2 Unix SMB/CIFS implementation.
6 Copyright (C) Andrew Tridgell 2003
7 Copyright (C) Stefan (metze) Metzmacher 2004
8 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 2 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program; if not, write to the Free Software
22 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
26 #include "librpc/gen_ndr/ndr_drsuapi.h"
27 #include "torture/rpc/drsuapi.h"
29 static BOOL test_DsCrackNamesMatrix(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
30 struct DsPrivate *priv, const char *dn,
31 const char *user_principal_name, const char *service_principal_name)
37 struct drsuapi_DsCrackNames r;
38 struct drsuapi_DsNameString names[1];
39 enum drsuapi_DsNameFormat formats[] = {
40 DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
41 DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
42 DRSUAPI_DS_NAME_FORMAT_DISPLAY,
43 DRSUAPI_DS_NAME_FORMAT_GUID,
44 DRSUAPI_DS_NAME_FORMAT_CANONICAL,
45 DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
46 DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX,
47 DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
48 DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
49 DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN
53 const char *n_matrix[ARRAY_SIZE(formats)][ARRAY_SIZE(formats)];
54 const char *n_from[ARRAY_SIZE(formats)];
57 r.in.bind_handle = &priv->bind_handle;
59 r.in.req.req1.unknown1 = 0x000004e4;
60 r.in.req.req1.unknown2 = 0x00000407;
61 r.in.req.req1.count = 1;
62 r.in.req.req1.names = names;
63 r.in.req.req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS;
67 for (i = 0; i < ARRAY_SIZE(formats); i++) {
68 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
69 r.in.req.req1.format_desired = formats[i];
71 printf("testing DsCrackNames (matrix prep) with name '%s' from format: %d desired format:%d ",
72 names[0].str, r.in.req.req1.format_offered, r.in.req.req1.format_desired);
74 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
75 if (!NT_STATUS_IS_OK(status)) {
76 const char *errstr = nt_errstr(status);
77 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
78 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
80 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
82 } else if (!W_ERROR_IS_OK(r.out.result)) {
83 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
91 case DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL:
92 if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE) {
93 printf(__location__ ": Unexpected error (%d): This name lookup should fail\n",
94 r.out.ctr.ctr1->array[0].status);
97 printf ("(expected) error\n");
99 case DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL:
100 if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NO_MAPPING) {
101 printf(__location__ ": Unexpected error (%d): This name lookup should fail\n",
102 r.out.ctr.ctr1->array[0].status);
105 printf ("(expected) error\n");
107 case DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN:
108 case DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY:
109 if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR) {
110 printf(__location__ ": Unexpected error (%d): This name lookup should fail\n",
111 r.out.ctr.ctr1->array[0].status);
114 printf ("(expected) error\n");
117 if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
118 printf("Error: %d\n", r.out.ctr.ctr1->array[0].status);
123 switch (formats[i]) {
124 case DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL:
125 n_from[i] = user_principal_name;
127 case DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL:
128 n_from[i] = service_principal_name;
130 case DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY:
131 case DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN:
135 n_from[i] = r.out.ctr.ctr1->array[0].result_name;
136 printf("%s\n", n_from[i]);
140 for (i = 0; i < ARRAY_SIZE(formats); i++) {
141 for (j = 0; j < ARRAY_SIZE(formats); j++) {
142 r.in.req.req1.format_offered = formats[i];
143 r.in.req.req1.format_desired = formats[j];
145 n_matrix[i][j] = NULL;
148 names[0].str = n_from[i];
149 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
150 if (!NT_STATUS_IS_OK(status)) {
151 const char *errstr = nt_errstr(status);
152 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
153 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
155 printf("testing DsCrackNames (matrix) with name '%s' from format: %d desired format:%d failed - %s",
156 names[0].str, r.in.req.req1.format_offered, r.in.req.req1.format_desired, errstr);
158 } else if (!W_ERROR_IS_OK(r.out.result)) {
159 printf("testing DsCrackNames (matrix) with name '%s' from format: %d desired format:%d failed - %s",
160 names[0].str, r.in.req.req1.format_offered, r.in.req.req1.format_desired,
161 win_errstr(r.out.result));
168 if (r.out.ctr.ctr1->array[0].status == DRSUAPI_DS_NAME_STATUS_OK) {
169 n_matrix[i][j] = r.out.ctr.ctr1->array[0].result_name;
171 n_matrix[i][j] = NULL;
176 for (i = 0; i < ARRAY_SIZE(formats); i++) {
177 for (j = 0; j < ARRAY_SIZE(formats); j++) {
178 if (n_matrix[i][j] == n_from[j]) {
180 /* We don't have a from name for these yet (and we can't map to them to find it out) */
181 } else if (n_matrix[i][j] == NULL && n_from[i] == NULL) {
183 /* we can't map to these two */
184 } else if (n_matrix[i][j] == NULL && formats[j] == DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL) {
185 } else if (n_matrix[i][j] == NULL && formats[j] == DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL) {
186 } else if (n_matrix[i][j] == NULL && n_from[j] != NULL) {
187 printf("dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s\n", formats[i], formats[j], n_matrix[i][j], n_from[j]);
189 } else if (n_matrix[i][j] != NULL && n_from[j] == NULL) {
190 printf("dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s\n", formats[i], formats[j], n_matrix[i][j], n_from[j]);
192 } else if (strcmp(n_matrix[i][j], n_from[j]) != 0) {
193 printf("dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s\n", formats[i], formats[j], n_matrix[i][j], n_from[j]);
201 BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
202 struct DsPrivate *priv, const char *test_dc)
205 struct drsuapi_DsCrackNames r;
206 struct drsuapi_DsNameString names[1];
208 const char *dns_domain;
209 const char *nt4_domain;
210 const char *FQDN_1779_name;
211 const char *user_principal_name;
212 const char *service_principal_name;
215 r.in.bind_handle = &priv->bind_handle;
217 r.in.req.req1.unknown1 = 0x000004e4;
218 r.in.req.req1.unknown2 = 0x00000407;
219 r.in.req.req1.count = 1;
220 r.in.req.req1.names = names;
221 r.in.req.req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS;
223 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_CANONICAL;
224 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
225 names[0].str = talloc_asprintf(mem_ctx, "%s/", lp_realm());
227 printf("testing DsCrackNames with name '%s' desired format:%d\n",
228 names[0].str, r.in.req.req1.format_desired);
230 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
231 if (!NT_STATUS_IS_OK(status)) {
232 const char *errstr = nt_errstr(status);
233 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
234 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
236 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
238 } else if (!W_ERROR_IS_OK(r.out.result)) {
239 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
241 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
242 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
250 dns_domain = r.out.ctr.ctr1->array[0].dns_domain_name;
251 nt4_domain = r.out.ctr.ctr1->array[0].result_name;
253 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_GUID;
255 printf("testing DsCrackNames with name '%s' desired format:%d\n",
256 names[0].str, r.in.req.req1.format_desired);
258 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
259 if (!NT_STATUS_IS_OK(status)) {
260 const char *errstr = nt_errstr(status);
261 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
262 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
264 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
266 } else if (!W_ERROR_IS_OK(r.out.result)) {
267 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
269 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
270 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
278 priv->domain_dns_name = r.out.ctr.ctr1->array[0].dns_domain_name;
279 priv->domain_guid_str = r.out.ctr.ctr1->array[0].result_name;
280 GUID_from_string(priv->domain_guid_str, &priv->domain_guid);
282 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
284 printf("testing DsCrackNames with name '%s' desired format:%d\n",
285 names[0].str, r.in.req.req1.format_desired);
287 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
288 if (!NT_STATUS_IS_OK(status)) {
289 const char *errstr = nt_errstr(status);
290 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
291 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
293 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
295 } else if (!W_ERROR_IS_OK(r.out.result)) {
296 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
298 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
299 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
307 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID;
308 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
309 names[0].str = priv->domain_guid_str;
311 printf("testing DsCrackNames with GUID '%s' desired format:%d\n",
312 names[0].str, r.in.req.req1.format_desired);
314 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
315 if (!NT_STATUS_IS_OK(status)) {
316 const char *errstr = nt_errstr(status);
317 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
318 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
320 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
322 } else if (!W_ERROR_IS_OK(r.out.result)) {
323 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
325 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
326 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
334 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
335 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
336 names[0].str = nt4_domain;
338 printf("testing DsCrackNames with name '%s' desired format:%d\n",
339 names[0].str, r.in.req.req1.format_desired);
341 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
342 if (!NT_STATUS_IS_OK(status)) {
343 const char *errstr = nt_errstr(status);
344 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
345 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
347 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
349 } else if (!W_ERROR_IS_OK(r.out.result)) {
350 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
352 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
353 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
361 priv->domain_obj_dn = r.out.ctr.ctr1->array[0].result_name;
363 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
364 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
365 names[0].str = talloc_asprintf(mem_ctx, "%s%s$", nt4_domain, test_dc);
367 printf("testing DsCrackNames with name '%s' desired format:%d\n",
368 names[0].str, r.in.req.req1.format_desired);
370 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
371 if (!NT_STATUS_IS_OK(status)) {
372 const char *errstr = nt_errstr(status);
373 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
374 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
376 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
378 } else if (!W_ERROR_IS_OK(r.out.result)) {
379 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
381 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
382 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
390 FQDN_1779_name = r.out.ctr.ctr1->array[0].result_name;
392 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL;
393 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
394 names[0].str = talloc_asprintf(mem_ctx, "%s$@%s", test_dc, dns_domain);
395 user_principal_name = names[0].str;
397 printf("testing DsCrackNames with name '%s' desired format:%d\n",
398 names[0].str, r.in.req.req1.format_desired);
400 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
401 if (!NT_STATUS_IS_OK(status)) {
402 const char *errstr = nt_errstr(status);
403 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
404 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
406 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
408 } else if (!W_ERROR_IS_OK(r.out.result)) {
409 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
411 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
412 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
420 if (strcmp(r.out.ctr.ctr1->array[0].result_name, FQDN_1779_name) != 0) {
421 printf("DsCrackNames failed - %s != %s\n", r.out.ctr.ctr1->array[0].result_name, FQDN_1779_name);
425 service_principal_name = talloc_asprintf(mem_ctx, "HOST/%s", test_dc);
429 enum drsuapi_DsNameFormat format_offered;
430 enum drsuapi_DsNameFormat format_desired;
433 const char *expected_str;
434 enum drsuapi_DsNameStatus status;
437 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
438 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
439 .str = service_principal_name,
440 .expected_str = FQDN_1779_name,
441 .status = DRSUAPI_DS_NAME_STATUS_OK
444 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
445 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
446 .str = talloc_asprintf(mem_ctx, "cifs/%s.%s", test_dc, dns_domain),
447 .comment = "ServicePrincipal Name",
448 .expected_str = FQDN_1779_name,
449 .status = DRSUAPI_DS_NAME_STATUS_OK
452 .format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
453 .format_desired = DRSUAPI_DS_NAME_FORMAT_CANONICAL,
454 .str = FQDN_1779_name,
455 .status = DRSUAPI_DS_NAME_STATUS_OK
458 .format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
459 .format_desired = DRSUAPI_DS_NAME_FORMAT_DISPLAY,
460 .str = FQDN_1779_name,
461 .status = DRSUAPI_DS_NAME_STATUS_OK
464 .format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
465 .format_desired = DRSUAPI_DS_NAME_FORMAT_GUID,
466 .str = FQDN_1779_name,
467 .status = DRSUAPI_DS_NAME_STATUS_OK
470 .format_offered = DRSUAPI_DS_NAME_FORMAT_DISPLAY,
471 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
472 .str = "CN=Microsoft Corporation,L=Redmond,S=Washington,C=US",
473 .comment = "display name for Microsoft Support Account",
474 .status = DRSUAPI_DS_NAME_STATUS_OK
477 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
478 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
479 .str = GUID_string2(mem_ctx, &priv->dcinfo.site_guid),
480 .comment = "Site GUID",
481 .status = DRSUAPI_DS_NAME_STATUS_OK
484 .format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
485 .str = GUID_string2(mem_ctx, &priv->dcinfo.computer_guid),
486 .comment = "Computer GUID",
487 .status = DRSUAPI_DS_NAME_STATUS_OK
490 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
491 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
492 .str = GUID_string2(mem_ctx, &priv->dcinfo.server_guid),
493 .comment = "Server GUID",
494 .status = DRSUAPI_DS_NAME_STATUS_OK
497 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
498 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
499 .str = GUID_string2(mem_ctx, &priv->dcinfo.ntds_guid),
500 .comment = "NTDS GUID",
501 .status = DRSUAPI_DS_NAME_STATUS_OK
504 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
505 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
507 .comment = "BUILTIN domain SID",
508 .status = DRSUAPI_DS_NAME_STATUS_OK
511 .format_offered = DRSUAPI_DS_NAME_FORMAT_DISPLAY,
512 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
514 .comment = "DISPAY NAME search for DC short name",
515 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
518 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
519 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
520 .str = talloc_asprintf(mem_ctx, "krbtgt/%s", dns_domain),
521 .comment = "Looking for KRBTGT as a serivce principal",
522 .status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY
525 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
526 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
527 .str = talloc_asprintf(mem_ctx, "krbtgt"),
528 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
531 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
532 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
533 .str = talloc_asprintf(mem_ctx, "cifs/%s.%s@%s",
536 .status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY
539 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
540 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
542 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
545 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
546 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
548 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
551 .format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
552 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
553 .str = "NOT AN NT4 NAME",
554 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
557 .format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
558 .format_desired = DRSUAPI_DS_NAME_FORMAT_GUID,
559 .comment = "Unparsable DN",
561 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
564 .format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
565 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
566 .comment = "Unparsable user principal",
567 .str = "NOT A PRINCIPAL",
568 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
571 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
572 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
573 .comment = "Unparsable service principal",
574 .str = "NOT A SERVICE PRINCIPAL",
575 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
578 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
579 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
580 .comment = "BIND GUID (ie, not in the directory)",
581 .str = GUID_string2(mem_ctx, &priv->bind_guid),
582 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
585 .format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
586 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
587 .comment = "Unqualified Machine account as user principal",
588 .str = talloc_asprintf(mem_ctx, "%s$", test_dc),
589 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
592 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
593 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
594 .comment = "Machine account as service principal",
595 .str = talloc_asprintf(mem_ctx, "%s$", test_dc),
596 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
599 .format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
600 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
601 .comment = "Realm as an NT4 domain lookup",
602 .str = talloc_asprintf(mem_ctx, "%s\\", lp_realm()),
603 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
606 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
607 .format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
608 .comment = "BUITIN SID -> NT4 account",
610 .status = DRSUAPI_DS_NAME_STATUS_NO_MAPPING
613 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
614 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
615 .str = SID_BUILTIN_ADMINISTRATORS,
616 .status = DRSUAPI_DS_NAME_STATUS_OK
619 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
620 .format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
621 .str = SID_BUILTIN_ADMINISTRATORS,
622 .status = DRSUAPI_DS_NAME_STATUS_OK
625 .format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
626 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
628 .status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY
633 for (i=0; i < ARRAY_SIZE(crack); i++) {
634 r.in.req.req1.format_offered = crack[i].format_offered;
635 r.in.req.req1.format_desired = crack[i].format_desired;
636 names[0].str = crack[i].str;
638 if (crack[i].comment) {
639 printf("testing DsCrackNames '%s' with name '%s' desired format:%d\n",
640 crack[i].comment, names[0].str, r.in.req.req1.format_desired);
642 printf("testing DsCrackNames with name '%s' desired format:%d\n",
643 names[0].str, r.in.req.req1.format_desired);
645 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
646 if (!NT_STATUS_IS_OK(status)) {
647 const char *errstr = nt_errstr(status);
648 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
649 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
651 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
653 } else if (!W_ERROR_IS_OK(r.out.result)) {
654 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
656 } else if (r.out.ctr.ctr1->array[0].status != crack[i].status) {
657 printf("DsCrackNames unexpected error %d, wanted %d on name: %s\n",
658 r.out.ctr.ctr1->array[0].status,
663 if (crack[i].expected_str
664 && (strcmp(r.out.ctr.ctr1->array[0].result_name,
665 crack[i].expected_str) != 0)) {
666 printf("DsCrackNames failed - got %s, expected %s\n",
667 r.out.ctr.ctr1->array[0].result_name,
668 crack[i].expected_str);
674 if (!test_DsCrackNamesMatrix(p, mem_ctx, priv, FQDN_1779_name,
675 user_principal_name, service_principal_name)) {
682 BOOL torture_rpc_drsuapi_cracknames(void)
685 struct dcerpc_pipe *p;
688 struct DsPrivate priv;
690 mem_ctx = talloc_init("torture_rpc_drsuapi");
692 status = torture_rpc_connection(mem_ctx,
696 DCERPC_DRSUAPI_VERSION);
697 if (!NT_STATUS_IS_OK(status)) {
698 talloc_free(mem_ctx);
702 printf("Connected to DRAUAPI pipe\n");
706 ret &= test_DsBind(p, mem_ctx, &priv);
708 ret &= test_DsCrackNames(p, mem_ctx, &priv, lp_parm_string(-1, "torture", "host"));
710 ret &= test_DsUnbind(p, mem_ctx, &priv);
712 talloc_free(mem_ctx);