2 Unix SMB/CIFS implementation.
3 test suite for samr rpc operations
5 Copyright (C) Andrew Tridgell 2003
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 static BOOL test_QueryUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
26 struct policy_handle *handle);
29 this makes the debug code display the right thing
31 static void init_samr_Name(struct samr_Name *name, const char *s)
34 name->name_len = strlen_m(s)*2;
35 name->name_size = name->name_len;
38 static BOOL test_Close(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
39 struct policy_handle *handle)
45 r.out.handle = handle;
47 status = dcerpc_samr_Close(p, mem_ctx, &r);
48 if (!NT_STATUS_IS_OK(status)) {
49 printf("Close handle failed - %s\n", nt_errstr(status));
57 static BOOL test_QuerySecurity(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
58 struct policy_handle *handle)
61 struct samr_QuerySecurity r;
66 status = dcerpc_samr_QuerySecurity(p, mem_ctx, &r);
67 if (!NT_STATUS_IS_OK(status)) {
68 printf("QuerySecurity failed - %s\n", nt_errstr(status));
75 static BOOL test_user_ops(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
76 struct policy_handle *handle)
80 if (!test_QuerySecurity(p, mem_ctx, handle)) {
84 if (!test_QueryUserInfo(p, mem_ctx, handle)) {
92 static BOOL test_CreateUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
93 struct policy_handle *handle)
96 struct samr_CreateUser r;
97 struct samr_DeleteUser d;
98 struct policy_handle acct_handle;
100 struct samr_Name name;
103 init_samr_Name(&name, "samrtorturetest");
105 r.in.handle = handle;
106 r.in.username = &name;
107 r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
108 r.out.acct_handle = &acct_handle;
111 printf("Testing CreateUser(%s)\n", r.in.username->name);
113 status = dcerpc_samr_CreateUser(p, mem_ctx, &r);
115 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
116 printf("Server refused create of '%s'\n", r.in.username->name);
120 if (!NT_STATUS_IS_OK(status) &&
121 !NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
122 printf("CreateUser failed - %s\n", nt_errstr(status));
127 if (!test_user_ops(p, mem_ctx, &acct_handle)) {
131 printf("Testing DeleteUser\n");
133 d.in.handle = &acct_handle;
134 d.out.handle = &acct_handle;
136 status = dcerpc_samr_DeleteUser(p, mem_ctx, &d);
137 if (!NT_STATUS_IS_OK(status)) {
138 printf("DeleteUser failed - %s\n", nt_errstr(status));
145 static BOOL test_QueryAliasInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
146 struct policy_handle *handle)
149 struct samr_QueryAliasInfo r;
150 uint16 levels[] = {1, 2, 3};
154 for (i=0;i<ARRAY_SIZE(levels);i++) {
155 printf("Testing QueryAliasInfo level %u\n", levels[i]);
157 r.in.handle = handle;
158 r.in.level = levels[i];
160 status = dcerpc_samr_QueryAliasInfo(p, mem_ctx, &r);
161 if (!NT_STATUS_IS_OK(status)) {
162 printf("QueryAliasInfo level %u failed - %s\n",
163 levels[i], nt_errstr(status));
171 static BOOL test_QueryGroupInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
172 struct policy_handle *handle)
175 struct samr_QueryGroupInfo r;
176 uint16 levels[] = {1, 2, 3, 4};
180 for (i=0;i<ARRAY_SIZE(levels);i++) {
181 printf("Testing QueryGroupInfo level %u\n", levels[i]);
183 r.in.handle = handle;
184 r.in.level = levels[i];
186 status = dcerpc_samr_QueryGroupInfo(p, mem_ctx, &r);
187 if (!NT_STATUS_IS_OK(status)) {
188 printf("QueryGroupInfo level %u failed - %s\n",
189 levels[i], nt_errstr(status));
197 static BOOL test_QueryUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
198 struct policy_handle *handle)
201 struct samr_QueryUserInfo r;
202 uint16 levels[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10,
203 11, 12, 13, 14, 16, 17, 20, 21};
207 for (i=0;i<ARRAY_SIZE(levels);i++) {
208 printf("Testing QueryUserInfo level %u\n", levels[i]);
210 r.in.handle = handle;
211 r.in.level = levels[i];
213 status = dcerpc_samr_QueryUserInfo(p, mem_ctx, &r);
214 if (!NT_STATUS_IS_OK(status)) {
215 printf("QueryUserInfo level %u failed - %s\n",
216 levels[i], nt_errstr(status));
224 static BOOL test_OpenUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
225 struct policy_handle *handle, uint32 rid)
228 struct samr_OpenUser r;
229 struct policy_handle acct_handle;
232 printf("Testing OpenUser(%u)\n", rid);
234 r.in.handle = handle;
235 r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
237 r.out.acct_handle = &acct_handle;
239 status = dcerpc_samr_OpenUser(p, mem_ctx, &r);
240 if (!NT_STATUS_IS_OK(status)) {
241 printf("OpenUser(%u) failed - %s\n", rid, nt_errstr(status));
245 if (!test_QuerySecurity(p, mem_ctx, &acct_handle)) {
249 if (!test_QueryUserInfo(p, mem_ctx, &acct_handle)) {
253 if (!test_Close(p, mem_ctx, &acct_handle)) {
260 static BOOL test_OpenGroup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
261 struct policy_handle *handle, uint32 rid)
264 struct samr_OpenGroup r;
265 struct policy_handle acct_handle;
268 printf("Testing OpenGroup(%u)\n", rid);
270 r.in.handle = handle;
271 r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
273 r.out.acct_handle = &acct_handle;
275 status = dcerpc_samr_OpenGroup(p, mem_ctx, &r);
276 if (!NT_STATUS_IS_OK(status)) {
277 printf("OpenGroup(%u) failed - %s\n", rid, nt_errstr(status));
281 if (!test_QuerySecurity(p, mem_ctx, &acct_handle)) {
285 if (!test_QueryGroupInfo(p, mem_ctx, &acct_handle)) {
289 if (!test_Close(p, mem_ctx, &acct_handle)) {
296 static BOOL test_OpenAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
297 struct policy_handle *handle, uint32 rid)
300 struct samr_OpenAlias r;
301 struct policy_handle acct_handle;
304 printf("Testing OpenAlias(%u)\n", rid);
306 r.in.handle = handle;
307 r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
309 r.out.acct_handle = &acct_handle;
311 status = dcerpc_samr_OpenAlias(p, mem_ctx, &r);
312 if (!NT_STATUS_IS_OK(status)) {
313 printf("OpenAlias(%u) failed - %s\n", rid, nt_errstr(status));
317 if (!test_QuerySecurity(p, mem_ctx, &acct_handle)) {
321 if (!test_QueryAliasInfo(p, mem_ctx, &acct_handle)) {
325 if (!test_Close(p, mem_ctx, &acct_handle)) {
332 static BOOL test_EnumDomainUsers(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
333 struct policy_handle *handle)
336 struct samr_EnumDomainUsers r;
337 uint32 resume_handle=0;
340 struct samr_LookupNames n;
341 struct samr_LookupRids lr ;
343 printf("Testing EnumDomainUsers\n");
345 r.in.handle = handle;
346 r.in.resume_handle = &resume_handle;
348 r.in.max_size = (uint32)-1;
349 r.out.resume_handle = &resume_handle;
351 status = dcerpc_samr_EnumDomainUsers(p, mem_ctx, &r);
352 if (!NT_STATUS_IS_OK(status)) {
353 printf("EnumDomainUsers failed - %s\n", nt_errstr(status));
361 if (r.out.sam->count == 0) {
365 for (i=0;i<r.out.sam->count;i++) {
366 if (!test_OpenUser(p, mem_ctx, handle, r.out.sam->entries[i].idx)) {
371 printf("Testing LookupNames\n");
372 n.in.handle = handle;
373 n.in.num_names = r.out.sam->count;
374 n.in.names = talloc(mem_ctx, r.out.sam->count * sizeof(struct samr_Name));
375 for (i=0;i<r.out.sam->count;i++) {
376 n.in.names[i] = r.out.sam->entries[i].name;
378 status = dcerpc_samr_LookupNames(p, mem_ctx, &n);
379 if (!NT_STATUS_IS_OK(status)) {
380 printf("LookupNames failed - %s\n", nt_errstr(status));
385 printf("Testing LookupRids\n");
386 lr.in.handle = handle;
387 lr.in.num_rids = r.out.sam->count;
388 lr.in.rids = talloc(mem_ctx, r.out.sam->count * sizeof(uint32));
389 for (i=0;i<r.out.sam->count;i++) {
390 lr.in.rids[i] = r.out.sam->entries[i].idx;
392 status = dcerpc_samr_LookupRids(p, mem_ctx, &lr);
393 if (!NT_STATUS_IS_OK(status)) {
394 printf("LookupRids failed - %s\n", nt_errstr(status));
401 static BOOL test_EnumDomainGroups(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
402 struct policy_handle *handle)
405 struct samr_EnumDomainGroups r;
406 uint32 resume_handle=0;
410 printf("Testing EnumDomainGroups\n");
412 r.in.handle = handle;
413 r.in.resume_handle = &resume_handle;
414 r.in.max_size = (uint32)-1;
415 r.out.resume_handle = &resume_handle;
417 status = dcerpc_samr_EnumDomainGroups(p, mem_ctx, &r);
418 if (!NT_STATUS_IS_OK(status)) {
419 printf("EnumDomainGroups failed - %s\n", nt_errstr(status));
427 for (i=0;i<r.out.sam->count;i++) {
428 if (!test_OpenGroup(p, mem_ctx, handle, r.out.sam->entries[i].idx)) {
436 static BOOL test_EnumDomainAliases(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
437 struct policy_handle *handle)
440 struct samr_EnumDomainAliases r;
441 uint32 resume_handle=0;
445 printf("Testing EnumDomainAliases\n");
447 r.in.handle = handle;
448 r.in.resume_handle = &resume_handle;
449 r.in.max_size = (uint32)-1;
450 r.out.resume_handle = &resume_handle;
452 status = dcerpc_samr_EnumDomainAliases(p, mem_ctx, &r);
453 if (!NT_STATUS_IS_OK(status)) {
454 printf("EnumDomainAliases failed - %s\n", nt_errstr(status));
462 for (i=0;i<r.out.sam->count;i++) {
463 if (!test_OpenAlias(p, mem_ctx, handle, r.out.sam->entries[i].idx)) {
471 static BOOL test_QueryDomainInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
472 struct policy_handle *handle)
475 struct samr_QueryDomainInfo r;
476 uint16 levels[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13};
480 for (i=0;i<ARRAY_SIZE(levels);i++) {
481 printf("Testing QueryDomainInfo level %u\n", levels[i]);
483 r.in.handle = handle;
484 r.in.level = levels[i];
486 status = dcerpc_samr_QueryDomainInfo(p, mem_ctx, &r);
487 if (!NT_STATUS_IS_OK(status)) {
488 printf("QueryDomainInfo level %u failed - %s\n",
489 r.in.level, nt_errstr(status));
498 static BOOL test_OpenDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
499 struct policy_handle *handle, struct dom_sid2 *sid)
502 struct samr_OpenDomain r;
503 struct policy_handle domain_handle;
506 printf("Testing OpenDomain\n");
508 r.in.handle = handle;
509 r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
511 r.out.domain_handle = &domain_handle;
513 status = dcerpc_samr_OpenDomain(p, mem_ctx, &r);
514 if (!NT_STATUS_IS_OK(status)) {
515 printf("OpenDomain failed - %s\n", nt_errstr(status));
519 if (!test_CreateUser(p, mem_ctx, &domain_handle)) {
523 if (!test_QuerySecurity(p, mem_ctx, &domain_handle)) {
527 if (!test_QueryDomainInfo(p, mem_ctx, &domain_handle)) {
531 if (!test_EnumDomainUsers(p, mem_ctx, &domain_handle)) {
535 if (!test_EnumDomainGroups(p, mem_ctx, &domain_handle)) {
539 if (!test_EnumDomainAliases(p, mem_ctx, &domain_handle)) {
543 if (!test_Close(p, mem_ctx, &domain_handle)) {
550 static BOOL test_LookupDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
551 struct policy_handle *handle, struct samr_Name *domain)
554 struct samr_LookupDomain r;
556 printf("Testing LookupDomain(%s)\n", domain->name);
558 r.in.handle = handle;
559 r.in.domain = domain;
561 status = dcerpc_samr_LookupDomain(p, mem_ctx, &r);
562 if (!NT_STATUS_IS_OK(status)) {
563 printf("LookupDomain failed - %s\n", nt_errstr(status));
567 if (!test_OpenDomain(p, mem_ctx, handle, r.out.sid)) {
575 static BOOL test_EnumDomains(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
576 struct policy_handle *handle)
579 struct samr_EnumDomains r;
580 uint32 resume_handle = 0;
581 uint32 num_entries=0;
585 r.in.handle = handle;
586 r.in.resume_handle = &resume_handle;
587 r.in.buf_size = (uint32)-1;
588 r.out.resume_handle = &resume_handle;
589 r.out.num_entries = &num_entries;
591 status = dcerpc_samr_EnumDomains(p, mem_ctx, &r);
592 if (!NT_STATUS_IS_OK(status)) {
593 printf("EnumDomains failed - %s\n", nt_errstr(status));
601 for (i=0;i<r.out.sam->count;i++) {
602 if (!test_LookupDomain(p, mem_ctx, handle,
603 &r.out.sam->entries[i].name)) {
612 static BOOL test_Connect(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
613 struct policy_handle *handle)
616 struct samr_Connect r;
617 struct samr_Connect4 r4;
619 r.in.system_name = 0;
620 r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
621 r.out.handle = handle;
623 status = dcerpc_samr_Connect(p, mem_ctx, &r);
624 if (!NT_STATUS_IS_OK(status)) {
625 printf("Connect failed - %s\n", nt_errstr(status));
629 r4.in.system_name = "";
631 r4.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
632 r4.out.handle = handle;
634 status = dcerpc_samr_Connect4(p, mem_ctx, &r4);
635 if (!NT_STATUS_IS_OK(status)) {
636 printf("Connect4 failed - %s\n", nt_errstr(status));
644 BOOL torture_rpc_samr(int dummy)
647 struct dcerpc_pipe *p;
650 struct policy_handle handle;
652 mem_ctx = talloc_init("torture_rpc_samr");
654 status = torture_rpc_connection(&p,
657 DCERPC_SAMR_VERSION);
658 if (!NT_STATUS_IS_OK(status)) {
662 p->flags |= DCERPC_DEBUG_PRINT_BOTH;
664 if (!test_Connect(p, mem_ctx, &handle)) {
668 if (!test_QuerySecurity(p, mem_ctx, &handle)) {
672 if (!test_EnumDomains(p, mem_ctx, &handle)) {
676 if (!test_Close(p, mem_ctx, &handle)) {
680 torture_rpc_close(p);