struct policy_handle *handle, enum torture_samr_choice which_ops)
3579 struct samr_EnumDomains r;
3580 uint32_t resume_handle = 0;
3584 r.in.connect_handle = handle;
3585 r.in.resume_handle = &resume_handle;
3586 r.in.buf_size = (uint32_t)-1;
3587 r.out.resume_handle = &resume_handle;
3589 status = dcerpc_samr_EnumDomains(p, mem_ctx, &r);
3590 if (!NT_STATUS_IS_OK(status)) {
3591 printf("EnumDomains failed - %s\n", nt_errstr(status));
3599 for (i=0;i<r.out.sam->count;i++) {
3600 if (!test_LookupDomain(p, mem_ctx, handle,
3601 r.out.sam->entries[i].name.string, which_ops)) {
3606 status = dcerpc_samr_EnumDomains(p, mem_ctx, &r);
3607 if (!NT_STATUS_IS_OK(status)) {
3608 printf("EnumDomains failed - %s\n", nt_errstr(status));
3616 static BOOL test_Connect(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3617 struct policy_handle *handle)
3620 struct samr_Connect r;
3621 struct samr_Connect2 r2;
3622 struct samr_Connect3 r3;
3623 struct samr_Connect4 r4;
3624 struct samr_Connect5 r5;
3625 union samr_ConnectInfo info;
3626 struct policy_handle h;
3627 BOOL ret = True, got_handle = False;
3629 printf("testing samr_Connect\n");
3631 r.in.system_name = 0;
3632 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
3633 r.out.connect_handle = &h;
3635 status = dcerpc_samr_Connect(p, mem_ctx, &r);
3636 if (!NT_STATUS_IS_OK(status)) {
3637 printf("Connect failed - %s\n", nt_errstr(status));
3644 printf("testing samr_Connect2\n");
3646 r2.in.system_name = NULL;
3647 r2.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
3648 r2.out.connect_handle = &h;
3650 status = dcerpc_samr_Connect2(p, mem_ctx, &r2);
3651 if (!NT_STATUS_IS_OK(status)) {
3652 printf("Connect2 failed - %s\n", nt_errstr(status));
3656 test_samr_handle_Close(p, mem_ctx, handle);
3662 printf("testing samr_Connect3\n");
3664 r3.in.system_name = NULL;
3666 r3.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
3667 r3.out.connect_handle = &h;
3669 status = dcerpc_samr_Connect3(p, mem_ctx, &r3);
3670 if (!NT_STATUS_IS_OK(status)) {
3671 printf("Connect3 failed - %s\n", nt_errstr(status));
3675 test_samr_handle_Close(p, mem_ctx, handle);
3681 printf("testing samr_Connect4\n");
3683 r4.in.system_name = "";
3685 r4.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
3686 r4.out.connect_handle = &h;
3688 status = dcerpc_samr_Connect4(p, mem_ctx, &r4);
3689 if (!NT_STATUS_IS_OK(status)) {
3690 printf("Connect4 failed - %s\n", nt_errstr(status));
3694 test_samr_handle_Close(p, mem_ctx, handle);
3700 printf("testing samr_Connect5\n");
3702 info.info1.unknown1 = 0;
3703 info.info1.unknown2 = 0;
3705 r5.in.system_name = "";
3706 r5.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
3709 r5.out.info = &info;
3710 r5.out.connect_handle = &h;
3712 status = dcerpc_samr_Connect5(p, mem_ctx, &r5);
3713 if (!NT_STATUS_IS_OK(status)) {
3714 printf("Connect5 failed - %s\n", nt_errstr(status));
3718 test_samr_handle_Close(p, mem_ctx, handle);
3728 BOOL torture_rpc_samr(struct torture_context *torture)
3731 struct dcerpc_pipe *p;
3733 struct policy_handle handle;
3735 status = torture_rpc_connection(torture, &p, &dcerpc_table_samr);
3736 if (!NT_STATUS_IS_OK(status)) {
3740 ret &= test_Connect(p, torture, &handle);
3742 ret &= test_QuerySecurity(p, torture, &handle);
3744 ret &= test_EnumDomains(p, torture, &handle, TORTURE_SAMR_OTHER);
3746 ret &= test_SetDsrmPassword(p, torture, &handle);
3748 ret &= test_Shutdown(p, torture, &handle);
3750 ret &= test_samr_handle_Close(p, torture, &handle);
3756 BOOL torture_rpc_samr_users(struct torture_context *torture)
3759 struct dcerpc_pipe *p;
3761 struct policy_handle handle;
3763 status = torture_rpc_connection(torture, &p, &dcerpc_table_samr);
3764 if (!NT_STATUS_IS_OK(status)) {
3768 ret &= test_Connect(p, torture, &handle);
3770 ret &= test_QuerySecurity(p, torture, &handle);
3772 ret &= test_EnumDomains(p, torture, &handle, TORTURE_SAMR_USER_ATTRIBUTES);
3774 ret &= test_SetDsrmPassword(p, torture, &handle);
3776 ret &= test_Shutdown(p, torture, &handle);
3778 ret &= test_samr_handle_Close(p, torture, &handle);
3784 BOOL torture_rpc_samr_passwords(struct torture_context *torture)
3787 struct dcerpc_pipe *p;
3789 struct policy_handle handle;
3791 status = torture_rpc_connection(torture, &p, &dcerpc_table_samr);
3792 if (!NT_STATUS_IS_OK(status)) {
3796 ret &= test_Connect(p, torture, &handle);
3798 ret &= test_EnumDomains(p, torture, &handle, TORTURE_SAMR_PASSWORDS);
3800 ret &= test_samr_handle_Close(p, torture, &handle);