2 Unix SMB/CIFS implementation.
3 test suite for samr rpc operations
5 Copyright (C) Andrew Tridgell 2003
6 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2003
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 #define TEST_ACCOUNT_NAME "samrtorturetest"
26 #define TEST_ALIASNAME "samrtorturetestalias"
27 #define TEST_GROUPNAME "samrtorturetestgroup"
28 #define TEST_MACHINENAME "samrtorturetestmach$"
29 #define TEST_DOMAINNAME "samrtorturetestdom$"
32 static BOOL test_QueryUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
33 struct policy_handle *handle);
35 static BOOL test_QueryUserInfo2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
36 struct policy_handle *handle);
38 static BOOL test_QueryAliasInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
39 struct policy_handle *handle);
41 static void init_samr_Name(struct samr_Name *name, const char *s)
46 static BOOL test_Close(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
47 struct policy_handle *handle)
53 r.out.handle = handle;
55 status = dcerpc_samr_Close(p, mem_ctx, &r);
56 if (!NT_STATUS_IS_OK(status)) {
57 printf("Close handle failed - %s\n", nt_errstr(status));
64 static BOOL test_Shutdown(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
65 struct policy_handle *handle)
68 struct samr_Shutdown r;
70 if (lp_parm_int(-1, "torture", "dangerous") != 1) {
71 printf("samr_Shutdown disabled - enable dangerous tests to use\n");
77 printf("testing samr_Shutdown\n");
79 status = dcerpc_samr_Shutdown(p, mem_ctx, &r);
80 if (!NT_STATUS_IS_OK(status)) {
81 printf("samr_Shutdown failed - %s\n", nt_errstr(status));
88 static BOOL test_SetDsrmPassword(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
89 struct policy_handle *handle)
92 struct samr_SetDsrmPassword r;
93 struct samr_Name name;
94 struct samr_Password hash;
96 if (lp_parm_int(-1, "torture", "dangerous") != 1) {
97 printf("samr_SetDsrmPassword disabled - enable dangerous tests to use\n");
101 E_md4hash("TeSTDSRM123", hash.hash);
103 init_samr_Name(&name, "Administrator");
109 printf("testing samr_SetDsrmPassword\n");
111 status = dcerpc_samr_SetDsrmPassword(p, mem_ctx, &r);
112 if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
113 printf("samr_SetDsrmPassword failed - %s\n", nt_errstr(status));
121 static BOOL test_QuerySecurity(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
122 struct policy_handle *handle)
125 struct samr_QuerySecurity r;
126 struct samr_SetSecurity s;
128 r.in.handle = handle;
131 status = dcerpc_samr_QuerySecurity(p, mem_ctx, &r);
132 if (!NT_STATUS_IS_OK(status)) {
133 printf("QuerySecurity failed - %s\n", nt_errstr(status));
137 if (r.out.sdbuf == NULL) {
141 s.in.handle = handle;
143 s.in.sdbuf = r.out.sdbuf;
145 status = dcerpc_samr_SetSecurity(p, mem_ctx, &s);
146 if (!NT_STATUS_IS_OK(status)) {
147 printf("SetSecurity failed - %s\n", nt_errstr(status));
151 status = dcerpc_samr_QuerySecurity(p, mem_ctx, &r);
152 if (!NT_STATUS_IS_OK(status)) {
153 printf("QuerySecurity failed - %s\n", nt_errstr(status));
161 static BOOL test_SetUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
162 struct policy_handle *handle)
165 struct samr_SetUserInfo s;
166 struct samr_SetUserInfo2 s2;
167 struct samr_QueryUserInfo q;
168 struct samr_QueryUserInfo q0;
169 union samr_UserInfo u;
172 s.in.handle = handle;
175 s2.in.handle = handle;
178 q.in.handle = handle;
182 #define TESTCALL(call, r) \
183 status = dcerpc_samr_ ##call(p, mem_ctx, &r); \
184 if (!NT_STATUS_IS_OK(status)) { \
185 printf(#call " level %u failed - %s (line %d)\n", \
186 r.in.level, nt_errstr(status), __LINE__); \
191 #define STRING_EQUAL(s1, s2, field) \
192 if ((s1 && !s2) || (s2 && !s1) || strcmp(s1, s2)) { \
193 printf("Failed to set %s to '%s' (line %d)\n", \
194 #field, s2, __LINE__); \
199 #define INT_EQUAL(i1, i2, field) \
201 printf("Failed to set %s to %u (line %d)\n", \
202 #field, i2, __LINE__); \
207 #define TEST_USERINFO_NAME(lvl1, field1, lvl2, field2, value, fpval) do { \
208 printf("field test %d/%s vs %d/%s\n", lvl1, #field1, lvl2, #field2); \
210 TESTCALL(QueryUserInfo, q) \
212 s2.in.level = lvl1; \
215 ZERO_STRUCT(u.info21); \
216 u.info21.fields_present = fpval; \
218 init_samr_Name(&u.info ## lvl1.field1, value); \
219 TESTCALL(SetUserInfo, s) \
220 TESTCALL(SetUserInfo2, s2) \
221 init_samr_Name(&u.info ## lvl1.field1, ""); \
222 TESTCALL(QueryUserInfo, q); \
224 STRING_EQUAL(u.info ## lvl1.field1.name, value, field1); \
226 TESTCALL(QueryUserInfo, q) \
228 STRING_EQUAL(u.info ## lvl2.field2.name, value, field2); \
231 #define TEST_USERINFO_INT(lvl1, field1, lvl2, field2, value, fpval) do { \
232 printf("field test %d/%s vs %d/%s\n", lvl1, #field1, lvl2, #field2); \
234 TESTCALL(QueryUserInfo, q) \
236 s2.in.level = lvl1; \
239 uint8_t *bitmap = u.info21.logon_hours.bitmap; \
240 ZERO_STRUCT(u.info21); \
241 if (fpval == SAMR_FIELD_LOGON_HOURS) { \
242 u.info21.logon_hours.units_per_week = 168; \
243 u.info21.logon_hours.bitmap = bitmap; \
245 u.info21.fields_present = fpval; \
247 u.info ## lvl1.field1 = value; \
248 TESTCALL(SetUserInfo, s) \
249 TESTCALL(SetUserInfo2, s2) \
250 u.info ## lvl1.field1 = 0; \
251 TESTCALL(QueryUserInfo, q); \
253 INT_EQUAL(u.info ## lvl1.field1, value, field1); \
255 TESTCALL(QueryUserInfo, q) \
257 INT_EQUAL(u.info ## lvl2.field2, value, field1); \
261 do { TESTCALL(QueryUserInfo, q0) } while (0);
263 TEST_USERINFO_NAME(2, comment, 1, comment, "xx2-1 comment", 0);
264 TEST_USERINFO_NAME(2, comment, 21, comment, "xx2-21 comment", 0);
265 TEST_USERINFO_NAME(21, comment, 21, comment, "xx21-21 comment",
268 TEST_USERINFO_NAME(6, full_name, 1, full_name, "xx6-1 full_name", 0);
269 TEST_USERINFO_NAME(6, full_name, 3, full_name, "xx6-3 full_name", 0);
270 TEST_USERINFO_NAME(6, full_name, 5, full_name, "xx6-5 full_name", 0);
271 TEST_USERINFO_NAME(6, full_name, 6, full_name, "xx6-6 full_name", 0);
272 TEST_USERINFO_NAME(6, full_name, 8, full_name, "xx6-8 full_name", 0);
273 TEST_USERINFO_NAME(6, full_name, 21, full_name, "xx6-21 full_name", 0);
274 TEST_USERINFO_NAME(8, full_name, 21, full_name, "xx8-21 full_name", 0);
275 TEST_USERINFO_NAME(21, full_name, 21, full_name, "xx21-21 full_name",
278 TEST_USERINFO_NAME(11, logon_script, 3, logon_script, "xx11-3 logon_script", 0);
279 TEST_USERINFO_NAME(11, logon_script, 5, logon_script, "xx11-5 logon_script", 0);
280 TEST_USERINFO_NAME(11, logon_script, 21, logon_script, "xx11-21 logon_script", 0);
281 TEST_USERINFO_NAME(21, logon_script, 21, logon_script, "xx21-21 logon_script",
282 SAMR_FIELD_LOGON_SCRIPT);
284 TEST_USERINFO_NAME(12, profile_path, 3, profile_path, "xx12-3 profile_path", 0);
285 TEST_USERINFO_NAME(12, profile_path, 5, profile_path, "xx12-5 profile_path", 0);
286 TEST_USERINFO_NAME(12, profile_path, 21, profile_path, "xx12-21 profile_path", 0);
287 TEST_USERINFO_NAME(21, profile_path, 21, profile_path, "xx21-21 profile_path",
288 SAMR_FIELD_PROFILE_PATH);
290 TEST_USERINFO_NAME(13, description, 1, description, "xx13-1 description", 0);
291 TEST_USERINFO_NAME(13, description, 5, description, "xx13-5 description", 0);
292 TEST_USERINFO_NAME(13, description, 21, description, "xx13-21 description", 0);
293 TEST_USERINFO_NAME(21, description, 21, description, "xx21-21 description",
294 SAMR_FIELD_DESCRIPTION);
296 TEST_USERINFO_NAME(14, workstations, 3, workstations, "14workstation3", 0);
297 TEST_USERINFO_NAME(14, workstations, 5, workstations, "14workstation4", 0);
298 TEST_USERINFO_NAME(14, workstations, 21, workstations, "14workstation21", 0);
299 TEST_USERINFO_NAME(21, workstations, 21, workstations, "21workstation21",
300 SAMR_FIELD_WORKSTATION);
302 TEST_USERINFO_NAME(20, callback, 21, callback, "xx20-21 callback", 0);
303 TEST_USERINFO_NAME(21, callback, 21, callback, "xx21-21 callback",
304 SAMR_FIELD_CALLBACK);
306 TEST_USERINFO_INT(2, country_code, 21, country_code, __LINE__, 0);
307 TEST_USERINFO_INT(21, country_code, 21, country_code, __LINE__,
308 SAMR_FIELD_COUNTRY_CODE);
310 TEST_USERINFO_INT(2, code_page, 21, code_page, __LINE__, 0);
311 TEST_USERINFO_INT(21, code_page, 21, code_page, __LINE__,
312 SAMR_FIELD_CODE_PAGE);
314 TEST_USERINFO_INT(4, logon_hours.bitmap[3], 3, logon_hours.bitmap[3], 1, 0);
315 TEST_USERINFO_INT(4, logon_hours.bitmap[3], 5, logon_hours.bitmap[3], 2, 0);
316 TEST_USERINFO_INT(4, logon_hours.bitmap[3], 21, logon_hours.bitmap[3], 3, 0);
317 TEST_USERINFO_INT(21, logon_hours.bitmap[3], 21, logon_hours.bitmap[3], 4,
318 SAMR_FIELD_LOGON_HOURS);
321 /* these fail with win2003 - it appears you can't set the primary gid?
322 the set succeeds, but the gid isn't changed. Very weird! */
323 TEST_USERINFO_INT(9, primary_gid, 1, primary_gid, 513);
324 TEST_USERINFO_INT(9, primary_gid, 3, primary_gid, 513);
325 TEST_USERINFO_INT(9, primary_gid, 5, primary_gid, 513);
326 TEST_USERINFO_INT(9, primary_gid, 21, primary_gid, 513);
332 generate a random password for password change tests
334 static char *samr_rand_pass(TALLOC_CTX *mem_ctx)
336 size_t len = 8 + (random() % 6);
337 char *s = generate_random_str(mem_ctx, len);
338 printf("Generated password '%s'\n", s);
342 static BOOL test_SetUserPass(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
343 struct policy_handle *handle, char **password)
346 struct samr_SetUserInfo s;
347 union samr_UserInfo u;
349 DATA_BLOB session_key;
350 char *newpass = samr_rand_pass(mem_ctx);
352 s.in.handle = handle;
356 encode_pw_buffer(u.info24.password.data, newpass, STR_UNICODE);
357 /* w2k3 ignores this length */
358 u.info24.pw_len = str_charnum(newpass)*2;
360 status = dcerpc_fetch_session_key(p, &session_key);
361 if (!NT_STATUS_IS_OK(status)) {
362 printf("SetUserInfo level %u - no session key - %s\n",
363 s.in.level, nt_errstr(status));
367 arcfour_crypt_blob(u.info24.password.data, 516, &session_key);
369 printf("Testing SetUserInfo level 24 (set password)\n");
371 status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
372 if (!NT_STATUS_IS_OK(status)) {
373 printf("SetUserInfo level %u failed - %s\n",
374 s.in.level, nt_errstr(status));
384 static BOOL test_SetUserPass_23(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
385 struct policy_handle *handle, char **password)
388 struct samr_SetUserInfo s;
389 union samr_UserInfo u;
391 DATA_BLOB session_key;
392 char *newpass = samr_rand_pass(mem_ctx);
394 s.in.handle = handle;
400 u.info23.info.fields_present = SAMR_FIELD_PASSWORD;
402 encode_pw_buffer(u.info23.password.data, newpass, STR_UNICODE);
404 status = dcerpc_fetch_session_key(p, &session_key);
405 if (!NT_STATUS_IS_OK(status)) {
406 printf("SetUserInfo level %u - no session key - %s\n",
407 s.in.level, nt_errstr(status));
411 arcfour_crypt_blob(u.info23.password.data, 516, &session_key);
413 printf("Testing SetUserInfo level 23 (set password)\n");
415 status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
416 if (!NT_STATUS_IS_OK(status)) {
417 printf("SetUserInfo level %u failed - %s\n",
418 s.in.level, nt_errstr(status));
428 static BOOL test_SetUserPassEx(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
429 struct policy_handle *handle, char **password)
432 struct samr_SetUserInfo s;
433 union samr_UserInfo u;
435 DATA_BLOB session_key;
436 DATA_BLOB confounded_session_key = data_blob_talloc(mem_ctx, NULL, 16);
437 uint8_t confounder[16];
438 char *newpass = samr_rand_pass(mem_ctx);
439 struct MD5Context ctx;
441 s.in.handle = handle;
445 encode_pw_buffer(u.info26.password.data, newpass, STR_UNICODE);
446 u.info26.pw_len = strlen(newpass);
448 status = dcerpc_fetch_session_key(p, &session_key);
449 if (!NT_STATUS_IS_OK(status)) {
450 printf("SetUserInfo level %u - no session key - %s\n",
451 s.in.level, nt_errstr(status));
455 generate_random_buffer((uint8_t *)confounder, 16);
458 MD5Update(&ctx, confounder, 16);
459 MD5Update(&ctx, session_key.data, session_key.length);
460 MD5Final(confounded_session_key.data, &ctx);
462 arcfour_crypt_blob(u.info26.password.data, 516, &confounded_session_key);
463 memcpy(&u.info26.password.data[516], confounder, 16);
465 printf("Testing SetUserInfo level 26 (set password ex)\n");
467 status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
468 if (!NT_STATUS_IS_OK(status)) {
469 printf("SetUserInfo level %u failed - %s\n",
470 s.in.level, nt_errstr(status));
479 static BOOL test_SetUserPass_25(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
480 struct policy_handle *handle, char **password)
483 struct samr_SetUserInfo s;
484 union samr_UserInfo u;
486 DATA_BLOB session_key;
487 DATA_BLOB confounded_session_key = data_blob_talloc(mem_ctx, NULL, 16);
488 uint8_t confounder[16];
489 char *newpass = samr_rand_pass(mem_ctx);
490 struct MD5Context ctx;
492 s.in.handle = handle;
498 u.info25.info.fields_present = SAMR_FIELD_PASSWORD;
500 encode_pw_buffer(u.info25.password.data, newpass, STR_UNICODE);
502 status = dcerpc_fetch_session_key(p, &session_key);
503 if (!NT_STATUS_IS_OK(status)) {
504 printf("SetUserInfo level %u - no session key - %s\n",
505 s.in.level, nt_errstr(status));
509 generate_random_buffer((uint8_t *)confounder, 16);
512 MD5Update(&ctx, confounder, 16);
513 MD5Update(&ctx, session_key.data, session_key.length);
514 MD5Final(confounded_session_key.data, &ctx);
516 arcfour_crypt_blob(u.info25.password.data, 516, &confounded_session_key);
517 memcpy(&u.info25.password.data[516], confounder, 16);
519 printf("Testing SetUserInfo level 25 (set password ex)\n");
521 status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
522 if (!NT_STATUS_IS_OK(status)) {
523 printf("SetUserInfo level %u failed - %s\n",
524 s.in.level, nt_errstr(status));
533 static BOOL test_SetAliasInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
534 struct policy_handle *handle)
537 struct samr_SetAliasInfo r;
538 struct samr_QueryAliasInfo q;
539 uint16_t levels[] = {2, 3};
543 /* Ignoring switch level 1, as that includes the number of members for the alias
544 * and setting this to a wrong value might have negative consequences
547 for (i=0;i<ARRAY_SIZE(levels);i++) {
548 printf("Testing SetAliasInfo level %u\n", levels[i]);
550 r.in.handle = handle;
551 r.in.level = levels[i];
552 switch (r.in.level) {
553 case 2 : init_samr_Name(&r.in.info.name,TEST_ALIASNAME); break;
554 case 3 : init_samr_Name(&r.in.info.description,
555 "Test Description, should test I18N as well"); break;
558 status = dcerpc_samr_SetAliasInfo(p, mem_ctx, &r);
559 if (!NT_STATUS_IS_OK(status)) {
560 printf("SetAliasInfo level %u failed - %s\n",
561 levels[i], nt_errstr(status));
565 q.in.handle = handle;
566 q.in.level = levels[i];
568 status = dcerpc_samr_QueryAliasInfo(p, mem_ctx, &q);
569 if (!NT_STATUS_IS_OK(status)) {
570 printf("QueryAliasInfo level %u failed - %s\n",
571 levels[i], nt_errstr(status));
579 static BOOL test_GetGroupsForUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
580 struct policy_handle *user_handle)
582 struct samr_GetGroupsForUser r;
586 printf("testing GetGroupsForUser\n");
588 r.in.handle = user_handle;
590 status = dcerpc_samr_GetGroupsForUser(p, mem_ctx, &r);
591 if (!NT_STATUS_IS_OK(status)) {
592 printf("GetGroupsForUser failed - %s\n",nt_errstr(status));
600 static BOOL test_GetDomPwInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
601 struct samr_Name *domain_name)
604 struct samr_GetDomPwInfo r;
607 r.in.name = domain_name;
608 printf("Testing GetDomPwInfo with name %s\n", r.in.name->name);
610 status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &r);
611 if (!NT_STATUS_IS_OK(status)) {
612 printf("GetDomPwInfo failed - %s\n", nt_errstr(status));
616 r.in.name->name = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
617 printf("Testing GetDomPwInfo with name %s\n", r.in.name->name);
619 status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &r);
620 if (!NT_STATUS_IS_OK(status)) {
621 printf("GetDomPwInfo failed - %s\n", nt_errstr(status));
625 r.in.name->name = "\\\\__NONAME__";
626 printf("Testing GetDomPwInfo with name %s\n", r.in.name->name);
628 status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &r);
629 if (!NT_STATUS_IS_OK(status)) {
630 printf("GetDomPwInfo failed - %s\n", nt_errstr(status));
634 r.in.name->name = "\\\\Builtin";
635 printf("Testing GetDomPwInfo with name %s\n", r.in.name->name);
637 status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &r);
638 if (!NT_STATUS_IS_OK(status)) {
639 printf("GetDomPwInfo failed - %s\n", nt_errstr(status));
647 static BOOL test_GetUserPwInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
648 struct policy_handle *handle)
651 struct samr_GetUserPwInfo r;
654 printf("Testing GetUserPwInfo\n");
656 r.in.handle = handle;
658 status = dcerpc_samr_GetUserPwInfo(p, mem_ctx, &r);
659 if (!NT_STATUS_IS_OK(status)) {
660 printf("GetUserPwInfo failed - %s\n", nt_errstr(status));
667 static NTSTATUS test_LookupName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
668 struct policy_handle *domain_handle, const char *name,
672 struct samr_LookupNames n;
673 struct samr_Name sname[2];
675 init_samr_Name(&sname[0], name);
677 n.in.handle = domain_handle;
680 status = dcerpc_samr_LookupNames(p, mem_ctx, &n);
681 if (NT_STATUS_IS_OK(status)) {
682 *rid = n.out.rids.ids[0];
687 init_samr_Name(&sname[1], "xxNONAMExx");
689 status = dcerpc_samr_LookupNames(p, mem_ctx, &n);
690 if (!NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
691 printf("LookupNames[2] failed - %s\n", nt_errstr(status));
695 init_samr_Name(&sname[1], "xxNONAMExx");
697 status = dcerpc_samr_LookupNames(p, mem_ctx, &n);
698 if (!NT_STATUS_IS_OK(status)) {
699 printf("LookupNames[0] failed - %s\n", nt_errstr(status));
705 static NTSTATUS test_OpenUser_byname(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
706 struct policy_handle *domain_handle,
707 const char *name, struct policy_handle *user_handle)
710 struct samr_OpenUser r;
713 status = test_LookupName(p, mem_ctx, domain_handle, name, &rid);
714 if (!NT_STATUS_IS_OK(status)) {
718 r.in.handle = domain_handle;
719 r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
721 r.out.acct_handle = user_handle;
722 status = dcerpc_samr_OpenUser(p, mem_ctx, &r);
723 if (!NT_STATUS_IS_OK(status)) {
724 printf("OpenUser_byname(%s) failed - %s\n", name, nt_errstr(status));
731 static BOOL test_ChangePasswordNT3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
732 struct policy_handle *handle)
735 struct samr_ChangePasswordUser r;
737 struct samr_Password hash1, hash2, hash3, hash4, hash5, hash6;
738 struct policy_handle user_handle;
739 char *oldpass = "test";
740 char *newpass = "test2";
741 uint8_t old_nt_hash[16], new_nt_hash[16];
742 uint8_t old_lm_hash[16], new_lm_hash[16];
744 status = test_OpenUser_byname(p, mem_ctx, handle, "testuser", &user_handle);
745 if (!NT_STATUS_IS_OK(status)) {
749 printf("Testing ChangePasswordUser for user 'testuser'\n");
751 printf("old password: %s\n", oldpass);
752 printf("new password: %s\n", newpass);
754 E_md4hash(oldpass, old_nt_hash);
755 E_md4hash(newpass, new_nt_hash);
756 E_deshash(oldpass, old_lm_hash);
757 E_deshash(newpass, new_lm_hash);
759 E_old_pw_hash(new_lm_hash, old_lm_hash, hash1.hash);
760 E_old_pw_hash(old_lm_hash, new_lm_hash, hash2.hash);
761 E_old_pw_hash(new_nt_hash, old_nt_hash, hash3.hash);
762 E_old_pw_hash(old_nt_hash, new_nt_hash, hash4.hash);
763 E_old_pw_hash(old_lm_hash, new_nt_hash, hash5.hash);
764 E_old_pw_hash(old_nt_hash, new_lm_hash, hash6.hash);
766 r.in.handle = &user_handle;
768 r.in.old_lm_crypted = &hash1;
769 r.in.new_lm_crypted = &hash2;
771 r.in.old_nt_crypted = &hash3;
772 r.in.new_nt_crypted = &hash4;
773 r.in.cross1_present = 1;
774 r.in.nt_cross = &hash5;
775 r.in.cross2_present = 1;
776 r.in.lm_cross = &hash6;
778 status = dcerpc_samr_ChangePasswordUser(p, mem_ctx, &r);
779 if (!NT_STATUS_IS_OK(status)) {
780 printf("ChangePasswordUser failed - %s\n", nt_errstr(status));
784 if (!test_Close(p, mem_ctx, &user_handle)) {
792 static BOOL test_ChangePasswordUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
793 struct policy_handle *handle, char **password)
796 struct samr_ChangePasswordUser r;
798 struct samr_Password hash1, hash2, hash3, hash4, hash5, hash6;
799 struct policy_handle user_handle;
800 char *oldpass = *password;
801 char *newpass = samr_rand_pass(mem_ctx);
802 uint8_t old_nt_hash[16], new_nt_hash[16];
803 uint8_t old_lm_hash[16], new_lm_hash[16];
805 status = test_OpenUser_byname(p, mem_ctx, handle, TEST_ACCOUNT_NAME, &user_handle);
806 if (!NT_STATUS_IS_OK(status)) {
810 printf("Testing ChangePasswordUser\n");
812 E_md4hash(oldpass, old_nt_hash);
813 E_md4hash(newpass, new_nt_hash);
814 E_deshash(oldpass, old_lm_hash);
815 E_deshash(newpass, new_lm_hash);
817 E_old_pw_hash(new_lm_hash, old_lm_hash, hash1.hash);
818 E_old_pw_hash(old_lm_hash, new_lm_hash, hash2.hash);
819 E_old_pw_hash(new_nt_hash, old_nt_hash, hash3.hash);
820 E_old_pw_hash(old_nt_hash, new_nt_hash, hash4.hash);
821 E_old_pw_hash(old_lm_hash, new_nt_hash, hash5.hash);
822 E_old_pw_hash(old_nt_hash, new_lm_hash, hash6.hash);
824 r.in.handle = &user_handle;
826 r.in.old_lm_crypted = &hash1;
827 r.in.new_lm_crypted = &hash2;
829 r.in.old_nt_crypted = &hash3;
830 r.in.new_nt_crypted = &hash4;
831 r.in.cross1_present = 1;
832 r.in.nt_cross = &hash5;
833 r.in.cross2_present = 1;
834 r.in.lm_cross = &hash6;
836 status = dcerpc_samr_ChangePasswordUser(p, mem_ctx, &r);
837 if (!NT_STATUS_IS_OK(status)) {
838 printf("ChangePasswordUser failed - %s\n", nt_errstr(status));
844 if (!test_Close(p, mem_ctx, &user_handle)) {
852 static BOOL test_OemChangePasswordUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
853 struct policy_handle *handle, char **password)
856 struct samr_OemChangePasswordUser2 r;
858 struct samr_Password lm_verifier;
859 struct samr_CryptPassword lm_pass;
860 struct samr_AsciiName server, account;
861 char *oldpass = *password;
862 char *newpass = samr_rand_pass(mem_ctx);
863 uint8_t old_lm_hash[16], new_lm_hash[16];
865 printf("Testing OemChangePasswordUser2\n");
867 server.name = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
868 account.name = TEST_ACCOUNT_NAME;
870 E_deshash(oldpass, old_lm_hash);
871 E_deshash(newpass, new_lm_hash);
873 encode_pw_buffer(lm_pass.data, newpass, STR_ASCII);
874 arcfour_crypt(lm_pass.data, old_lm_hash, 516);
875 E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash);
877 r.in.server = &server;
878 r.in.account = &account;
879 r.in.password = &lm_pass;
880 r.in.hash = &lm_verifier;
882 status = dcerpc_samr_OemChangePasswordUser2(p, mem_ctx, &r);
883 if (!NT_STATUS_IS_OK(status)) {
884 printf("OemChangePasswordUser2 failed - %s\n", nt_errstr(status));
894 static BOOL test_ChangePasswordUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
895 struct policy_handle *handle, char **password)
898 struct samr_ChangePasswordUser2 r;
900 struct samr_Name server, account;
901 struct samr_CryptPassword nt_pass, lm_pass;
902 struct samr_Password nt_verifier, lm_verifier;
903 char *oldpass = *password;
904 char *newpass = samr_rand_pass(mem_ctx);
905 uint8_t old_nt_hash[16], new_nt_hash[16];
906 uint8_t old_lm_hash[16], new_lm_hash[16];
908 printf("Testing ChangePasswordUser2\n");
910 server.name = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
911 init_samr_Name(&account, TEST_ACCOUNT_NAME);
913 E_md4hash(oldpass, old_nt_hash);
914 E_md4hash(newpass, new_nt_hash);
916 E_deshash(oldpass, old_lm_hash);
917 E_deshash(newpass, new_lm_hash);
919 encode_pw_buffer(lm_pass.data, newpass, STR_ASCII|STR_TERMINATE);
920 arcfour_crypt(lm_pass.data, old_lm_hash, 516);
921 E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash);
923 encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE);
924 arcfour_crypt(nt_pass.data, old_nt_hash, 516);
925 E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash);
927 r.in.server = &server;
928 r.in.account = &account;
929 r.in.nt_password = &nt_pass;
930 r.in.nt_verifier = &nt_verifier;
932 r.in.lm_password = &lm_pass;
933 r.in.lm_verifier = &lm_verifier;
935 status = dcerpc_samr_ChangePasswordUser2(p, mem_ctx, &r);
936 if (!NT_STATUS_IS_OK(status)) {
937 printf("ChangePasswordUser2 failed - %s\n", nt_errstr(status));
947 static BOOL test_ChangePasswordUser3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
948 struct policy_handle *handle, char **password)
951 struct samr_ChangePasswordUser3 r;
953 struct samr_Name server, account;
954 struct samr_CryptPassword nt_pass, lm_pass;
955 struct samr_Password nt_verifier, lm_verifier;
956 char *oldpass = *password;
957 char *newpass = samr_rand_pass(mem_ctx);
958 uint8_t old_nt_hash[16], new_nt_hash[16];
959 uint8_t old_lm_hash[16], new_lm_hash[16];
961 printf("Testing ChangePasswordUser3\n");
963 server.name = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
964 init_samr_Name(&account, TEST_ACCOUNT_NAME);
966 E_md4hash(oldpass, old_nt_hash);
967 E_md4hash(newpass, new_nt_hash);
969 E_deshash(oldpass, old_lm_hash);
970 E_deshash(newpass, new_lm_hash);
972 encode_pw_buffer(lm_pass.data, newpass, STR_UNICODE);
973 arcfour_crypt(lm_pass.data, old_nt_hash, 516);
974 E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash);
976 encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE);
977 arcfour_crypt(nt_pass.data, old_nt_hash, 516);
978 E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash);
980 r.in.server = &server;
981 r.in.account = &account;
982 r.in.nt_password = &nt_pass;
983 r.in.nt_verifier = &nt_verifier;
985 r.in.lm_password = &lm_pass;
986 r.in.lm_verifier = &lm_verifier;
987 r.in.password3 = NULL;
989 status = dcerpc_samr_ChangePasswordUser3(p, mem_ctx, &r);
990 if (!NT_STATUS_IS_OK(status)) {
991 printf("ChangePasswordUser3 failed - %s\n", nt_errstr(status));
1001 static BOOL test_GetMembersInAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1002 struct policy_handle *alias_handle)
1004 struct samr_GetMembersInAlias r;
1005 struct lsa_SidArray sids;
1009 printf("Testing GetMembersInAlias\n");
1011 r.in.handle = alias_handle;
1014 status = dcerpc_samr_GetMembersInAlias(p, mem_ctx, &r);
1015 if (!NT_STATUS_IS_OK(status)) {
1016 printf("GetMembersInAlias failed - %s\n",
1024 static BOOL test_AddMemberToAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1025 struct policy_handle *alias_handle,
1026 struct policy_handle *domain_handle,
1027 const struct dom_sid *domain_sid)
1029 struct samr_AddAliasMember r;
1030 struct samr_DeleteAliasMember d;
1033 struct dom_sid *sid;
1035 sid = dom_sid_add_rid(mem_ctx, domain_sid, 512);
1037 printf("testing AddAliasMember\n");
1038 r.in.handle = alias_handle;
1041 status = dcerpc_samr_AddAliasMember(p, mem_ctx, &r);
1042 if (!NT_STATUS_IS_OK(status)) {
1043 printf("AddAliasMember failed - %s\n", nt_errstr(status));
1047 d.in.handle = alias_handle;
1050 status = dcerpc_samr_DeleteAliasMember(p, mem_ctx, &d);
1051 if (!NT_STATUS_IS_OK(status)) {
1052 printf("DelAliasMember failed - %s\n", nt_errstr(status));
1059 static BOOL test_AddMultipleMembersToAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1060 struct policy_handle *alias_handle)
1062 struct samr_AddMultipleMembersToAlias a;
1063 struct samr_RemoveMultipleMembersFromAlias r;
1066 struct lsa_SidArray sids;
1068 printf("testing AddMultipleMembersToAlias\n");
1069 a.in.handle = alias_handle;
1073 sids.sids = talloc_array_p(mem_ctx, struct lsa_SidPtr, 3);
1075 sids.sids[0].sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-1-2-3-1");
1076 sids.sids[1].sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-1-2-3-2");
1077 sids.sids[2].sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-1-2-3-3");
1079 status = dcerpc_samr_AddMultipleMembersToAlias(p, mem_ctx, &a);
1080 if (!NT_STATUS_IS_OK(status)) {
1081 printf("AddMultipleMembersToAlias failed - %s\n", nt_errstr(status));
1086 printf("testing RemoveMultipleMembersFromAlias\n");
1087 r.in.handle = alias_handle;
1090 status = dcerpc_samr_RemoveMultipleMembersFromAlias(p, mem_ctx, &r);
1091 if (!NT_STATUS_IS_OK(status)) {
1092 printf("RemoveMultipleMembersFromAlias failed - %s\n", nt_errstr(status));
1096 /* strange! removing twice doesn't give any error */
1097 status = dcerpc_samr_RemoveMultipleMembersFromAlias(p, mem_ctx, &r);
1098 if (!NT_STATUS_IS_OK(status)) {
1099 printf("RemoveMultipleMembersFromAlias failed - %s\n", nt_errstr(status));
1103 /* but removing an alias that isn't there does */
1104 sids.sids[2].sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-1-2-3-4");
1106 status = dcerpc_samr_RemoveMultipleMembersFromAlias(p, mem_ctx, &r);
1107 if (!NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_NOT_FOUND, status)) {
1108 printf("RemoveMultipleMembersFromAlias failed - %s\n", nt_errstr(status));
1115 static BOOL test_TestPrivateFunctionsUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1116 struct policy_handle *user_handle)
1118 struct samr_TestPrivateFunctionsUser r;
1122 printf("Testing TestPrivateFunctionsUser\n");
1124 r.in.handle = user_handle;
1126 status = dcerpc_samr_TestPrivateFunctionsUser(p, mem_ctx, &r);
1127 if (!NT_STATUS_EQUAL(NT_STATUS_NOT_IMPLEMENTED, status)) {
1128 printf("TestPrivateFunctionsUser failed - %s\n", nt_errstr(status));
1136 static BOOL test_user_ops(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1137 struct policy_handle *handle)
1141 if (!test_QuerySecurity(p, mem_ctx, handle)) {
1145 if (!test_QueryUserInfo(p, mem_ctx, handle)) {
1149 if (!test_QueryUserInfo2(p, mem_ctx, handle)) {
1153 if (!test_SetUserInfo(p, mem_ctx, handle)) {
1157 if (!test_GetUserPwInfo(p, mem_ctx, handle)) {
1161 if (!test_TestPrivateFunctionsUser(p, mem_ctx, handle)) {
1168 static BOOL test_alias_ops(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1169 struct policy_handle *alias_handle,
1170 struct policy_handle *domain_handle,
1171 const struct dom_sid *domain_sid)
1175 if (!test_QuerySecurity(p, mem_ctx, alias_handle)) {
1179 if (!test_QueryAliasInfo(p, mem_ctx, alias_handle)) {
1183 if (!test_SetAliasInfo(p, mem_ctx, alias_handle)) {
1187 if (!test_AddMemberToAlias(p, mem_ctx, alias_handle,
1188 domain_handle, domain_sid)) {
1192 if (!test_AddMultipleMembersToAlias(p, mem_ctx, alias_handle)) {
1200 BOOL test_DeleteUser_byname(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1201 struct policy_handle *handle, const char *name)
1204 struct samr_DeleteUser d;
1205 struct policy_handle acct_handle;
1208 status = test_LookupName(p, mem_ctx, handle, name, &rid);
1209 if (!NT_STATUS_IS_OK(status)) {
1213 status = test_OpenUser_byname(p, mem_ctx, handle, name, &acct_handle);
1214 if (!NT_STATUS_IS_OK(status)) {
1218 d.in.handle = &acct_handle;
1219 d.out.handle = &acct_handle;
1220 status = dcerpc_samr_DeleteUser(p, mem_ctx, &d);
1221 if (!NT_STATUS_IS_OK(status)) {
1228 printf("DeleteUser_byname(%s) failed - %s\n", name, nt_errstr(status));
1233 static BOOL test_DeleteGroup_byname(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1234 struct policy_handle *handle, const char *name)
1237 struct samr_OpenGroup r;
1238 struct samr_DeleteDomainGroup d;
1239 struct policy_handle group_handle;
1242 status = test_LookupName(p, mem_ctx, handle, name, &rid);
1243 if (!NT_STATUS_IS_OK(status)) {
1247 r.in.handle = handle;
1248 r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
1250 r.out.acct_handle = &group_handle;
1251 status = dcerpc_samr_OpenGroup(p, mem_ctx, &r);
1252 if (!NT_STATUS_IS_OK(status)) {
1256 d.in.handle = &group_handle;
1257 d.out.handle = &group_handle;
1258 status = dcerpc_samr_DeleteDomainGroup(p, mem_ctx, &d);
1259 if (!NT_STATUS_IS_OK(status)) {
1266 printf("DeleteGroup_byname(%s) failed - %s\n", name, nt_errstr(status));
1271 static BOOL test_DeleteAlias_byname(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1272 struct policy_handle *domain_handle, const char *name)
1275 struct samr_OpenAlias r;
1276 struct samr_DeleteDomAlias d;
1277 struct policy_handle alias_handle;
1280 printf("testing DeleteAlias_byname\n");
1282 status = test_LookupName(p, mem_ctx, domain_handle, name, &rid);
1283 if (!NT_STATUS_IS_OK(status)) {
1287 r.in.handle = domain_handle;
1288 r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
1290 r.out.acct_handle = &alias_handle;
1291 status = dcerpc_samr_OpenAlias(p, mem_ctx, &r);
1292 if (!NT_STATUS_IS_OK(status)) {
1296 d.in.handle = &alias_handle;
1297 d.out.handle = &alias_handle;
1298 status = dcerpc_samr_DeleteDomAlias(p, mem_ctx, &d);
1299 if (!NT_STATUS_IS_OK(status)) {
1306 printf("DeleteUser_byname(%s) failed - %s\n", name, nt_errstr(status));
1310 static BOOL test_DeleteAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1311 struct policy_handle *alias_handle)
1313 struct samr_DeleteDomAlias d;
1316 printf("Testing DeleteAlias\n");
1318 d.in.handle = alias_handle;
1319 d.out.handle = alias_handle;
1321 status = dcerpc_samr_DeleteDomAlias(p, mem_ctx, &d);
1322 if (!NT_STATUS_IS_OK(status)) {
1323 printf("DeleteAlias failed - %s\n", nt_errstr(status));
1330 static BOOL test_CreateAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1331 struct policy_handle *domain_handle,
1332 struct policy_handle *alias_handle,
1333 const struct dom_sid *domain_sid)
1336 struct samr_CreateDomAlias r;
1337 struct samr_Name name;
1341 init_samr_Name(&name, TEST_ALIASNAME);
1342 r.in.handle = domain_handle;
1343 r.in.aliasname = &name;
1344 r.in.access_mask = SEC_RIGHT_MAXIMUM_ALLOWED;
1345 r.out.acct_handle = alias_handle;
1348 printf("Testing CreateAlias (%s)\n", r.in.aliasname->name);
1350 status = dcerpc_samr_CreateDomAlias(p, mem_ctx, &r);
1352 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
1353 printf("Server refused create of '%s'\n", r.in.aliasname->name);
1357 if (NT_STATUS_EQUAL(status, NT_STATUS_ALIAS_EXISTS)) {
1358 if (!test_DeleteAlias_byname(p, mem_ctx, domain_handle, r.in.aliasname->name)) {
1361 status = dcerpc_samr_CreateDomAlias(p, mem_ctx, &r);
1364 if (!NT_STATUS_IS_OK(status)) {
1365 printf("CreateAlias failed - %s\n", nt_errstr(status));
1369 if (!test_alias_ops(p, mem_ctx, alias_handle, domain_handle, domain_sid)) {
1376 static BOOL test_ChangePassword(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1377 struct policy_handle *domain_handle, char **password)
1385 if (!test_ChangePasswordUser(p, mem_ctx, domain_handle, password)) {
1389 if (!test_ChangePasswordUser2(p, mem_ctx, domain_handle, password)) {
1393 if (!test_OemChangePasswordUser2(p, mem_ctx, domain_handle, password)) {
1397 if (!test_ChangePasswordUser3(p, mem_ctx, domain_handle, password)) {
1404 static BOOL test_CreateUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1405 struct policy_handle *domain_handle, struct policy_handle *user_handle)
1408 struct samr_CreateUser r;
1409 struct samr_QueryUserInfo q;
1411 char *password = NULL;
1413 /* This call creates a 'normal' account - check that it really does */
1414 const uint32_t acct_flags = ACB_NORMAL;
1415 struct samr_Name name;
1418 init_samr_Name(&name, TEST_ACCOUNT_NAME);
1420 r.in.handle = domain_handle;
1421 r.in.account_name = &name;
1422 r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
1423 r.out.acct_handle = user_handle;
1426 printf("Testing CreateUser(%s)\n", r.in.account_name->name);
1428 status = dcerpc_samr_CreateUser(p, mem_ctx, &r);
1430 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
1431 printf("Server refused create of '%s'\n", r.in.account_name->name);
1432 ZERO_STRUCTP(user_handle);
1436 if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
1437 if (!test_DeleteUser_byname(p, mem_ctx, domain_handle, r.in.account_name->name)) {
1440 status = dcerpc_samr_CreateUser(p, mem_ctx, &r);
1442 if (!NT_STATUS_IS_OK(status)) {
1443 printf("CreateUser failed - %s\n", nt_errstr(status));
1447 q.in.handle = user_handle;
1450 status = dcerpc_samr_QueryUserInfo(p, mem_ctx, &q);
1451 if (!NT_STATUS_IS_OK(status)) {
1452 printf("QueryUserInfo level %u failed - %s\n",
1453 q.in.level, nt_errstr(status));
1456 if ((q.out.info->info16.acct_flags & acct_flags) != acct_flags) {
1457 printf("QuerUserInfo level 16 failed, it returned 0x%08x (%u) when we expected flags of 0x%08x (%u)\n",
1458 q.out.info->info16.acct_flags, q.out.info->info16.acct_flags,
1459 acct_flags, acct_flags);
1464 if (!test_user_ops(p, mem_ctx, user_handle)) {
1468 if (!test_SetUserPass(p, mem_ctx, user_handle, &password)) {
1472 if (!test_SetUserPass_23(p, mem_ctx, user_handle, &password)) {
1476 if (!test_SetUserPassEx(p, mem_ctx, user_handle, &password)) {
1480 if (!test_SetUserPass_25(p, mem_ctx, user_handle, &password)) {
1484 /* we change passwords twice - this has the effect of verifying
1485 they were changed correctly */
1486 if (!test_ChangePassword(p, mem_ctx, domain_handle, &password)) {
1490 if (!test_ChangePassword(p, mem_ctx, domain_handle, &password)) {
1499 static BOOL test_DeleteUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1500 struct policy_handle *user_handle)
1502 struct samr_DeleteUser d;
1506 printf("Testing DeleteUser\n");
1508 d.in.handle = user_handle;
1509 d.out.handle = user_handle;
1511 status = dcerpc_samr_DeleteUser(p, mem_ctx, &d);
1512 if (!NT_STATUS_IS_OK(status)) {
1513 printf("DeleteUser failed - %s\n", nt_errstr(status));
1520 static BOOL test_CreateUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1521 struct policy_handle *handle)
1524 struct samr_CreateUser2 r;
1525 struct samr_QueryUserInfo q;
1526 struct samr_DeleteUser d;
1527 struct policy_handle acct_handle;
1529 struct samr_Name name;
1534 uint32_t acct_flags;
1535 const char *account_name;
1537 } account_types[] = {
1538 { ACB_NORMAL, TEST_ACCOUNT_NAME, NT_STATUS_OK },
1539 { ACB_NORMAL | ACB_DISABLED, TEST_ACCOUNT_NAME, NT_STATUS_INVALID_PARAMETER },
1540 { ACB_NORMAL | ACB_PWNOEXP, TEST_ACCOUNT_NAME, NT_STATUS_INVALID_PARAMETER },
1541 { ACB_WSTRUST, TEST_MACHINENAME, NT_STATUS_OK },
1542 { ACB_WSTRUST | ACB_DISABLED, TEST_MACHINENAME, NT_STATUS_INVALID_PARAMETER },
1543 { ACB_WSTRUST | ACB_PWNOEXP, TEST_MACHINENAME, NT_STATUS_INVALID_PARAMETER },
1544 { ACB_SVRTRUST, TEST_MACHINENAME, NT_STATUS_OK },
1545 { ACB_SVRTRUST | ACB_DISABLED, TEST_MACHINENAME, NT_STATUS_INVALID_PARAMETER },
1546 { ACB_SVRTRUST | ACB_PWNOEXP, TEST_MACHINENAME, NT_STATUS_INVALID_PARAMETER },
1547 { ACB_DOMTRUST, TEST_DOMAINNAME, NT_STATUS_OK },
1548 { ACB_DOMTRUST | ACB_DISABLED, TEST_DOMAINNAME, NT_STATUS_INVALID_PARAMETER },
1549 { ACB_DOMTRUST | ACB_PWNOEXP, TEST_DOMAINNAME, NT_STATUS_INVALID_PARAMETER },
1550 { 0, TEST_ACCOUNT_NAME, NT_STATUS_INVALID_PARAMETER },
1551 { ACB_DISABLED, TEST_ACCOUNT_NAME, NT_STATUS_INVALID_PARAMETER },
1552 { 0, NULL, NT_STATUS_INVALID_PARAMETER }
1555 for (i = 0; account_types[i].account_name; i++) {
1556 uint32_t acct_flags = account_types[i].acct_flags;
1557 uint32_t access_granted;
1559 init_samr_Name(&name, account_types[i].account_name);
1561 r.in.handle = handle;
1562 r.in.account_name = &name;
1563 r.in.acct_flags = acct_flags;
1564 r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
1565 r.out.acct_handle = &acct_handle;
1566 r.out.access_granted = &access_granted;
1569 printf("Testing CreateUser2(%s)\n", r.in.account_name->name);
1571 status = dcerpc_samr_CreateUser2(p, mem_ctx, &r);
1573 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
1574 printf("Server refused create of '%s'\n", r.in.account_name->name);
1577 } else if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
1578 if (!test_DeleteUser_byname(p, mem_ctx, handle, r.in.account_name->name)) {
1581 status = dcerpc_samr_CreateUser2(p, mem_ctx, &r);
1584 if (!NT_STATUS_EQUAL(status, account_types[i].nt_status)) {
1585 printf("CreateUser2 failed gave incorrect error return - %s (should be %s)\n",
1586 nt_errstr(status), nt_errstr(account_types[i].nt_status));
1590 if (NT_STATUS_IS_OK(status)) {
1591 q.in.handle = &acct_handle;
1594 status = dcerpc_samr_QueryUserInfo(p, mem_ctx, &q);
1595 if (!NT_STATUS_IS_OK(status)) {
1596 printf("QueryUserInfo level %u failed - %s\n",
1597 q.in.level, nt_errstr(status));
1600 if ((q.out.info->info16.acct_flags & acct_flags) != acct_flags) {
1601 printf("QuerUserInfo level 16 failed, it returned 0x%08x when we expected flags of 0x%08x\n",
1602 q.out.info->info16.acct_flags,
1608 if (!test_user_ops(p, mem_ctx, &acct_handle)) {
1612 printf("Testing DeleteUser (createuser2 test)\n");
1614 d.in.handle = &acct_handle;
1615 d.out.handle = &acct_handle;
1617 status = dcerpc_samr_DeleteUser(p, mem_ctx, &d);
1618 if (!NT_STATUS_IS_OK(status)) {
1619 printf("DeleteUser failed - %s\n", nt_errstr(status));
1628 static BOOL test_QueryAliasInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1629 struct policy_handle *handle)
1632 struct samr_QueryAliasInfo r;
1633 uint16_t levels[] = {1, 2, 3};
1637 for (i=0;i<ARRAY_SIZE(levels);i++) {
1638 printf("Testing QueryAliasInfo level %u\n", levels[i]);
1640 r.in.handle = handle;
1641 r.in.level = levels[i];
1643 status = dcerpc_samr_QueryAliasInfo(p, mem_ctx, &r);
1644 if (!NT_STATUS_IS_OK(status)) {
1645 printf("QueryAliasInfo level %u failed - %s\n",
1646 levels[i], nt_errstr(status));
1654 static BOOL test_QueryGroupInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1655 struct policy_handle *handle)
1658 struct samr_QueryGroupInfo r;
1659 uint16_t levels[] = {1, 2, 3, 4};
1663 for (i=0;i<ARRAY_SIZE(levels);i++) {
1664 printf("Testing QueryGroupInfo level %u\n", levels[i]);
1666 r.in.handle = handle;
1667 r.in.level = levels[i];
1669 status = dcerpc_samr_QueryGroupInfo(p, mem_ctx, &r);
1670 if (!NT_STATUS_IS_OK(status)) {
1671 printf("QueryGroupInfo level %u failed - %s\n",
1672 levels[i], nt_errstr(status));
1681 static BOOL test_SetGroupInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1682 struct policy_handle *handle)
1685 struct samr_QueryGroupInfo r;
1686 struct samr_SetGroupInfo s;
1687 uint16_t levels[] = {1, 2, 3, 4};
1688 uint16_t set_ok[] = {0, 1, 1, 1};
1692 for (i=0;i<ARRAY_SIZE(levels);i++) {
1693 printf("Testing QueryGroupInfo level %u\n", levels[i]);
1695 r.in.handle = handle;
1696 r.in.level = levels[i];
1698 status = dcerpc_samr_QueryGroupInfo(p, mem_ctx, &r);
1699 if (!NT_STATUS_IS_OK(status)) {
1700 printf("QueryGroupInfo level %u failed - %s\n",
1701 levels[i], nt_errstr(status));
1705 printf("Testing SetGroupInfo level %u\n", levels[i]);
1707 s.in.handle = handle;
1708 s.in.level = levels[i];
1709 s.in.info = r.out.info;
1711 if (s.in.level == 2) {
1712 init_samr_Name(&s.in.info->name, "NewName");
1715 if (s.in.level == 4) {
1716 init_samr_Name(&s.in.info->description, "test description");
1719 status = dcerpc_samr_SetGroupInfo(p, mem_ctx, &s);
1721 if (!NT_STATUS_IS_OK(status)) {
1722 printf("SetGroupInfo level %u failed - %s\n",
1723 r.in.level, nt_errstr(status));
1728 if (!NT_STATUS_EQUAL(NT_STATUS_INVALID_INFO_CLASS, status)) {
1729 printf("SetGroupInfo level %u gave %s - should have been NT_STATUS_INVALID_INFO_CLASS\n",
1730 r.in.level, nt_errstr(status));
1740 static BOOL test_QueryUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1741 struct policy_handle *handle)
1744 struct samr_QueryUserInfo r;
1745 uint16_t levels[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10,
1746 11, 12, 13, 14, 16, 17, 20, 21};
1750 for (i=0;i<ARRAY_SIZE(levels);i++) {
1751 printf("Testing QueryUserInfo level %u\n", levels[i]);
1753 r.in.handle = handle;
1754 r.in.level = levels[i];
1756 status = dcerpc_samr_QueryUserInfo(p, mem_ctx, &r);
1757 if (!NT_STATUS_IS_OK(status)) {
1758 printf("QueryUserInfo level %u failed - %s\n",
1759 levels[i], nt_errstr(status));
1767 static BOOL test_QueryUserInfo2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1768 struct policy_handle *handle)
1771 struct samr_QueryUserInfo2 r;
1772 uint16_t levels[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10,
1773 11, 12, 13, 14, 16, 17, 20, 21};
1777 for (i=0;i<ARRAY_SIZE(levels);i++) {
1778 printf("Testing QueryUserInfo2 level %u\n", levels[i]);
1780 r.in.handle = handle;
1781 r.in.level = levels[i];
1783 status = dcerpc_samr_QueryUserInfo2(p, mem_ctx, &r);
1784 if (!NT_STATUS_IS_OK(status)) {
1785 printf("QueryUserInfo2 level %u failed - %s\n",
1786 levels[i], nt_errstr(status));
1794 static BOOL test_OpenUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1795 struct policy_handle *handle, uint32_t rid)
1798 struct samr_OpenUser r;
1799 struct policy_handle acct_handle;
1802 printf("Testing OpenUser(%u)\n", rid);
1804 r.in.handle = handle;
1805 r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
1807 r.out.acct_handle = &acct_handle;
1809 status = dcerpc_samr_OpenUser(p, mem_ctx, &r);
1810 if (!NT_STATUS_IS_OK(status)) {
1811 printf("OpenUser(%u) failed - %s\n", rid, nt_errstr(status));
1815 if (!test_QuerySecurity(p, mem_ctx, &acct_handle)) {
1819 if (!test_QueryUserInfo(p, mem_ctx, &acct_handle)) {
1823 if (!test_QueryUserInfo2(p, mem_ctx, &acct_handle)) {
1827 if (!test_GetUserPwInfo(p, mem_ctx, &acct_handle)) {
1831 if (!test_GetGroupsForUser(p,mem_ctx, &acct_handle)) {
1835 if (!test_Close(p, mem_ctx, &acct_handle)) {
1842 static BOOL test_OpenGroup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1843 struct policy_handle *handle, uint32_t rid)
1846 struct samr_OpenGroup r;
1847 struct policy_handle acct_handle;
1850 printf("Testing OpenGroup(%u)\n", rid);
1852 r.in.handle = handle;
1853 r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
1855 r.out.acct_handle = &acct_handle;
1857 status = dcerpc_samr_OpenGroup(p, mem_ctx, &r);
1858 if (!NT_STATUS_IS_OK(status)) {
1859 printf("OpenGroup(%u) failed - %s\n", rid, nt_errstr(status));
1863 if (!test_QuerySecurity(p, mem_ctx, &acct_handle)) {
1867 if (!test_QueryGroupInfo(p, mem_ctx, &acct_handle)) {
1871 if (!test_Close(p, mem_ctx, &acct_handle)) {
1878 static BOOL test_OpenAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1879 struct policy_handle *handle, uint32_t rid)
1882 struct samr_OpenAlias r;
1883 struct policy_handle acct_handle;
1886 printf("Testing OpenAlias(%u)\n", rid);
1888 r.in.handle = handle;
1889 r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
1891 r.out.acct_handle = &acct_handle;
1893 status = dcerpc_samr_OpenAlias(p, mem_ctx, &r);
1894 if (!NT_STATUS_IS_OK(status)) {
1895 printf("OpenAlias(%u) failed - %s\n", rid, nt_errstr(status));
1899 if (!test_QuerySecurity(p, mem_ctx, &acct_handle)) {
1903 if (!test_QueryAliasInfo(p, mem_ctx, &acct_handle)) {
1907 if (!test_GetMembersInAlias(p, mem_ctx, &acct_handle)) {
1911 if (!test_Close(p, mem_ctx, &acct_handle)) {
1918 static BOOL test_EnumDomainUsers(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1919 struct policy_handle *handle)
1922 struct samr_EnumDomainUsers r;
1923 uint32_t resume_handle=0;
1926 struct samr_LookupNames n;
1927 struct samr_LookupRids lr ;
1929 printf("Testing EnumDomainUsers\n");
1931 r.in.handle = handle;
1932 r.in.resume_handle = &resume_handle;
1933 r.in.acct_flags = 0;
1934 r.in.max_size = (uint32_t)-1;
1935 r.out.resume_handle = &resume_handle;
1937 status = dcerpc_samr_EnumDomainUsers(p, mem_ctx, &r);
1938 if (!NT_STATUS_IS_OK(status)) {
1939 printf("EnumDomainUsers failed - %s\n", nt_errstr(status));
1947 if (r.out.sam->count == 0) {
1951 for (i=0;i<r.out.sam->count;i++) {
1952 if (!test_OpenUser(p, mem_ctx, handle, r.out.sam->entries[i].idx)) {
1957 printf("Testing LookupNames\n");
1958 n.in.handle = handle;
1959 n.in.num_names = r.out.sam->count;
1960 n.in.names = talloc(mem_ctx, r.out.sam->count * sizeof(struct samr_Name));
1961 for (i=0;i<r.out.sam->count;i++) {
1962 n.in.names[i] = r.out.sam->entries[i].name;
1964 status = dcerpc_samr_LookupNames(p, mem_ctx, &n);
1965 if (!NT_STATUS_IS_OK(status)) {
1966 printf("LookupNames failed - %s\n", nt_errstr(status));
1971 printf("Testing LookupRids\n");
1972 lr.in.handle = handle;
1973 lr.in.num_rids = r.out.sam->count;
1974 lr.in.rids = talloc(mem_ctx, r.out.sam->count * sizeof(uint32_t));
1975 for (i=0;i<r.out.sam->count;i++) {
1976 lr.in.rids[i] = r.out.sam->entries[i].idx;
1978 status = dcerpc_samr_LookupRids(p, mem_ctx, &lr);
1979 if (!NT_STATUS_IS_OK(status)) {
1980 printf("LookupRids failed - %s\n", nt_errstr(status));
1987 static BOOL test_EnumDomainGroups(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1988 struct policy_handle *handle)
1991 struct samr_EnumDomainGroups r;
1992 uint32_t resume_handle=0;
1996 printf("Testing EnumDomainGroups\n");
1998 r.in.handle = handle;
1999 r.in.resume_handle = &resume_handle;
2000 r.in.max_size = (uint32_t)-1;
2001 r.out.resume_handle = &resume_handle;
2003 status = dcerpc_samr_EnumDomainGroups(p, mem_ctx, &r);
2004 if (!NT_STATUS_IS_OK(status)) {
2005 printf("EnumDomainGroups failed - %s\n", nt_errstr(status));
2013 for (i=0;i<r.out.sam->count;i++) {
2014 if (!test_OpenGroup(p, mem_ctx, handle, r.out.sam->entries[i].idx)) {
2022 static BOOL test_EnumDomainAliases(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2023 struct policy_handle *handle)
2026 struct samr_EnumDomainAliases r;
2027 uint32_t resume_handle=0;
2031 printf("Testing EnumDomainAliases\n");
2033 r.in.handle = handle;
2034 r.in.resume_handle = &resume_handle;
2035 r.in.account_flags = (uint32_t)-1;
2036 r.out.resume_handle = &resume_handle;
2038 status = dcerpc_samr_EnumDomainAliases(p, mem_ctx, &r);
2039 if (!NT_STATUS_IS_OK(status)) {
2040 printf("EnumDomainAliases failed - %s\n", nt_errstr(status));
2048 for (i=0;i<r.out.sam->count;i++) {
2049 if (!test_OpenAlias(p, mem_ctx, handle, r.out.sam->entries[i].idx)) {
2057 static BOOL test_GetDisplayEnumerationIndex(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2058 struct policy_handle *handle)
2061 struct samr_GetDisplayEnumerationIndex r;
2063 uint16_t levels[] = {1, 2, 3, 4, 5};
2064 uint16_t ok_lvl[] = {1, 1, 1, 0, 0};
2067 for (i=0;i<ARRAY_SIZE(levels);i++) {
2068 printf("Testing GetDisplayEnumerationIndex level %u\n", levels[i]);
2070 r.in.handle = handle;
2071 r.in.level = levels[i];
2072 init_samr_Name(&r.in.name, TEST_ACCOUNT_NAME);
2074 status = dcerpc_samr_GetDisplayEnumerationIndex(p, mem_ctx, &r);
2077 !NT_STATUS_IS_OK(status) &&
2078 !NT_STATUS_EQUAL(NT_STATUS_NO_MORE_ENTRIES, status)) {
2079 printf("GetDisplayEnumerationIndex level %u failed - %s\n",
2080 levels[i], nt_errstr(status));
2084 init_samr_Name(&r.in.name, "zzzzzzzz");
2086 status = dcerpc_samr_GetDisplayEnumerationIndex(p, mem_ctx, &r);
2088 if (ok_lvl[i] && !NT_STATUS_EQUAL(NT_STATUS_NO_MORE_ENTRIES, status)) {
2089 printf("GetDisplayEnumerationIndex level %u failed - %s\n",
2090 levels[i], nt_errstr(status));
2098 static BOOL test_GetDisplayEnumerationIndex2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2099 struct policy_handle *handle)
2102 struct samr_GetDisplayEnumerationIndex2 r;
2104 uint16_t levels[] = {1, 2, 3, 4, 5};
2105 uint16_t ok_lvl[] = {1, 1, 1, 0, 0};
2108 for (i=0;i<ARRAY_SIZE(levels);i++) {
2109 printf("Testing GetDisplayEnumerationIndex2 level %u\n", levels[i]);
2111 r.in.handle = handle;
2112 r.in.level = levels[i];
2113 init_samr_Name(&r.in.name, TEST_ACCOUNT_NAME);
2115 status = dcerpc_samr_GetDisplayEnumerationIndex2(p, mem_ctx, &r);
2117 !NT_STATUS_IS_OK(status) &&
2118 !NT_STATUS_EQUAL(NT_STATUS_NO_MORE_ENTRIES, status)) {
2119 printf("GetDisplayEnumerationIndex2 level %u failed - %s\n",
2120 levels[i], nt_errstr(status));
2124 init_samr_Name(&r.in.name, "zzzzzzzz");
2126 status = dcerpc_samr_GetDisplayEnumerationIndex2(p, mem_ctx, &r);
2127 if (ok_lvl[i] && !NT_STATUS_EQUAL(NT_STATUS_NO_MORE_ENTRIES, status)) {
2128 printf("GetDisplayEnumerationIndex2 level %u failed - %s\n",
2129 levels[i], nt_errstr(status));
2137 static BOOL test_QueryDisplayInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2138 struct policy_handle *handle)
2141 struct samr_QueryDisplayInfo r;
2143 uint16_t levels[] = {1, 2, 3, 4, 5};
2146 for (i=0;i<ARRAY_SIZE(levels);i++) {
2147 printf("Testing QueryDisplayInfo level %u\n", levels[i]);
2149 r.in.handle = handle;
2150 r.in.level = levels[i];
2152 r.in.max_entries = 1000;
2153 r.in.buf_size = (uint32_t)-1;
2155 status = dcerpc_samr_QueryDisplayInfo(p, mem_ctx, &r);
2156 if (!NT_STATUS_IS_OK(status)) {
2157 printf("QueryDisplayInfo level %u failed - %s\n",
2158 levels[i], nt_errstr(status));
2166 static BOOL test_QueryDisplayInfo2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2167 struct policy_handle *handle)
2170 struct samr_QueryDisplayInfo2 r;
2172 uint16_t levels[] = {1, 2, 3, 4, 5};
2175 for (i=0;i<ARRAY_SIZE(levels);i++) {
2176 printf("Testing QueryDisplayInfo2 level %u\n", levels[i]);
2178 r.in.handle = handle;
2179 r.in.level = levels[i];
2181 r.in.max_entries = 1000;
2182 r.in.buf_size = (uint32_t)-1;
2184 status = dcerpc_samr_QueryDisplayInfo2(p, mem_ctx, &r);
2185 if (!NT_STATUS_IS_OK(status)) {
2186 printf("QueryDisplayInfo2 level %u failed - %s\n",
2187 levels[i], nt_errstr(status));
2195 static BOOL test_QueryDisplayInfo3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2196 struct policy_handle *handle)
2199 struct samr_QueryDisplayInfo3 r;
2201 uint16_t levels[] = {1, 2, 3, 4, 5};
2204 for (i=0;i<ARRAY_SIZE(levels);i++) {
2205 printf("Testing QueryDisplayInfo3 level %u\n", levels[i]);
2207 r.in.handle = handle;
2208 r.in.level = levels[i];
2210 r.in.max_entries = 1000;
2211 r.in.buf_size = (uint32_t)-1;
2213 status = dcerpc_samr_QueryDisplayInfo3(p, mem_ctx, &r);
2214 if (!NT_STATUS_IS_OK(status)) {
2215 printf("QueryDisplayInfo3 level %u failed - %s\n",
2216 levels[i], nt_errstr(status));
2224 static BOOL test_QueryDomainInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2225 struct policy_handle *handle)
2228 struct samr_QueryDomainInfo r;
2229 struct samr_SetDomainInfo s;
2230 uint16_t levels[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13};
2231 uint16_t set_ok[] = {1, 0, 1, 1, 0, 1, 1, 0, 1, 0, 1, 0};
2235 for (i=0;i<ARRAY_SIZE(levels);i++) {
2236 printf("Testing QueryDomainInfo level %u\n", levels[i]);
2238 r.in.handle = handle;
2239 r.in.level = levels[i];
2241 status = dcerpc_samr_QueryDomainInfo(p, mem_ctx, &r);
2242 if (!NT_STATUS_IS_OK(status)) {
2243 printf("QueryDomainInfo level %u failed - %s\n",
2244 r.in.level, nt_errstr(status));
2249 printf("Testing SetDomainInfo level %u\n", levels[i]);
2251 s.in.handle = handle;
2252 s.in.level = levels[i];
2253 s.in.info = r.out.info;
2255 status = dcerpc_samr_SetDomainInfo(p, mem_ctx, &s);
2257 if (!NT_STATUS_IS_OK(status)) {
2258 printf("SetDomainInfo level %u failed - %s\n",
2259 r.in.level, nt_errstr(status));
2264 if (!NT_STATUS_EQUAL(NT_STATUS_INVALID_INFO_CLASS, status)) {
2265 printf("SetDomainInfo level %u gave %s - should have been NT_STATUS_INVALID_INFO_CLASS\n",
2266 r.in.level, nt_errstr(status));
2272 status = dcerpc_samr_QueryDomainInfo(p, mem_ctx, &r);
2273 if (!NT_STATUS_IS_OK(status)) {
2274 printf("QueryDomainInfo level %u failed - %s\n",
2275 r.in.level, nt_errstr(status));
2285 static BOOL test_QueryDomainInfo2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2286 struct policy_handle *handle)
2289 struct samr_QueryDomainInfo2 r;
2290 uint16_t levels[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13};
2294 for (i=0;i<ARRAY_SIZE(levels);i++) {
2295 printf("Testing QueryDomainInfo2 level %u\n", levels[i]);
2297 r.in.handle = handle;
2298 r.in.level = levels[i];
2300 status = dcerpc_samr_QueryDomainInfo2(p, mem_ctx, &r);
2301 if (!NT_STATUS_IS_OK(status)) {
2302 printf("QueryDomainInfo2 level %u failed - %s\n",
2303 r.in.level, nt_errstr(status));
2312 void add_string_to_array(TALLOC_CTX *mem_ctx,
2313 const char *str, const char ***strings, int *num)
2315 *strings = talloc_realloc(mem_ctx, *strings,
2316 ((*num)+1) * sizeof(**strings));
2318 if (*strings == NULL)
2321 (*strings)[*num] = str;
2327 /* Test whether querydispinfo level 5 and enumdomgroups return the same
2328 set of group names. */
2329 static BOOL test_GroupList(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2330 struct policy_handle *handle)
2332 struct samr_EnumDomainGroups q1;
2333 struct samr_QueryDisplayInfo q2;
2335 uint32_t resume_handle=0;
2340 const char **names = NULL;
2342 printf("Testing coherency of querydispinfo vs enumdomgroups\n");
2344 q1.in.handle = handle;
2345 q1.in.resume_handle = &resume_handle;
2347 q1.out.resume_handle = &resume_handle;
2349 status = STATUS_MORE_ENTRIES;
2350 while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
2351 status = dcerpc_samr_EnumDomainGroups(p, mem_ctx, &q1);
2353 if (!NT_STATUS_IS_OK(status) &&
2354 !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES))
2357 for (i=0; i<q1.out.sam->count; i++) {
2358 add_string_to_array(mem_ctx,
2359 q1.out.sam->entries[i].name.name,
2360 &names, &num_names);
2364 if (!NT_STATUS_IS_OK(status)) {
2365 printf("EnumDomainGroups failed - %s\n", nt_errstr(status));
2373 q2.in.handle = handle;
2375 q2.in.start_idx = 0;
2376 q2.in.max_entries = 5;
2377 q2.in.buf_size = (uint32_t)-1;
2379 status = STATUS_MORE_ENTRIES;
2380 while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
2381 status = dcerpc_samr_QueryDisplayInfo(p, mem_ctx, &q2);
2383 if (!NT_STATUS_IS_OK(status) &&
2384 !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES))
2387 for (i=0; i<q2.out.info.info5.count; i++) {
2393 /* Querydisplayinfo returns ascii -- convert */
2395 namelen = convert_string_allocate(CH_DISPLAY, CH_UNIX,
2396 q2.out.info.info5.entries[i].account_name.name,
2397 q2.out.info.info5.entries[i].account_name.name_len,
2399 name = realloc(name, namelen+1);
2402 for (j=0; j<num_names; j++) {
2403 if (names[j] == NULL)
2405 /* Hmm. No strequal in samba4 */
2406 if (strequal(names[j], name)) {
2414 printf("QueryDisplayInfo gave name [%s] that EnumDomainGroups did not\n",
2419 q2.in.start_idx += q2.out.info.info5.count;
2422 if (!NT_STATUS_IS_OK(status)) {
2423 printf("QueryDisplayInfo level 5 failed - %s\n",
2428 for (i=0; i<num_names; i++) {
2429 if (names[i] != NULL) {
2430 printf("EnumDomainGroups gave name [%s] that QueryDisplayInfo did not\n",
2439 static BOOL test_DeleteDomainGroup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2440 struct policy_handle *group_handle)
2442 struct samr_DeleteDomainGroup d;
2446 printf("Testing DeleteDomainGroup\n");
2448 d.in.handle = group_handle;
2449 d.out.handle = group_handle;
2451 status = dcerpc_samr_DeleteDomainGroup(p, mem_ctx, &d);
2452 if (!NT_STATUS_IS_OK(status)) {
2453 printf("DeleteDomainGroup failed - %s\n", nt_errstr(status));
2460 static BOOL test_TestPrivateFunctionsDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2461 struct policy_handle *domain_handle)
2463 struct samr_TestPrivateFunctionsDomain r;
2467 printf("Testing TestPrivateFunctionsDomain\n");
2469 r.in.handle = domain_handle;
2471 status = dcerpc_samr_TestPrivateFunctionsDomain(p, mem_ctx, &r);
2472 if (!NT_STATUS_EQUAL(NT_STATUS_NOT_IMPLEMENTED, status)) {
2473 printf("TestPrivateFunctionsDomain failed - %s\n", nt_errstr(status));
2480 static BOOL test_RidToSid(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2481 struct policy_handle *domain_handle)
2483 struct samr_RidToSid r;
2487 printf("Testing RidToSid\n");
2489 r.in.handle = domain_handle;
2492 status = dcerpc_samr_RidToSid(p, mem_ctx, &r);
2493 if (!NT_STATUS_IS_OK(status)) {
2494 printf("RidToSid failed - %s\n", nt_errstr(status));
2501 static BOOL test_GetBootKeyInformation(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2502 struct policy_handle *domain_handle)
2504 struct samr_GetBootKeyInformation r;
2508 printf("Testing GetBootKeyInformation\n");
2510 r.in.handle = domain_handle;
2512 status = dcerpc_samr_GetBootKeyInformation(p, mem_ctx, &r);
2513 if (!NT_STATUS_IS_OK(status)) {
2514 /* w2k3 seems to fail this sometimes and pass it sometimes */
2515 printf("GetBootKeyInformation (ignored) - %s\n", nt_errstr(status));
2521 static BOOL test_AddGroupMember(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2522 struct policy_handle *domain_handle,
2523 struct policy_handle *group_handle)
2526 struct samr_AddGroupMember r;
2527 struct samr_DeleteGroupMember d;
2528 struct samr_QueryGroupMember q;
2529 struct samr_SetMemberAttributesOfGroup s;
2533 status = test_LookupName(p, mem_ctx, domain_handle, TEST_ACCOUNT_NAME, &rid);
2534 if (!NT_STATUS_IS_OK(status)) {
2538 r.in.handle = group_handle;
2540 r.in.flags = 0; /* ??? */
2542 printf("Testing AddGroupMember and DeleteGroupMember\n");
2544 d.in.handle = group_handle;
2547 status = dcerpc_samr_DeleteGroupMember(p, mem_ctx, &d);
2548 if (!NT_STATUS_EQUAL(NT_STATUS_MEMBER_NOT_IN_GROUP, status)) {
2549 printf("DeleteGroupMember gave %s - should be NT_STATUS_MEMBER_NOT_IN_GROUP\n",
2554 status = dcerpc_samr_AddGroupMember(p, mem_ctx, &r);
2555 if (!NT_STATUS_IS_OK(status)) {
2556 printf("AddGroupMember failed - %s\n", nt_errstr(status));
2560 status = dcerpc_samr_AddGroupMember(p, mem_ctx, &r);
2561 if (!NT_STATUS_EQUAL(NT_STATUS_MEMBER_IN_GROUP, status)) {
2562 printf("AddGroupMember gave %s - should be NT_STATUS_MEMBER_IN_GROUP\n",
2567 /* this one is quite strange. I am using random inputs in the
2568 hope of triggering an error that might give us a clue */
2569 s.in.handle = group_handle;
2570 s.in.unknown1 = random();
2571 s.in.unknown2 = random();
2573 status = dcerpc_samr_SetMemberAttributesOfGroup(p, mem_ctx, &s);
2574 if (!NT_STATUS_IS_OK(status)) {
2575 printf("SetMemberAttributesOfGroup failed - %s\n", nt_errstr(status));
2579 q.in.handle = group_handle;
2581 status = dcerpc_samr_QueryGroupMember(p, mem_ctx, &q);
2582 if (!NT_STATUS_IS_OK(status)) {
2583 printf("QueryGroupMember failed - %s\n", nt_errstr(status));
2587 status = dcerpc_samr_DeleteGroupMember(p, mem_ctx, &d);
2588 if (!NT_STATUS_IS_OK(status)) {
2589 printf("DeleteGroupMember failed - %s\n", nt_errstr(status));
2593 status = dcerpc_samr_AddGroupMember(p, mem_ctx, &r);
2594 if (!NT_STATUS_IS_OK(status)) {
2595 printf("AddGroupMember failed - %s\n", nt_errstr(status));
2603 static BOOL test_CreateDomainGroup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2604 struct policy_handle *domain_handle, struct policy_handle *group_handle)
2607 struct samr_CreateDomainGroup r;
2609 struct samr_Name name;
2612 init_samr_Name(&name, TEST_GROUPNAME);
2614 r.in.handle = domain_handle;
2616 r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
2617 r.out.group_handle = group_handle;
2620 printf("Testing CreateDomainGroup(%s)\n", r.in.name->name);
2622 status = dcerpc_samr_CreateDomainGroup(p, mem_ctx, &r);
2624 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
2625 printf("Server refused create of '%s'\n", r.in.name->name);
2626 ZERO_STRUCTP(group_handle);
2630 if (NT_STATUS_EQUAL(status, NT_STATUS_GROUP_EXISTS) ||
2631 NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
2632 if (!test_DeleteGroup_byname(p, mem_ctx, domain_handle, r.in.name->name)) {
2635 status = dcerpc_samr_CreateDomainGroup(p, mem_ctx, &r);
2637 if (!NT_STATUS_IS_OK(status)) {
2638 printf("CreateDomainGroup failed - %s\n", nt_errstr(status));
2642 if (!test_AddGroupMember(p, mem_ctx, domain_handle, group_handle)) {
2646 if (!test_SetGroupInfo(p, mem_ctx, group_handle)) {
2655 its not totally clear what this does. It seems to accept any sid you like.
2657 static BOOL test_RemoveMemberFromForeignDomain(struct dcerpc_pipe *p,
2658 TALLOC_CTX *mem_ctx,
2659 struct policy_handle *domain_handle)
2662 struct samr_RemoveMemberFromForeignDomain r;
2664 r.in.handle = domain_handle;
2665 r.in.sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-12-34-56-78-9");
2667 status = dcerpc_samr_RemoveMemberFromForeignDomain(p, mem_ctx, &r);
2668 if (!NT_STATUS_IS_OK(status)) {
2669 printf("RemoveMemberFromForeignDomain failed - %s\n", nt_errstr(status));
2679 static BOOL test_OpenDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2680 struct policy_handle *handle, struct dom_sid *sid)
2683 struct samr_OpenDomain r;
2684 struct policy_handle domain_handle;
2685 struct policy_handle user_handle;
2686 struct policy_handle alias_handle;
2687 struct policy_handle group_handle;
2690 ZERO_STRUCT(user_handle);
2691 ZERO_STRUCT(alias_handle);
2692 ZERO_STRUCT(group_handle);
2693 ZERO_STRUCT(domain_handle);
2695 printf("Testing OpenDomain\n");
2697 r.in.handle = handle;
2698 r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
2700 r.out.domain_handle = &domain_handle;
2702 status = dcerpc_samr_OpenDomain(p, mem_ctx, &r);
2703 if (!NT_STATUS_IS_OK(status)) {
2704 printf("OpenDomain failed - %s\n", nt_errstr(status));
2708 if (!test_QuerySecurity(p, mem_ctx, &domain_handle)) {
2712 if (!test_RemoveMemberFromForeignDomain(p, mem_ctx, &domain_handle)) {
2716 if (!test_CreateUser2(p, mem_ctx, &domain_handle)) {
2720 if (!test_CreateUser(p, mem_ctx, &domain_handle, &user_handle)) {
2724 if (!test_CreateAlias(p, mem_ctx, &domain_handle, &alias_handle, sid)) {
2728 if (!test_CreateDomainGroup(p, mem_ctx, &domain_handle, &group_handle)) {
2732 if (!test_QueryDomainInfo(p, mem_ctx, &domain_handle)) {
2736 if (!test_QueryDomainInfo2(p, mem_ctx, &domain_handle)) {
2740 if (!test_EnumDomainUsers(p, mem_ctx, &domain_handle)) {
2744 if (!test_EnumDomainGroups(p, mem_ctx, &domain_handle)) {
2748 if (!test_EnumDomainAliases(p, mem_ctx, &domain_handle)) {
2752 if (!test_QueryDisplayInfo(p, mem_ctx, &domain_handle)) {
2756 if (!test_QueryDisplayInfo2(p, mem_ctx, &domain_handle)) {
2760 if (!test_QueryDisplayInfo3(p, mem_ctx, &domain_handle)) {
2764 if (!test_GetDisplayEnumerationIndex(p, mem_ctx, &domain_handle)) {
2768 if (!test_GetDisplayEnumerationIndex2(p, mem_ctx, &domain_handle)) {
2772 if (!test_GroupList(p, mem_ctx, &domain_handle)) {
2776 if (!test_TestPrivateFunctionsDomain(p, mem_ctx, &domain_handle)) {
2780 if (!test_RidToSid(p, mem_ctx, &domain_handle)) {
2784 if (!test_GetBootKeyInformation(p, mem_ctx, &domain_handle)) {
2788 if (!policy_handle_empty(&user_handle) &&
2789 !test_DeleteUser(p, mem_ctx, &user_handle)) {
2793 if (!policy_handle_empty(&alias_handle) &&
2794 !test_DeleteAlias(p, mem_ctx, &alias_handle)) {
2798 if (!policy_handle_empty(&group_handle) &&
2799 !test_DeleteDomainGroup(p, mem_ctx, &group_handle)) {
2803 if (!test_Close(p, mem_ctx, &domain_handle)) {
2810 static BOOL test_LookupDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2811 struct policy_handle *handle, struct samr_Name *domain)
2814 struct samr_LookupDomain r;
2815 struct samr_Name n2;
2818 printf("Testing LookupDomain(%s)\n", domain->name);
2820 /* check for correct error codes */
2821 r.in.handle = handle;
2825 status = dcerpc_samr_LookupDomain(p, mem_ctx, &r);
2826 if (!NT_STATUS_EQUAL(NT_STATUS_INVALID_PARAMETER, status)) {
2827 printf("failed: LookupDomain expected NT_STATUS_INVALID_PARAMETER - %s\n", nt_errstr(status));
2831 n2.name = "xxNODOMAINxx";
2833 status = dcerpc_samr_LookupDomain(p, mem_ctx, &r);
2834 if (!NT_STATUS_EQUAL(NT_STATUS_NO_SUCH_DOMAIN, status)) {
2835 printf("failed: LookupDomain expected NT_STATUS_NO_SUCH_DOMAIN - %s\n", nt_errstr(status));
2839 r.in.handle = handle;
2840 r.in.domain = domain;
2842 status = dcerpc_samr_LookupDomain(p, mem_ctx, &r);
2843 if (!NT_STATUS_IS_OK(status)) {
2844 printf("LookupDomain failed - %s\n", nt_errstr(status));
2848 if (!test_GetDomPwInfo(p, mem_ctx, domain)) {
2852 if (!test_OpenDomain(p, mem_ctx, handle, r.out.sid)) {
2860 static BOOL test_EnumDomains(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2861 struct policy_handle *handle)
2864 struct samr_EnumDomains r;
2865 uint32_t resume_handle = 0;
2869 r.in.handle = handle;
2870 r.in.resume_handle = &resume_handle;
2871 r.in.buf_size = (uint32_t)-1;
2872 r.out.resume_handle = &resume_handle;
2874 status = dcerpc_samr_EnumDomains(p, mem_ctx, &r);
2875 if (!NT_STATUS_IS_OK(status)) {
2876 printf("EnumDomains failed - %s\n", nt_errstr(status));
2884 for (i=0;i<r.out.sam->count;i++) {
2885 if (!test_LookupDomain(p, mem_ctx, handle,
2886 &r.out.sam->entries[i].name)) {
2891 status = dcerpc_samr_EnumDomains(p, mem_ctx, &r);
2892 if (!NT_STATUS_IS_OK(status)) {
2893 printf("EnumDomains failed - %s\n", nt_errstr(status));
2901 static BOOL test_Connect(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2902 struct policy_handle *handle)
2905 struct samr_Connect r;
2906 struct samr_Connect2 r2;
2907 struct samr_Connect3 r3;
2908 struct samr_Connect4 r4;
2909 struct samr_Connect5 r5;
2910 union samr_ConnectInfo info;
2913 printf("testing samr_Connect\n");
2915 r.in.system_name = 0;
2916 r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
2917 r.out.handle = handle;
2919 status = dcerpc_samr_Connect(p, mem_ctx, &r);
2920 if (!NT_STATUS_IS_OK(status)) {
2921 printf("Connect failed - %s\n", nt_errstr(status));
2925 printf("testing samr_Connect2\n");
2927 r2.in.system_name = NULL;
2928 r2.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
2929 r2.out.handle = handle;
2931 status = dcerpc_samr_Connect2(p, mem_ctx, &r2);
2932 if (!NT_STATUS_IS_OK(status)) {
2933 printf("Connect2 failed - %s\n", nt_errstr(status));
2937 printf("testing samr_Connect3\n");
2939 r3.in.system_name = NULL;
2941 r3.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
2942 r3.out.handle = handle;
2944 status = dcerpc_samr_Connect3(p, mem_ctx, &r3);
2945 if (!NT_STATUS_IS_OK(status)) {
2946 printf("Connect3 failed - %s\n", nt_errstr(status));
2950 printf("testing samr_Connect4\n");
2952 r4.in.system_name = "";
2954 r4.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
2955 r4.out.handle = handle;
2957 status = dcerpc_samr_Connect4(p, mem_ctx, &r4);
2958 if (!NT_STATUS_IS_OK(status)) {
2959 printf("Connect4 failed - %s\n", nt_errstr(status));
2963 printf("testing samr_Connect5\n");
2965 info.info1.unknown1 = 0;
2966 info.info1.unknown2 = 0;
2968 r5.in.system_name = "";
2969 r5.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
2972 r5.out.info = &info;
2973 r5.out.handle = handle;
2975 status = dcerpc_samr_Connect5(p, mem_ctx, &r5);
2976 if (!NT_STATUS_IS_OK(status)) {
2977 printf("Connect5 failed - %s\n", nt_errstr(status));
2985 BOOL torture_rpc_samr(int dummy)
2988 struct dcerpc_pipe *p;
2989 TALLOC_CTX *mem_ctx;
2991 struct policy_handle handle;
2993 mem_ctx = talloc_init("torture_rpc_samr");
2995 status = torture_rpc_connection(&p,
2998 DCERPC_SAMR_VERSION);
2999 if (!NT_STATUS_IS_OK(status)) {
3003 if (!test_Connect(p, mem_ctx, &handle)) {
3007 if (!test_QuerySecurity(p, mem_ctx, &handle)) {
3011 if (!test_EnumDomains(p, mem_ctx, &handle)) {
3015 if (!test_SetDsrmPassword(p, mem_ctx, &handle)) {
3019 if (!test_Shutdown(p, mem_ctx, &handle)) {
3023 if (!test_Close(p, mem_ctx, &handle)) {
3027 talloc_destroy(mem_ctx);
3029 torture_rpc_close(p);