2d1dfb6a952559eecf20c86c131ffd0e9ca84835
[samba.git] / source / scripting / swig / torture / torture_samr.py
1 #!/usr/bin/python
2
3 import sys
4 import dcerpc, samr
5
6 def test_Connect(pipe):
7
8     print 'testing Connect'
9
10     handle = samr.Connect(pipe)
11     handle = samr.Connect2(pipe)
12     handle = samr.Connect3(pipe)
13     handle = samr.Connect4(pipe)
14 #    handle = samr.Connect5(pipe) # win2k3 only?
15
16     return handle
17     
18 def test_QuerySecurity(pipe, handle):
19
20     print 'testing QuerySecurity'
21
22     sdbuf = handle.QuerySecurity()
23     handle.SetSecurity(sdbuf)
24
25
26 def test_GetDomPwInfo(pipe, handle, domain):
27
28     print 'testing GetDomPwInfo'
29
30     handle.GetDomPwInfo(domain)
31     handle.GetDomPwInfo('__NONAME__')
32     handle.GetDomPwInfo('Builtin')
33
34 def test_RemoveMemberFromForeignDomain(pipe, domain_handle):
35
36     print 'testing RemoveMemberFromForeignDomain'
37
38     sid = samr.string_to_sid('S-1-5-32-12-34-56-78-9')
39
40     domain_handle.RemoveMemberFromForeignDomain(sid)
41
42 def test_CreateUser2(pipe, domain_handle):
43
44     print 'testing CreateUser2'
45
46     username = 'samrtorturemach$'
47
48     try:
49         return domain_handle.CreateUser2(username, 0x0080) # WSTRUST
50     except dcerpc.NTSTATUS, arg:
51         if arg[0] == 0x0c0000063L:
52             test_OpenUser_byname(pipe, domain_handle, username).DeleteUser()
53             return domain_handle.CreateUser2(username)
54         raise
55
56 def test_LookupName(pipe, domain_handle, name):
57
58     print 'testing samr_LookupNames'
59
60     domain_handle.LookupNames(['Administrator', 'xxNONAMExx'])
61
62     try:
63         domain_handle.LookupNames(['xxNONAMExx'])
64     except dcerpc.NTSTATUS, arg:
65         if arg[0] != 0xc0000073L:
66             raise dcerpc.NTSTATUS(arg)
67
68     return domain_handle.LookupNames([name])
69
70 def test_OpenUser_byname(pipe, domain_handle, user_name):
71
72     rids, types = test_LookupName(pipe, domain_handle, user_name)
73
74     return domain_handle.OpenUser(rids[0])
75
76 def test_DeleteUser_byname(pipe, domain_handle, user_name):
77
78     user_handle = test_OpenUser_byname(pipe, domain_handle, user_name)
79     
80     r = {}
81     r['user_handle'] = user_handle
82
83     dcerpc.samr_DeleteUser(pipe, r)
84
85 def test_QueryUserInfo(pipe, user_handle):
86
87     print 'testing samr_QueryUserInfo'
88
89     levels = [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 16, 17, 20, 21]
90
91     for level in levels:
92         r = {}
93         r['user_handle'] = user_handle
94         r['level'] = level
95
96         dcerpc.samr_QueryUserInfo(pipe, r)
97
98 def test_QueryUserInfo2(pipe, user_handle):
99
100     print 'testing samr_QueryUserInfo2'
101
102     levels = [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 16, 17, 20, 21]
103
104     for level in levels:
105         r = {}
106         r['user_handle'] = user_handle
107         r['level'] = level
108
109         dcerpc.samr_QueryUserInfo2(pipe, r)
110
111 def test_SetUserInfo(pipe, user_handle):
112
113     r = {}
114     r['user_handle'] = user_handle
115     r['level'] = 2
116     r['info'] = {}
117     r['info']['info2'] = {}
118     r['info']['info2']['comment'] = {}
119     r['info']['info2']['comment']['name'] = 'hello'
120     r['info']['info2']['unknown'] = {}
121     r['info']['info2']['unknown']['name'] = None
122     r['info']['info2']['country_code'] = 0
123     r['info']['info2']['code_page'] = 0
124
125     dcerpc.samr_SetUserInfo(pipe, r)
126
127 def test_GetUserPwInfo(pipe, user_handle):
128
129     print 'testing samr_GetUserpwInfo'
130
131     r = {}
132     r['user_handle'] = user_handle
133
134     dcerpc.samr_GetUserPwInfo(pipe, r)
135
136 def test_TestPrivateFunctionsUser(pipe, user_handle):
137
138     print 'testing samr.TestPrivateFunctionsUser'
139
140     r = {}
141     r['user_handle'] = user_handle
142
143     try:
144         dcerpc.samr_TestPrivateFunctionsUser(pipe, r)
145     except dcerpc.NTSTATUS, arg:
146         if arg[0] != dcerpc.NT_STATUS_NOT_IMPLEMENTED:
147             raise dcerpc.NTSTATUS(arg)
148
149 def test_user_ops(pipe, user_handle):
150
151     test_QuerySecurity(pipe, user_handle)
152
153     test_QueryUserInfo(pipe, user_handle)
154
155     test_QueryUserInfo2(pipe, user_handle)
156
157     test_SetUserInfo(pipe, user_handle)
158
159     test_GetUserPwInfo(pipe, user_handle)
160
161     test_TestPrivateFunctionsUser(pipe, user_handle)
162
163 def test_CreateUser(pipe, domain_handle):
164
165     username = 'samrtorturetest'
166
167     try:
168         return domain_handle.CreateUser(username)
169     except dcerpc.NTSTATUS, arg:
170         if arg[0] == 0xc0000063L:
171             test_OpenUser_byname(pipe, domain_handle, username).DeleteUser()
172             return domain_handle.CreateUser(username)
173
174 def test_SetAliasInfo(pipe, alias_handle):
175
176     r = {}
177     r['alias_handle'] = alias_handle
178     r['level'] = 2
179     r['info'] = {}
180     r['info']['name'] = {}
181     r['info']['name']['name'] = 'hello'
182
183     dcerpc.samr_SetAliasInfo(pipe, r)
184
185     del(r['info']['name'])
186
187     r['level'] = 3
188     r['info']['description'] = {}
189     r['info']['description']['name'] = 'this is a description'
190     
191     dcerpc.samr_SetAliasInfo(pipe, r)
192
193 def test_Aliases(pipe, domain_handle, domain_sid):
194
195     print 'testing aliases'
196
197     aliasname = 'samrtorturetestalias'
198
199     # Create a new alias
200
201     try:
202
203         handle, rid = domain_handle.CreateDomAlias(aliasname)
204
205     except dcerpc.NTSTATUS, arg:
206
207         if arg[0] == 0x0c0000154L:
208
209             # Alias exists, delete it and try again
210
211             rids, types = domain_handle.LookupNames([aliasname])
212             domain_handle.OpenAlias(rids[0]).DeleteDomAlias()
213
214             handle, rid = domain_handle.CreateDomAlias(aliasname)
215             
216         else:
217             raise
218
219     # QuerySecurity/GetSecurity
220
221     handle.SetSecurity(handle.QuerySecurity())
222
223     # QueryAliasInfo/SetAliasInfo
224
225     for i in [1, 2, 3]:
226         info = handle.QueryAliasInfo(i)
227         try:
228             handle.SetAliasInfo(i, info)
229         except dcerpc.NTSTATUS, arg:
230
231             # Can't set alias info level 1
232
233             if not (arg[0] == 0xC0000003L and i == 1):
234                 raise
235
236     # AddAliasMember
237
238     handle.AddAliasMember('S-1-5-21-1606980848-1677128483-854245398-500')
239
240     # AddMultipleMembersToAlias
241
242     handle.AddMultipleMembersToAlias(
243         ['S-1-5-21-1606980848-1677128483-854245398-501',
244          'S-1-5-21-1606980848-1677128483-854245398-502'])
245
246     # DeleteDomAlias
247
248     handle.DeleteDomAlias()
249
250 def test_DeleteGroup_byname(pipe, domain_handle, group_name):
251     
252     rid = test_LookupNames(pipe, domain_handle, group_name)
253
254     r = {}
255     r['domain_handle'] = domain_handle
256     r['access_mask'] = 0x02000000
257     r['rid'] = rid
258
259     result = dcerpc.samr_OpenGroup(pipe, r)
260
261     s = {}
262     s['group_handle'] = result['group_handle']
263
264     dcerpc.samr_DeleteDomainGroup(pipe, s)
265
266 def test_CreateDomainGroup(pipe, domain_handle):
267
268     print 'testing samr_CreateDomainGroup'
269
270     r = {}
271     r['domain_handle'] = domain_handle
272     r['name'] = {}
273     r['name']['name'] = 'samrtorturetestgroup'
274     r['access_mask'] = 0x02000000
275
276     try:
277         result = dcerpc.samr_CreateDomainGroup(pipe, r)
278     except dcerpc.NTSTATUS, arg:
279         if arg[0] == dcerpc.NT_STATUS_ACCESS_DENIED:
280             return
281         if arg[0] != dcerpc.NT_STATUS_GROUP_EXISTS:
282             raise dcerpc.NTSTATUS(arg)
283
284         test_DeleteGroup_byname(pipe, domain_handle, 'samrtorturetestgroup')
285
286         result = dcerpc.samr_CreateDomainGroup(pipe, r)
287
288     return result['group_handle']
289
290 def test_QueryDomainInfo(pipe, domain_handle):
291
292     print 'testing samr_QueryDomainInfo'
293
294     levels = [1, 2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13]
295     set_ok = [1, 0, 1, 1, 0, 1, 1, 0, 1,  0,  1,  0]
296     
297     for i in range(0, len(levels)):
298
299         r = {}
300         r['domain_handle'] = domain_handle
301         r['level'] = levels[i]
302
303         result = dcerpc.samr_QueryDomainInfo(pipe, r)
304
305         s = {}
306         s['domain_handle'] = domain_handle
307         s['level'] = levels[i]
308         s['info'] = result['info']
309
310         try:
311             dcerpc.samr_SetDomainInfo(pipe, s)
312         except dcerpc.NTSTATUS, arg:
313             if set_ok[i]:
314                 raise dcerpc.NTSTATUS(arg)
315             if arg[0] != dcerpc.NT_STATUS_INVALID_INFO_CLASS:
316                 raise dcerpc.NTSTATUS(arg)
317
318 def test_QueryDomainInfo2(pipe, domain_handle):
319
320     print 'testing samr_QueryDomainInfo'
321
322     levels = [1, 2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13]
323
324     for i in range(0, len(levels)):
325
326         r = {}
327         r['domain_handle'] = domain_handle
328         r['level'] = levels[i]
329
330         dcerpc.samr_QueryDomainInfo2(pipe, r)
331
332 def test_EnumDomainUsers(pipe, domain_handle):
333
334     print 'testing samr_EnumDomainUsers'
335
336     r = {}
337     r['domain_handle'] = domain_handle
338     r['resume_handle'] = 0
339     r['acct_flags'] = 0
340     r['max_size'] = -1
341
342     while 1:
343         result = dcerpc.samr_EnumDomainUsers(pipe, r)
344         if result['result'] == dcerpc.STATUS_MORE_ENTRIES:
345             r['resume_handle'] = result['resume_handle']
346             continue
347         break
348
349 def test_EnumDomainGroups(pipe, domain_handle):
350
351     print 'testing samr_EnumDomainGroups'
352
353     r = {}
354     r['domain_handle'] = domain_handle
355     r['resume_handle'] = 0
356     r['acct_flags'] = 0
357     r['max_size'] = -1
358     
359     while 1:
360         result = dcerpc.samr_EnumDomainGroups(pipe, r)
361         if result['result'] == dcerpc.STATUS_MORE_ENTRIES:
362             r['resume_handle'] = result['resume_handle']
363             continue
364         break
365
366 def test_EnumDomainAliases(pipe, domain_handle):
367
368     print 'testing samr_EnumDomainAliases'
369
370     r = {}
371     r['domain_handle'] = domain_handle
372     r['resume_handle'] = 0
373     r['acct_flags'] = 0
374     r['max_size'] = -1
375
376     while 1:
377         result = dcerpc.samr_EnumDomainAliases(pipe, r)
378         if result['result'] == dcerpc.STATUS_MORE_ENTRIES:
379             r['resume_handle'] = result['resume_handle']
380             continue
381         break
382
383 def test_QueryDisplayInfo(pipe, domain_handle):
384
385     print 'testing samr_QueryDisplayInfo'
386
387     levels = [1, 2, 3, 4, 5]
388
389     for i in range(0, len(levels)):
390
391         r = {}
392         r['domain_handle'] = domain_handle
393         r['level'] = levels[i]
394         r['start_idx'] = 0
395         r['max_entries'] = 1000
396         r['buf_size'] = -1
397
398         dcerpc.samr_QueryDisplayInfo(pipe, r)
399
400 def test_QueryDisplayInfo2(pipe, domain_handle):
401
402     print 'testing samr_QueryDisplayInfo2'
403
404     levels = [1, 2, 3, 4, 5]
405
406     for i in range(0, len(levels)):
407
408         r = {}
409         r['domain_handle'] = domain_handle
410         r['level'] = levels[i]
411         r['start_idx'] = 0
412         r['max_entries'] = 1000
413         r['buf_size'] = -1
414
415         dcerpc.samr_QueryDisplayInfo2(pipe, r)
416     
417 def test_QueryDisplayInfo3(pipe, domain_handle):
418
419     print 'testing samr_QueryDisplayInfo3'
420
421     levels = [1, 2, 3, 4, 5]
422
423     for i in range(0, len(levels)):
424
425         r = {}
426         r['domain_handle'] = domain_handle
427         r['level'] = levels[i]
428         r['start_idx'] = 0
429         r['max_entries'] = 1000
430         r['buf_size'] = -1
431
432         dcerpc.samr_QueryDisplayInfo3(pipe, r)
433
434 def test_GetDisplayEnumerationIndex(pipe, domain_handle):
435
436     print 'testing samr_GetDisplayEnumerationIndex'
437
438     levels = [1, 2, 3, 4, 5]
439     ok_lvl = [1, 1, 1, 0, 0]
440
441     for i in range(0, len(levels)):
442
443         r = {}
444         r['domain_handle'] = domain_handle
445         r['level'] = levels[i]
446         r['name'] = {}
447         r['name']['name'] = 'samrtorturetest'
448
449         try:
450             dcerpc.samr_GetDisplayEnumerationIndex(pipe, r)
451         except dcerpc.NTSTATUS, arg:
452             if ok_lvl[i]:
453                 raise dcerpc.NTSTATUS(arg)
454
455         r['name']['name'] = 'zzzzzzzz'
456
457         try:
458             dcerpc.samr_GetDisplayEnumerationIndex(pipe, r)
459         except dcerpc.NTSTATUS, arg:
460             if ok_lvl[i]:
461                 raise dcerpc.NTSTATUS(arg)            
462
463 def test_GetDisplayEnumerationIndex2(pipe, domain_handle):
464
465     print 'testing samr_GetDisplayEnumerationIndex2'
466
467     levels = [1, 2, 3, 4, 5]
468     ok_lvl = [1, 1, 1, 0, 0]
469
470     for i in range(0, len(levels)):
471
472         r = {}
473         r['domain_handle'] = domain_handle
474         r['level'] = levels[i]
475         r['name'] = {}
476         r['name']['name'] = 'samrtorturetest'
477
478         try:
479             dcerpc.samr_GetDisplayEnumerationIndex2(pipe, r)
480         except dcerpc.NTSTATUS, arg:
481             if ok_lvl[i]:
482                 raise dcerpc.NTSTATUS(arg)
483
484         r['name']['name'] = 'zzzzzzzz'
485
486         try:
487             dcerpc.samr_GetDisplayEnumerationIndex2(pipe, r)
488         except dcerpc.NTSTATUS, arg:
489             if ok_lvl[i]:
490                 raise dcerpc.NTSTATUS(arg)            
491
492 def test_TestPrivateFunctionsDomain(pipe, domain_handle):
493
494     print 'testing samr.TestPrivateFunctionsDomain'
495
496     r = {}
497     r['domain_handle'] = domain_handle
498
499     try:
500         dcerpc.samr_TestPrivateFunctionsDomain(pipe, r)
501     except dcerpc.NTSTATUS, arg:
502         if arg[0] != dcerpc.NT_STATUS_NOT_IMPLEMENTED:
503             raise dcerpc.NTSTATUS(arg)
504
505 def test_RidToSid(pipe, domain_handle):
506
507     print 'testing samr_RidToSid'
508
509     r = {}
510     r['domain_handle'] = domain_handle
511     r['rid'] = 512
512
513     dcerpc.samr_RidToSid(pipe, r)
514
515 def test_GetBootKeyInformation(pipe, domain_handle):
516
517     print 'testing samr_GetBootKeyInformation'
518
519     r = {}
520     r['domain_handle'] = domain_handle
521
522     try:
523         dcerpc.samr_GetBootKeyInformation(pipe, r)
524     except dcerpc.NTSTATUS, arg:
525         pass
526
527 def test_DeleteUser(pipe, user_handle):
528
529     r = {}
530     r['user_handle'] = user_handle
531
532     dcerpc.samr_DeleteUser(pipe, r)
533
534 def test_DeleteAlias(pipe, alias_handle):
535
536     r = {}
537     r['alias_handle'] = alias_handle
538
539     dcerpc.samr_DeleteDomAlias(pipe, r)
540     
541 def test_DeleteDomainGroup(pipe, group_handle):
542
543     r = {}
544     r['group_handle'] = group_handle
545
546     dcerpc.samr_DeleteDomainGroup(pipe, r)
547
548 def test_Close(pipe, handle):
549
550     r = {}
551     r['handle'] = handle
552
553     dcerpc.samr_Close(pipe, r)
554
555 def test_OpenDomain(pipe, connect_handle, domain_sid):
556
557     print 'testing OpenDomain'
558
559     domain_handle = connect_handle.OpenDomain(domain_sid)
560
561     test_QuerySecurity(pipe, domain_handle)
562
563     test_RemoveMemberFromForeignDomain(pipe, domain_handle)
564
565     test_CreateUser2(pipe, domain_handle)
566
567     test_CreateUser(pipe, domain_handle)
568
569     test_Aliases(pipe, domain_handle, domain_sid)
570
571     sys.exit(0)
572
573     test_CreateDomainGroup(pipe, domain_handle)
574
575     test_QueryDomainInfo(pipe, domain_handle)
576     
577     test_QueryDomainInfo2(pipe, domain_handle)
578
579     test_EnumDomainUsers(pipe, domain_handle)
580
581     test_EnumDomainGroups(pipe, domain_handle)
582
583     test_EnumDomainAliases(pipe, domain_handle)
584
585     test_QueryDisplayInfo(pipe, domain_handle)
586
587     test_QueryDisplayInfo2(pipe, domain_handle)
588     
589     test_QueryDisplayInfo3(pipe, domain_handle)
590
591     test_GetDisplayEnumerationIndex(pipe, domain_handle)
592
593     test_GetDisplayEnumerationIndex2(pipe, domain_handle)
594
595     test_TestPrivateFunctionsDomain(pipe, domain_handle)
596
597     test_RidToSid(pipe, domain_handle)
598
599     test_GetBootKeyInformation(pipe, domain_handle)
600
601     if user_handle != None:
602         test_DeleteUser(pipe, user_handle)
603
604     if alias_handle != None:
605         test_DeleteAlias(pipe, alias_handle)
606
607     if group_handle != None:
608         test_DeleteDomainGroup(pipe, group_handle)
609
610     test_Close(pipe, domain_handle)
611     
612 def test_LookupDomain(pipe, connect_handle, domain):
613
614     print 'testing LookupDomain'
615
616     sid = connect_handle.LookupDomain(domain)
617
618     try:
619         connect_handle.LookupDomain('xxNODOMAINxx')
620     except dcerpc.NTSTATUS, arg:
621         if arg[0] != 0xC00000DFL:          # NT_STATUS_NO_SUCH_DOMAIN
622             raise
623             
624     test_GetDomPwInfo(pipe, connect_handle, domain)
625     test_OpenDomain(pipe, connect_handle, sid)
626     
627 def test_EnumDomains(pipe, connect_handle):
628
629     print 'testing EnumDomains'
630
631     for domain in connect_handle.EnumDomains():
632         test_LookupDomain(pipe, connect_handle, domain)
633
634 def runtests(binding, creds):
635
636     print 'Testing SAMR pipe'
637
638     pipe = dcerpc.pipe_connect(binding,
639             dcerpc.DCERPC_SAMR_UUID, int(dcerpc.DCERPC_SAMR_VERSION), creds)
640
641     handle = test_Connect(pipe)
642
643     test_QuerySecurity(pipe, handle)
644
645     test_EnumDomains(pipe, handle)