e1129435a0a88ccff7f1663db3d58e24a7459ab9
[ira/wip.git] / source4 / torture / rpc / samsync.c
1 /* 
2    Unix SMB/CIFS implementation.
3
4    test suite for netlogon rpc operations
5
6    Copyright (C) Andrew Tridgell 2003
7    Copyright (C) Andrew Bartlett <abartlet@samba.org> 2003-2004
8    Copyright (C) Tim Potter      2003
9    
10    This program is free software; you can redistribute it and/or modify
11    it under the terms of the GNU General Public License as published by
12    the Free Software Foundation; either version 3 of the License, or
13    (at your option) any later version.
14    
15    This program is distributed in the hope that it will be useful,
16    but WITHOUT ANY WARRANTY; without even the implied warranty of
17    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18    GNU General Public License for more details.
19    
20    You should have received a copy of the GNU General Public License
21    along with this program.  If not, see <http://www.gnu.org/licenses/>.
22 */
23
24 #include "includes.h"
25 #include "torture/torture.h"
26 #include "auth/auth.h"
27 #include "../lib/util/dlinklist.h"
28 #include "../lib/crypto/crypto.h"
29 #include "system/time.h"
30 #include "torture/rpc/rpc.h"
31 #include "auth/gensec/schannel_proto.h"
32 #include "auth/gensec/gensec.h"
33 #include "libcli/auth/libcli_auth.h"
34 #include "libcli/security/security.h"
35 #include "librpc/gen_ndr/ndr_netlogon.h"
36 #include "librpc/gen_ndr/ndr_netlogon_c.h"
37 #include "librpc/gen_ndr/ndr_lsa_c.h"
38 #include "librpc/gen_ndr/ndr_samr_c.h"
39 #include "librpc/gen_ndr/ndr_security.h"
40 #include "param/param.h"
41
42 #define TEST_MACHINE_NAME "samsynctest"
43 #define TEST_WKSTA_MACHINE_NAME "samsynctest2"
44 #define TEST_USER_NAME "samsynctestuser"
45
46 /*
47   try a netlogon SamLogon
48 */
49 static NTSTATUS test_SamLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, 
50                               struct creds_CredentialState *creds, 
51                               const char *domain, const char *account_name,
52                               const char *workstation, 
53                               struct samr_Password *lm_hash, 
54                               struct samr_Password *nt_hash, 
55                               struct netr_SamInfo3 **info3)
56 {
57         NTSTATUS status;
58         struct netr_LogonSamLogon r;
59         struct netr_Authenticator auth, auth2;
60         struct netr_NetworkInfo ninfo;
61         union netr_LogonLevel logon;
62         union netr_Validation validation;
63         uint8_t authoritative;
64
65         ninfo.identity_info.domain_name.string = domain;
66         ninfo.identity_info.parameter_control = 0;
67         ninfo.identity_info.logon_id_low = 0;
68         ninfo.identity_info.logon_id_high = 0;
69         ninfo.identity_info.account_name.string = account_name;
70         ninfo.identity_info.workstation.string = workstation;
71         generate_random_buffer(ninfo.challenge, 
72                                sizeof(ninfo.challenge));
73         if (nt_hash) {
74                 ninfo.nt.length = 24;
75                 ninfo.nt.data = talloc_array(mem_ctx, uint8_t, 24);
76                 SMBOWFencrypt(nt_hash->hash, ninfo.challenge, ninfo.nt.data);
77         } else {
78                 ninfo.nt.length = 0;
79                 ninfo.nt.data = NULL;
80         }
81         
82         if (lm_hash) {
83                 ninfo.lm.length = 24;
84                 ninfo.lm.data = talloc_array(mem_ctx, uint8_t, 24);
85                 SMBOWFencrypt(lm_hash->hash, ninfo.challenge, ninfo.lm.data);
86         } else {
87                 ninfo.lm.length = 0;
88                 ninfo.lm.data = NULL;
89         }
90
91         logon.network = &ninfo;
92
93         r.in.server_name = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
94         r.in.computer_name = workstation;
95         r.in.credential = &auth;
96         r.in.return_authenticator = &auth2;
97         r.in.logon_level = 2;
98         r.in.logon = &logon;
99         r.out.validation = &validation;
100         r.out.authoritative = &authoritative;
101
102         ZERO_STRUCT(auth2);
103         creds_client_authenticator(creds, &auth);
104         
105         r.in.validation_level = 3;
106         
107         status = dcerpc_netr_LogonSamLogon(p, mem_ctx, &r);
108
109         if (!creds_client_check(creds, &r.out.return_authenticator->cred)) {
110                 printf("Credential chaining failed\n");
111         }
112
113         if (info3) {
114                 *info3 = validation.sam3;
115         }
116
117         return status;
118 }
119
120 struct samsync_state {
121 /* we remember the sequence numbers so we can easily do a DatabaseDelta */
122         uint64_t seq_num[3];
123         const char *domain_name[2];
124         struct samsync_secret *secrets;
125         struct samsync_trusted_domain *trusted_domains;
126         struct creds_CredentialState *creds;
127         struct creds_CredentialState *creds_netlogon_wksta;
128         struct policy_handle *connect_handle;
129         struct policy_handle *domain_handle[2];
130         struct dom_sid *sid[2];
131         struct dcerpc_pipe *p;
132         struct dcerpc_pipe *p_netlogon_wksta;
133         struct dcerpc_pipe *p_samr;
134         struct dcerpc_pipe *p_lsa;
135         struct policy_handle *lsa_handle;
136 };
137
138 struct samsync_secret {
139         struct samsync_secret *prev, *next;
140         DATA_BLOB secret;
141         const char *name;
142         NTTIME mtime;
143 };
144
145 struct samsync_trusted_domain {
146         struct samsync_trusted_domain *prev, *next;
147         struct dom_sid *sid;
148         const char *name;
149 };
150
151 static struct policy_handle *samsync_open_domain(TALLOC_CTX *mem_ctx, 
152                                                  struct samsync_state *samsync_state, 
153                                                  const char *domain, 
154                                                  struct dom_sid **sid)
155 {
156         struct lsa_String name;
157         struct samr_OpenDomain o;
158         struct samr_LookupDomain l;
159         struct policy_handle *domain_handle = talloc(mem_ctx, struct policy_handle);
160         NTSTATUS nt_status;
161
162         name.string = domain;
163         l.in.connect_handle = samsync_state->connect_handle;
164         l.in.domain_name = &name;
165
166         nt_status = dcerpc_samr_LookupDomain(samsync_state->p_samr, mem_ctx, &l);
167         if (!NT_STATUS_IS_OK(nt_status)) {
168                 printf("LookupDomain failed - %s\n", nt_errstr(nt_status));
169                 return NULL;
170         }
171
172         o.in.connect_handle = samsync_state->connect_handle;
173         o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
174         o.in.sid = l.out.sid;
175         o.out.domain_handle = domain_handle;
176         
177         if (sid) {
178                 *sid = l.out.sid;
179         }
180
181         nt_status = dcerpc_samr_OpenDomain(samsync_state->p_samr, mem_ctx, &o);
182         if (!NT_STATUS_IS_OK(nt_status)) {
183                 printf("OpenDomain failed - %s\n", nt_errstr(nt_status));
184                 return NULL;
185         }
186
187         return domain_handle;
188 }
189
190 static struct sec_desc_buf *samsync_query_samr_sec_desc(TALLOC_CTX *mem_ctx, 
191                                                         struct samsync_state *samsync_state, 
192                                                         struct policy_handle *handle) 
193 {
194         struct samr_QuerySecurity r;
195         NTSTATUS status;
196
197         r.in.handle = handle;
198         r.in.sec_info = 0x7;
199
200         status = dcerpc_samr_QuerySecurity(samsync_state->p_samr, mem_ctx, &r);
201         if (!NT_STATUS_IS_OK(status)) {
202                 printf("SAMR QuerySecurity failed - %s\n", nt_errstr(status));
203                 return NULL;
204         }
205
206         return r.out.sdbuf;
207 }
208
209 static struct sec_desc_buf *samsync_query_lsa_sec_desc(TALLOC_CTX *mem_ctx, 
210                                                        struct samsync_state *samsync_state, 
211                                                        struct policy_handle *handle) 
212 {
213         struct lsa_QuerySecurity r;
214         struct sec_desc_buf *sdbuf = NULL;
215         NTSTATUS status;
216
217         r.in.handle = handle;
218         r.in.sec_info = 0x7;
219         r.out.sdbuf = &sdbuf;
220
221         status = dcerpc_lsa_QuerySecurity(samsync_state->p_lsa, mem_ctx, &r);
222         if (!NT_STATUS_IS_OK(status)) {
223                 printf("LSA QuerySecurity failed - %s\n", nt_errstr(status));
224                 return NULL;
225         }
226
227         return sdbuf;
228 }
229
230 #define TEST_UINT64_EQUAL(i1, i2) do {\
231         if (i1 != i2) {\
232               printf("%s: uint64 mismatch: " #i1 ": 0x%016llx (%lld) != " #i2 ": 0x%016llx (%lld)\n", \
233                      __location__, \
234                      (long long)i1, (long long)i1, \
235                      (long long)i2, (long long)i2);\
236               ret = false;\
237         } \
238 } while (0)
239 #define TEST_INT_EQUAL(i1, i2) do {\
240         if (i1 != i2) {\
241               printf("%s: integer mismatch: " #i1 ": 0x%08x (%d) != " #i2 ": 0x%08x (%d)\n", \
242                      __location__, i1, i1, i2, i2);                     \
243               ret = false;\
244         } \
245 } while (0)
246 #define TEST_TIME_EQUAL(t1, t2) do {\
247         if (t1 != t2) {\
248               printf("%s: NTTIME mismatch: " #t1 ":%s != " #t2 ": %s\n", \
249                      __location__, nt_time_string(mem_ctx, t1),  nt_time_string(mem_ctx, t2));\
250               ret = false;\
251         } \
252 } while (0)
253
254 #define TEST_STRING_EQUAL(s1, s2) do {\
255         if (!((!s1.string || s1.string[0]=='\0') && (!s2.string || s2.string[0]=='\0')) \
256             && strcmp_safe(s1.string, s2.string) != 0) {\
257               printf("%s: string mismatch: " #s1 ":%s != " #s2 ": %s\n", \
258                      __location__, s1.string, s2.string);\
259               ret = false;\
260         } \
261 } while (0)
262
263 #define TEST_SID_EQUAL(s1, s2) do {\
264         if (!dom_sid_equal(s1, s2)) {\
265               printf("%s: dom_sid mismatch: " #s1 ":%s != " #s2 ": %s\n", \
266                      __location__, dom_sid_string(mem_ctx, s1), dom_sid_string(mem_ctx, s2));\
267               ret = false;\
268         } \
269 } while (0)
270
271 /* The ~SEC_DESC_SACL_PRESENT is because we don't, as administrator,
272  * get back the SACL part of the SD when we ask over SAMR */
273
274 #define TEST_SEC_DESC_EQUAL(sd1, pipe, handle) do {\
275         struct sec_desc_buf *sdbuf = samsync_query_ ##pipe## _sec_desc(mem_ctx, samsync_state, \
276                                                             handle); \
277         if (!sdbuf || !sdbuf->sd) { \
278                 printf("Could not obtain security descriptor to match " #sd1 "\n");\
279                 ret = false; \
280         } else {\
281                 if (!security_descriptor_mask_equal(sd1.sd, sdbuf->sd, \
282                             ~SEC_DESC_SACL_PRESENT)) {\
283                         printf("Security Descriptor Mismatch for %s:\n", #sd1);\
284                         ndr_print_debug((ndr_print_fn_t)ndr_print_security_descriptor, "SamSync", sd1.sd);\
285                         ndr_print_debug((ndr_print_fn_t)ndr_print_security_descriptor, "SamR", sdbuf->sd);\
286                         ret = false;\
287                 }\
288         }\
289 } while (0)
290
291 static bool samsync_handle_domain(TALLOC_CTX *mem_ctx, struct samsync_state *samsync_state,
292                            int database_id, struct netr_DELTA_ENUM *delta) 
293 {
294         struct netr_DELTA_DOMAIN *domain = delta->delta_union.domain;
295         struct dom_sid *dom_sid;
296         struct samr_QueryDomainInfo q[14]; /* q[0] will be unused simple for clarity */
297         uint16_t levels[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13};
298         NTSTATUS nt_status;
299         int i;
300         bool ret = true;
301         
302         samsync_state->seq_num[database_id] = 
303                 domain->sequence_num;
304         switch (database_id) {
305         case SAM_DATABASE_DOMAIN:
306                 break;
307         case SAM_DATABASE_BUILTIN:
308                 if (strcasecmp_m("BUILTIN", domain->domain_name.string) != 0) {
309                         printf("BUILTIN domain has different name: %s\n", domain->domain_name.string);
310                 }
311                 break;
312         case SAM_DATABASE_PRIVS:
313                 printf("DOMAIN entry on privs DB!\n");
314                 return false;
315                 break;
316         }
317         
318         if (!samsync_state->domain_name[database_id]) {
319                 samsync_state->domain_name[database_id] = 
320                         talloc_reference(samsync_state, domain->domain_name.string);
321         } else {
322                 if (strcasecmp_m(samsync_state->domain_name[database_id], domain->domain_name.string) != 0) {
323                         printf("Domain has name varies!: %s != %s\n", samsync_state->domain_name[database_id], 
324                                domain->domain_name.string);
325                         return false;
326                 }
327         }
328
329         if (!samsync_state->domain_handle[database_id]) {
330                 samsync_state->domain_handle[database_id]
331                         = talloc_reference(samsync_state, 
332                                            samsync_open_domain(mem_ctx, samsync_state, samsync_state->domain_name[database_id], 
333                                                                &dom_sid));
334         }
335         if (samsync_state->domain_handle[database_id]) {
336                 samsync_state->sid[database_id] = talloc_reference(samsync_state, dom_sid);
337         }
338
339         printf("\tsequence_nums[%d/%s]=%llu\n",
340                database_id, domain->domain_name.string,
341                (long long)samsync_state->seq_num[database_id]);
342
343         for (i=0;i<ARRAY_SIZE(levels);i++) {
344                 q[levels[i]].in.domain_handle = samsync_state->domain_handle[database_id];
345                 q[levels[i]].in.level = levels[i];
346
347                 nt_status = dcerpc_samr_QueryDomainInfo(samsync_state->p_samr, mem_ctx, &q[levels[i]]);
348
349                 if (!NT_STATUS_IS_OK(nt_status)) {
350                         printf("QueryDomainInfo level %u failed - %s\n", 
351                                q[levels[i]].in.level, nt_errstr(nt_status));
352                         return false;
353                 }
354         }
355
356         TEST_STRING_EQUAL(q[5].out.info->info5.domain_name, domain->domain_name);
357         
358         TEST_STRING_EQUAL(q[2].out.info->general.oem_information, domain->oem_information);
359         TEST_STRING_EQUAL(q[4].out.info->oem.oem_information, domain->oem_information);
360         TEST_TIME_EQUAL(q[2].out.info->general.force_logoff_time, domain->force_logoff_time);
361         TEST_TIME_EQUAL(q[3].out.info->info3.force_logoff_time, domain->force_logoff_time);
362
363         TEST_TIME_EQUAL(q[1].out.info->info1.min_password_length, domain->min_password_length);
364         TEST_TIME_EQUAL(q[1].out.info->info1.password_history_length, domain->password_history_length);
365         TEST_TIME_EQUAL(q[1].out.info->info1.max_password_age, domain->max_password_age);
366         TEST_TIME_EQUAL(q[1].out.info->info1.min_password_age, domain->min_password_age);
367
368         TEST_UINT64_EQUAL(q[8].out.info->info8.sequence_num, 
369                         domain->sequence_num);
370         TEST_TIME_EQUAL(q[8].out.info->info8.domain_create_time, 
371                         domain->domain_create_time);
372         TEST_TIME_EQUAL(q[13].out.info->info13.domain_create_time, 
373                         domain->domain_create_time);
374
375         TEST_SEC_DESC_EQUAL(domain->sdbuf, samr, samsync_state->domain_handle[database_id]);
376
377         return ret;
378 }
379
380 static bool samsync_handle_policy(TALLOC_CTX *mem_ctx, struct samsync_state *samsync_state,
381                            int database_id, struct netr_DELTA_ENUM *delta) 
382 {
383         struct netr_DELTA_POLICY *policy = delta->delta_union.policy;
384
385         samsync_state->seq_num[database_id] = 
386                 policy->sequence_num;
387         
388         if (!samsync_state->domain_name[SAM_DATABASE_DOMAIN]) {
389                 samsync_state->domain_name[SAM_DATABASE_DOMAIN] = 
390                         talloc_reference(samsync_state, policy->primary_domain_name.string);
391         } else {
392                 if (strcasecmp_m(samsync_state->domain_name[SAM_DATABASE_DOMAIN], policy->primary_domain_name.string) != 0) {
393                         printf("PRIMARY domain has name varies between DOMAIN and POLICY!: %s != %s\n", samsync_state->domain_name[SAM_DATABASE_DOMAIN], 
394                                policy->primary_domain_name.string);
395                         return false;
396                 }
397         }
398
399         if (!dom_sid_equal(samsync_state->sid[SAM_DATABASE_DOMAIN], policy->sid)) {
400                 printf("Domain SID from POLICY (%s) does not match domain sid from SAMR (%s)\n", 
401                        dom_sid_string(mem_ctx, policy->sid), dom_sid_string(mem_ctx, samsync_state->sid[SAM_DATABASE_DOMAIN]));
402                 return false;
403         }
404
405         printf("\tsequence_nums[%d/PRIVS]=%llu\n",
406                database_id, 
407                (long long)samsync_state->seq_num[database_id]);
408         return true;
409 }
410
411 static bool samsync_handle_user(struct torture_context *tctx, TALLOC_CTX *mem_ctx, struct samsync_state *samsync_state,
412                                 int database_id, struct netr_DELTA_ENUM *delta) 
413 {
414         uint32_t rid = delta->delta_id_union.rid;
415         struct netr_DELTA_USER *user = delta->delta_union.user;
416         struct netr_SamInfo3 *info3;
417         struct samr_Password lm_hash;
418         struct samr_Password nt_hash;
419         struct samr_Password *lm_hash_p = NULL;
420         struct samr_Password *nt_hash_p = NULL;
421         const char *domain = samsync_state->domain_name[database_id];
422         const char *username = user->account_name.string;
423         NTSTATUS nt_status;
424         bool ret = true;
425
426         struct samr_OpenUser r;
427         struct samr_QueryUserInfo q;
428         struct policy_handle user_handle;
429
430         struct samr_GetGroupsForUser getgroups;
431         if (!samsync_state->domain_name || !samsync_state->domain_handle[database_id]) {
432                 printf("SamSync needs domain information before the users\n");
433                 return false;
434         }
435
436         r.in.domain_handle = samsync_state->domain_handle[database_id];
437         r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
438         r.in.rid = rid;
439         r.out.user_handle = &user_handle;
440
441         nt_status = dcerpc_samr_OpenUser(samsync_state->p_samr, mem_ctx, &r);
442         if (!NT_STATUS_IS_OK(nt_status)) {
443                 printf("OpenUser(%u) failed - %s\n", rid, nt_errstr(nt_status));
444                 return false;
445         }
446
447         q.in.user_handle = &user_handle;
448         q.in.level = 21;
449
450         TEST_SEC_DESC_EQUAL(user->sdbuf, samr, &user_handle);
451
452         nt_status = dcerpc_samr_QueryUserInfo(samsync_state->p_samr, mem_ctx, &q);
453         if (!NT_STATUS_IS_OK(nt_status)) {
454                 printf("QueryUserInfo level %u failed - %s\n", 
455                        q.in.level, nt_errstr(nt_status));
456                 ret = false;
457         }
458
459         getgroups.in.user_handle = &user_handle;
460         
461         nt_status = dcerpc_samr_GetGroupsForUser(samsync_state->p_samr, mem_ctx, &getgroups);
462         if (!NT_STATUS_IS_OK(nt_status)) {
463                 printf("GetGroupsForUser failed - %s\n",
464                        nt_errstr(nt_status));
465                 ret = false;
466         }
467
468         if (!test_samr_handle_Close(samsync_state->p_samr, mem_ctx, &user_handle)) {
469                 printf("samr_handle_Close failed - %s\n", 
470                        nt_errstr(nt_status));
471                 ret = false;
472         }
473         if (!ret) {
474                 return false;
475         }
476
477         if (!NT_STATUS_IS_OK(nt_status)) {
478                 printf("QueryUserInfo level %u failed - %s\n", 
479                        q.in.level, nt_errstr(nt_status));
480                 return false;
481         }
482
483         TEST_STRING_EQUAL(q.out.info->info21.account_name, user->account_name);
484         TEST_STRING_EQUAL(q.out.info->info21.full_name, user->full_name);
485         TEST_INT_EQUAL(q.out.info->info21.rid, user->rid);
486         TEST_INT_EQUAL(q.out.info->info21.primary_gid, user->primary_gid);
487         TEST_STRING_EQUAL(q.out.info->info21.home_directory, user->home_directory);
488         TEST_STRING_EQUAL(q.out.info->info21.home_drive, user->home_drive);
489         TEST_STRING_EQUAL(q.out.info->info21.logon_script, user->logon_script);
490         TEST_STRING_EQUAL(q.out.info->info21.description, user->description);
491         TEST_STRING_EQUAL(q.out.info->info21.workstations, user->workstations);
492
493         TEST_TIME_EQUAL(q.out.info->info21.last_logon, user->last_logon);
494         TEST_TIME_EQUAL(q.out.info->info21.last_logoff, user->last_logoff);
495
496
497         TEST_INT_EQUAL(q.out.info->info21.logon_hours.units_per_week, 
498                        user->logon_hours.units_per_week);
499         if (ret) {
500                 if (memcmp(q.out.info->info21.logon_hours.bits, user->logon_hours.bits, 
501                            q.out.info->info21.logon_hours.units_per_week/8) != 0) {
502                         printf("Logon hours mismatch\n");
503                         ret = false;
504                 }
505         }
506
507         TEST_INT_EQUAL(q.out.info->info21.bad_password_count,
508                        user->bad_password_count);
509         TEST_INT_EQUAL(q.out.info->info21.logon_count,
510                        user->logon_count);
511
512         TEST_TIME_EQUAL(q.out.info->info21.last_password_change,
513                        user->last_password_change);
514         TEST_TIME_EQUAL(q.out.info->info21.acct_expiry,
515                        user->acct_expiry);
516
517         TEST_INT_EQUAL((q.out.info->info21.acct_flags & ~ACB_PW_EXPIRED), user->acct_flags);
518         if (user->acct_flags & ACB_PWNOEXP) {
519                 if (q.out.info->info21.acct_flags & ACB_PW_EXPIRED) {
520                         printf("ACB flags mismatch: both expired and no expiry!\n");
521                         ret = false;
522                 }
523                 if (q.out.info->info21.force_password_change != (NTTIME)0x7FFFFFFFFFFFFFFFULL) {
524                         printf("ACB flags mismatch: no password expiry, but force password change 0x%016llx (%lld) != 0x%016llx (%lld)\n",
525                                (unsigned long long)q.out.info->info21.force_password_change, 
526                                (unsigned long long)q.out.info->info21.force_password_change,
527                                (unsigned long long)0x7FFFFFFFFFFFFFFFULL, (unsigned long long)0x7FFFFFFFFFFFFFFFULL
528                                 );
529                         ret = false;
530                 }
531         }
532
533         TEST_INT_EQUAL(q.out.info->info21.nt_password_set, user->nt_password_present);
534         TEST_INT_EQUAL(q.out.info->info21.lm_password_set, user->lm_password_present);
535         TEST_INT_EQUAL(q.out.info->info21.password_expired, user->password_expired);
536
537         TEST_STRING_EQUAL(q.out.info->info21.comment, user->comment);
538         TEST_STRING_EQUAL(q.out.info->info21.parameters, user->parameters);
539
540         TEST_INT_EQUAL(q.out.info->info21.country_code, user->country_code);
541         TEST_INT_EQUAL(q.out.info->info21.code_page, user->code_page);
542
543         TEST_STRING_EQUAL(q.out.info->info21.profile_path, user->profile_path);
544
545         if (user->lm_password_present) {
546                 sam_rid_crypt(rid, user->lmpassword.hash, lm_hash.hash, 0);
547                 lm_hash_p = &lm_hash;
548         }
549         if (user->nt_password_present) {
550                 sam_rid_crypt(rid, user->ntpassword.hash, nt_hash.hash, 0);
551                 nt_hash_p = &nt_hash;
552         }
553
554         if (user->user_private_info.SensitiveData) {
555                 DATA_BLOB data;
556                 struct netr_USER_KEYS keys;
557                 enum ndr_err_code ndr_err;
558                 data.data = user->user_private_info.SensitiveData;
559                 data.length = user->user_private_info.DataLength;
560                 creds_arcfour_crypt(samsync_state->creds, data.data, data.length);
561                 ndr_err = ndr_pull_struct_blob(&data, mem_ctx, lp_iconv_convenience(tctx->lp_ctx), &keys, (ndr_pull_flags_fn_t)ndr_pull_netr_USER_KEYS);
562                 if (NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
563                         if (keys.keys.keys2.lmpassword.length == 16) {
564                                 sam_rid_crypt(rid, keys.keys.keys2.lmpassword.pwd.hash, lm_hash.hash, 0);
565                                 lm_hash_p = &lm_hash;
566                         }
567                         if (keys.keys.keys2.ntpassword.length == 16) {
568                                 sam_rid_crypt(rid, keys.keys.keys2.ntpassword.pwd.hash, nt_hash.hash, 0);
569                                 nt_hash_p = &nt_hash;
570                         }
571                 } else {
572                         printf("Failed to parse Sensitive Data for %s:\n", username);
573 #if 0
574                         dump_data(0, data.data, data.length);
575 #endif
576                         return false;
577                 }
578         }
579
580         if (nt_hash_p) {
581                 DATA_BLOB nt_hash_blob = data_blob_const(nt_hash_p, 16);
582                 DEBUG(100,("ACCOUNT [%s\\%-25s] NTHASH %s\n", samsync_state->domain_name[0], username, data_blob_hex_string(mem_ctx, &nt_hash_blob)));
583         }
584         if (lm_hash_p) {
585                 DATA_BLOB lm_hash_blob = data_blob_const(lm_hash_p, 16);
586                 DEBUG(100,("ACCOUNT [%s\\%-25s] LMHASH %s\n", samsync_state->domain_name[0], username, data_blob_hex_string(mem_ctx, &lm_hash_blob)));
587         }
588
589         nt_status = test_SamLogon(samsync_state->p_netlogon_wksta, mem_ctx, samsync_state->creds_netlogon_wksta, 
590                                   domain,
591                                   username, 
592                                   TEST_WKSTA_MACHINE_NAME,
593                                   lm_hash_p,
594                                   nt_hash_p,
595                                   &info3);
596
597         if (NT_STATUS_EQUAL(nt_status, NT_STATUS_ACCOUNT_DISABLED)) {
598                 if (user->acct_flags & ACB_DISABLED) {
599                         return true;
600                 }
601         } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT)) {
602                 if (user->acct_flags & ACB_WSTRUST) {
603                         return true;
604                 }
605         } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT)) {
606                 if (user->acct_flags & ACB_SVRTRUST) {
607                         return true;
608                 }
609         } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)) {
610                 if (user->acct_flags & ACB_DOMTRUST) {
611                         return true;
612                 }
613         } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)) {
614                 if (user->acct_flags & ACB_DOMTRUST) {
615                         return true;
616                 }
617         } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_ACCOUNT_LOCKED_OUT)) {
618                 if (user->acct_flags & ACB_AUTOLOCK) {
619                         return true;
620                 }
621         } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_PASSWORD_EXPIRED)) {
622                 if (q.out.info->info21.acct_flags & ACB_PW_EXPIRED) {
623                         return true;
624                 }
625         } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_WRONG_PASSWORD)) {
626                 if (!lm_hash_p && !nt_hash_p) {
627                         return true;
628                 }
629         } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_PASSWORD_MUST_CHANGE)) {
630                 /* We would need to know the server's current time to test this properly */
631                 return true;
632         } else if (NT_STATUS_IS_OK(nt_status)) {
633                 TEST_INT_EQUAL(user->rid, info3->base.rid);
634                 TEST_INT_EQUAL(user->primary_gid, info3->base.primary_gid);
635                 /* this is 0x0 from NT4 sp6 */
636                 if (info3->base.acct_flags) {
637                         TEST_INT_EQUAL(user->acct_flags, info3->base.acct_flags);
638                 }
639                 /* this is NULL from NT4 sp6 */
640                 if (info3->base.account_name.string) {
641                         TEST_STRING_EQUAL(user->account_name, info3->base.account_name);
642                 }
643                 /* this is NULL from Win2k3 */
644                 if (info3->base.full_name.string) {
645                         TEST_STRING_EQUAL(user->full_name, info3->base.full_name);
646                 }
647                 TEST_STRING_EQUAL(user->logon_script, info3->base.logon_script);
648                 TEST_STRING_EQUAL(user->profile_path, info3->base.profile_path);
649                 TEST_STRING_EQUAL(user->home_directory, info3->base.home_directory);
650                 TEST_STRING_EQUAL(user->home_drive, info3->base.home_drive);
651                 TEST_STRING_EQUAL(user->logon_script, info3->base.logon_script);
652
653
654                 TEST_TIME_EQUAL(user->last_logon, info3->base.last_logon);
655                 TEST_TIME_EQUAL(user->acct_expiry, info3->base.acct_expiry);
656                 TEST_TIME_EQUAL(user->last_password_change, info3->base.last_password_change);
657                 TEST_TIME_EQUAL(q.out.info->info21.force_password_change, info3->base.force_password_change);
658
659                 /* Does the concept of a logoff time ever really
660                  * exist? (not in any sensible way, according to the
661                  * doco I read -- abartlet) */
662
663                 /* This copes with the two different versions of 0 I see */
664                 /* with NT4 sp6 we have the || case */
665                 if (!((user->last_logoff == 0) 
666                       || (info3->base.last_logoff == 0x7fffffffffffffffLL))) {
667                         TEST_TIME_EQUAL(user->last_logoff, info3->base.last_logoff);
668                 }
669
670                 TEST_INT_EQUAL(getgroups.out.rids->count, info3->base.groups.count);
671                 if (getgroups.out.rids->count == info3->base.groups.count) {
672                         int i, j;
673                         int count = getgroups.out.rids->count;
674                         bool *matched = talloc_zero_array(mem_ctx, bool, getgroups.out.rids->count);
675                                 
676                         for (i = 0; i < count; i++) {
677                                 for (j = 0; j < count; j++) {
678                                         if ((getgroups.out.rids->rids[i].rid == 
679                                              info3->base.groups.rids[j].rid)
680                                             && (getgroups.out.rids->rids[i].attributes == 
681                                                 info3->base.groups.rids[j].attributes)) {
682                                                         matched[i] = true;
683                                                 }
684                                 }
685                         }
686
687                         for (i = 0; i < getgroups.out.rids->count; i++) {
688                                 if (matched[i] == false) {
689                                         ret = false;
690                                         printf("Could not find group RID %u found in getgroups in NETLOGON reply\n",
691                                                getgroups.out.rids->rids[i].rid); 
692                                 }
693                         }
694                 }
695                 return ret;
696         } else {
697                 printf("Could not validate password for user %s\\%s: %s\n",
698                        domain, username, nt_errstr(nt_status));
699                 return false;
700         } 
701         return false;
702 }
703
704 static bool samsync_handle_alias(TALLOC_CTX *mem_ctx, struct samsync_state *samsync_state,
705                                  int database_id, struct netr_DELTA_ENUM *delta) 
706 {
707         uint32_t rid = delta->delta_id_union.rid;
708         struct netr_DELTA_ALIAS *alias = delta->delta_union.alias;
709         NTSTATUS nt_status;
710         bool ret = true;
711
712         struct samr_OpenAlias r;
713         struct samr_QueryAliasInfo q;
714         struct policy_handle alias_handle;
715
716         if (!samsync_state->domain_name || !samsync_state->domain_handle[database_id]) {
717                 printf("SamSync needs domain information before the users\n");
718                 return false;
719         }
720
721         r.in.domain_handle = samsync_state->domain_handle[database_id];
722         r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
723         r.in.rid = rid;
724         r.out.alias_handle = &alias_handle;
725
726         nt_status = dcerpc_samr_OpenAlias(samsync_state->p_samr, mem_ctx, &r);
727         if (!NT_STATUS_IS_OK(nt_status)) {
728                 printf("OpenUser(%u) failed - %s\n", rid, nt_errstr(nt_status));
729                 return false;
730         }
731
732         q.in.alias_handle = &alias_handle;
733         q.in.level = 1;
734
735         TEST_SEC_DESC_EQUAL(alias->sdbuf, samr, &alias_handle);
736
737         nt_status = dcerpc_samr_QueryAliasInfo(samsync_state->p_samr, mem_ctx, &q);
738         if (!test_samr_handle_Close(samsync_state->p_samr, mem_ctx, &alias_handle)) {
739                 return false;
740         }
741
742         if (!NT_STATUS_IS_OK(nt_status)) {
743                 printf("QueryAliasInfo level %u failed - %s\n", 
744                        q.in.level, nt_errstr(nt_status));
745                 return false;
746         }
747
748         TEST_STRING_EQUAL(q.out.info->all.name, alias->alias_name);
749         TEST_STRING_EQUAL(q.out.info->all.description, alias->description);
750         return ret;
751 }
752
753 static bool samsync_handle_group(TALLOC_CTX *mem_ctx, struct samsync_state *samsync_state,
754                                  int database_id, struct netr_DELTA_ENUM *delta) 
755 {
756         uint32_t rid = delta->delta_id_union.rid;
757         struct netr_DELTA_GROUP *group = delta->delta_union.group;
758         NTSTATUS nt_status;
759         bool ret = true;
760
761         struct samr_OpenGroup r;
762         struct samr_QueryGroupInfo q;
763         struct policy_handle group_handle;
764
765         if (!samsync_state->domain_name || !samsync_state->domain_handle[database_id]) {
766                 printf("SamSync needs domain information before the users\n");
767                 return false;
768         }
769
770         r.in.domain_handle = samsync_state->domain_handle[database_id];
771         r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
772         r.in.rid = rid;
773         r.out.group_handle = &group_handle;
774
775         nt_status = dcerpc_samr_OpenGroup(samsync_state->p_samr, mem_ctx, &r);
776         if (!NT_STATUS_IS_OK(nt_status)) {
777                 printf("OpenUser(%u) failed - %s\n", rid, nt_errstr(nt_status));
778                 return false;
779         }
780
781         q.in.group_handle = &group_handle;
782         q.in.level = 1;
783
784         TEST_SEC_DESC_EQUAL(group->sdbuf, samr, &group_handle);
785
786         nt_status = dcerpc_samr_QueryGroupInfo(samsync_state->p_samr, mem_ctx, &q);
787         if (!test_samr_handle_Close(samsync_state->p_samr, mem_ctx, &group_handle)) {
788                 return false;
789         }
790
791         if (!NT_STATUS_IS_OK(nt_status)) {
792                 printf("QueryGroupInfo level %u failed - %s\n", 
793                        q.in.level, nt_errstr(nt_status));
794                 return false;
795         }
796
797         TEST_STRING_EQUAL(q.out.info->all.name, group->group_name);
798         TEST_INT_EQUAL(q.out.info->all.attributes, group->attributes);
799         TEST_STRING_EQUAL(q.out.info->all.description, group->description);
800         return ret;
801 }
802
803 static bool samsync_handle_secret(TALLOC_CTX *mem_ctx, struct samsync_state *samsync_state,
804                                   int database_id, struct netr_DELTA_ENUM *delta) 
805 {
806         struct netr_DELTA_SECRET *secret = delta->delta_union.secret;
807         const char *name = delta->delta_id_union.name;
808         struct samsync_secret *new = talloc(samsync_state, struct samsync_secret);
809         struct samsync_secret *old = talloc(mem_ctx, struct samsync_secret);
810         struct lsa_QuerySecret q;
811         struct lsa_OpenSecret o;
812         struct policy_handle sec_handle;
813         struct lsa_DATA_BUF_PTR bufp1;
814         struct lsa_DATA_BUF_PTR bufp2;
815         NTTIME new_mtime;
816         NTTIME old_mtime;
817         bool ret = true;
818         DATA_BLOB lsa_blob1, lsa_blob_out, session_key;
819         NTSTATUS status;
820
821         creds_arcfour_crypt(samsync_state->creds, secret->current_cipher.cipher_data, 
822                             secret->current_cipher.maxlen); 
823
824         creds_arcfour_crypt(samsync_state->creds, secret->old_cipher.cipher_data, 
825                             secret->old_cipher.maxlen); 
826
827         new->name = talloc_reference(new, name);
828         new->secret = data_blob_talloc(new, secret->current_cipher.cipher_data, secret->current_cipher.maxlen);
829         new->mtime = secret->current_cipher_set_time;
830
831         new = talloc_reference(samsync_state, new);
832         DLIST_ADD(samsync_state->secrets, new);
833
834         old->name = talloc_reference(old, name);
835         old->secret = data_blob_const(secret->old_cipher.cipher_data, secret->old_cipher.maxlen);
836         old->mtime = secret->old_cipher_set_time;
837
838         o.in.handle = samsync_state->lsa_handle;
839         o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
840         o.in.name.string = name;
841         o.out.sec_handle = &sec_handle;
842
843         status = dcerpc_lsa_OpenSecret(samsync_state->p_lsa, mem_ctx, &o);
844         if (!NT_STATUS_IS_OK(status)) {
845                 printf("OpenSecret failed - %s\n", nt_errstr(status));
846                 return false;
847         }
848
849 /*
850   We would like to do this, but it is NOT_SUPPORTED on win2k3
851   TEST_SEC_DESC_EQUAL(secret->sdbuf, lsa, &sec_handle);
852 */
853         status = dcerpc_fetch_session_key(samsync_state->p_lsa, &session_key);
854         if (!NT_STATUS_IS_OK(status)) {
855                 printf("dcerpc_fetch_session_key failed - %s\n", nt_errstr(status));
856                 return false;
857         }
858
859
860         ZERO_STRUCT(new_mtime);
861         ZERO_STRUCT(old_mtime);
862
863         /* fetch the secret back again */
864         q.in.sec_handle = &sec_handle;
865         q.in.new_val = &bufp1;
866         q.in.new_mtime = &new_mtime;
867         q.in.old_val = &bufp2;
868         q.in.old_mtime = &old_mtime;
869
870         bufp1.buf = NULL;
871         bufp2.buf = NULL;
872
873         status = dcerpc_lsa_QuerySecret(samsync_state->p_lsa, mem_ctx, &q);
874         if (NT_STATUS_EQUAL(NT_STATUS_ACCESS_DENIED, status)) {
875                 /* some things are just off limits */
876                 return true;
877         } else if (!NT_STATUS_IS_OK(status)) {
878                 printf("QuerySecret failed - %s\n", nt_errstr(status));
879                 return false;
880         }
881
882         if (q.out.old_val->buf == NULL) {
883                 /* probably just not available due to ACLs */
884         } else {
885                 lsa_blob1.data = q.out.old_val->buf->data;
886                 lsa_blob1.length = q.out.old_val->buf->length;
887
888                 status = sess_decrypt_blob(mem_ctx, &lsa_blob1, &session_key, &lsa_blob_out);
889                 if (!NT_STATUS_IS_OK(status)) {
890                         printf("Failed to decrypt secrets OLD blob: %s\n", nt_errstr(status));
891                         return false;
892                 }
893
894                 if (!q.out.old_mtime) {
895                         printf("OLD mtime not available on LSA for secret %s\n", old->name);
896                         ret = false;
897                 }
898                 if (old->mtime != *q.out.old_mtime) {
899                         printf("OLD mtime on secret %s does not match between SAMSYNC (%s) and LSA (%s)\n", 
900                                old->name, nt_time_string(mem_ctx, old->mtime), 
901                                nt_time_string(mem_ctx, *q.out.old_mtime)); 
902                         ret = false;
903                 }
904
905                 if (old->secret.length != lsa_blob_out.length) {
906                         printf("Returned secret %s doesn't match: %d != %d\n",
907                                old->name, (int)old->secret.length, (int)lsa_blob_out.length);
908                         ret = false;
909                 } else if (memcmp(lsa_blob_out.data, 
910                            old->secret.data, old->secret.length) != 0) {
911                         printf("Returned secret %s doesn't match: \n",
912                                old->name);
913                         DEBUG(1, ("SamSync Secret:\n"));
914                         dump_data(1, old->secret.data, old->secret.length);
915                         DEBUG(1, ("LSA Secret:\n"));
916                         dump_data(1, lsa_blob_out.data, lsa_blob_out.length);
917                         ret = false;
918                 }
919
920         }
921
922         if (q.out.new_val->buf == NULL) {
923                 /* probably just not available due to ACLs */
924         } else {
925                 lsa_blob1.data = q.out.new_val->buf->data;
926                 lsa_blob1.length = q.out.new_val->buf->length;
927
928                 status = sess_decrypt_blob(mem_ctx, &lsa_blob1, &session_key, &lsa_blob_out);
929                 if (!NT_STATUS_IS_OK(status)) {
930                         printf("Failed to decrypt secrets OLD blob\n");
931                         return false;
932                 }
933                 
934                 if (!q.out.new_mtime) {
935                         printf("NEW mtime not available on LSA for secret %s\n", new->name);
936                         ret = false;
937                 }
938                 if (new->mtime != *q.out.new_mtime) {
939                         printf("NEW mtime on secret %s does not match between SAMSYNC (%s) and LSA (%s)\n", 
940                                new->name, nt_time_string(mem_ctx, new->mtime), 
941                                nt_time_string(mem_ctx, *q.out.new_mtime)); 
942                         ret = false;
943                 }
944
945                 if (new->secret.length != lsa_blob_out.length) {
946                         printf("Returned secret %s doesn't match: %d != %d\n",
947                                new->name, (int)new->secret.length, (int)lsa_blob_out.length);
948                         ret = false;
949                 } else if (memcmp(lsa_blob_out.data, 
950                            new->secret.data, new->secret.length) != 0) {
951                         printf("Returned secret %s doesn't match: \n",
952                                new->name);
953                         DEBUG(1, ("SamSync Secret:\n"));
954                         dump_data(1, new->secret.data, new->secret.length);
955                         DEBUG(1, ("LSA Secret:\n"));
956                         dump_data(1, lsa_blob_out.data, lsa_blob_out.length);
957                         ret = false;
958                 }
959         }
960
961         return ret;
962 }
963
964 static bool samsync_handle_trusted_domain(TALLOC_CTX *mem_ctx, struct samsync_state *samsync_state,
965                                           int database_id, struct netr_DELTA_ENUM *delta) 
966 {
967         NTSTATUS status;
968         bool ret = true;
969         struct netr_DELTA_TRUSTED_DOMAIN *trusted_domain = delta->delta_union.trusted_domain;
970         struct dom_sid *dom_sid = delta->delta_id_union.sid;
971
972         struct samsync_trusted_domain *new = talloc(samsync_state, struct samsync_trusted_domain);
973         struct lsa_OpenTrustedDomain t;
974         struct policy_handle trustdom_handle;
975         struct lsa_QueryTrustedDomainInfo q;
976         union lsa_TrustedDomainInfo *info[9];
977         union lsa_TrustedDomainInfo *_info = NULL;
978         int levels [] = {1, 3, 8};
979         int i;
980
981         new->name = talloc_reference(new, trusted_domain->domain_name.string);
982         new->sid = talloc_reference(new, dom_sid);
983
984         t.in.handle = samsync_state->lsa_handle;
985         t.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
986         t.in.sid = dom_sid;
987         t.out.trustdom_handle = &trustdom_handle;
988
989         status = dcerpc_lsa_OpenTrustedDomain(samsync_state->p_lsa, mem_ctx, &t);
990         if (!NT_STATUS_IS_OK(status)) {
991                 printf("OpenTrustedDomain failed - %s\n", nt_errstr(status));
992                 return false;
993         }
994         
995         for (i=0; i< ARRAY_SIZE(levels); i++) {
996                 q.in.trustdom_handle = &trustdom_handle;
997                 q.in.level = levels[i];
998                 q.out.info = &_info;
999                 status = dcerpc_lsa_QueryTrustedDomainInfo(samsync_state->p_lsa, mem_ctx, &q);
1000                 if (!NT_STATUS_IS_OK(status)) {
1001                         if (q.in.level == 8 && NT_STATUS_EQUAL(status,NT_STATUS_INVALID_PARAMETER)) {
1002                                 info[levels[i]] = NULL;
1003                                 continue;
1004                         }
1005                         printf("QueryInfoTrustedDomain level %d failed - %s\n", 
1006                                levels[i], nt_errstr(status));
1007                         return false;
1008                 }
1009                 info[levels[i]]  = _info;
1010         }
1011
1012         if (info[8]) {
1013                 TEST_SID_EQUAL(info[8]->full_info.info_ex.sid, dom_sid);
1014                 TEST_STRING_EQUAL(info[8]->full_info.info_ex.netbios_name, trusted_domain->domain_name);
1015         }
1016         TEST_STRING_EQUAL(info[1]->name.netbios_name, trusted_domain->domain_name);
1017         TEST_INT_EQUAL(info[3]->posix_offset.posix_offset, trusted_domain->posix_offset);
1018 /*
1019   We would like to do this, but it is NOT_SUPPORTED on win2k3
1020         TEST_SEC_DESC_EQUAL(trusted_domain->sdbuf, lsa, &trustdom_handle);
1021 */
1022         new = talloc_reference(samsync_state, new);
1023         DLIST_ADD(samsync_state->trusted_domains, new);
1024
1025         return ret;
1026 }
1027
1028 static bool samsync_handle_account(TALLOC_CTX *mem_ctx, struct samsync_state *samsync_state,
1029                                           int database_id, struct netr_DELTA_ENUM *delta) 
1030 {
1031         NTSTATUS status;
1032         bool ret = true;
1033         struct netr_DELTA_ACCOUNT *account = delta->delta_union.account;
1034         struct dom_sid *dom_sid = delta->delta_id_union.sid;
1035
1036         struct lsa_OpenAccount a;
1037         struct policy_handle acct_handle;
1038         struct lsa_EnumPrivsAccount e;
1039         struct lsa_PrivilegeSet *privs = NULL;
1040         struct lsa_LookupPrivName r;
1041
1042         int i, j;
1043
1044         bool *found_priv_in_lsa;
1045
1046         a.in.handle = samsync_state->lsa_handle;
1047         a.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1048         a.in.sid = dom_sid;
1049         a.out.acct_handle = &acct_handle;
1050
1051         status = dcerpc_lsa_OpenAccount(samsync_state->p_lsa, mem_ctx, &a);
1052         if (!NT_STATUS_IS_OK(status)) {
1053                 printf("OpenTrustedDomain failed - %s\n", nt_errstr(status));
1054                 return false;
1055         }
1056
1057         TEST_SEC_DESC_EQUAL(account->sdbuf, lsa, &acct_handle);
1058
1059         found_priv_in_lsa = talloc_zero_array(mem_ctx, bool, account->privilege_entries);
1060
1061         e.in.handle = &acct_handle;
1062         e.out.privs = &privs;
1063
1064         status = dcerpc_lsa_EnumPrivsAccount(samsync_state->p_lsa, mem_ctx, &e);
1065         if (!NT_STATUS_IS_OK(status)) {
1066                 printf("EnumPrivsAccount failed - %s\n", nt_errstr(status));
1067                 return false;
1068         }
1069
1070         if ((account->privilege_entries && !privs)) {
1071                 printf("Account %s has privileges in SamSync, but not LSA\n",
1072                        dom_sid_string(mem_ctx, dom_sid));
1073                 return false;
1074         }
1075
1076         if (!account->privilege_entries && privs && privs->count) {
1077                 printf("Account %s has privileges in LSA, but not SamSync\n",
1078                        dom_sid_string(mem_ctx, dom_sid));
1079                 return false;
1080         }
1081
1082         TEST_INT_EQUAL(account->privilege_entries, privs->count);
1083         
1084         for (i=0;i< privs->count; i++) {
1085
1086                 struct lsa_StringLarge *name = NULL;
1087
1088                 r.in.handle = samsync_state->lsa_handle;
1089                 r.in.luid = &privs->set[i].luid;
1090                 r.out.name = &name;
1091                 
1092                 status = dcerpc_lsa_LookupPrivName(samsync_state->p_lsa, mem_ctx, &r);
1093                 if (!NT_STATUS_IS_OK(status)) {
1094                         printf("\nLookupPrivName failed - %s\n", nt_errstr(status));
1095                         return false;
1096                 }
1097                 
1098                 if (!r.out.name) {
1099                         printf("\nLookupPrivName failed to return a name\n");
1100                         return false;
1101                 }
1102                 for (j=0;j<account->privilege_entries; j++) {
1103                         if (strcmp(name->string, account->privilege_name[j].string) == 0) {
1104                                 found_priv_in_lsa[j] = true;
1105                                 break;
1106                         }
1107                 }
1108         }
1109         for (j=0;j<account->privilege_entries; j++) {
1110                 if (!found_priv_in_lsa[j]) {
1111                         printf("Privilage %s on account %s not found in LSA\n", account->privilege_name[j].string, 
1112                                dom_sid_string(mem_ctx, dom_sid));
1113                         ret = false;
1114                 }
1115         }
1116         return ret;
1117 }
1118
1119 /*
1120   try a netlogon DatabaseSync
1121 */
1122 static bool test_DatabaseSync(struct torture_context *tctx, 
1123                                                           struct samsync_state *samsync_state,
1124                                                           TALLOC_CTX *mem_ctx)
1125 {
1126         NTSTATUS status;
1127         TALLOC_CTX *loop_ctx, *delta_ctx, *trustdom_ctx;
1128         struct netr_DatabaseSync r;
1129         const enum netr_SamDatabaseID database_ids[] = {SAM_DATABASE_DOMAIN, SAM_DATABASE_BUILTIN, SAM_DATABASE_PRIVS}; 
1130         int i, d;
1131         bool ret = true;
1132         struct samsync_trusted_domain *t;
1133         struct samsync_secret *s;
1134         
1135         const char *domain, *username;
1136
1137         r.in.logon_server = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(samsync_state->p));
1138         r.in.computername = TEST_MACHINE_NAME;
1139         r.in.preferredmaximumlength = (uint32_t)-1;
1140         ZERO_STRUCT(r.in.return_authenticator);
1141
1142         for (i=0;i<ARRAY_SIZE(database_ids);i++) {
1143                 r.in.sync_context = 0;
1144                 r.in.database_id = database_ids[i];
1145
1146                 printf("Testing DatabaseSync of id %d\n", r.in.database_id);
1147
1148                 do {
1149                         loop_ctx = talloc_named(mem_ctx, 0, "DatabaseSync loop context");
1150                         creds_client_authenticator(samsync_state->creds, &r.in.credential);
1151
1152                         status = dcerpc_netr_DatabaseSync(samsync_state->p, loop_ctx, &r);
1153                         if (!NT_STATUS_IS_OK(status) &&
1154                             !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
1155                                 printf("DatabaseSync - %s\n", nt_errstr(status));
1156                                 ret = false;
1157                                 break;
1158                         }
1159
1160                         if (!creds_client_check(samsync_state->creds, &r.out.return_authenticator.cred)) {
1161                                 printf("Credential chaining failed\n");
1162                         }
1163
1164                         r.in.sync_context = r.out.sync_context;
1165
1166                         for (d=0; d < r.out.delta_enum_array->num_deltas; d++) {
1167                                 delta_ctx = talloc_named(loop_ctx, 0, "DatabaseSync delta context");
1168                                 switch (r.out.delta_enum_array->delta_enum[d].delta_type) {
1169                                 case NETR_DELTA_DOMAIN:
1170                                         if (!samsync_handle_domain(delta_ctx, samsync_state, 
1171                                                                    r.in.database_id, &r.out.delta_enum_array->delta_enum[d])) {
1172                                                 printf("Failed to handle DELTA_DOMAIN\n");
1173                                                 ret = false;
1174                                         }
1175                                         break;
1176                                 case NETR_DELTA_GROUP:
1177                                         if (!samsync_handle_group(delta_ctx, samsync_state, 
1178                                                                   r.in.database_id, &r.out.delta_enum_array->delta_enum[d])) {
1179                                                 printf("Failed to handle DELTA_USER\n");
1180                                                 ret = false;
1181                                         }
1182                                         break;
1183                                 case NETR_DELTA_USER:
1184                                         if (!samsync_handle_user(tctx, delta_ctx, samsync_state, 
1185                                                                  r.in.database_id, &r.out.delta_enum_array->delta_enum[d])) {
1186                                                 printf("Failed to handle DELTA_USER\n");
1187                                                 ret = false;
1188                                         }
1189                                         break;
1190                                 case NETR_DELTA_ALIAS:
1191                                         if (!samsync_handle_alias(delta_ctx, samsync_state, 
1192                                                                   r.in.database_id, &r.out.delta_enum_array->delta_enum[d])) {
1193                                                 printf("Failed to handle DELTA_ALIAS\n");
1194                                                 ret = false;
1195                                         }
1196                                         break;
1197                                 case NETR_DELTA_POLICY:
1198                                         if (!samsync_handle_policy(delta_ctx, samsync_state, 
1199                                                                    r.in.database_id, &r.out.delta_enum_array->delta_enum[d])) {
1200                                                 printf("Failed to handle DELTA_POLICY\n");
1201                                                 ret = false;
1202                                         }
1203                                         break;
1204                                 case NETR_DELTA_TRUSTED_DOMAIN:
1205                                         if (!samsync_handle_trusted_domain(delta_ctx, samsync_state, 
1206                                                                            r.in.database_id, &r.out.delta_enum_array->delta_enum[d])) {
1207                                                 printf("Failed to handle DELTA_TRUSTED_DOMAIN\n");
1208                                                 ret = false;
1209                                         }
1210                                         break;
1211                                 case NETR_DELTA_ACCOUNT:
1212                                         if (!samsync_handle_account(delta_ctx, samsync_state, 
1213                                                                     r.in.database_id, &r.out.delta_enum_array->delta_enum[d])) {
1214                                                 printf("Failed to handle DELTA_ACCOUNT\n");
1215                                                 ret = false;
1216                                         }
1217                                         break;
1218                                 case NETR_DELTA_SECRET:
1219                                         if (!samsync_handle_secret(delta_ctx, samsync_state, 
1220                                                                    r.in.database_id, &r.out.delta_enum_array->delta_enum[d])) {
1221                                                 printf("Failed to handle DELTA_SECRET\n");
1222                                                 ret = false;
1223                                         }
1224                                         break;
1225                                 case NETR_DELTA_GROUP_MEMBER:
1226                                 case NETR_DELTA_ALIAS_MEMBER:
1227                                         /* These are harder to cross-check, and we expect them */
1228                                         break;
1229                                 case NETR_DELTA_DELETE_GROUP:
1230                                 case NETR_DELTA_RENAME_GROUP:
1231                                 case NETR_DELTA_DELETE_USER:
1232                                 case NETR_DELTA_RENAME_USER:
1233                                 case NETR_DELTA_DELETE_ALIAS:
1234                                 case NETR_DELTA_RENAME_ALIAS:
1235                                 case NETR_DELTA_DELETE_TRUST:
1236                                 case NETR_DELTA_DELETE_ACCOUNT:
1237                                 case NETR_DELTA_DELETE_SECRET:
1238                                 case NETR_DELTA_DELETE_GROUP2:
1239                                 case NETR_DELTA_DELETE_USER2:
1240                                 case NETR_DELTA_MODIFY_COUNT:
1241                                 default:
1242                                         printf("Uxpected delta type %d\n", r.out.delta_enum_array->delta_enum[d].delta_type);
1243                                         ret = false;
1244                                         break;
1245                                 }
1246                                 talloc_free(delta_ctx);
1247                         }
1248                         talloc_free(loop_ctx);
1249                 } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
1250                 
1251         }
1252
1253         domain = samsync_state->domain_name[SAM_DATABASE_DOMAIN];
1254         if (!domain) {
1255                 printf("Never got a DOMAIN object in samsync!\n");
1256                 return false;
1257         }
1258
1259         trustdom_ctx = talloc_named(mem_ctx, 0, "test_DatabaseSync Trusted domains context");
1260         
1261         username = talloc_asprintf(trustdom_ctx, "%s$", domain);
1262         for (t=samsync_state->trusted_domains; t; t=t->next) {
1263                 char *secret_name = talloc_asprintf(trustdom_ctx, "G$$%s", t->name);
1264                 for (s=samsync_state->secrets; s; s=s->next) {
1265                         if (strcasecmp_m(s->name, secret_name) == 0) {
1266                                 NTSTATUS nt_status;
1267                                 struct samr_Password nt_hash;
1268                                 mdfour(nt_hash.hash, s->secret.data, s->secret.length);
1269                                 
1270                                 printf("Checking password for %s\\%s\n", t->name, username);
1271                                 nt_status = test_SamLogon(samsync_state->p_netlogon_wksta, trustdom_ctx, samsync_state->creds_netlogon_wksta, 
1272                                                           t->name,
1273                                                           username, 
1274                                                           TEST_WKSTA_MACHINE_NAME,
1275                                                           NULL, 
1276                                                           &nt_hash,
1277                                                           NULL);
1278                                 if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_LOGON_SERVERS)) {
1279                                         printf("Verifiction of trust password to %s failed: %s (the trusted domain is not available)\n", 
1280                                                t->name, nt_errstr(nt_status));
1281                                         
1282                                         break;
1283                                 }
1284                                 if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)) {
1285                                         printf("Verifiction of trust password to %s: should have failed (nologon interdomain trust account), instead: %s\n", 
1286                                                t->name, nt_errstr(nt_status));
1287                                         ret = false;
1288                                 }
1289                                 
1290                                 /* break it */
1291                                 nt_hash.hash[0]++;
1292                                 nt_status = test_SamLogon(samsync_state->p_netlogon_wksta, trustdom_ctx, samsync_state->creds_netlogon_wksta, 
1293                                                           t->name,
1294                                                           username, 
1295                                                           TEST_WKSTA_MACHINE_NAME,
1296                                                           NULL,
1297                                                           &nt_hash,
1298                                                           NULL);
1299                                 
1300                                 if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_WRONG_PASSWORD)) {
1301                                         printf("Verifiction of trust password to %s: should have failed (wrong password), instead: %s\n", 
1302                                                t->name, nt_errstr(nt_status));
1303                                         ret = false;
1304                                 }
1305                                 
1306                                 break;
1307                         }
1308                 }
1309         }
1310         talloc_free(trustdom_ctx);
1311         return ret;
1312 }
1313
1314
1315 /*
1316   try a netlogon DatabaseDeltas
1317 */
1318 static bool test_DatabaseDeltas(struct samsync_state *samsync_state, TALLOC_CTX *mem_ctx)
1319 {
1320         NTSTATUS status;
1321         TALLOC_CTX *loop_ctx;
1322         struct netr_DatabaseDeltas r;
1323         struct netr_Authenticator credential;
1324         struct netr_Authenticator return_authenticator;
1325         struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
1326         const uint32_t database_ids[] = {0, 1, 2}; 
1327         int i;
1328         bool ret = true;
1329
1330         ZERO_STRUCT(return_authenticator);
1331
1332         r.in.logon_server = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(samsync_state->p));
1333         r.in.computername = TEST_MACHINE_NAME;
1334         r.in.credential = &credential;
1335         r.in.preferredmaximumlength = (uint32_t)-1;
1336         r.in.return_authenticator = &return_authenticator;
1337         r.out.return_authenticator = &return_authenticator;
1338         r.out.delta_enum_array = &delta_enum_array;
1339
1340         for (i=0;i<ARRAY_SIZE(database_ids);i++) {
1341
1342                 uint64_t seq_num = samsync_state->seq_num[i];
1343
1344                 r.in.database_id = database_ids[i];
1345                 r.in.sequence_num = &seq_num;
1346                 r.out.sequence_num = &seq_num;
1347
1348                 if (seq_num == 0) continue;
1349
1350                 /* this shows that the bdc doesn't need to do a single call for
1351                  * each seqnumber, and the pdc doesn't need to know about old values
1352                  * -- metze
1353                  */
1354                 seq_num -= 10;
1355
1356                 printf("Testing DatabaseDeltas of id %d at %llu\n", 
1357                        r.in.database_id, (long long)seq_num);
1358
1359                 do {
1360                         loop_ctx = talloc_named(mem_ctx, 0, "test_DatabaseDeltas loop context");
1361                         creds_client_authenticator(samsync_state->creds, &credential);
1362
1363                         status = dcerpc_netr_DatabaseDeltas(samsync_state->p, loop_ctx, &r);
1364                         if (!NT_STATUS_IS_OK(status) &&
1365                             !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES) &&
1366                             !NT_STATUS_EQUAL(status, NT_STATUS_SYNCHRONIZATION_REQUIRED)) {
1367                                 printf("DatabaseDeltas - %s\n", nt_errstr(status));
1368                                 ret = false;
1369                         }
1370
1371                         if (!creds_client_check(samsync_state->creds, &return_authenticator.cred)) {
1372                                 printf("Credential chaining failed\n");
1373                         }
1374
1375                         seq_num++;
1376                         talloc_free(loop_ctx);
1377                 } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
1378         }
1379
1380         return ret;
1381 }
1382
1383
1384 /*
1385   try a netlogon DatabaseSync2
1386 */
1387 static bool test_DatabaseSync2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, 
1388                                struct creds_CredentialState *creds)
1389 {
1390         NTSTATUS status;
1391         TALLOC_CTX *loop_ctx;
1392         struct netr_DatabaseSync2 r;
1393         const uint32_t database_ids[] = {0, 1, 2}; 
1394         int i;
1395         bool ret = true;
1396
1397         r.in.logon_server = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1398         r.in.computername = TEST_MACHINE_NAME;
1399         r.in.preferredmaximumlength = (uint32_t)-1;
1400         ZERO_STRUCT(r.in.return_authenticator);
1401
1402         for (i=0;i<ARRAY_SIZE(database_ids);i++) {
1403                 r.in.sync_context = 0;
1404                 r.in.database_id = database_ids[i];
1405                 r.in.restart_state = 0;
1406
1407                 printf("Testing DatabaseSync2 of id %d\n", r.in.database_id);
1408
1409                 do {
1410                         loop_ctx = talloc_named(mem_ctx, 0, "test_DatabaseSync2 loop context");
1411                         creds_client_authenticator(creds, &r.in.credential);
1412
1413                         status = dcerpc_netr_DatabaseSync2(p, loop_ctx, &r);
1414                         if (!NT_STATUS_IS_OK(status) &&
1415                             !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
1416                                 printf("DatabaseSync2 - %s\n", nt_errstr(status));
1417                                 ret = false;
1418                         }
1419
1420                         if (!creds_client_check(creds, &r.out.return_authenticator.cred)) {
1421                                 printf("Credential chaining failed\n");
1422                         }
1423
1424                         r.in.sync_context = r.out.sync_context;
1425                         talloc_free(loop_ctx);
1426                 } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
1427         }
1428
1429         return ret;
1430 }
1431
1432
1433
1434 bool torture_rpc_samsync(struct torture_context *torture)
1435 {
1436         NTSTATUS status;
1437         TALLOC_CTX *mem_ctx;
1438         bool ret = true;
1439         struct test_join *join_ctx;
1440         struct test_join *join_ctx2;
1441         struct test_join *user_ctx;
1442         const char *machine_password;
1443         const char *wksta_machine_password;
1444         struct dcerpc_binding *b;
1445         struct dcerpc_binding *b_netlogon_wksta;
1446         struct samr_Connect c;
1447         struct samr_SetDomainInfo s;
1448         struct policy_handle *domain_policy;
1449
1450         struct lsa_ObjectAttribute attr;
1451         struct lsa_QosInfo qos;
1452         struct lsa_OpenPolicy2 r;
1453         struct cli_credentials *credentials;
1454         struct cli_credentials *credentials_wksta;
1455
1456         struct samsync_state *samsync_state;
1457
1458         char *test_machine_account;
1459
1460         char *test_wksta_machine_account;
1461
1462         mem_ctx = talloc_init("torture_rpc_netlogon");
1463         
1464         test_machine_account = talloc_asprintf(mem_ctx, "%s$", TEST_MACHINE_NAME);
1465         join_ctx = torture_create_testuser(torture, test_machine_account, 
1466                                            lp_workgroup(torture->lp_ctx), ACB_SVRTRUST, 
1467                                            &machine_password);
1468         if (!join_ctx) {
1469                 talloc_free(mem_ctx);
1470                 printf("Failed to join as BDC\n");
1471                 return false;
1472         }
1473         
1474         test_wksta_machine_account = talloc_asprintf(mem_ctx, "%s$", TEST_WKSTA_MACHINE_NAME);
1475         join_ctx2 = torture_create_testuser(torture, test_wksta_machine_account, lp_workgroup(torture->lp_ctx), ACB_WSTRUST, &wksta_machine_password);
1476         if (!join_ctx2) {
1477                 talloc_free(mem_ctx);
1478                 printf("Failed to join as member\n");
1479                 return false;
1480         }
1481         
1482         user_ctx = torture_create_testuser(torture, TEST_USER_NAME,
1483                                            lp_workgroup(torture->lp_ctx),
1484                                            ACB_NORMAL, NULL);
1485         if (!user_ctx) {
1486                 talloc_free(mem_ctx);
1487                 printf("Failed to create test account\n");
1488                 return false;
1489         }
1490
1491         samsync_state = talloc_zero(mem_ctx, struct samsync_state);
1492
1493         samsync_state->p_samr = torture_join_samr_pipe(join_ctx);
1494         samsync_state->connect_handle = talloc_zero(samsync_state, struct policy_handle);
1495         samsync_state->lsa_handle = talloc_zero(samsync_state, struct policy_handle);
1496         c.in.system_name = NULL;
1497         c.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1498         c.out.connect_handle = samsync_state->connect_handle;
1499
1500         status = dcerpc_samr_Connect(samsync_state->p_samr, mem_ctx, &c);
1501         if (!NT_STATUS_IS_OK(status)) {
1502                 printf("samr_Connect failed\n");
1503                 ret = false;
1504                 goto failed;
1505         }
1506
1507         domain_policy = samsync_open_domain(mem_ctx, samsync_state, lp_workgroup(torture->lp_ctx), NULL);
1508         if (!domain_policy) {
1509                 printf("samrsync_open_domain failed\n");
1510                 ret = false;
1511                 goto failed;
1512         }
1513         
1514         s.in.domain_handle = domain_policy;
1515         s.in.level = 4;
1516         s.in.info = talloc(mem_ctx, union samr_DomainInfo);
1517         
1518         s.in.info->oem.oem_information.string
1519                 = talloc_asprintf(mem_ctx, 
1520                                   "Tortured by Samba4: %s", 
1521                                   timestring(mem_ctx, time(NULL)));
1522         status = dcerpc_samr_SetDomainInfo(samsync_state->p_samr, mem_ctx, &s);
1523
1524         if (!test_samr_handle_Close(samsync_state->p_samr, mem_ctx, domain_policy)) {
1525                 ret = false;
1526                 goto failed;
1527         }
1528
1529         if (!NT_STATUS_IS_OK(status)) {
1530                 printf("SetDomainInfo level %u failed - %s\n", 
1531                        s.in.level, nt_errstr(status));
1532                 ret = false;
1533                 goto failed;
1534         }
1535         
1536
1537         status = torture_rpc_connection(torture,
1538                                         &samsync_state->p_lsa, 
1539                                         &ndr_table_lsarpc);
1540
1541         if (!NT_STATUS_IS_OK(status)) {
1542                 ret = false;
1543                 goto failed;
1544         }
1545
1546         qos.len = 0;
1547         qos.impersonation_level = 2;
1548         qos.context_mode = 1;
1549         qos.effective_only = 0;
1550
1551         attr.len = 0;
1552         attr.root_dir = NULL;
1553         attr.object_name = NULL;
1554         attr.attributes = 0;
1555         attr.sec_desc = NULL;
1556         attr.sec_qos = &qos;
1557
1558         r.in.system_name = "\\";
1559         r.in.attr = &attr;
1560         r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1561         r.out.handle = samsync_state->lsa_handle;
1562
1563         status = dcerpc_lsa_OpenPolicy2(samsync_state->p_lsa, mem_ctx, &r);
1564         if (!NT_STATUS_IS_OK(status)) {
1565                 printf("OpenPolicy2 failed - %s\n", nt_errstr(status));
1566                 ret = false;
1567                 goto failed;
1568         }
1569
1570         status = torture_rpc_binding(torture, &b);
1571         if (!NT_STATUS_IS_OK(status)) {
1572                 ret = false;
1573                 goto failed;
1574         }
1575
1576         b->flags &= ~DCERPC_AUTH_OPTIONS;
1577         b->flags |= DCERPC_SCHANNEL | DCERPC_SIGN;
1578
1579         credentials = cli_credentials_init(mem_ctx);
1580
1581         cli_credentials_set_workstation(credentials, TEST_MACHINE_NAME, CRED_SPECIFIED);
1582         cli_credentials_set_domain(credentials, lp_workgroup(torture->lp_ctx), CRED_SPECIFIED);
1583         cli_credentials_set_username(credentials, test_machine_account, CRED_SPECIFIED);
1584         cli_credentials_set_password(credentials, machine_password, CRED_SPECIFIED);
1585         cli_credentials_set_secure_channel_type(credentials,
1586                                                 SEC_CHAN_BDC);
1587
1588         status = dcerpc_pipe_connect_b(samsync_state,
1589                                        &samsync_state->p, b, 
1590                                            &ndr_table_netlogon,
1591                                        credentials, torture->ev, torture->lp_ctx);
1592         
1593         if (!NT_STATUS_IS_OK(status)) {
1594                 printf("Failed to connect to server as a BDC: %s\n", nt_errstr(status));
1595                 ret = false;
1596                 goto failed;
1597         }
1598
1599         status = dcerpc_schannel_creds(samsync_state->p->conn->security_state.generic_state, 
1600                                        samsync_state, &samsync_state->creds);
1601         if (!NT_STATUS_IS_OK(status)) {
1602                 ret = false;
1603         }
1604
1605
1606
1607         status = torture_rpc_binding(torture, &b_netlogon_wksta);
1608         if (!NT_STATUS_IS_OK(status)) {
1609                 ret = false;
1610                 goto failed;
1611         }
1612
1613         b_netlogon_wksta->flags &= ~DCERPC_AUTH_OPTIONS;
1614         b_netlogon_wksta->flags |= DCERPC_SCHANNEL | DCERPC_SIGN;
1615
1616         credentials_wksta = cli_credentials_init(mem_ctx);
1617
1618         cli_credentials_set_workstation(credentials_wksta, TEST_WKSTA_MACHINE_NAME, CRED_SPECIFIED);
1619         cli_credentials_set_domain(credentials_wksta, lp_workgroup(torture->lp_ctx), CRED_SPECIFIED);
1620         cli_credentials_set_username(credentials_wksta, test_wksta_machine_account, CRED_SPECIFIED);
1621         cli_credentials_set_password(credentials_wksta, wksta_machine_password, CRED_SPECIFIED);
1622         cli_credentials_set_secure_channel_type(credentials_wksta,
1623                                                 SEC_CHAN_WKSTA);
1624
1625         status = dcerpc_pipe_connect_b(samsync_state, 
1626                                        &samsync_state->p_netlogon_wksta, 
1627                                        b_netlogon_wksta, 
1628                                            &ndr_table_netlogon,
1629                                        credentials_wksta, torture->ev, torture->lp_ctx);
1630
1631         if (!NT_STATUS_IS_OK(status)) {
1632                 printf("Failed to connect to server as a Workstation: %s\n", nt_errstr(status));
1633                 ret = false;
1634                 goto failed;
1635         }
1636
1637         status = dcerpc_schannel_creds(samsync_state->p_netlogon_wksta->conn->security_state.generic_state, 
1638                                        samsync_state, &samsync_state->creds_netlogon_wksta);
1639         if (!NT_STATUS_IS_OK(status)) {
1640                 printf("Failed to obtail schanel creds!\n");
1641                 ret = false;
1642         }
1643
1644         if (!test_DatabaseSync(torture, samsync_state, mem_ctx)) {
1645                 printf("DatabaseSync failed\n");
1646                 ret = false;
1647         }
1648
1649         if (!test_DatabaseDeltas(samsync_state, mem_ctx)) {
1650                 printf("DatabaseDeltas failed\n");
1651                 ret = false;
1652         }
1653
1654         if (!test_DatabaseSync2(samsync_state->p, mem_ctx, samsync_state->creds)) {
1655                 printf("DatabaseSync2 failed\n");
1656                 ret = false;
1657         }
1658 failed:
1659
1660         torture_leave_domain(torture, join_ctx);
1661         torture_leave_domain(torture, join_ctx2);
1662         torture_leave_domain(torture, user_ctx);
1663
1664         talloc_free(mem_ctx);
1665
1666         return ret;
1667 }