source4/torture/rpc/testjoin.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3
   4    utility code to join/leave a domain
   5
   6    Copyright (C) Andrew Tridgell 2004
   7
   8    This program is free software; you can redistribute it and/or modify
   9    it under the terms of the GNU General Public License as published by
  10    the Free Software Foundation; either version 2 of the License, or
  11    (at your option) any later version.
  12
  13    This program is distributed in the hope that it will be useful,
  14    but WITHOUT ANY WARRANTY; without even the implied warranty of
  15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16    GNU General Public License for more details.
  17
  18    You should have received a copy of the GNU General Public License
  19    along with this program; if not, write to the Free Software
  20    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  21 */
  22
  23 /*
  24   this code is used by other torture modules to join/leave a domain
  25   as either a member, bdc or thru a trust relationship
  26 */
  27
  28 #include "includes.h"
  29
  30 struct test_join {
  31         TALLOC_CTX *mem_ctx;
  32         struct dcerpc_pipe *p;
  33         const char *machine_password;
  34         struct policy_handle acct_handle;
  35 };
  36
  37
  38 static NTSTATUS DeleteUser_byname(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
  39                                   struct policy_handle *handle, const char *name)
  40 {
  41         NTSTATUS status;
  42         struct samr_DeleteUser d;
  43         struct policy_handle acct_handle;
  44         uint32_t rid;
  45         struct samr_LookupNames n;
  46         struct samr_Name sname;
  47         struct samr_OpenUser r;
  48
  49         sname.name = name;
  50
  51         n.in.handle = handle;
  52         n.in.num_names = 1;
  53         n.in.names = &sname;
  54
  55         status = dcerpc_samr_LookupNames(p, mem_ctx, &n);
  56         if (NT_STATUS_IS_OK(status)) {
  57                 rid = n.out.rids.ids[0];
  58         } else {
  59                 return status;
  60         }
  61
  62         r.in.handle = handle;
  63         r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
  64         r.in.rid = rid;
  65         r.out.acct_handle = &acct_handle;
  66
  67         status = dcerpc_samr_OpenUser(p, mem_ctx, &r);
  68         if (!NT_STATUS_IS_OK(status)) {
  69                 printf("OpenUser(%s) failed - %s\n", name, nt_errstr(status));
  70                 return status;
  71         }
  72
  73         d.in.handle = &acct_handle;
  74         d.out.handle = &acct_handle;
  75         status = dcerpc_samr_DeleteUser(p, mem_ctx, &d);
  76         if (!NT_STATUS_IS_OK(status)) {
  77                 return status;
  78         }
  79
  80         return NT_STATUS_OK;
  81 }
  82
  83 /*
  84   join the domain as a test machine
  85   an opaque pointer is returned. Pass it to torture_leave_domain()
  86   when finished
  87 */
  88 void *torture_join_domain(const char *machine_name,
  89                           const char *domain,
  90                           uint16 acct_flags,
  91                           const char **machine_password)
  92 {
  93         NTSTATUS status;
  94         struct samr_Connect c;
  95         struct samr_CreateUser2 r;
  96         struct samr_OpenDomain o;
  97         struct samr_LookupDomain l;
  98         struct samr_GetUserPwInfo pwp;
  99         struct samr_SetUserInfo s;
 100         union samr_UserInfo u;
 101         struct policy_handle handle;
 102         struct policy_handle domain_handle;
 103         uint32_t access_granted;
 104         uint32_t rid;
 105         DATA_BLOB session_key;
 106         struct samr_Name name;
 107         int policy_min_pw_len = 0;
 108         struct test_join *join;
 109         TALLOC_CTX *mem_ctx;
 110
 111         mem_ctx = talloc_init("torture_join_domain");
 112         if (!mem_ctx) {
 113                 return NULL;
 114         }
 115
 116         join = talloc_p(mem_ctx, struct test_join);
 117         if (join == NULL) {
 118                 talloc_destroy(mem_ctx);
 119                 return NULL;
 120         }
 121
 122         ZERO_STRUCTP(join);
 123
 124         join->mem_ctx = mem_ctx;
 125
 126         printf("Connecting to SAMR\n");
 127
 128         status = torture_rpc_connection(&join->p,
 129                                         DCERPC_SAMR_NAME,
 130                                         DCERPC_SAMR_UUID,
 131                                         DCERPC_SAMR_VERSION);
 132         if (!NT_STATUS_IS_OK(status)) {
 133                 goto failed;
 134         }
 135
 136         c.in.system_name = NULL;
 137         c.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
 138         c.out.handle = &handle;
 139
 140         status = dcerpc_samr_Connect(join->p, mem_ctx, &c);
 141         if (!NT_STATUS_IS_OK(status)) {
 142                 printf("samr_Connect failed - %s\n", nt_errstr(status));
 143                 goto failed;
 144         }
 145
 146         printf("Opening domain %s\n", domain);
 147
 148         name.name = domain;
 149         l.in.handle = &handle;
 150         l.in.domain = &name;
 151
 152         status = dcerpc_samr_LookupDomain(join->p, mem_ctx, &l);
 153         if (!NT_STATUS_IS_OK(status)) {
 154                 printf("LookupDomain failed - %s\n", nt_errstr(status));
 155                 goto failed;
 156         }
 157
 158         o.in.handle = &handle;
 159         o.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
 160         o.in.sid = l.out.sid;
 161         o.out.domain_handle = &domain_handle;
 162
 163         status = dcerpc_samr_OpenDomain(join->p, mem_ctx, &o);
 164         if (!NT_STATUS_IS_OK(status)) {
 165                 printf("OpenDomain failed - %s\n", nt_errstr(status));
 166                 goto failed;
 167         }
 168
 169         printf("Creating machine account %s\n", machine_name);
 170
 171 again:
 172         name.name = talloc_asprintf(mem_ctx, "%s$", machine_name);
 173         r.in.handle = &domain_handle;
 174         r.in.account_name = &name;
 175         r.in.acct_flags = acct_flags;
 176         r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
 177         r.out.acct_handle = &join->acct_handle;
 178         r.out.access_granted = &access_granted;
 179         r.out.rid = &rid;
 180
 181         status = dcerpc_samr_CreateUser2(join->p, mem_ctx, &r);
 182
 183         if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
 184                 status = DeleteUser_byname(join->p, mem_ctx, &domain_handle, name.name);
 185                 if (NT_STATUS_IS_OK(status)) {
 186                         goto again;
 187                 }
 188         }
 189
 190         if (!NT_STATUS_IS_OK(status)) {
 191                 printf("CreateUser2 failed - %s\n", nt_errstr(status));
 192                 goto failed;
 193         }
 194
 195         pwp.in.handle = &join->acct_handle;
 196
 197         status = dcerpc_samr_GetUserPwInfo(join->p, mem_ctx, &pwp);
 198         if (NT_STATUS_IS_OK(status)) {
 199                 policy_min_pw_len = pwp.out.info.min_password_len;
 200         }
 201
 202         join->machine_password = generate_random_str(mem_ctx, MAX(8, policy_min_pw_len));
 203
 204         printf("Setting machine account password '%s'\n", join->machine_password);
 205
 206         s.in.handle = &join->acct_handle;
 207         s.in.info = &u;
 208         s.in.level = 24;
 209
 210         encode_pw_buffer(u.info24.password.data, join->machine_password, STR_UNICODE);
 211         u.info24.pw_len = strlen(join->machine_password);
 212
 213         status = dcerpc_fetch_session_key(join->p, &session_key);
 214         if (!NT_STATUS_IS_OK(status)) {
 215                 printf("SetUserInfo level %u - no session key - %s\n",
 216                        s.in.level, nt_errstr(status));
 217                 torture_leave_domain(&join);
 218                 goto failed;
 219         }
 220
 221         arcfour_crypt_blob(u.info24.password.data, 516, &session_key);
 222
 223         status = dcerpc_samr_SetUserInfo(join->p, mem_ctx, &s);
 224         if (!NT_STATUS_IS_OK(status)) {
 225                 printf("SetUserInfo failed - %s\n", nt_errstr(status));
 226                 goto failed;
 227         }
 228
 229         s.in.handle = &join->acct_handle;
 230         s.in.info = &u;
 231         s.in.level = 16;
 232
 233         u.info16.acct_flags = acct_flags;
 234
 235         printf("Resetting ACB flags\n");
 236
 237         status = dcerpc_samr_SetUserInfo(join->p, mem_ctx, &s);
 238         if (!NT_STATUS_IS_OK(status)) {
 239                 printf("SetUserInfo failed - %s\n", nt_errstr(status));
 240                 goto failed;
 241         }
 242
 243         *machine_password = join->machine_password;
 244
 245         return join;
 246
 247 failed:
 248         torture_leave_domain(join);
 249         return NULL;
 250 }
 251
 252
 253 /*
 254   leave the domain, deleting the machine acct
 255 */
 256 void torture_leave_domain(void *join_ctx)
 257 {
 258         struct test_join *join = join_ctx;
 259         struct samr_DeleteUser d;
 260         NTSTATUS status;
 261
 262         if (!uuid_all_zero(&join->acct_handle.uuid)) {
 263                 d.in.handle = &join->acct_handle;
 264                 d.out.handle = &join->acct_handle;
 265
 266                 status = dcerpc_samr_DeleteUser(join->p, join->mem_ctx, &d);
 267                 if (!NT_STATUS_IS_OK(status)) {
 268                         printf("Delete of machine account failed\n");
 269                 }
 270         }
 271
 272         if (join->p) {
 273                 torture_rpc_close(join->p);
 274         }
 275
 276         talloc_destroy(join->mem_ctx);
 277 }