2 Unix SMB/CIFS implementation.
6 Copyright (C) Andrew Tridgell 2003
7 Copyright (C) Stefan (metze) Metzmacher 2004
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 #include "librpc/gen_ndr/ndr_drsuapi.h"
28 struct policy_handle bind_handle;
29 struct GUID bind_guid;
30 const char *domain_obj_dn;
31 const char *domain_guid_str;
32 const char *domain_dns_name;
33 struct GUID domain_guid;
34 struct drsuapi_DsGetDCInfo2 dcinfo;
37 static BOOL test_DsBind(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
38 struct DsPrivate *priv)
41 struct drsuapi_DsBind r;
44 GUID_from_string(DRSUAPI_DS_BIND_GUID, &priv->bind_guid);
46 r.in.bind_guid = &priv->bind_guid;
47 r.in.bind_info = NULL;
48 r.out.bind_handle = &priv->bind_handle;
50 printf("testing DsBind\n");
52 status = dcerpc_drsuapi_DsBind(p, mem_ctx, &r);
53 if (!NT_STATUS_IS_OK(status)) {
54 const char *errstr = nt_errstr(status);
55 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
56 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
58 printf("dcerpc_drsuapi_DsBind failed - %s\n", errstr);
60 } else if (!W_ERROR_IS_OK(r.out.result)) {
61 printf("DsBind failed - %s\n", win_errstr(r.out.result));
68 static BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
69 struct DsPrivate *priv)
72 struct drsuapi_DsCrackNames r;
73 struct drsuapi_DsNameString names[1];
75 const char *dns_domain;
76 const char *nt4_domain;
77 const char *FQDN_1779_name;
80 r.in.bind_handle = &priv->bind_handle;
82 r.in.req.req1.unknown1 = 0x000004e4;
83 r.in.req.req1.unknown2 = 0x00000407;
84 r.in.req.req1.count = 1;
85 r.in.req.req1.names = names;
86 r.in.req.req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS;
88 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_CANONICAL;
89 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
90 names[0].str = talloc_asprintf(mem_ctx, "%s/", lp_realm());
92 printf("testing DsCrackNames with name '%s' desired format:%d\n",
93 names[0].str, r.in.req.req1.format_desired);
95 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
96 if (!NT_STATUS_IS_OK(status)) {
97 const char *errstr = nt_errstr(status);
98 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
99 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
101 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
103 } else if (!W_ERROR_IS_OK(r.out.result)) {
104 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
112 dns_domain = r.out.ctr.ctr1->array[0].dns_domain_name;
113 nt4_domain = r.out.ctr.ctr1->array[0].result_name;
115 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_GUID;
117 printf("testing DsCrackNames with name '%s' desired format:%d\n",
118 names[0].str, r.in.req.req1.format_desired);
120 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
121 if (!NT_STATUS_IS_OK(status)) {
122 const char *errstr = nt_errstr(status);
123 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
124 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
126 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
128 } else if (!W_ERROR_IS_OK(r.out.result)) {
129 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
137 priv->domain_dns_name = r.out.ctr.ctr1->array[0].dns_domain_name;
138 priv->domain_guid_str = r.out.ctr.ctr1->array[0].result_name;
139 GUID_from_string(priv->domain_guid_str, &priv->domain_guid);
142 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID;
143 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
144 names[0].str = priv->domain_guid_str;
146 printf("testing DsCrackNames with name '%s' desired format:%d\n",
147 names[0].str, r.in.req.req1.format_desired);
149 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
150 if (!NT_STATUS_IS_OK(status)) {
151 const char *errstr = nt_errstr(status);
152 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
153 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
155 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
157 } else if (!W_ERROR_IS_OK(r.out.result)) {
158 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
166 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
167 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
168 names[0].str = nt4_domain;
170 printf("testing DsCrackNames with name '%s' desired format:%d\n",
171 names[0].str, r.in.req.req1.format_desired);
173 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
174 if (!NT_STATUS_IS_OK(status)) {
175 const char *errstr = nt_errstr(status);
176 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
177 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
179 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
181 } else if (!W_ERROR_IS_OK(r.out.result)) {
182 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
190 priv->domain_obj_dn = r.out.ctr.ctr1->array[0].result_name;
192 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
193 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
194 names[0].str = talloc_asprintf(mem_ctx, "%s%s$", nt4_domain, priv->dcinfo.netbios_name);
196 printf("testing DsCrackNames with name '%s' desired format:%d\n",
197 names[0].str, r.in.req.req1.format_desired);
199 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
200 if (!NT_STATUS_IS_OK(status)) {
201 const char *errstr = nt_errstr(status);
202 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
203 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
205 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
207 } else if (!W_ERROR_IS_OK(r.out.result)) {
208 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
216 FQDN_1779_name = r.out.ctr.ctr1->array[0].result_name;
218 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
219 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_CANONICAL;
220 names[0].str = FQDN_1779_name;
222 printf("testing DsCrackNames with name '%s' desired format:%d\n",
223 names[0].str, r.in.req.req1.format_desired);
225 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
226 if (!NT_STATUS_IS_OK(status)) {
227 const char *errstr = nt_errstr(status);
228 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
229 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
231 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
233 } else if (!W_ERROR_IS_OK(r.out.result)) {
234 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
242 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_DISPLAY;
244 printf("testing DsCrackNames with name '%s' desired format:%d\n",
245 names[0].str, r.in.req.req1.format_desired);
247 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
248 if (!NT_STATUS_IS_OK(status)) {
249 const char *errstr = nt_errstr(status);
250 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
251 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
253 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
255 } else if (!W_ERROR_IS_OK(r.out.result)) {
256 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
264 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_GUID;
266 printf("testing DsCrackNames with name '%s' desired format:%d\n",
267 names[0].str, r.in.req.req1.format_desired);
269 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
270 if (!NT_STATUS_IS_OK(status)) {
271 const char *errstr = nt_errstr(status);
272 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
273 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
275 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
277 } else if (!W_ERROR_IS_OK(r.out.result)) {
278 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
286 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL;
288 printf("testing DsCrackNames with name '%s' desired format:%d\n",
289 names[0].str, r.in.req.req1.format_desired);
291 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
292 if (!NT_STATUS_IS_OK(status)) {
293 const char *errstr = nt_errstr(status);
294 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
295 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
297 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
299 } else if (!W_ERROR_IS_OK(r.out.result)) {
300 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
308 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL;
310 printf("testing DsCrackNames with name '%s' desired format:%d\n",
311 names[0].str, r.in.req.req1.format_desired);
313 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
314 if (!NT_STATUS_IS_OK(status)) {
315 const char *errstr = nt_errstr(status);
316 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
317 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
319 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
321 } else if (!W_ERROR_IS_OK(r.out.result)) {
322 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
330 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID;
331 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
332 names[0].str = GUID_string2(mem_ctx, &priv->dcinfo.site_guid);
334 printf("testing DsCrackNames with Site GUID '%s' desired format:%d\n",
335 names[0].str, r.in.req.req1.format_desired);
337 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
338 if (!NT_STATUS_IS_OK(status)) {
339 const char *errstr = nt_errstr(status);
340 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
341 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
343 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
345 } else if (!W_ERROR_IS_OK(r.out.result)) {
346 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
354 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
355 names[0].str = GUID_string2(mem_ctx, &priv->dcinfo.computer_guid);
357 printf("testing DsCrackNames with Computer GUID '%s' desired format:%d\n",
358 names[0].str, r.in.req.req1.format_desired);
360 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
361 if (!NT_STATUS_IS_OK(status)) {
362 const char *errstr = nt_errstr(status);
363 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
364 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
366 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
368 } else if (!W_ERROR_IS_OK(r.out.result)) {
369 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
377 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID;
378 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
379 names[0].str = GUID_string2(mem_ctx, &priv->dcinfo.server_guid);
381 printf("testing DsCrackNames with Server GUID '%s' desired format:%d\n",
382 names[0].str, r.in.req.req1.format_desired);
384 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
385 if (!NT_STATUS_IS_OK(status)) {
386 const char *errstr = nt_errstr(status);
387 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
388 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
390 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
392 } else if (!W_ERROR_IS_OK(r.out.result)) {
393 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
401 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID;
402 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
403 names[0].str = GUID_string2(mem_ctx, &priv->dcinfo.ntds_guid);
405 printf("testing DsCrackNames with NTDS GUID '%s' desired format:%d\n",
406 names[0].str, r.in.req.req1.format_desired);
408 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
409 if (!NT_STATUS_IS_OK(status)) {
410 const char *errstr = nt_errstr(status);
411 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
412 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
414 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
416 } else if (!W_ERROR_IS_OK(r.out.result)) {
417 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
425 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID;
426 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
427 names[0].str = GUID_string2(mem_ctx, &priv->bind_guid);
429 printf("testing DsCrackNames with BIND GUID '%s' desired format:%d\n",
430 names[0].str, r.in.req.req1.format_desired);
432 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
433 if (!NT_STATUS_IS_OK(status)) {
434 const char *errstr = nt_errstr(status);
435 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
436 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
438 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
440 } else if (!W_ERROR_IS_OK(r.out.result)) {
441 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
452 static BOOL test_DsGetDCInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
453 struct DsPrivate *priv)
456 struct drsuapi_DsGetDomainControllerInfo r;
459 r.in.bind_handle = &priv->bind_handle;
462 r.in.req.req1.domain_name = talloc_strdup(mem_ctx, lp_realm());
463 r.in.req.req1.level = 1;
465 printf("testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
466 r.in.req.req1.level, r.in.req.req1.domain_name);
468 status = dcerpc_drsuapi_DsGetDomainControllerInfo(p, mem_ctx, &r);
469 if (!NT_STATUS_IS_OK(status)) {
470 const char *errstr = nt_errstr(status);
471 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
472 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
474 printf("dcerpc_drsuapi_DsGetDomainControllerInfo level %d\n"
475 " with dns domain failed - %s\n",
476 r.in.req.req1.level, errstr);
478 } else if (!W_ERROR_IS_OK(r.out.result)) {
479 printf("DsGetDomainControllerInfo level %d\n"
480 " with dns domain failed - %s\n",
481 r.in.req.req1.level, win_errstr(r.out.result));
485 r.in.req.req1.level = 2;
487 printf("testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
488 r.in.req.req1.level, r.in.req.req1.domain_name);
490 status = dcerpc_drsuapi_DsGetDomainControllerInfo(p, mem_ctx, &r);
491 if (!NT_STATUS_IS_OK(status)) {
492 const char *errstr = nt_errstr(status);
493 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
494 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
496 printf("dcerpc_drsuapi_DsGetDomainControllerInfo level %d\n"
497 " with dns domain failed - %s\n",
498 r.in.req.req1.level, errstr);
500 } else if (!W_ERROR_IS_OK(r.out.result)) {
501 printf("DsGetDomainControllerInfo level %d\n"
502 " with dns domain failed - %s\n",
503 r.in.req.req1.level, win_errstr(r.out.result));
506 if (r.out.ctr.ctr2.count > 0) {
507 priv->dcinfo = r.out.ctr.ctr2.array[0];
511 r.in.req.req1.level = -1;
513 printf("testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
514 r.in.req.req1.level, r.in.req.req1.domain_name);
516 status = dcerpc_drsuapi_DsGetDomainControllerInfo(p, mem_ctx, &r);
517 if (!NT_STATUS_IS_OK(status)) {
518 const char *errstr = nt_errstr(status);
519 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
520 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
522 printf("dcerpc_drsuapi_DsGetDomainControllerInfo level %d\n"
523 " with dns domain failed - %s\n",
524 r.in.req.req1.level, errstr);
526 } else if (!W_ERROR_IS_OK(r.out.result)) {
527 printf("DsGetDomainControllerInfo level %d\n"
528 " with dns domain failed - %s\n",
529 r.in.req.req1.level, win_errstr(r.out.result));
533 r.in.req.req1.domain_name = talloc_strdup(mem_ctx, lp_workgroup());
534 r.in.req.req1.level = 2;
536 printf("testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
537 r.in.req.req1.level, r.in.req.req1.domain_name);
539 status = dcerpc_drsuapi_DsGetDomainControllerInfo(p, mem_ctx, &r);
540 if (!NT_STATUS_IS_OK(status)) {
541 const char *errstr = nt_errstr(status);
542 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
543 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
545 printf("dcerpc_drsuapi_DsGetDomainControllerInfo level %d\n"
546 " with netbios domain failed - %s\n",
547 r.in.req.req1.level, errstr);
549 } else if (!W_ERROR_IS_OK(r.out.result)) {
550 printf("DsGetDomainControllerInfo level %d\n"
551 " with netbios domain failed - %s\n",
552 r.in.req.req1.level, win_errstr(r.out.result));
556 r.in.req.req1.domain_name = "__UNKNOWN_DOMAIN__";
557 r.in.req.req1.level = 2;
559 printf("testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
560 r.in.req.req1.level, r.in.req.req1.domain_name);
562 status = dcerpc_drsuapi_DsGetDomainControllerInfo(p, mem_ctx, &r);
563 if (!NT_STATUS_IS_OK(status)) {
564 const char *errstr = nt_errstr(status);
565 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
566 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
568 printf("dcerpc_drsuapi_DsGetDomainControllerInfo level %d\n"
569 " with invalid domain failed - %s\n",
570 r.in.req.req1.level, errstr);
572 } else if (!W_ERROR_EQUAL(r.out.result, WERR_DS_OBJ_NOT_FOUND)) {
573 printf("DsGetDomainControllerInfo level %d\n"
574 " with invalid domain not expected error (WERR_DS_OBJ_NOT_FOUND) - %s\n",
575 r.in.req.req1.level, win_errstr(r.out.result));
582 static BOOL test_DsWriteAccountSpn(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
583 struct DsPrivate *priv)
586 struct drsuapi_DsWriteAccountSpn r;
587 struct drsuapi_DsNameString names[2];
590 r.in.bind_handle = &priv->bind_handle;
593 printf("testing DsWriteAccountSpn\n");
595 r.in.req.req1.operation = DRSUAPI_DS_SPN_OPERATION_ADD;
596 r.in.req.req1.unknown1 = 0;
597 r.in.req.req1.object_dn = priv->dcinfo.computer_dn;
598 r.in.req.req1.count = 2;
599 r.in.req.req1.spn_names = names;
600 names[0].str = talloc_asprintf(mem_ctx, "smbtortureSPN/%s",priv->dcinfo.netbios_name);
601 names[1].str = talloc_asprintf(mem_ctx, "smbtortureSPN/%s",priv->dcinfo.dns_name);
603 status = dcerpc_drsuapi_DsWriteAccountSpn(p, mem_ctx, &r);
604 if (!NT_STATUS_IS_OK(status)) {
605 const char *errstr = nt_errstr(status);
606 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
607 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
609 printf("dcerpc_drsuapi_DsWriteAccountSpn failed - %s\n", errstr);
611 } else if (!W_ERROR_IS_OK(r.out.result)) {
612 printf("DsWriteAccountSpn failed - %s\n", win_errstr(r.out.result));
616 r.in.req.req1.operation = DRSUAPI_DS_SPN_OPERATION_DELETE;
617 r.in.req.req1.unknown1 = 0;
619 status = dcerpc_drsuapi_DsWriteAccountSpn(p, mem_ctx, &r);
620 if (!NT_STATUS_IS_OK(status)) {
621 const char *errstr = nt_errstr(status);
622 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
623 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
625 printf("dcerpc_drsuapi_DsWriteAccountSpn failed - %s\n", errstr);
627 } else if (!W_ERROR_IS_OK(r.out.result)) {
628 printf("DsWriteAccountSpn failed - %s\n", win_errstr(r.out.result));
635 static BOOL test_DsReplicaGetInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
636 struct DsPrivate *priv)
639 struct drsuapi_DsReplicaGetInfo r;
648 DRSUAPI_DS_REPLICA_GET_INFO,
649 DRSUAPI_DS_REPLICA_INFO_NEIGHBORS,
652 DRSUAPI_DS_REPLICA_GET_INFO,
653 DRSUAPI_DS_REPLICA_INFO_CURSORS,
656 DRSUAPI_DS_REPLICA_GET_INFO,
657 DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA,
660 DRSUAPI_DS_REPLICA_GET_INFO,
661 DRSUAPI_DS_REPLICA_INFO_KCC_DSA_CONNECT_FAILURES,
664 DRSUAPI_DS_REPLICA_GET_INFO,
665 DRSUAPI_DS_REPLICA_INFO_KCC_DSA_LINK_FAILURES,
668 DRSUAPI_DS_REPLICA_GET_INFO,
669 DRSUAPI_DS_REPLICA_INFO_PENDING_OPS,
672 DRSUAPI_DS_REPLICA_GET_INFO2,
673 DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA,
676 DRSUAPI_DS_REPLICA_GET_INFO2,
677 DRSUAPI_DS_REPLICA_INFO_CURSORS2,
680 DRSUAPI_DS_REPLICA_GET_INFO2,
681 DRSUAPI_DS_REPLICA_INFO_CURSORS3,
684 DRSUAPI_DS_REPLICA_GET_INFO2,
685 DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA2,
688 DRSUAPI_DS_REPLICA_GET_INFO2,
689 DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA2,
692 DRSUAPI_DS_REPLICA_GET_INFO2,
693 DRSUAPI_DS_REPLICA_INFO_NEIGHBORS02,
696 DRSUAPI_DS_REPLICA_GET_INFO2,
697 DRSUAPI_DS_REPLICA_INFO_CONNECTIONS04,
700 DRSUAPI_DS_REPLICA_GET_INFO2,
701 DRSUAPI_DS_REPLICA_INFO_CURSURS05,
704 DRSUAPI_DS_REPLICA_GET_INFO2,
705 DRSUAPI_DS_REPLICA_INFO_06,
710 r.in.bind_handle = &priv->bind_handle;
712 for (i=0; i < ARRAY_SIZE(array); i++) {
713 const char *object_dn;
715 printf("testing DsReplicaGetInfo level %d infotype %d\n",
716 array[i].level, array[i].infotype);
718 object_dn = (array[i].obj_dn ? array[i].obj_dn : priv->domain_obj_dn);
720 r.in.level = array[i].level;
722 case DRSUAPI_DS_REPLICA_GET_INFO:
723 r.in.req.req1.info_type = array[i].infotype;
724 r.in.req.req1.object_dn = object_dn;
725 ZERO_STRUCT(r.in.req.req1.guid1);
727 case DRSUAPI_DS_REPLICA_GET_INFO2:
728 r.in.req.req2.info_type = array[i].infotype;
729 r.in.req.req2.object_dn = object_dn;
730 ZERO_STRUCT(r.in.req.req1.guid1);
731 r.in.req.req2.unknown1 = 0;
732 r.in.req.req2.string1 = NULL;
733 r.in.req.req2.string2 = NULL;
734 r.in.req.req2.unknown2 = 0;
738 status = dcerpc_drsuapi_DsReplicaGetInfo(p, mem_ctx, &r);
739 if (!NT_STATUS_IS_OK(status)) {
740 const char *errstr = nt_errstr(status);
741 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
742 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
744 if (p->last_fault_code != DCERPC_FAULT_INVALID_TAG) {
745 printf("dcerpc_drsuapi_DsReplicaGetInfo failed - %s\n", errstr);
748 printf("DsReplicaGetInfo level %d and/or infotype %d not supported by server\n",
749 array[i].level, array[i].infotype);
751 } else if (!W_ERROR_IS_OK(r.out.result)) {
752 printf("DsReplicaGetInfo failed - %s\n", win_errstr(r.out.result));
760 static BOOL test_DsReplicaSync(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
761 struct DsPrivate *priv)
766 struct drsuapi_DsReplicaSync r;
767 struct drsuapi_DsReplicaObjectIdentifier nc;
768 struct GUID null_guid;
769 struct dom_sid null_sid;
778 if (!lp_parm_bool(-1, "torture", "dangerous", False)) {
779 printf("DsReplicaSync disabled - enable dangerous tests to use\n");
783 ZERO_STRUCT(null_guid);
784 ZERO_STRUCT(null_sid);
786 r.in.bind_handle = &priv->bind_handle;
788 for (i=0; i < ARRAY_SIZE(array); i++) {
789 printf("testing DsReplicaSync level %d\n",
792 r.in.level = array[i].level;
797 nc.dn = priv->domain_obj_dn?priv->domain_obj_dn:"";
799 r.in.req.req1.naming_context = &nc;
800 r.in.req.req1.guid1 = priv->dcinfo.ntds_guid;
801 r.in.req.req1.string1 = NULL;
802 r.in.req.req1.options = 16;
806 status = dcerpc_drsuapi_DsReplicaSync(p, mem_ctx, &r);
807 if (!NT_STATUS_IS_OK(status)) {
808 const char *errstr = nt_errstr(status);
809 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
810 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
812 printf("dcerpc_drsuapi_DsReplicaSync failed - %s\n", errstr);
814 } else if (!W_ERROR_IS_OK(r.out.result)) {
815 printf("DsReplicaSync failed - %s\n", win_errstr(r.out.result));
823 static BOOL test_DsReplicaUpdateRefs(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
824 struct DsPrivate *priv)
829 struct drsuapi_DsReplicaUpdateRefs r;
830 struct drsuapi_DsReplicaObjectIdentifier nc;
831 struct GUID null_guid;
832 struct dom_sid null_sid;
841 ZERO_STRUCT(null_guid);
842 ZERO_STRUCT(null_sid);
844 r.in.bind_handle = &priv->bind_handle;
846 for (i=0; i < ARRAY_SIZE(array); i++) {
847 printf("testing DsReplicaUpdateRefs level %d\n",
850 r.in.level = array[i].level;
855 nc.dn = priv->domain_obj_dn?priv->domain_obj_dn:"";
857 r.in.req.req1.naming_context = &nc;
858 r.in.req.req1.dest_dsa_dns_name = talloc_asprintf(mem_ctx, "__some_dest_dsa_guid_string._msdn.%s",
859 priv->domain_dns_name);
860 r.in.req.req1.dest_dsa_guid = null_guid;
861 r.in.req.req1.options = 0;
865 status = dcerpc_drsuapi_DsReplicaUpdateRefs(p, mem_ctx, &r);
866 if (!NT_STATUS_IS_OK(status)) {
867 const char *errstr = nt_errstr(status);
868 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
869 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
871 printf("dcerpc_drsuapi_DsReplicaUpdateRefs failed - %s\n", errstr);
873 } else if (!W_ERROR_IS_OK(r.out.result)) {
874 printf("DsReplicaUpdateRefs failed - %s\n", win_errstr(r.out.result));
882 static BOOL test_DsGetNCChanges(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
883 struct DsPrivate *priv)
888 struct drsuapi_DsGetNCChanges r;
889 struct drsuapi_DsReplicaObjectIdentifier nc;
890 struct GUID null_guid;
891 struct dom_sid null_sid;
903 ZERO_STRUCT(null_guid);
904 ZERO_STRUCT(null_sid);
906 for (i=0; i < ARRAY_SIZE(array); i++) {
907 printf("testing DsGetNCChanges level %d\n",
911 r.in.bind_handle = &priv->bind_handle;
912 r.in.level = array[i].level;
914 switch (r.in.level) {
918 nc.dn = talloc_asprintf(mem_ctx, "CN=Schema,CN=Configuration,%s",
919 priv->domain_obj_dn?priv->domain_obj_dn:"");
920 nc.dn = priv->domain_obj_dn?priv->domain_obj_dn:"";
922 r.in.req.req5.naming_context = &nc;
923 r.in.req.req5.usn1.usn1 = 0;
928 nc.dn = priv->domain_obj_dn?priv->domain_obj_dn:"";
930 r.in.req.req8.naming_context = &nc;
931 r.in.req.req8.usn1.usn1 = 0;
935 status = dcerpc_drsuapi_DsGetNCChanges(p, mem_ctx, &r);
936 if (!NT_STATUS_IS_OK(status)) {
937 const char *errstr = nt_errstr(status);
938 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
939 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
941 printf("dcerpc_drsuapi_DsGetNCChanges failed - %s\n", errstr);
943 } else if (!W_ERROR_IS_OK(r.out.result)) {
944 printf("DsGetNCChanges failed - %s\n", win_errstr(r.out.result));
952 static BOOL test_DsUnbind(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
953 struct DsPrivate *priv)
956 struct drsuapi_DsUnbind r;
959 r.in.bind_handle = &priv->bind_handle;
960 r.out.bind_handle = &priv->bind_handle;
962 printf("testing DsUnbind\n");
964 status = dcerpc_drsuapi_DsUnbind(p, mem_ctx, &r);
965 if (!NT_STATUS_IS_OK(status)) {
966 const char *errstr = nt_errstr(status);
967 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
968 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
970 printf("dcerpc_drsuapi_DsUnbind failed - %s\n", errstr);
972 } else if (!W_ERROR_IS_OK(r.out.result)) {
973 printf("DsBind failed - %s\n", win_errstr(r.out.result));
980 BOOL torture_rpc_drsuapi(void)
983 struct dcerpc_pipe *p;
986 struct DsPrivate priv;
988 status = torture_rpc_connection(&p,
991 DCERPC_DRSUAPI_VERSION);
992 if (!NT_STATUS_IS_OK(status)) {
996 printf("Connected to DRAUAPI pipe\n");
998 mem_ctx = talloc_init("torture_rpc_drsuapi");
1002 ret &= test_DsBind(p, mem_ctx, &priv);
1004 ret &= test_DsGetDCInfo(p, mem_ctx, &priv);
1006 ret &= test_DsCrackNames(p, mem_ctx, &priv);
1008 ret &= test_DsWriteAccountSpn(p, mem_ctx, &priv);
1010 ret &= test_DsReplicaGetInfo(p, mem_ctx, &priv);
1012 ret &= test_DsReplicaSync(p, mem_ctx, &priv);
1014 ret &= test_DsReplicaUpdateRefs(p, mem_ctx, &priv);
1016 ret &= test_DsGetNCChanges(p, mem_ctx, &priv);
1018 ret &= test_DsUnbind(p, mem_ctx, &priv);
1020 talloc_free(mem_ctx);
1022 torture_rpc_close(p);