2 Unix SMB/CIFS implementation.
3 test suite for samr rpc operations
5 Copyright (C) Andrew Tridgell 2003
6 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2003
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "torture/torture.h"
25 #include "system/time.h"
26 #include "librpc/gen_ndr/lsa.h"
27 #include "librpc/gen_ndr/ndr_samr_c.h"
28 #include "lib/crypto/crypto.h"
29 #include "libcli/auth/libcli_auth.h"
30 #include "libcli/security/security.h"
31 #include "torture/rpc/rpc.h"
33 #define TEST_ACCOUNT_NAME "samrtorturetest"
34 #define TEST_ALIASNAME "samrtorturetestalias"
35 #define TEST_GROUPNAME "samrtorturetestgroup"
36 #define TEST_MACHINENAME "samrtestmach$"
37 #define TEST_DOMAINNAME "samrtestdom$"
39 enum torture_samr_choice {
40 TORTURE_SAMR_PASSWORDS,
41 TORTURE_SAMR_USER_ATTRIBUTES,
45 static BOOL test_QueryUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
46 struct policy_handle *handle);
48 static BOOL test_QueryUserInfo2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
49 struct policy_handle *handle);
51 static BOOL test_QueryAliasInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
52 struct policy_handle *handle);
54 static BOOL test_ChangePassword(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
55 const char *acct_name,
56 struct policy_handle *domain_handle, char **password);
58 static void init_lsa_String(struct lsa_String *string, const char *s)
63 BOOL test_samr_handle_Close(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
64 struct policy_handle *handle)
70 r.out.handle = handle;
72 status = dcerpc_samr_Close(p, mem_ctx, &r);
73 if (!NT_STATUS_IS_OK(status)) {
74 printf("Close handle failed - %s\n", nt_errstr(status));
81 static BOOL test_Shutdown(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
82 struct policy_handle *handle)
85 struct samr_Shutdown r;
87 if (!lp_parm_bool(-1, "torture", "dangerous", False)) {
88 printf("samr_Shutdown disabled - enable dangerous tests to use\n");
92 r.in.connect_handle = handle;
94 printf("testing samr_Shutdown\n");
96 status = dcerpc_samr_Shutdown(p, mem_ctx, &r);
97 if (!NT_STATUS_IS_OK(status)) {
98 printf("samr_Shutdown failed - %s\n", nt_errstr(status));
105 static BOOL test_SetDsrmPassword(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
106 struct policy_handle *handle)
109 struct samr_SetDsrmPassword r;
110 struct lsa_String string;
111 struct samr_Password hash;
113 if (!lp_parm_bool(-1, "torture", "dangerous", False)) {
114 printf("samr_SetDsrmPassword disabled - enable dangerous tests to use\n");
118 E_md4hash("TeSTDSRM123", hash.hash);
120 init_lsa_String(&string, "Administrator");
126 printf("testing samr_SetDsrmPassword\n");
128 status = dcerpc_samr_SetDsrmPassword(p, mem_ctx, &r);
129 if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
130 printf("samr_SetDsrmPassword failed - %s\n", nt_errstr(status));
138 static BOOL test_QuerySecurity(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
139 struct policy_handle *handle)
142 struct samr_QuerySecurity r;
143 struct samr_SetSecurity s;
145 r.in.handle = handle;
148 status = dcerpc_samr_QuerySecurity(p, mem_ctx, &r);
149 if (!NT_STATUS_IS_OK(status)) {
150 printf("QuerySecurity failed - %s\n", nt_errstr(status));
154 if (r.out.sdbuf == NULL) {
158 s.in.handle = handle;
160 s.in.sdbuf = r.out.sdbuf;
162 if (lp_parm_bool(-1, "target", "samba4", False)) {
163 printf("skipping SetSecurity test against Samba4\n");
167 status = dcerpc_samr_SetSecurity(p, mem_ctx, &s);
168 if (!NT_STATUS_IS_OK(status)) {
169 printf("SetSecurity failed - %s\n", nt_errstr(status));
173 status = dcerpc_samr_QuerySecurity(p, mem_ctx, &r);
174 if (!NT_STATUS_IS_OK(status)) {
175 printf("QuerySecurity failed - %s\n", nt_errstr(status));
183 static BOOL test_SetUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
184 struct policy_handle *handle, uint32_t base_acct_flags,
185 const char *base_account_name)
188 struct samr_SetUserInfo s;
189 struct samr_SetUserInfo2 s2;
190 struct samr_QueryUserInfo q;
191 struct samr_QueryUserInfo q0;
192 union samr_UserInfo u;
194 const char *test_account_name;
196 uint32_t user_extra_flags = 0;
197 if (base_acct_flags == ACB_NORMAL) {
198 /* When created, accounts are expired by default */
199 user_extra_flags = ACB_PW_EXPIRED;
202 s.in.user_handle = handle;
205 s2.in.user_handle = handle;
208 q.in.user_handle = handle;
212 #define TESTCALL(call, r) \
213 status = dcerpc_samr_ ##call(p, mem_ctx, &r); \
214 if (!NT_STATUS_IS_OK(status)) { \
215 printf(#call " level %u failed - %s (%s)\n", \
216 r.in.level, nt_errstr(status), __location__); \
221 #define STRING_EQUAL(s1, s2, field) \
222 if ((s1 && !s2) || (s2 && !s1) || strcmp(s1, s2)) { \
223 printf("Failed to set %s to '%s' (%s)\n", \
224 #field, s2, __location__); \
229 #define INT_EQUAL(i1, i2, field) \
231 printf("Failed to set %s to 0x%x - got 0x%x (%s)\n", \
232 #field, i2, i1, __location__); \
237 #define TEST_USERINFO_STRING(lvl1, field1, lvl2, field2, value, fpval) do { \
238 printf("field test %d/%s vs %d/%s\n", lvl1, #field1, lvl2, #field2); \
240 TESTCALL(QueryUserInfo, q) \
242 s2.in.level = lvl1; \
245 ZERO_STRUCT(u.info21); \
246 u.info21.fields_present = fpval; \
248 init_lsa_String(&u.info ## lvl1.field1, value); \
249 TESTCALL(SetUserInfo, s) \
250 TESTCALL(SetUserInfo2, s2) \
251 init_lsa_String(&u.info ## lvl1.field1, ""); \
252 TESTCALL(QueryUserInfo, q); \
254 STRING_EQUAL(u.info ## lvl1.field1.string, value, field1); \
256 TESTCALL(QueryUserInfo, q) \
258 STRING_EQUAL(u.info ## lvl2.field2.string, value, field2); \
261 #define TEST_USERINFO_INT_EXP(lvl1, field1, lvl2, field2, value, exp_value, fpval) do { \
262 printf("field test %d/%s vs %d/%s\n", lvl1, #field1, lvl2, #field2); \
264 TESTCALL(QueryUserInfo, q) \
266 s2.in.level = lvl1; \
269 uint8_t *bits = u.info21.logon_hours.bits; \
270 ZERO_STRUCT(u.info21); \
271 if (fpval == SAMR_FIELD_LOGON_HOURS) { \
272 u.info21.logon_hours.units_per_week = 168; \
273 u.info21.logon_hours.bits = bits; \
275 u.info21.fields_present = fpval; \
277 u.info ## lvl1.field1 = value; \
278 TESTCALL(SetUserInfo, s) \
279 TESTCALL(SetUserInfo2, s2) \
280 u.info ## lvl1.field1 = 0; \
281 TESTCALL(QueryUserInfo, q); \
283 INT_EQUAL(u.info ## lvl1.field1, exp_value, field1); \
285 TESTCALL(QueryUserInfo, q) \
287 INT_EQUAL(u.info ## lvl2.field2, exp_value, field1); \
290 #define TEST_USERINFO_INT(lvl1, field1, lvl2, field2, value, fpval) do { \
291 TEST_USERINFO_INT_EXP(lvl1, field1, lvl2, field2, value, value, fpval); \
295 do { TESTCALL(QueryUserInfo, q0) } while (0);
297 TEST_USERINFO_STRING(2, comment, 1, comment, "xx2-1 comment", 0);
298 TEST_USERINFO_STRING(2, comment, 21, comment, "xx2-21 comment", 0);
299 TEST_USERINFO_STRING(21, comment, 21, comment, "xx21-21 comment",
302 test_account_name = talloc_asprintf(mem_ctx, "%sxx7-1", base_account_name);
303 TEST_USERINFO_STRING(7, account_name, 1, account_name, base_account_name, 0);
304 test_account_name = talloc_asprintf(mem_ctx, "%sxx7-3", base_account_name);
305 TEST_USERINFO_STRING(7, account_name, 3, account_name, base_account_name, 0);
306 test_account_name = talloc_asprintf(mem_ctx, "%sxx7-5", base_account_name);
307 TEST_USERINFO_STRING(7, account_name, 5, account_name, base_account_name, 0);
308 test_account_name = talloc_asprintf(mem_ctx, "%sxx7-6", base_account_name);
309 TEST_USERINFO_STRING(7, account_name, 6, account_name, base_account_name, 0);
310 test_account_name = talloc_asprintf(mem_ctx, "%sxx7-7", base_account_name);
311 TEST_USERINFO_STRING(7, account_name, 7, account_name, base_account_name, 0);
312 test_account_name = talloc_asprintf(mem_ctx, "%sxx7-21", base_account_name);
313 TEST_USERINFO_STRING(7, account_name, 21, account_name, base_account_name, 0);
314 test_account_name = base_account_name;
315 TEST_USERINFO_STRING(21, account_name, 21, account_name, base_account_name,
316 SAMR_FIELD_ACCOUNT_NAME);
318 TEST_USERINFO_STRING(6, full_name, 1, full_name, "xx6-1 full_name", 0);
319 TEST_USERINFO_STRING(6, full_name, 3, full_name, "xx6-3 full_name", 0);
320 TEST_USERINFO_STRING(6, full_name, 5, full_name, "xx6-5 full_name", 0);
321 TEST_USERINFO_STRING(6, full_name, 6, full_name, "xx6-6 full_name", 0);
322 TEST_USERINFO_STRING(6, full_name, 8, full_name, "xx6-8 full_name", 0);
323 TEST_USERINFO_STRING(6, full_name, 21, full_name, "xx6-21 full_name", 0);
324 TEST_USERINFO_STRING(8, full_name, 21, full_name, "xx8-21 full_name", 0);
325 TEST_USERINFO_STRING(21, full_name, 21, full_name, "xx21-21 full_name",
326 SAMR_FIELD_FULL_NAME);
328 TEST_USERINFO_STRING(11, logon_script, 3, logon_script, "xx11-3 logon_script", 0);
329 TEST_USERINFO_STRING(11, logon_script, 5, logon_script, "xx11-5 logon_script", 0);
330 TEST_USERINFO_STRING(11, logon_script, 21, logon_script, "xx11-21 logon_script", 0);
331 TEST_USERINFO_STRING(21, logon_script, 21, logon_script, "xx21-21 logon_script",
332 SAMR_FIELD_LOGON_SCRIPT);
334 TEST_USERINFO_STRING(12, profile_path, 3, profile_path, "xx12-3 profile_path", 0);
335 TEST_USERINFO_STRING(12, profile_path, 5, profile_path, "xx12-5 profile_path", 0);
336 TEST_USERINFO_STRING(12, profile_path, 21, profile_path, "xx12-21 profile_path", 0);
337 TEST_USERINFO_STRING(21, profile_path, 21, profile_path, "xx21-21 profile_path",
338 SAMR_FIELD_PROFILE_PATH);
340 TEST_USERINFO_STRING(13, description, 1, description, "xx13-1 description", 0);
341 TEST_USERINFO_STRING(13, description, 5, description, "xx13-5 description", 0);
342 TEST_USERINFO_STRING(13, description, 21, description, "xx13-21 description", 0);
343 TEST_USERINFO_STRING(21, description, 21, description, "xx21-21 description",
344 SAMR_FIELD_DESCRIPTION);
346 TEST_USERINFO_STRING(14, workstations, 3, workstations, "14workstation3", 0);
347 TEST_USERINFO_STRING(14, workstations, 5, workstations, "14workstation4", 0);
348 TEST_USERINFO_STRING(14, workstations, 21, workstations, "14workstation21", 0);
349 TEST_USERINFO_STRING(21, workstations, 21, workstations, "21workstation21",
350 SAMR_FIELD_WORKSTATIONS);
352 TEST_USERINFO_STRING(20, parameters, 21, parameters, "xx20-21 parameters", 0);
353 TEST_USERINFO_STRING(21, parameters, 21, parameters, "xx21-21 parameters",
354 SAMR_FIELD_PARAMETERS);
356 TEST_USERINFO_INT(2, country_code, 21, country_code, __LINE__, 0);
357 TEST_USERINFO_INT(21, country_code, 21, country_code, __LINE__,
358 SAMR_FIELD_COUNTRY_CODE);
360 TEST_USERINFO_INT(2, code_page, 21, code_page, __LINE__, 0);
361 TEST_USERINFO_INT(21, code_page, 21, code_page, __LINE__,
362 SAMR_FIELD_CODE_PAGE);
364 TEST_USERINFO_INT(4, logon_hours.bits[3], 3, logon_hours.bits[3], 1, 0);
365 TEST_USERINFO_INT(4, logon_hours.bits[3], 5, logon_hours.bits[3], 2, 0);
366 TEST_USERINFO_INT(4, logon_hours.bits[3], 21, logon_hours.bits[3], 3, 0);
367 TEST_USERINFO_INT(21, logon_hours.bits[3], 21, logon_hours.bits[3], 4,
368 SAMR_FIELD_LOGON_HOURS);
370 if (lp_parm_bool(-1, "target", "samba4", False)) {
371 printf("skipping Set Account Flag tests against Samba4\n");
375 TEST_USERINFO_INT_EXP(16, acct_flags, 5, acct_flags,
376 (base_acct_flags | ACB_DISABLED | ACB_HOMDIRREQ),
377 (base_acct_flags | ACB_DISABLED | ACB_HOMDIRREQ | user_extra_flags),
379 TEST_USERINFO_INT_EXP(16, acct_flags, 5, acct_flags,
380 (base_acct_flags | ACB_DISABLED),
381 (base_acct_flags | ACB_DISABLED | user_extra_flags),
384 /* Setting PWNOEXP clears the magic ACB_PW_EXPIRED flag */
385 TEST_USERINFO_INT_EXP(16, acct_flags, 5, acct_flags,
386 (base_acct_flags | ACB_DISABLED | ACB_PWNOEXP),
387 (base_acct_flags | ACB_DISABLED | ACB_PWNOEXP),
389 TEST_USERINFO_INT_EXP(16, acct_flags, 21, acct_flags,
390 (base_acct_flags | ACB_DISABLED | ACB_HOMDIRREQ),
391 (base_acct_flags | ACB_DISABLED | ACB_HOMDIRREQ | user_extra_flags),
395 /* The 'autolock' flag doesn't stick - check this */
396 TEST_USERINFO_INT_EXP(16, acct_flags, 21, acct_flags,
397 (base_acct_flags | ACB_DISABLED | ACB_AUTOLOCK),
398 (base_acct_flags | ACB_DISABLED | user_extra_flags),
401 /* Removing the 'disabled' flag doesn't stick - check this */
402 TEST_USERINFO_INT_EXP(16, acct_flags, 21, acct_flags,
404 (base_acct_flags | ACB_DISABLED | user_extra_flags),
407 /* The 'store plaintext' flag does stick */
408 TEST_USERINFO_INT_EXP(16, acct_flags, 21, acct_flags,
409 (base_acct_flags | ACB_DISABLED | ACB_ENC_TXT_PWD_ALLOWED),
410 (base_acct_flags | ACB_DISABLED | ACB_ENC_TXT_PWD_ALLOWED | user_extra_flags),
412 /* The 'use DES' flag does stick */
413 TEST_USERINFO_INT_EXP(16, acct_flags, 21, acct_flags,
414 (base_acct_flags | ACB_DISABLED | ACB_USE_DES_KEY_ONLY),
415 (base_acct_flags | ACB_DISABLED | ACB_USE_DES_KEY_ONLY | user_extra_flags),
417 /* The 'don't require kerberos pre-authentication flag does stick */
418 TEST_USERINFO_INT_EXP(16, acct_flags, 21, acct_flags,
419 (base_acct_flags | ACB_DISABLED | ACB_DONT_REQUIRE_PREAUTH),
420 (base_acct_flags | ACB_DISABLED | ACB_DONT_REQUIRE_PREAUTH | user_extra_flags),
422 /* The 'no kerberos PAC required' flag sticks */
423 TEST_USERINFO_INT_EXP(16, acct_flags, 21, acct_flags,
424 (base_acct_flags | ACB_DISABLED | ACB_NO_AUTH_DATA_REQD),
425 (base_acct_flags | ACB_DISABLED | ACB_NO_AUTH_DATA_REQD | user_extra_flags),
428 TEST_USERINFO_INT_EXP(21, acct_flags, 21, acct_flags,
429 (base_acct_flags | ACB_DISABLED),
430 (base_acct_flags | ACB_DISABLED | user_extra_flags),
431 SAMR_FIELD_ACCT_FLAGS);
434 /* these fail with win2003 - it appears you can't set the primary gid?
435 the set succeeds, but the gid isn't changed. Very weird! */
436 TEST_USERINFO_INT(9, primary_gid, 1, primary_gid, 513);
437 TEST_USERINFO_INT(9, primary_gid, 3, primary_gid, 513);
438 TEST_USERINFO_INT(9, primary_gid, 5, primary_gid, 513);
439 TEST_USERINFO_INT(9, primary_gid, 21, primary_gid, 513);
446 generate a random password for password change tests
448 static char *samr_rand_pass(TALLOC_CTX *mem_ctx, int min_len)
450 size_t len = MAX(8, min_len) + (random() % 6);
451 char *s = generate_random_str(mem_ctx, len);
452 printf("Generated password '%s'\n", s);
457 generate a random password for password change tests (fixed length)
459 static char *samr_rand_pass_fixed_len(TALLOC_CTX *mem_ctx, int len)
461 char *s = generate_random_str(mem_ctx, len);
462 printf("Generated password '%s'\n", s);
466 static BOOL test_SetUserPass(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
467 struct policy_handle *handle, char **password)
470 struct samr_SetUserInfo s;
471 union samr_UserInfo u;
473 DATA_BLOB session_key;
475 struct samr_GetUserPwInfo pwp;
476 int policy_min_pw_len = 0;
477 pwp.in.user_handle = handle;
479 status = dcerpc_samr_GetUserPwInfo(p, mem_ctx, &pwp);
480 if (NT_STATUS_IS_OK(status)) {
481 policy_min_pw_len = pwp.out.info.min_password_length;
483 newpass = samr_rand_pass(mem_ctx, policy_min_pw_len);
485 s.in.user_handle = handle;
489 encode_pw_buffer(u.info24.password.data, newpass, STR_UNICODE);
490 /* w2k3 ignores this length */
491 u.info24.pw_len = strlen_m(newpass) * 2;
493 status = dcerpc_fetch_session_key(p, &session_key);
494 if (!NT_STATUS_IS_OK(status)) {
495 printf("SetUserInfo level %u - no session key - %s\n",
496 s.in.level, nt_errstr(status));
500 arcfour_crypt_blob(u.info24.password.data, 516, &session_key);
502 printf("Testing SetUserInfo level 24 (set password)\n");
504 status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
505 if (!NT_STATUS_IS_OK(status)) {
506 printf("SetUserInfo level %u failed - %s\n",
507 s.in.level, nt_errstr(status));
517 static BOOL test_SetUserPass_23(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
518 struct policy_handle *handle, uint32_t fields_present,
522 struct samr_SetUserInfo s;
523 union samr_UserInfo u;
525 DATA_BLOB session_key;
527 struct samr_GetUserPwInfo pwp;
528 int policy_min_pw_len = 0;
529 pwp.in.user_handle = handle;
531 status = dcerpc_samr_GetUserPwInfo(p, mem_ctx, &pwp);
532 if (NT_STATUS_IS_OK(status)) {
533 policy_min_pw_len = pwp.out.info.min_password_length;
535 newpass = samr_rand_pass(mem_ctx, policy_min_pw_len);
537 s.in.user_handle = handle;
543 u.info23.info.fields_present = fields_present;
545 encode_pw_buffer(u.info23.password.data, newpass, STR_UNICODE);
547 status = dcerpc_fetch_session_key(p, &session_key);
548 if (!NT_STATUS_IS_OK(status)) {
549 printf("SetUserInfo level %u - no session key - %s\n",
550 s.in.level, nt_errstr(status));
554 arcfour_crypt_blob(u.info23.password.data, 516, &session_key);
556 printf("Testing SetUserInfo level 23 (set password)\n");
558 status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
559 if (!NT_STATUS_IS_OK(status)) {
560 printf("SetUserInfo level %u failed - %s\n",
561 s.in.level, nt_errstr(status));
571 static BOOL test_SetUserPassEx(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
572 struct policy_handle *handle, char **password)
575 struct samr_SetUserInfo s;
576 union samr_UserInfo u;
578 DATA_BLOB session_key;
579 DATA_BLOB confounded_session_key = data_blob_talloc(mem_ctx, NULL, 16);
580 uint8_t confounder[16];
582 struct MD5Context ctx;
583 struct samr_GetUserPwInfo pwp;
584 int policy_min_pw_len = 0;
585 pwp.in.user_handle = handle;
587 status = dcerpc_samr_GetUserPwInfo(p, mem_ctx, &pwp);
588 if (NT_STATUS_IS_OK(status)) {
589 policy_min_pw_len = pwp.out.info.min_password_length;
591 newpass = samr_rand_pass(mem_ctx, policy_min_pw_len);
593 s.in.user_handle = handle;
597 encode_pw_buffer(u.info26.password.data, newpass, STR_UNICODE);
598 u.info26.pw_len = strlen(newpass);
600 status = dcerpc_fetch_session_key(p, &session_key);
601 if (!NT_STATUS_IS_OK(status)) {
602 printf("SetUserInfo level %u - no session key - %s\n",
603 s.in.level, nt_errstr(status));
607 generate_random_buffer((uint8_t *)confounder, 16);
610 MD5Update(&ctx, confounder, 16);
611 MD5Update(&ctx, session_key.data, session_key.length);
612 MD5Final(confounded_session_key.data, &ctx);
614 arcfour_crypt_blob(u.info26.password.data, 516, &confounded_session_key);
615 memcpy(&u.info26.password.data[516], confounder, 16);
617 printf("Testing SetUserInfo level 26 (set password ex)\n");
619 status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
620 if (!NT_STATUS_IS_OK(status)) {
621 printf("SetUserInfo level %u failed - %s\n",
622 s.in.level, nt_errstr(status));
631 static BOOL test_SetUserPass_25(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
632 struct policy_handle *handle, uint32_t fields_present,
636 struct samr_SetUserInfo s;
637 union samr_UserInfo u;
639 DATA_BLOB session_key;
640 DATA_BLOB confounded_session_key = data_blob_talloc(mem_ctx, NULL, 16);
641 struct MD5Context ctx;
642 uint8_t confounder[16];
644 struct samr_GetUserPwInfo pwp;
645 int policy_min_pw_len = 0;
646 pwp.in.user_handle = handle;
648 status = dcerpc_samr_GetUserPwInfo(p, mem_ctx, &pwp);
649 if (NT_STATUS_IS_OK(status)) {
650 policy_min_pw_len = pwp.out.info.min_password_length;
652 newpass = samr_rand_pass(mem_ctx, policy_min_pw_len);
654 s.in.user_handle = handle;
660 u.info25.info.fields_present = fields_present;
662 encode_pw_buffer(u.info25.password.data, newpass, STR_UNICODE);
664 status = dcerpc_fetch_session_key(p, &session_key);
665 if (!NT_STATUS_IS_OK(status)) {
666 printf("SetUserInfo level %u - no session key - %s\n",
667 s.in.level, nt_errstr(status));
671 generate_random_buffer((uint8_t *)confounder, 16);
674 MD5Update(&ctx, confounder, 16);
675 MD5Update(&ctx, session_key.data, session_key.length);
676 MD5Final(confounded_session_key.data, &ctx);
678 arcfour_crypt_blob(u.info25.password.data, 516, &confounded_session_key);
679 memcpy(&u.info25.password.data[516], confounder, 16);
681 printf("Testing SetUserInfo level 25 (set password ex)\n");
683 status = dcerpc_samr_SetUserInfo(p, mem_ctx, &s);
684 if (!NT_STATUS_IS_OK(status)) {
685 printf("SetUserInfo level %u failed - %s\n",
686 s.in.level, nt_errstr(status));
695 static BOOL test_SetAliasInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
696 struct policy_handle *handle)
699 struct samr_SetAliasInfo r;
700 struct samr_QueryAliasInfo q;
701 uint16_t levels[] = {2, 3};
705 /* Ignoring switch level 1, as that includes the number of members for the alias
706 * and setting this to a wrong value might have negative consequences
709 for (i=0;i<ARRAY_SIZE(levels);i++) {
710 printf("Testing SetAliasInfo level %u\n", levels[i]);
712 r.in.alias_handle = handle;
713 r.in.level = levels[i];
714 r.in.info = talloc(mem_ctx, union samr_AliasInfo);
715 switch (r.in.level) {
716 case ALIASINFONAME: init_lsa_String(&r.in.info->name,TEST_ALIASNAME); break;
717 case ALIASINFODESCRIPTION: init_lsa_String(&r.in.info->description,
718 "Test Description, should test I18N as well"); break;
721 status = dcerpc_samr_SetAliasInfo(p, mem_ctx, &r);
722 if (!NT_STATUS_IS_OK(status)) {
723 printf("SetAliasInfo level %u failed - %s\n",
724 levels[i], nt_errstr(status));
728 q.in.alias_handle = handle;
729 q.in.level = levels[i];
731 status = dcerpc_samr_QueryAliasInfo(p, mem_ctx, &q);
732 if (!NT_STATUS_IS_OK(status)) {
733 printf("QueryAliasInfo level %u failed - %s\n",
734 levels[i], nt_errstr(status));
742 static BOOL test_GetGroupsForUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
743 struct policy_handle *user_handle)
745 struct samr_GetGroupsForUser r;
749 printf("testing GetGroupsForUser\n");
751 r.in.user_handle = user_handle;
753 status = dcerpc_samr_GetGroupsForUser(p, mem_ctx, &r);
754 if (!NT_STATUS_IS_OK(status)) {
755 printf("GetGroupsForUser failed - %s\n",nt_errstr(status));
763 static BOOL test_GetDomPwInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
764 struct lsa_String *domain_name)
767 struct samr_GetDomPwInfo r;
770 r.in.domain_name = domain_name;
771 printf("Testing GetDomPwInfo with name %s\n", r.in.domain_name->string);
773 status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &r);
774 if (!NT_STATUS_IS_OK(status)) {
775 printf("GetDomPwInfo failed - %s\n", nt_errstr(status));
779 r.in.domain_name->string = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
780 printf("Testing GetDomPwInfo with name %s\n", r.in.domain_name->string);
782 status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &r);
783 if (!NT_STATUS_IS_OK(status)) {
784 printf("GetDomPwInfo failed - %s\n", nt_errstr(status));
788 r.in.domain_name->string = "\\\\__NONAME__";
789 printf("Testing GetDomPwInfo with name %s\n", r.in.domain_name->string);
791 status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &r);
792 if (!NT_STATUS_IS_OK(status)) {
793 printf("GetDomPwInfo failed - %s\n", nt_errstr(status));
797 r.in.domain_name->string = "\\\\Builtin";
798 printf("Testing GetDomPwInfo with name %s\n", r.in.domain_name->string);
800 status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &r);
801 if (!NT_STATUS_IS_OK(status)) {
802 printf("GetDomPwInfo failed - %s\n", nt_errstr(status));
810 static BOOL test_GetUserPwInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
811 struct policy_handle *handle)
814 struct samr_GetUserPwInfo r;
817 printf("Testing GetUserPwInfo\n");
819 r.in.user_handle = handle;
821 status = dcerpc_samr_GetUserPwInfo(p, mem_ctx, &r);
822 if (!NT_STATUS_IS_OK(status)) {
823 printf("GetUserPwInfo failed - %s\n", nt_errstr(status));
830 static NTSTATUS test_LookupName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
831 struct policy_handle *domain_handle, const char *name,
835 struct samr_LookupNames n;
836 struct lsa_String sname[2];
838 init_lsa_String(&sname[0], name);
840 n.in.domain_handle = domain_handle;
843 status = dcerpc_samr_LookupNames(p, mem_ctx, &n);
844 if (NT_STATUS_IS_OK(status)) {
845 *rid = n.out.rids.ids[0];
850 init_lsa_String(&sname[1], "xxNONAMExx");
852 status = dcerpc_samr_LookupNames(p, mem_ctx, &n);
853 if (!NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
854 printf("LookupNames[2] failed - %s\n", nt_errstr(status));
858 init_lsa_String(&sname[1], "xxNONAMExx");
860 status = dcerpc_samr_LookupNames(p, mem_ctx, &n);
861 if (!NT_STATUS_IS_OK(status)) {
862 printf("LookupNames[0] failed - %s\n", nt_errstr(status));
868 static NTSTATUS test_OpenUser_byname(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
869 struct policy_handle *domain_handle,
870 const char *name, struct policy_handle *user_handle)
873 struct samr_OpenUser r;
876 status = test_LookupName(p, mem_ctx, domain_handle, name, &rid);
877 if (!NT_STATUS_IS_OK(status)) {
881 r.in.domain_handle = domain_handle;
882 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
884 r.out.user_handle = user_handle;
885 status = dcerpc_samr_OpenUser(p, mem_ctx, &r);
886 if (!NT_STATUS_IS_OK(status)) {
887 printf("OpenUser_byname(%s -> %d) failed - %s\n", name, rid, nt_errstr(status));
894 static BOOL test_ChangePasswordNT3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
895 struct policy_handle *handle)
898 struct samr_ChangePasswordUser r;
900 struct samr_Password hash1, hash2, hash3, hash4, hash5, hash6;
901 struct policy_handle user_handle;
902 char *oldpass = "test";
903 char *newpass = "test2";
904 uint8_t old_nt_hash[16], new_nt_hash[16];
905 uint8_t old_lm_hash[16], new_lm_hash[16];
907 status = test_OpenUser_byname(p, mem_ctx, handle, "testuser", &user_handle);
908 if (!NT_STATUS_IS_OK(status)) {
912 printf("Testing ChangePasswordUser for user 'testuser'\n");
914 printf("old password: %s\n", oldpass);
915 printf("new password: %s\n", newpass);
917 E_md4hash(oldpass, old_nt_hash);
918 E_md4hash(newpass, new_nt_hash);
919 E_deshash(oldpass, old_lm_hash);
920 E_deshash(newpass, new_lm_hash);
922 E_old_pw_hash(new_lm_hash, old_lm_hash, hash1.hash);
923 E_old_pw_hash(old_lm_hash, new_lm_hash, hash2.hash);
924 E_old_pw_hash(new_nt_hash, old_nt_hash, hash3.hash);
925 E_old_pw_hash(old_nt_hash, new_nt_hash, hash4.hash);
926 E_old_pw_hash(old_lm_hash, new_nt_hash, hash5.hash);
927 E_old_pw_hash(old_nt_hash, new_lm_hash, hash6.hash);
929 r.in.handle = &user_handle;
931 r.in.old_lm_crypted = &hash1;
932 r.in.new_lm_crypted = &hash2;
934 r.in.old_nt_crypted = &hash3;
935 r.in.new_nt_crypted = &hash4;
936 r.in.cross1_present = 1;
937 r.in.nt_cross = &hash5;
938 r.in.cross2_present = 1;
939 r.in.lm_cross = &hash6;
941 status = dcerpc_samr_ChangePasswordUser(p, mem_ctx, &r);
942 if (!NT_STATUS_IS_OK(status)) {
943 printf("ChangePasswordUser failed - %s\n", nt_errstr(status));
947 if (!test_samr_handle_Close(p, mem_ctx, &user_handle)) {
955 static BOOL test_ChangePasswordUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
956 const char *acct_name,
957 struct policy_handle *handle, char **password)
960 struct samr_ChangePasswordUser r;
962 struct samr_Password hash1, hash2, hash3, hash4, hash5, hash6;
963 struct policy_handle user_handle;
965 uint8_t old_nt_hash[16], new_nt_hash[16];
966 uint8_t old_lm_hash[16], new_lm_hash[16];
969 struct samr_GetUserPwInfo pwp;
970 int policy_min_pw_len = 0;
972 status = test_OpenUser_byname(p, mem_ctx, handle, acct_name, &user_handle);
973 if (!NT_STATUS_IS_OK(status)) {
976 pwp.in.user_handle = &user_handle;
978 status = dcerpc_samr_GetUserPwInfo(p, mem_ctx, &pwp);
979 if (NT_STATUS_IS_OK(status)) {
980 policy_min_pw_len = pwp.out.info.min_password_length;
982 newpass = samr_rand_pass(mem_ctx, policy_min_pw_len);
984 printf("Testing ChangePasswordUser\n");
987 printf("Failing ChangePasswordUser as old password was NULL. Previous test failed?\n");
993 E_md4hash(oldpass, old_nt_hash);
994 E_md4hash(newpass, new_nt_hash);
995 E_deshash(oldpass, old_lm_hash);
996 E_deshash(newpass, new_lm_hash);
998 E_old_pw_hash(new_lm_hash, old_lm_hash, hash1.hash);
999 E_old_pw_hash(old_lm_hash, new_lm_hash, hash2.hash);
1000 E_old_pw_hash(new_nt_hash, old_nt_hash, hash3.hash);
1001 E_old_pw_hash(old_nt_hash, new_nt_hash, hash4.hash);
1002 E_old_pw_hash(old_lm_hash, new_nt_hash, hash5.hash);
1003 E_old_pw_hash(old_nt_hash, new_lm_hash, hash6.hash);
1005 r.in.user_handle = &user_handle;
1006 r.in.lm_present = 1;
1007 r.in.old_lm_crypted = &hash1;
1008 r.in.new_lm_crypted = &hash2;
1009 r.in.nt_present = 1;
1010 r.in.old_nt_crypted = &hash3;
1011 r.in.new_nt_crypted = &hash4;
1012 r.in.cross1_present = 1;
1013 r.in.nt_cross = &hash5;
1014 r.in.cross2_present = 1;
1015 r.in.lm_cross = &hash6;
1017 status = dcerpc_samr_ChangePasswordUser(p, mem_ctx, &r);
1018 if (NT_STATUS_EQUAL(status, NT_STATUS_PASSWORD_RESTRICTION)) {
1019 printf("ChangePasswordUser returned: %s perhaps min password age? (not fatal)\n", nt_errstr(status));
1020 } else if (!NT_STATUS_IS_OK(status)) {
1021 printf("ChangePasswordUser failed - %s\n", nt_errstr(status));
1024 *password = newpass;
1027 if (!test_samr_handle_Close(p, mem_ctx, &user_handle)) {
1035 static BOOL test_OemChangePasswordUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1036 const char *acct_name,
1037 struct policy_handle *handle, char **password)
1040 struct samr_OemChangePasswordUser2 r;
1042 struct samr_Password lm_verifier;
1043 struct samr_CryptPassword lm_pass;
1044 struct lsa_AsciiString server, account, account_bad;
1047 uint8_t old_lm_hash[16], new_lm_hash[16];
1049 struct samr_GetDomPwInfo dom_pw_info;
1050 int policy_min_pw_len = 0;
1052 struct lsa_String domain_name;
1054 domain_name.string = "";
1055 dom_pw_info.in.domain_name = &domain_name;
1057 printf("Testing OemChangePasswordUser2\n");
1060 printf("Failing OemChangePasswordUser2 as old password was NULL. Previous test failed?\n");
1064 oldpass = *password;
1066 status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &dom_pw_info);
1067 if (NT_STATUS_IS_OK(status)) {
1068 policy_min_pw_len = dom_pw_info.out.info.min_password_length;
1071 newpass = samr_rand_pass(mem_ctx, policy_min_pw_len);
1073 server.string = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1074 account.string = acct_name;
1076 E_deshash(oldpass, old_lm_hash);
1077 E_deshash(newpass, new_lm_hash);
1079 encode_pw_buffer(lm_pass.data, newpass, STR_ASCII);
1080 arcfour_crypt(lm_pass.data, old_lm_hash, 516);
1081 E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash);
1083 r.in.server = &server;
1084 r.in.account = &account;
1085 r.in.password = &lm_pass;
1086 r.in.hash = &lm_verifier;
1088 /* Break the verification */
1089 lm_verifier.hash[0]++;
1091 status = dcerpc_samr_OemChangePasswordUser2(p, mem_ctx, &r);
1093 if (!NT_STATUS_EQUAL(status, NT_STATUS_PASSWORD_RESTRICTION)
1094 && !NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD)) {
1095 printf("ChangePasswordUser3 failed, should have returned WRONG_PASSWORD (or at least 'PASSWORD_RESTRICTON') for invalid password verifier - %s\n",
1100 /* This shouldn't be a valid name */
1101 account_bad.string = TEST_ACCOUNT_NAME "XX";
1102 r.in.account = &account_bad;
1104 status = dcerpc_samr_OemChangePasswordUser2(p, mem_ctx, &r);
1106 if (!NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD)) {
1107 printf("ChangePasswordUser3 failed, should have returned WRONG_PASSWORD for invalid user - %s\n",
1112 E_deshash(oldpass, old_lm_hash);
1113 E_deshash(newpass, new_lm_hash);
1115 encode_pw_buffer(lm_pass.data, newpass, STR_ASCII);
1116 arcfour_crypt(lm_pass.data, old_lm_hash, 516);
1117 E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash);
1119 r.in.server = &server;
1120 r.in.account = &account;
1121 r.in.password = &lm_pass;
1122 r.in.hash = &lm_verifier;
1124 status = dcerpc_samr_OemChangePasswordUser2(p, mem_ctx, &r);
1125 if (NT_STATUS_EQUAL(status, NT_STATUS_PASSWORD_RESTRICTION)) {
1126 printf("OemChangePasswordUser2 returned: %s perhaps min password age? (not fatal)\n", nt_errstr(status));
1127 } else if (!NT_STATUS_IS_OK(status)) {
1128 printf("OemChangePasswordUser2 failed - %s\n", nt_errstr(status));
1131 *password = newpass;
1138 static BOOL test_ChangePasswordUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1139 const char *acct_name,
1140 struct policy_handle *handle, char **password)
1143 struct samr_ChangePasswordUser2 r;
1145 struct lsa_String server, account;
1146 struct samr_CryptPassword nt_pass, lm_pass;
1147 struct samr_Password nt_verifier, lm_verifier;
1150 uint8_t old_nt_hash[16], new_nt_hash[16];
1151 uint8_t old_lm_hash[16], new_lm_hash[16];
1153 struct samr_GetDomPwInfo dom_pw_info;
1154 int policy_min_pw_len = 0;
1156 struct lsa_String domain_name;
1159 domain_name.string = "";
1160 dom_pw_info.in.domain_name = &domain_name;
1162 printf("Testing ChangePasswordUser2\n");
1165 printf("Failing ChangePasswordUser3 as old password was NULL. Previous test failed?\n");
1168 oldpass = *password;
1170 status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &dom_pw_info);
1171 if (NT_STATUS_IS_OK(status)) {
1172 policy_min_pw_len = dom_pw_info.out.info.min_password_length;
1175 newpass = samr_rand_pass(mem_ctx, policy_min_pw_len);
1177 server.string = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1178 init_lsa_String(&account, acct_name);
1180 E_md4hash(oldpass, old_nt_hash);
1181 E_md4hash(newpass, new_nt_hash);
1183 E_deshash(oldpass, old_lm_hash);
1184 E_deshash(newpass, new_lm_hash);
1186 encode_pw_buffer(lm_pass.data, newpass, STR_ASCII|STR_TERMINATE);
1187 arcfour_crypt(lm_pass.data, old_lm_hash, 516);
1188 E_old_pw_hash(new_nt_hash, old_lm_hash, lm_verifier.hash);
1190 encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE);
1191 arcfour_crypt(nt_pass.data, old_nt_hash, 516);
1192 E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash);
1194 r.in.server = &server;
1195 r.in.account = &account;
1196 r.in.nt_password = &nt_pass;
1197 r.in.nt_verifier = &nt_verifier;
1199 r.in.lm_password = &lm_pass;
1200 r.in.lm_verifier = &lm_verifier;
1202 status = dcerpc_samr_ChangePasswordUser2(p, mem_ctx, &r);
1203 if (NT_STATUS_EQUAL(status, NT_STATUS_PASSWORD_RESTRICTION)) {
1204 printf("ChangePasswordUser2 returned: %s perhaps min password age? (not fatal)\n", nt_errstr(status));
1205 } else if (!NT_STATUS_IS_OK(status)) {
1206 printf("ChangePasswordUser2 failed - %s\n", nt_errstr(status));
1209 *password = newpass;
1216 BOOL test_ChangePasswordUser3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1217 const char *account_string,
1218 int policy_min_pw_len,
1220 const char *newpass,
1221 NTTIME last_password_change,
1222 BOOL handle_reject_reason)
1225 struct samr_ChangePasswordUser3 r;
1227 struct lsa_String server, account, account_bad;
1228 struct samr_CryptPassword nt_pass, lm_pass;
1229 struct samr_Password nt_verifier, lm_verifier;
1231 uint8_t old_nt_hash[16], new_nt_hash[16];
1232 uint8_t old_lm_hash[16], new_lm_hash[16];
1235 printf("Testing ChangePasswordUser3\n");
1237 if (newpass == NULL) {
1238 if (policy_min_pw_len == 0) {
1239 newpass = samr_rand_pass(mem_ctx, policy_min_pw_len);
1241 newpass = samr_rand_pass_fixed_len(mem_ctx, policy_min_pw_len);
1244 printf("Using password '%s'\n", newpass);
1248 printf("Failing ChangePasswordUser3 as old password was NULL. Previous test failed?\n");
1252 oldpass = *password;
1253 server.string = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
1254 init_lsa_String(&account, account_string);
1256 E_md4hash(oldpass, old_nt_hash);
1257 E_md4hash(newpass, new_nt_hash);
1259 E_deshash(oldpass, old_lm_hash);
1260 E_deshash(newpass, new_lm_hash);
1262 encode_pw_buffer(lm_pass.data, newpass, STR_UNICODE);
1263 arcfour_crypt(lm_pass.data, old_nt_hash, 516);
1264 E_old_pw_hash(new_nt_hash, old_lm_hash, lm_verifier.hash);
1266 encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE);
1267 arcfour_crypt(nt_pass.data, old_nt_hash, 516);
1268 E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash);
1270 /* Break the verification */
1271 nt_verifier.hash[0]++;
1273 r.in.server = &server;
1274 r.in.account = &account;
1275 r.in.nt_password = &nt_pass;
1276 r.in.nt_verifier = &nt_verifier;
1278 r.in.lm_password = &lm_pass;
1279 r.in.lm_verifier = &lm_verifier;
1280 r.in.password3 = NULL;
1282 status = dcerpc_samr_ChangePasswordUser3(p, mem_ctx, &r);
1283 if (!NT_STATUS_EQUAL(status, NT_STATUS_PASSWORD_RESTRICTION) &&
1284 (!NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD))) {
1285 printf("ChangePasswordUser3 failed, should have returned WRONG_PASSWORD (or at least 'PASSWORD_RESTRICTON') for invalid password verifier - %s\n",
1290 /* This shouldn't be a valid name */
1291 init_lsa_String(&account_bad, talloc_asprintf(mem_ctx, "%sXX", account_string));
1293 r.in.account = &account_bad;
1294 status = dcerpc_samr_ChangePasswordUser3(p, mem_ctx, &r);
1295 if (!NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD)) {
1296 printf("ChangePasswordUser3 failed, should have returned WRONG_PASSWORD for invalid username - %s\n",
1301 E_md4hash(oldpass, old_nt_hash);
1302 E_md4hash(newpass, new_nt_hash);
1304 E_deshash(oldpass, old_lm_hash);
1305 E_deshash(newpass, new_lm_hash);
1307 encode_pw_buffer(lm_pass.data, newpass, STR_UNICODE);
1308 arcfour_crypt(lm_pass.data, old_nt_hash, 516);
1309 E_old_pw_hash(new_nt_hash, old_lm_hash, lm_verifier.hash);
1311 encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE);
1312 arcfour_crypt(nt_pass.data, old_nt_hash, 516);
1313 E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash);
1315 r.in.server = &server;
1316 r.in.account = &account;
1317 r.in.nt_password = &nt_pass;
1318 r.in.nt_verifier = &nt_verifier;
1320 r.in.lm_password = &lm_pass;
1321 r.in.lm_verifier = &lm_verifier;
1322 r.in.password3 = NULL;
1324 unix_to_nt_time(&t, time(NULL));
1326 status = dcerpc_samr_ChangePasswordUser3(p, mem_ctx, &r);
1328 if (NT_STATUS_EQUAL(status, NT_STATUS_PASSWORD_RESTRICTION) &&
1329 r.out.dominfo && r.out.reject && handle_reject_reason) {
1331 if (r.out.dominfo->password_properties & DOMAIN_REFUSE_PASSWORD_CHANGE ) {
1333 if (r.out.reject && (r.out.reject->reason != SAMR_REJECT_OTHER)) {
1334 printf("expected SAMR_REJECT_OTHER (%d), got %d\n",
1335 SAMR_REJECT_OTHER, r.out.reject->reason);
1340 /* We tested the order of precendence which is as follows:
1349 if ((r.out.dominfo->min_password_age > 0) && !null_nttime(last_password_change) &&
1350 (last_password_change + r.out.dominfo->min_password_age > t)) {
1352 if (r.out.reject->reason != SAMR_REJECT_OTHER) {
1353 printf("expected SAMR_REJECT_OTHER (%d), got %d\n",
1354 SAMR_REJECT_OTHER, r.out.reject->reason);
1358 } else if ((r.out.dominfo->min_password_length > 0) &&
1359 (strlen(newpass) < r.out.dominfo->min_password_length)) {
1361 if (r.out.reject->reason != SAMR_REJECT_TOO_SHORT) {
1362 printf("expected SAMR_REJECT_TOO_SHORT (%d), got %d\n",
1363 SAMR_REJECT_TOO_SHORT, r.out.reject->reason);
1367 } else if (r.out.dominfo->password_properties & DOMAIN_PASSWORD_COMPLEX) {
1369 if (r.out.reject->reason != SAMR_REJECT_COMPLEXITY) {
1370 printf("expected SAMR_REJECT_COMPLEXITY (%d), got %d\n",
1371 SAMR_REJECT_COMPLEXITY, r.out.reject->reason);
1375 } else if ((r.out.dominfo->password_history_length > 0) &&
1376 strequal(oldpass, newpass)) {
1378 if (r.out.reject->reason != SAMR_REJECT_IN_HISTORY) {
1379 printf("expected SAMR_REJECT_IN_HISTORY (%d), got %d\n",
1380 SAMR_REJECT_IN_HISTORY, r.out.reject->reason);
1385 if (r.out.reject->reason == SAMR_REJECT_TOO_SHORT) {
1386 /* retry with adjusted size */
1387 return test_ChangePasswordUser3(p, mem_ctx, account_string,
1388 r.out.dominfo->min_password_length,
1389 password, NULL, 0, False);
1393 } else if (!NT_STATUS_IS_OK(status)) {
1394 printf("ChangePasswordUser3 failed - %s\n", nt_errstr(status));
1397 *password = talloc_strdup(mem_ctx, newpass);
1404 static BOOL test_GetMembersInAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1405 struct policy_handle *alias_handle)
1407 struct samr_GetMembersInAlias r;
1408 struct lsa_SidArray sids;
1412 printf("Testing GetMembersInAlias\n");
1414 r.in.alias_handle = alias_handle;
1417 status = dcerpc_samr_GetMembersInAlias(p, mem_ctx, &r);
1418 if (!NT_STATUS_IS_OK(status)) {
1419 printf("GetMembersInAlias failed - %s\n",
1427 static BOOL test_AddMemberToAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1428 struct policy_handle *alias_handle,
1429 const struct dom_sid *domain_sid)
1431 struct samr_AddAliasMember r;
1432 struct samr_DeleteAliasMember d;
1435 struct dom_sid *sid;
1437 sid = dom_sid_add_rid(mem_ctx, domain_sid, 512);
1439 printf("testing AddAliasMember\n");
1440 r.in.alias_handle = alias_handle;
1443 status = dcerpc_samr_AddAliasMember(p, mem_ctx, &r);
1444 if (!NT_STATUS_IS_OK(status)) {
1445 printf("AddAliasMember failed - %s\n", nt_errstr(status));
1449 d.in.alias_handle = alias_handle;
1452 status = dcerpc_samr_DeleteAliasMember(p, mem_ctx, &d);
1453 if (!NT_STATUS_IS_OK(status)) {
1454 printf("DelAliasMember failed - %s\n", nt_errstr(status));
1461 static BOOL test_AddMultipleMembersToAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1462 struct policy_handle *alias_handle)
1464 struct samr_AddMultipleMembersToAlias a;
1465 struct samr_RemoveMultipleMembersFromAlias r;
1468 struct lsa_SidArray sids;
1470 printf("testing AddMultipleMembersToAlias\n");
1471 a.in.alias_handle = alias_handle;
1475 sids.sids = talloc_array(mem_ctx, struct lsa_SidPtr, 3);
1477 sids.sids[0].sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-1-2-3-1");
1478 sids.sids[1].sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-1-2-3-2");
1479 sids.sids[2].sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-1-2-3-3");
1481 status = dcerpc_samr_AddMultipleMembersToAlias(p, mem_ctx, &a);
1482 if (!NT_STATUS_IS_OK(status)) {
1483 printf("AddMultipleMembersToAlias failed - %s\n", nt_errstr(status));
1488 printf("testing RemoveMultipleMembersFromAlias\n");
1489 r.in.alias_handle = alias_handle;
1492 status = dcerpc_samr_RemoveMultipleMembersFromAlias(p, mem_ctx, &r);
1493 if (!NT_STATUS_IS_OK(status)) {
1494 printf("RemoveMultipleMembersFromAlias failed - %s\n", nt_errstr(status));
1498 /* strange! removing twice doesn't give any error */
1499 status = dcerpc_samr_RemoveMultipleMembersFromAlias(p, mem_ctx, &r);
1500 if (!NT_STATUS_IS_OK(status)) {
1501 printf("RemoveMultipleMembersFromAlias failed - %s\n", nt_errstr(status));
1505 /* but removing an alias that isn't there does */
1506 sids.sids[2].sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-1-2-3-4");
1508 status = dcerpc_samr_RemoveMultipleMembersFromAlias(p, mem_ctx, &r);
1509 if (!NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_NOT_FOUND, status)) {
1510 printf("RemoveMultipleMembersFromAlias failed - %s\n", nt_errstr(status));
1517 static BOOL test_TestPrivateFunctionsUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1518 struct policy_handle *user_handle)
1520 struct samr_TestPrivateFunctionsUser r;
1524 printf("Testing TestPrivateFunctionsUser\n");
1526 r.in.user_handle = user_handle;
1528 status = dcerpc_samr_TestPrivateFunctionsUser(p, mem_ctx, &r);
1529 if (!NT_STATUS_EQUAL(NT_STATUS_NOT_IMPLEMENTED, status)) {
1530 printf("TestPrivateFunctionsUser failed - %s\n", nt_errstr(status));
1538 static BOOL test_user_ops(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1539 struct policy_handle *user_handle,
1540 struct policy_handle *domain_handle,
1541 uint32_t base_acct_flags,
1542 const char *base_acct_name, enum torture_samr_choice which_ops)
1544 TALLOC_CTX *user_ctx;
1545 char *password = NULL;
1549 const uint32_t password_fields[] = {
1550 SAMR_FIELD_PASSWORD,
1551 SAMR_FIELD_PASSWORD2,
1552 SAMR_FIELD_PASSWORD | SAMR_FIELD_PASSWORD2,
1556 user_ctx = talloc_named(mem_ctx, 0, "test_user_ops per-user context");
1557 switch (which_ops) {
1558 case TORTURE_SAMR_USER_ATTRIBUTES:
1559 if (!test_QuerySecurity(p, user_ctx, user_handle)) {
1563 if (!test_QueryUserInfo(p, user_ctx, user_handle)) {
1567 if (!test_QueryUserInfo2(p, user_ctx, user_handle)) {
1571 if (!test_SetUserInfo(p, user_ctx, user_handle, base_acct_flags,
1576 if (!test_GetUserPwInfo(p, user_ctx, user_handle)) {
1580 if (!test_TestPrivateFunctionsUser(p, user_ctx, user_handle)) {
1584 if (!test_SetUserPass(p, user_ctx, user_handle, &password)) {
1588 case TORTURE_SAMR_PASSWORDS:
1589 for (i = 0; password_fields[i]; i++) {
1590 if (!test_SetUserPass_23(p, user_ctx, user_handle, password_fields[i], &password)) {
1594 /* check it was set right */
1595 if (!test_ChangePasswordUser3(p, user_ctx, base_acct_name, 0, &password, NULL, 0, False)) {
1600 for (i = 0; password_fields[i]; i++) {
1601 if (!test_SetUserPass_25(p, user_ctx, user_handle, password_fields[i], &password)) {
1605 /* check it was set right */
1606 if (!test_ChangePasswordUser3(p, user_ctx, base_acct_name, 0, &password, NULL, 0, False)) {
1611 if (!test_SetUserPassEx(p, user_ctx, user_handle, &password)) {
1615 if (!test_ChangePassword(p, user_ctx, base_acct_name, domain_handle, &password)) {
1619 case TORTURE_SAMR_OTHER:
1620 /* We just need the account to exist */
1623 talloc_free(user_ctx);
1627 static BOOL test_alias_ops(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1628 struct policy_handle *alias_handle,
1629 const struct dom_sid *domain_sid)
1633 if (!test_QuerySecurity(p, mem_ctx, alias_handle)) {
1637 if (!test_QueryAliasInfo(p, mem_ctx, alias_handle)) {
1641 if (!test_SetAliasInfo(p, mem_ctx, alias_handle)) {
1645 if (!test_AddMemberToAlias(p, mem_ctx, alias_handle, domain_sid)) {
1649 if (lp_parm_bool(-1, "target", "samba4", False)) {
1650 printf("skipping MultipleMembers Alias tests against Samba4\n");
1654 if (!test_AddMultipleMembersToAlias(p, mem_ctx, alias_handle)) {
1662 static BOOL test_DeleteUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1663 struct policy_handle *user_handle)
1665 struct samr_DeleteUser d;
1668 printf("Testing DeleteUser\n");
1670 d.in.user_handle = user_handle;
1671 d.out.user_handle = user_handle;
1673 status = dcerpc_samr_DeleteUser(p, mem_ctx, &d);
1674 if (!NT_STATUS_IS_OK(status)) {
1675 printf("DeleteUser failed - %s\n", nt_errstr(status));
1682 BOOL test_DeleteUser_byname(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1683 struct policy_handle *handle, const char *name)
1686 struct samr_DeleteUser d;
1687 struct policy_handle user_handle;
1690 status = test_LookupName(p, mem_ctx, handle, name, &rid);
1691 if (!NT_STATUS_IS_OK(status)) {
1695 status = test_OpenUser_byname(p, mem_ctx, handle, name, &user_handle);
1696 if (!NT_STATUS_IS_OK(status)) {
1700 d.in.user_handle = &user_handle;
1701 d.out.user_handle = &user_handle;
1702 status = dcerpc_samr_DeleteUser(p, mem_ctx, &d);
1703 if (!NT_STATUS_IS_OK(status)) {
1710 printf("DeleteUser_byname(%s) failed - %s\n", name, nt_errstr(status));
1715 static BOOL test_DeleteGroup_byname(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1716 struct policy_handle *handle, const char *name)
1719 struct samr_OpenGroup r;
1720 struct samr_DeleteDomainGroup d;
1721 struct policy_handle group_handle;
1724 status = test_LookupName(p, mem_ctx, handle, name, &rid);
1725 if (!NT_STATUS_IS_OK(status)) {
1729 r.in.domain_handle = handle;
1730 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1732 r.out.group_handle = &group_handle;
1733 status = dcerpc_samr_OpenGroup(p, mem_ctx, &r);
1734 if (!NT_STATUS_IS_OK(status)) {
1738 d.in.group_handle = &group_handle;
1739 d.out.group_handle = &group_handle;
1740 status = dcerpc_samr_DeleteDomainGroup(p, mem_ctx, &d);
1741 if (!NT_STATUS_IS_OK(status)) {
1748 printf("DeleteGroup_byname(%s) failed - %s\n", name, nt_errstr(status));
1753 static BOOL test_DeleteAlias_byname(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1754 struct policy_handle *domain_handle, const char *name)
1757 struct samr_OpenAlias r;
1758 struct samr_DeleteDomAlias d;
1759 struct policy_handle alias_handle;
1762 printf("testing DeleteAlias_byname\n");
1764 status = test_LookupName(p, mem_ctx, domain_handle, name, &rid);
1765 if (!NT_STATUS_IS_OK(status)) {
1769 r.in.domain_handle = domain_handle;
1770 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1772 r.out.alias_handle = &alias_handle;
1773 status = dcerpc_samr_OpenAlias(p, mem_ctx, &r);
1774 if (!NT_STATUS_IS_OK(status)) {
1778 d.in.alias_handle = &alias_handle;
1779 d.out.alias_handle = &alias_handle;
1780 status = dcerpc_samr_DeleteDomAlias(p, mem_ctx, &d);
1781 if (!NT_STATUS_IS_OK(status)) {
1788 printf("DeleteAlias_byname(%s) failed - %s\n", name, nt_errstr(status));
1792 static BOOL test_DeleteAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1793 struct policy_handle *alias_handle)
1795 struct samr_DeleteDomAlias d;
1798 printf("Testing DeleteAlias\n");
1800 d.in.alias_handle = alias_handle;
1801 d.out.alias_handle = alias_handle;
1803 status = dcerpc_samr_DeleteDomAlias(p, mem_ctx, &d);
1804 if (!NT_STATUS_IS_OK(status)) {
1805 printf("DeleteAlias failed - %s\n", nt_errstr(status));
1812 static BOOL test_CreateAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1813 struct policy_handle *domain_handle,
1814 struct policy_handle *alias_handle,
1815 const struct dom_sid *domain_sid)
1818 struct samr_CreateDomAlias r;
1819 struct lsa_String name;
1823 init_lsa_String(&name, TEST_ALIASNAME);
1824 r.in.domain_handle = domain_handle;
1825 r.in.alias_name = &name;
1826 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1827 r.out.alias_handle = alias_handle;
1830 printf("Testing CreateAlias (%s)\n", r.in.alias_name->string);
1832 status = dcerpc_samr_CreateDomAlias(p, mem_ctx, &r);
1834 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
1835 printf("Server refused create of '%s'\n", r.in.alias_name->string);
1839 if (NT_STATUS_EQUAL(status, NT_STATUS_ALIAS_EXISTS)) {
1840 if (!test_DeleteAlias_byname(p, mem_ctx, domain_handle, r.in.alias_name->string)) {
1843 status = dcerpc_samr_CreateDomAlias(p, mem_ctx, &r);
1846 if (!NT_STATUS_IS_OK(status)) {
1847 printf("CreateAlias failed - %s\n", nt_errstr(status));
1851 if (!test_alias_ops(p, mem_ctx, alias_handle, domain_sid)) {
1858 static BOOL test_ChangePassword(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1859 const char *acct_name,
1860 struct policy_handle *domain_handle, char **password)
1868 if (!test_ChangePasswordUser(p, mem_ctx, acct_name, domain_handle, password)) {
1872 if (!test_ChangePasswordUser2(p, mem_ctx, acct_name, domain_handle, password)) {
1876 if (!test_OemChangePasswordUser2(p, mem_ctx, acct_name, domain_handle, password)) {
1880 /* test what happens when setting the old password again */
1881 if (!test_ChangePasswordUser3(p, mem_ctx, acct_name, 0, password, *password, 0, True)) {
1886 char simple_pass[9];
1887 char v = (char)random();
1890 for (i=0; i <ARRAY_SIZE(simple_pass); i++) {
1893 simple_pass[i] = '\0';
1895 /* test what happens when picking a simple password */
1896 if (!test_ChangePasswordUser3(p, mem_ctx, acct_name, 0, password, simple_pass, 0, True)) {
1901 /* set samr_SetDomainInfo level 1 with min_length 5 */
1903 struct samr_QueryDomainInfo r;
1904 struct samr_SetDomainInfo s;
1905 uint16_t len_old, len;
1910 r.in.domain_handle = domain_handle;
1913 printf("testing samr_QueryDomainInfo level 1\n");
1914 status = dcerpc_samr_QueryDomainInfo(p, mem_ctx, &r);
1915 if (!NT_STATUS_IS_OK(status)) {
1919 s.in.domain_handle = domain_handle;
1921 s.in.info = r.out.info;
1923 len_old = s.in.info->info1.min_password_length;
1924 s.in.info->info1.min_password_length = len;
1926 printf("testing samr_SetDomainInfo level 1\n");
1927 status = dcerpc_samr_SetDomainInfo(p, mem_ctx, &s);
1928 if (!NT_STATUS_IS_OK(status)) {
1932 printf("calling test_ChangePasswordUser3 with too short password\n");
1934 if (!test_ChangePasswordUser3(p, mem_ctx, acct_name, len - 1, password, NULL, 0, True)) {
1938 s.in.info->info1.min_password_length = len_old;
1940 printf("testing samr_SetDomainInfo level 1\n");
1941 status = dcerpc_samr_SetDomainInfo(p, mem_ctx, &s);
1942 if (!NT_STATUS_IS_OK(status)) {
1950 struct samr_OpenUser r;
1951 struct samr_QueryUserInfo q;
1952 struct samr_LookupNames n;
1953 struct policy_handle user_handle;
1955 n.in.domain_handle = domain_handle;
1957 n.in.names = talloc_array(mem_ctx, struct lsa_String, 1);
1958 n.in.names[0].string = acct_name;
1960 status = dcerpc_samr_LookupNames(p, mem_ctx, &n);
1961 if (!NT_STATUS_IS_OK(status)) {
1962 printf("LookupNames failed - %s\n", nt_errstr(status));
1966 r.in.domain_handle = domain_handle;
1967 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1968 r.in.rid = n.out.rids.ids[0];
1969 r.out.user_handle = &user_handle;
1971 status = dcerpc_samr_OpenUser(p, mem_ctx, &r);
1972 if (!NT_STATUS_IS_OK(status)) {
1973 printf("OpenUser(%u) failed - %s\n", n.out.rids.ids[0], nt_errstr(status));
1977 q.in.user_handle = &user_handle;
1980 status = dcerpc_samr_QueryUserInfo(p, mem_ctx, &q);
1981 if (!NT_STATUS_IS_OK(status)) {
1982 printf("QueryUserInfo failed - %s\n", nt_errstr(status));
1986 printf("calling test_ChangePasswordUser3 with too early password change\n");
1988 if (!test_ChangePasswordUser3(p, mem_ctx, acct_name, 0, password, NULL,
1989 q.out.info->info5.last_password_change, True)) {
1996 /* we change passwords twice - this has the effect of verifying
1997 they were changed correctly for the final call */
1998 if (!test_ChangePasswordUser3(p, mem_ctx, acct_name, 0, password, NULL, 0, True)) {
2002 if (!test_ChangePasswordUser3(p, mem_ctx, acct_name, 0, password, NULL, 0, True)) {
2009 static BOOL test_CreateUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2010 struct policy_handle *domain_handle,
2011 struct policy_handle *user_handle_out,
2012 enum torture_samr_choice which_ops)
2015 TALLOC_CTX *user_ctx;
2018 struct samr_CreateUser r;
2019 struct samr_QueryUserInfo q;
2020 struct samr_DeleteUser d;
2023 /* This call creates a 'normal' account - check that it really does */
2024 const uint32_t acct_flags = ACB_NORMAL;
2025 struct lsa_String name;
2028 struct policy_handle user_handle;
2029 user_ctx = talloc_named(mem_ctx, 0, "test_CreateUser2 per-user context");
2030 init_lsa_String(&name, TEST_ACCOUNT_NAME);
2032 r.in.domain_handle = domain_handle;
2033 r.in.account_name = &name;
2034 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
2035 r.out.user_handle = &user_handle;
2038 printf("Testing CreateUser(%s)\n", r.in.account_name->string);
2040 status = dcerpc_samr_CreateUser(p, user_ctx, &r);
2042 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
2043 printf("Server refused create of '%s': %s\n", r.in.account_name->string, nt_errstr(status));
2044 talloc_free(user_ctx);
2048 if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
2049 if (!test_DeleteUser_byname(p, user_ctx, domain_handle, r.in.account_name->string)) {
2050 talloc_free(user_ctx);
2053 status = dcerpc_samr_CreateUser(p, user_ctx, &r);
2055 if (!NT_STATUS_IS_OK(status)) {
2056 talloc_free(user_ctx);
2057 printf("CreateUser failed - %s\n", nt_errstr(status));
2060 q.in.user_handle = &user_handle;
2063 status = dcerpc_samr_QueryUserInfo(p, user_ctx, &q);
2064 if (!NT_STATUS_IS_OK(status)) {
2065 printf("QueryUserInfo level %u failed - %s\n",
2066 q.in.level, nt_errstr(status));
2069 if ((q.out.info->info16.acct_flags & acct_flags) != acct_flags) {
2070 printf("QuerUserInfo level 16 failed, it returned 0x%08x when we expected flags of 0x%08x\n",
2071 q.out.info->info16.acct_flags,
2077 if (!test_user_ops(p, user_ctx, &user_handle, domain_handle,
2078 acct_flags, name.string, which_ops)) {
2082 if (user_handle_out) {
2083 *user_handle_out = user_handle;
2085 printf("Testing DeleteUser (createuser test)\n");
2087 d.in.user_handle = &user_handle;
2088 d.out.user_handle = &user_handle;
2090 status = dcerpc_samr_DeleteUser(p, user_ctx, &d);
2091 if (!NT_STATUS_IS_OK(status)) {
2092 printf("DeleteUser failed - %s\n", nt_errstr(status));
2099 talloc_free(user_ctx);
2105 static BOOL test_CreateUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2106 struct policy_handle *domain_handle, enum torture_samr_choice which_ops)
2109 struct samr_CreateUser2 r;
2110 struct samr_QueryUserInfo q;
2111 struct samr_DeleteUser d;
2112 struct policy_handle user_handle;
2114 struct lsa_String name;
2119 uint32_t acct_flags;
2120 const char *account_name;
2122 } account_types[] = {
2123 { ACB_NORMAL, TEST_ACCOUNT_NAME, NT_STATUS_OK },
2124 { ACB_NORMAL | ACB_DISABLED, TEST_ACCOUNT_NAME, NT_STATUS_INVALID_PARAMETER },
2125 { ACB_NORMAL | ACB_PWNOEXP, TEST_ACCOUNT_NAME, NT_STATUS_INVALID_PARAMETER },
2126 { ACB_WSTRUST, TEST_MACHINENAME, NT_STATUS_OK },
2127 { ACB_WSTRUST | ACB_DISABLED, TEST_MACHINENAME, NT_STATUS_INVALID_PARAMETER },
2128 { ACB_WSTRUST | ACB_PWNOEXP, TEST_MACHINENAME, NT_STATUS_INVALID_PARAMETER },
2129 { ACB_SVRTRUST, TEST_MACHINENAME, NT_STATUS_OK },
2130 { ACB_SVRTRUST | ACB_DISABLED, TEST_MACHINENAME, NT_STATUS_INVALID_PARAMETER },
2131 { ACB_SVRTRUST | ACB_PWNOEXP, TEST_MACHINENAME, NT_STATUS_INVALID_PARAMETER },
2132 { ACB_DOMTRUST, TEST_DOMAINNAME, NT_STATUS_OK },
2133 { ACB_DOMTRUST | ACB_DISABLED, TEST_DOMAINNAME, NT_STATUS_INVALID_PARAMETER },
2134 { ACB_DOMTRUST | ACB_PWNOEXP, TEST_DOMAINNAME, NT_STATUS_INVALID_PARAMETER },
2135 { 0, TEST_ACCOUNT_NAME, NT_STATUS_INVALID_PARAMETER },
2136 { ACB_DISABLED, TEST_ACCOUNT_NAME, NT_STATUS_INVALID_PARAMETER },
2137 { 0, NULL, NT_STATUS_INVALID_PARAMETER }
2140 for (i = 0; account_types[i].account_name; i++) {
2141 TALLOC_CTX *user_ctx;
2142 uint32_t acct_flags = account_types[i].acct_flags;
2143 uint32_t access_granted;
2144 user_ctx = talloc_named(mem_ctx, 0, "test_CreateUser2 per-user context");
2145 init_lsa_String(&name, account_types[i].account_name);
2147 r.in.domain_handle = domain_handle;
2148 r.in.account_name = &name;
2149 r.in.acct_flags = acct_flags;
2150 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
2151 r.out.user_handle = &user_handle;
2152 r.out.access_granted = &access_granted;
2155 printf("Testing CreateUser2(%s, 0x%x)\n", r.in.account_name->string, acct_flags);
2157 status = dcerpc_samr_CreateUser2(p, user_ctx, &r);
2159 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
2160 talloc_free(user_ctx);
2161 printf("Server refused create of '%s'\n", r.in.account_name->string);
2164 } else if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
2165 if (!test_DeleteUser_byname(p, user_ctx, domain_handle, r.in.account_name->string)) {
2166 talloc_free(user_ctx);
2170 status = dcerpc_samr_CreateUser2(p, user_ctx, &r);
2173 if (!NT_STATUS_EQUAL(status, account_types[i].nt_status)) {
2174 printf("CreateUser2 failed gave incorrect error return - %s (should be %s)\n",
2175 nt_errstr(status), nt_errstr(account_types[i].nt_status));
2179 if (NT_STATUS_IS_OK(status)) {
2180 q.in.user_handle = &user_handle;
2183 status = dcerpc_samr_QueryUserInfo(p, user_ctx, &q);
2184 if (!NT_STATUS_IS_OK(status)) {
2185 printf("QueryUserInfo level %u failed - %s\n",
2186 q.in.level, nt_errstr(status));
2189 if ((q.out.info->info16.acct_flags & acct_flags) != acct_flags) {
2190 printf("QuerUserInfo level 16 failed, it returned 0x%08x when we expected flags of 0x%08x\n",
2191 q.out.info->info16.acct_flags,
2197 if (!test_user_ops(p, user_ctx, &user_handle, domain_handle,
2198 acct_flags, name.string, which_ops)) {
2202 printf("Testing DeleteUser (createuser2 test)\n");
2204 d.in.user_handle = &user_handle;
2205 d.out.user_handle = &user_handle;
2207 status = dcerpc_samr_DeleteUser(p, user_ctx, &d);
2208 if (!NT_STATUS_IS_OK(status)) {
2209 printf("DeleteUser failed - %s\n", nt_errstr(status));
2213 talloc_free(user_ctx);
2219 static BOOL test_QueryAliasInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2220 struct policy_handle *handle)
2223 struct samr_QueryAliasInfo r;
2224 uint16_t levels[] = {1, 2, 3};
2228 for (i=0;i<ARRAY_SIZE(levels);i++) {
2229 printf("Testing QueryAliasInfo level %u\n", levels[i]);
2231 r.in.alias_handle = handle;
2232 r.in.level = levels[i];
2234 status = dcerpc_samr_QueryAliasInfo(p, mem_ctx, &r);
2235 if (!NT_STATUS_IS_OK(status)) {
2236 printf("QueryAliasInfo level %u failed - %s\n",
2237 levels[i], nt_errstr(status));
2245 static BOOL test_QueryGroupInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2246 struct policy_handle *handle)
2249 struct samr_QueryGroupInfo r;
2250 uint16_t levels[] = {1, 2, 3, 4, 5};
2254 for (i=0;i<ARRAY_SIZE(levels);i++) {
2255 printf("Testing QueryGroupInfo level %u\n", levels[i]);
2257 r.in.group_handle = handle;
2258 r.in.level = levels[i];
2260 status = dcerpc_samr_QueryGroupInfo(p, mem_ctx, &r);
2261 if (!NT_STATUS_IS_OK(status)) {
2262 printf("QueryGroupInfo level %u failed - %s\n",
2263 levels[i], nt_errstr(status));
2271 static BOOL test_QueryGroupMember(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2272 struct policy_handle *handle)
2275 struct samr_QueryGroupMember r;
2278 printf("Testing QueryGroupMember\n");
2280 r.in.group_handle = handle;
2282 status = dcerpc_samr_QueryGroupMember(p, mem_ctx, &r);
2283 if (!NT_STATUS_IS_OK(status)) {
2284 printf("QueryGroupInfo failed - %s\n", nt_errstr(status));
2292 static BOOL test_SetGroupInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2293 struct policy_handle *handle)
2296 struct samr_QueryGroupInfo r;
2297 struct samr_SetGroupInfo s;
2298 uint16_t levels[] = {1, 2, 3, 4};
2299 uint16_t set_ok[] = {0, 1, 1, 1};
2303 for (i=0;i<ARRAY_SIZE(levels);i++) {
2304 printf("Testing QueryGroupInfo level %u\n", levels[i]);
2306 r.in.group_handle = handle;
2307 r.in.level = levels[i];
2309 status = dcerpc_samr_QueryGroupInfo(p, mem_ctx, &r);
2310 if (!NT_STATUS_IS_OK(status)) {
2311 printf("QueryGroupInfo level %u failed - %s\n",
2312 levels[i], nt_errstr(status));
2316 printf("Testing SetGroupInfo level %u\n", levels[i]);
2318 s.in.group_handle = handle;
2319 s.in.level = levels[i];
2320 s.in.info = r.out.info;
2323 /* disabled this, as it changes the name only from the point of view of samr,
2324 but leaves the name from the point of view of w2k3 internals (and ldap). This means
2325 the name is still reserved, so creating the old name fails, but deleting by the old name
2327 if (s.in.level == 2) {
2328 init_lsa_String(&s.in.info->string, "NewName");
2332 if (s.in.level == 4) {
2333 init_lsa_String(&s.in.info->description, "test description");
2336 status = dcerpc_samr_SetGroupInfo(p, mem_ctx, &s);
2338 if (!NT_STATUS_IS_OK(status)) {
2339 printf("SetGroupInfo level %u failed - %s\n",
2340 r.in.level, nt_errstr(status));
2345 if (!NT_STATUS_EQUAL(NT_STATUS_INVALID_INFO_CLASS, status)) {
2346 printf("SetGroupInfo level %u gave %s - should have been NT_STATUS_INVALID_INFO_CLASS\n",
2347 r.in.level, nt_errstr(status));
2357 static BOOL test_QueryUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2358 struct policy_handle *handle)
2361 struct samr_QueryUserInfo r;
2362 uint16_t levels[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10,
2363 11, 12, 13, 14, 16, 17, 20, 21};
2367 for (i=0;i<ARRAY_SIZE(levels);i++) {
2368 printf("Testing QueryUserInfo level %u\n", levels[i]);
2370 r.in.user_handle = handle;
2371 r.in.level = levels[i];
2373 status = dcerpc_samr_QueryUserInfo(p, mem_ctx, &r);
2374 if (!NT_STATUS_IS_OK(status)) {
2375 printf("QueryUserInfo level %u failed - %s\n",
2376 levels[i], nt_errstr(status));
2384 static BOOL test_QueryUserInfo2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2385 struct policy_handle *handle)
2388 struct samr_QueryUserInfo2 r;
2389 uint16_t levels[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10,
2390 11, 12, 13, 14, 16, 17, 20, 21};
2394 for (i=0;i<ARRAY_SIZE(levels);i++) {
2395 printf("Testing QueryUserInfo2 level %u\n", levels[i]);
2397 r.in.user_handle = handle;
2398 r.in.level = levels[i];
2400 status = dcerpc_samr_QueryUserInfo2(p, mem_ctx, &r);
2401 if (!NT_STATUS_IS_OK(status)) {
2402 printf("QueryUserInfo2 level %u failed - %s\n",
2403 levels[i], nt_errstr(status));
2411 static BOOL test_OpenUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2412 struct policy_handle *handle, uint32_t rid)
2415 struct samr_OpenUser r;
2416 struct policy_handle user_handle;
2419 printf("Testing OpenUser(%u)\n", rid);
2421 r.in.domain_handle = handle;
2422 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
2424 r.out.user_handle = &user_handle;
2426 status = dcerpc_samr_OpenUser(p, mem_ctx, &r);
2427 if (!NT_STATUS_IS_OK(status)) {
2428 printf("OpenUser(%u) failed - %s\n", rid, nt_errstr(status));
2432 if (!test_QuerySecurity(p, mem_ctx, &user_handle)) {
2436 if (!test_QueryUserInfo(p, mem_ctx, &user_handle)) {
2440 if (!test_QueryUserInfo2(p, mem_ctx, &user_handle)) {
2444 if (!test_GetUserPwInfo(p, mem_ctx, &user_handle)) {
2448 if (!test_GetGroupsForUser(p,mem_ctx, &user_handle)) {
2452 if (!test_samr_handle_Close(p, mem_ctx, &user_handle)) {
2459 static BOOL test_OpenGroup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2460 struct policy_handle *handle, uint32_t rid)
2463 struct samr_OpenGroup r;
2464 struct policy_handle group_handle;
2467 printf("Testing OpenGroup(%u)\n", rid);
2469 r.in.domain_handle = handle;
2470 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
2472 r.out.group_handle = &group_handle;
2474 status = dcerpc_samr_OpenGroup(p, mem_ctx, &r);
2475 if (!NT_STATUS_IS_OK(status)) {
2476 printf("OpenGroup(%u) failed - %s\n", rid, nt_errstr(status));
2480 if (!test_QuerySecurity(p, mem_ctx, &group_handle)) {
2484 if (!test_QueryGroupInfo(p, mem_ctx, &group_handle)) {
2488 if (!test_QueryGroupMember(p, mem_ctx, &group_handle)) {
2492 if (!test_samr_handle_Close(p, mem_ctx, &group_handle)) {
2499 static BOOL test_OpenAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2500 struct policy_handle *handle, uint32_t rid)
2503 struct samr_OpenAlias r;
2504 struct policy_handle alias_handle;
2507 printf("Testing OpenAlias(%u)\n", rid);
2509 r.in.domain_handle = handle;
2510 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
2512 r.out.alias_handle = &alias_handle;
2514 status = dcerpc_samr_OpenAlias(p, mem_ctx, &r);
2515 if (!NT_STATUS_IS_OK(status)) {
2516 printf("OpenAlias(%u) failed - %s\n", rid, nt_errstr(status));
2520 if (!test_QuerySecurity(p, mem_ctx, &alias_handle)) {
2524 if (!test_QueryAliasInfo(p, mem_ctx, &alias_handle)) {
2528 if (!test_GetMembersInAlias(p, mem_ctx, &alias_handle)) {
2532 if (!test_samr_handle_Close(p, mem_ctx, &alias_handle)) {
2539 static BOOL test_EnumDomainUsers(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2540 struct policy_handle *handle)
2543 struct samr_EnumDomainUsers r;
2544 uint32_t resume_handle=0;
2547 struct samr_LookupNames n;
2548 struct samr_LookupRids lr ;
2550 printf("Testing EnumDomainUsers\n");
2552 r.in.domain_handle = handle;
2553 r.in.resume_handle = &resume_handle;
2554 r.in.acct_flags = 0;
2555 r.in.max_size = (uint32_t)-1;
2556 r.out.resume_handle = &resume_handle;
2558 status = dcerpc_samr_EnumDomainUsers(p, mem_ctx, &r);
2559 if (!NT_STATUS_IS_OK(status)) {
2560 printf("EnumDomainUsers failed - %s\n", nt_errstr(status));
2568 if (r.out.sam->count == 0) {
2572 for (i=0;i<r.out.sam->count;i++) {
2573 if (!test_OpenUser(p, mem_ctx, handle, r.out.sam->entries[i].idx)) {
2578 printf("Testing LookupNames\n");
2579 n.in.domain_handle = handle;
2580 n.in.num_names = r.out.sam->count;
2581 n.in.names = talloc_array(mem_ctx, struct lsa_String, r.out.sam->count);
2582 for (i=0;i<r.out.sam->count;i++) {
2583 n.in.names[i].string = r.out.sam->entries[i].name.string;
2585 status = dcerpc_samr_LookupNames(p, mem_ctx, &n);
2586 if (!NT_STATUS_IS_OK(status)) {
2587 printf("LookupNames failed - %s\n", nt_errstr(status));
2592 printf("Testing LookupRids\n");
2593 lr.in.domain_handle = handle;
2594 lr.in.num_rids = r.out.sam->count;
2595 lr.in.rids = talloc_array(mem_ctx, uint32_t, r.out.sam->count);
2596 for (i=0;i<r.out.sam->count;i++) {
2597 lr.in.rids[i] = r.out.sam->entries[i].idx;
2599 status = dcerpc_samr_LookupRids(p, mem_ctx, &lr);
2600 if (!NT_STATUS_IS_OK(status)) {
2601 printf("LookupRids failed - %s\n", nt_errstr(status));
2609 try blasting the server with a bunch of sync requests
2611 static BOOL test_EnumDomainUsers_async(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2612 struct policy_handle *handle)
2615 struct samr_EnumDomainUsers r;
2616 uint32_t resume_handle=0;
2618 #define ASYNC_COUNT 100
2619 struct rpc_request *req[ASYNC_COUNT];
2621 if (!lp_parm_bool(-1, "torture", "dangerous", False)) {
2622 printf("samr async test disabled - enable dangerous tests to use\n");
2626 printf("Testing EnumDomainUsers_async\n");
2628 r.in.domain_handle = handle;
2629 r.in.resume_handle = &resume_handle;
2630 r.in.acct_flags = 0;
2631 r.in.max_size = (uint32_t)-1;
2632 r.out.resume_handle = &resume_handle;
2634 for (i=0;i<ASYNC_COUNT;i++) {
2635 req[i] = dcerpc_samr_EnumDomainUsers_send(p, mem_ctx, &r);
2638 for (i=0;i<ASYNC_COUNT;i++) {
2639 status = dcerpc_ndr_request_recv(req[i]);
2640 if (!NT_STATUS_IS_OK(status)) {
2641 printf("EnumDomainUsers[%d] failed - %s\n",
2642 i, nt_errstr(status));
2647 printf("%d async requests OK\n", i);
2652 static BOOL test_EnumDomainGroups(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2653 struct policy_handle *handle)
2656 struct samr_EnumDomainGroups r;
2657 uint32_t resume_handle=0;
2661 printf("Testing EnumDomainGroups\n");
2663 r.in.domain_handle = handle;
2664 r.in.resume_handle = &resume_handle;
2665 r.in.max_size = (uint32_t)-1;
2666 r.out.resume_handle = &resume_handle;
2668 status = dcerpc_samr_EnumDomainGroups(p, mem_ctx, &r);
2669 if (!NT_STATUS_IS_OK(status)) {
2670 printf("EnumDomainGroups failed - %s\n", nt_errstr(status));
2678 for (i=0;i<r.out.sam->count;i++) {
2679 if (!test_OpenGroup(p, mem_ctx, handle, r.out.sam->entries[i].idx)) {
2687 static BOOL test_EnumDomainAliases(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2688 struct policy_handle *handle)
2691 struct samr_EnumDomainAliases r;
2692 uint32_t resume_handle=0;
2696 printf("Testing EnumDomainAliases\n");
2698 r.in.domain_handle = handle;
2699 r.in.resume_handle = &resume_handle;
2700 r.in.acct_flags = (uint32_t)-1;
2701 r.out.resume_handle = &resume_handle;
2703 status = dcerpc_samr_EnumDomainAliases(p, mem_ctx, &r);
2704 if (!NT_STATUS_IS_OK(status)) {
2705 printf("EnumDomainAliases failed - %s\n", nt_errstr(status));
2713 for (i=0;i<r.out.sam->count;i++) {
2714 if (!test_OpenAlias(p, mem_ctx, handle, r.out.sam->entries[i].idx)) {
2722 static BOOL test_GetDisplayEnumerationIndex(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2723 struct policy_handle *handle)
2726 struct samr_GetDisplayEnumerationIndex r;
2728 uint16_t levels[] = {1, 2, 3, 4, 5};
2729 uint16_t ok_lvl[] = {1, 1, 1, 0, 0};
2732 for (i=0;i<ARRAY_SIZE(levels);i++) {
2733 printf("Testing GetDisplayEnumerationIndex level %u\n", levels[i]);
2735 r.in.domain_handle = handle;
2736 r.in.level = levels[i];
2737 init_lsa_String(&r.in.name, TEST_ACCOUNT_NAME);
2739 status = dcerpc_samr_GetDisplayEnumerationIndex(p, mem_ctx, &r);
2742 !NT_STATUS_IS_OK(status) &&
2743 !NT_STATUS_EQUAL(NT_STATUS_NO_MORE_ENTRIES, status)) {
2744 printf("GetDisplayEnumerationIndex level %u failed - %s\n",
2745 levels[i], nt_errstr(status));
2749 init_lsa_String(&r.in.name, "zzzzzzzz");
2751 status = dcerpc_samr_GetDisplayEnumerationIndex(p, mem_ctx, &r);
2753 if (ok_lvl[i] && !NT_STATUS_EQUAL(NT_STATUS_NO_MORE_ENTRIES, status)) {
2754 printf("GetDisplayEnumerationIndex level %u failed - %s\n",
2755 levels[i], nt_errstr(status));
2763 static BOOL test_GetDisplayEnumerationIndex2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2764 struct policy_handle *handle)
2767 struct samr_GetDisplayEnumerationIndex2 r;
2769 uint16_t levels[] = {1, 2, 3, 4, 5};
2770 uint16_t ok_lvl[] = {1, 1, 1, 0, 0};
2773 for (i=0;i<ARRAY_SIZE(levels);i++) {
2774 printf("Testing GetDisplayEnumerationIndex2 level %u\n", levels[i]);
2776 r.in.domain_handle = handle;
2777 r.in.level = levels[i];
2778 init_lsa_String(&r.in.name, TEST_ACCOUNT_NAME);
2780 status = dcerpc_samr_GetDisplayEnumerationIndex2(p, mem_ctx, &r);
2782 !NT_STATUS_IS_OK(status) &&
2783 !NT_STATUS_EQUAL(NT_STATUS_NO_MORE_ENTRIES, status)) {
2784 printf("GetDisplayEnumerationIndex2 level %u failed - %s\n",
2785 levels[i], nt_errstr(status));
2789 init_lsa_String(&r.in.name, "zzzzzzzz");
2791 status = dcerpc_samr_GetDisplayEnumerationIndex2(p, mem_ctx, &r);
2792 if (ok_lvl[i] && !NT_STATUS_EQUAL(NT_STATUS_NO_MORE_ENTRIES, status)) {
2793 printf("GetDisplayEnumerationIndex2 level %u failed - %s\n",
2794 levels[i], nt_errstr(status));
2802 static BOOL test_QueryDisplayInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2803 struct policy_handle *handle)
2806 struct samr_QueryDisplayInfo r;
2808 uint16_t levels[] = {1, 2, 3, 4, 5};
2811 for (i=0;i<ARRAY_SIZE(levels);i++) {
2812 printf("Testing QueryDisplayInfo level %u\n", levels[i]);
2814 r.in.domain_handle = handle;
2815 r.in.level = levels[i];
2817 r.in.max_entries = 1000;
2818 r.in.buf_size = (uint32_t)-1;
2820 status = dcerpc_samr_QueryDisplayInfo(p, mem_ctx, &r);
2821 if (!NT_STATUS_IS_OK(status)) {
2822 printf("QueryDisplayInfo level %u failed - %s\n",
2823 levels[i], nt_errstr(status));
2831 static BOOL test_QueryDisplayInfo2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2832 struct policy_handle *handle)
2835 struct samr_QueryDisplayInfo2 r;
2837 uint16_t levels[] = {1, 2, 3, 4, 5};
2840 for (i=0;i<ARRAY_SIZE(levels);i++) {
2841 printf("Testing QueryDisplayInfo2 level %u\n", levels[i]);
2843 r.in.domain_handle = handle;
2844 r.in.level = levels[i];
2846 r.in.max_entries = 1000;
2847 r.in.buf_size = (uint32_t)-1;
2849 status = dcerpc_samr_QueryDisplayInfo2(p, mem_ctx, &r);
2850 if (!NT_STATUS_IS_OK(status)) {
2851 printf("QueryDisplayInfo2 level %u failed - %s\n",
2852 levels[i], nt_errstr(status));
2860 static BOOL test_QueryDisplayInfo3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2861 struct policy_handle *handle)
2864 struct samr_QueryDisplayInfo3 r;
2866 uint16_t levels[] = {1, 2, 3, 4, 5};
2869 for (i=0;i<ARRAY_SIZE(levels);i++) {
2870 printf("Testing QueryDisplayInfo3 level %u\n", levels[i]);
2872 r.in.domain_handle = handle;
2873 r.in.level = levels[i];
2875 r.in.max_entries = 1000;
2876 r.in.buf_size = (uint32_t)-1;
2878 status = dcerpc_samr_QueryDisplayInfo3(p, mem_ctx, &r);
2879 if (!NT_STATUS_IS_OK(status)) {
2880 printf("QueryDisplayInfo3 level %u failed - %s\n",
2881 levels[i], nt_errstr(status));
2890 static BOOL test_QueryDisplayInfo_continue(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2891 struct policy_handle *handle)
2894 struct samr_QueryDisplayInfo r;
2897 printf("Testing QueryDisplayInfo continuation\n");
2899 r.in.domain_handle = handle;
2902 r.in.max_entries = 1;
2903 r.in.buf_size = (uint32_t)-1;
2906 status = dcerpc_samr_QueryDisplayInfo(p, mem_ctx, &r);
2907 if (NT_STATUS_IS_OK(status) && r.out.returned_size != 0) {
2908 if (r.out.info.info1.entries[0].idx != r.in.start_idx + 1) {
2909 printf("expected idx %d but got %d\n",
2911 r.out.info.info1.entries[0].idx);
2915 if (!NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES) &&
2916 !NT_STATUS_IS_OK(status)) {
2917 printf("QueryDisplayInfo level %u failed - %s\n",
2918 r.in.level, nt_errstr(status));
2923 } while ((NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES) ||
2924 NT_STATUS_IS_OK(status)) &&
2925 r.out.returned_size != 0);
2930 static BOOL test_QueryDomainInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
2931 struct policy_handle *handle)
2934 struct samr_QueryDomainInfo r;
2935 struct samr_SetDomainInfo s;
2936 uint16_t levels[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13};
2937 uint16_t set_ok[] = {1, 0, 1, 1, 0, 1, 1, 0, 1, 0, 1, 0};
2940 const char *domain_comment = talloc_asprintf(mem_ctx,
2941 "Tortured by Samba4 RPC-SAMR: %s",
2942 timestring(mem_ctx, time(NULL)));
2944 s.in.domain_handle = handle;
2946 s.in.info = talloc(mem_ctx, union samr_DomainInfo);
2948 s.in.info->info4.comment.string = domain_comment;
2949 status = dcerpc_samr_SetDomainInfo(p, mem_ctx, &s);
2950 if (!NT_STATUS_IS_OK(status)) {
2951 printf("SetDomainInfo level %u (set comment) failed - %s\n",
2952 r.in.level, nt_errstr(status));
2956 for (i=0;i<ARRAY_SIZE(levels);i++) {
2957 printf("Testing QueryDomainInfo level %u\n", levels[i]);
2959 r.in.domain_handle = handle;
2960 r.in.level = levels[i];
2962 status = dcerpc_samr_QueryDomainInfo(p, mem_ctx, &r);
2963 if (!NT_STATUS_IS_OK(status)) {
2964 printf("QueryDomainInfo level %u failed - %s\n",
2965 r.in.level, nt_errstr(status));
2970 switch (levels[i]) {
2972 if (strcmp(r.out.info->info2.comment.string, domain_comment) != 0) {
2973 printf("QueryDomainInfo level %u returned different comment (%s, expected %s)\n",
2974 levels[i], r.out.info->info2.comment.string, domain_comment);
2979 if (strcmp(r.out.info->info4.comment.string, domain_comment) != 0) {
2980 printf("QueryDomainInfo level %u returned different comment (%s, expected %s)\n",
2981 levels[i], r.out.info->info4.comment.string, domain_comment);
2986 if (strcmp(r.out.info->info11.info2.comment.string, domain_comment) != 0) {
2987 printf("QueryDomainInfo level %u returned different comment (%s, expected %s)\n",
2988 levels[i], r.out.info->info11.info2.comment.string, domain_comment);
2994 printf("Testing SetDomainInfo level %u\n", levels[i]);
2996 s.in.domain_handle = handle;
2997 s.in.level = levels[i];
2998 s.in.info = r.out.info;
3000 status = dcerpc_samr_SetDomainInfo(p, mem_ctx, &s);
3002 if (!NT_STATUS_IS_OK(status)) {
3003 printf("SetDomainInfo level %u failed - %s\n",
3004 r.in.level, nt_errstr(status));
3009 if (!NT_STATUS_EQUAL(NT_STATUS_INVALID_INFO_CLASS, status)) {
3010 printf("SetDomainInfo level %u gave %s - should have been NT_STATUS_INVALID_INFO_CLASS\n",
3011 r.in.level, nt_errstr(status));
3017 status = dcerpc_samr_QueryDomainInfo(p, mem_ctx, &r);
3018 if (!NT_STATUS_IS_OK(status)) {
3019 printf("QueryDomainInfo level %u failed - %s\n",
3020 r.in.level, nt_errstr(status));
3030 static BOOL test_QueryDomainInfo2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3031 struct policy_handle *handle)
3034 struct samr_QueryDomainInfo2 r;
3035 uint16_t levels[] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13};
3039 for (i=0;i<ARRAY_SIZE(levels);i++) {
3040 printf("Testing QueryDomainInfo2 level %u\n", levels[i]);
3042 r.in.domain_handle = handle;
3043 r.in.level = levels[i];
3045 status = dcerpc_samr_QueryDomainInfo2(p, mem_ctx, &r);
3046 if (!NT_STATUS_IS_OK(status)) {
3047 printf("QueryDomainInfo2 level %u failed - %s\n",
3048 r.in.level, nt_errstr(status));
3057 /* Test whether querydispinfo level 5 and enumdomgroups return the same
3058 set of group names. */
3059 static BOOL test_GroupList(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3060 struct policy_handle *handle)
3062 struct samr_EnumDomainGroups q1;
3063 struct samr_QueryDisplayInfo q2;
3065 uint32_t resume_handle=0;
3070 const char **names = NULL;
3072 printf("Testing coherency of querydispinfo vs enumdomgroups\n");
3074 q1.in.domain_handle = handle;
3075 q1.in.resume_handle = &resume_handle;
3077 q1.out.resume_handle = &resume_handle;
3079 status = STATUS_MORE_ENTRIES;
3080 while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
3081 status = dcerpc_samr_EnumDomainGroups(p, mem_ctx, &q1);
3083 if (!NT_STATUS_IS_OK(status) &&
3084 !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES))
3087 for (i=0; i<q1.out.num_entries; i++) {
3088 add_string_to_array(mem_ctx,
3089 q1.out.sam->entries[i].name.string,
3090 &names, &num_names);
3094 if (!NT_STATUS_IS_OK(status)) {
3095 printf("EnumDomainGroups failed - %s\n", nt_errstr(status));
3103 q2.in.domain_handle = handle;
3105 q2.in.start_idx = 0;
3106 q2.in.max_entries = 5;
3107 q2.in.buf_size = (uint32_t)-1;
3109 status = STATUS_MORE_ENTRIES;
3110 while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
3111 status = dcerpc_samr_QueryDisplayInfo(p, mem_ctx, &q2);
3113 if (!NT_STATUS_IS_OK(status) &&
3114 !NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES))
3117 for (i=0; i<q2.out.info.info5.count; i++) {
3119 const char *name = q2.out.info.info5.entries[i].account_name.string;
3121 for (j=0; j<num_names; j++) {
3122 if (names[j] == NULL)
3124 /* Hmm. No strequal in samba4 */
3125 if (strequal(names[j], name)) {
3133 printf("QueryDisplayInfo gave name [%s] that EnumDomainGroups did not\n",
3138 q2.in.start_idx += q2.out.info.info5.count;
3141 if (!NT_STATUS_IS_OK(status)) {
3142 printf("QueryDisplayInfo level 5 failed - %s\n",
3147 for (i=0; i<num_names; i++) {
3148 if (names[i] != NULL) {
3149 printf("EnumDomainGroups gave name [%s] that QueryDisplayInfo did not\n",
3158 static BOOL test_DeleteDomainGroup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3159 struct policy_handle *group_handle)
3161 struct samr_DeleteDomainGroup d;
3165 printf("Testing DeleteDomainGroup\n");
3167 d.in.group_handle = group_handle;
3168 d.out.group_handle = group_handle;
3170 status = dcerpc_samr_DeleteDomainGroup(p, mem_ctx, &d);
3171 if (!NT_STATUS_IS_OK(status)) {
3172 printf("DeleteDomainGroup failed - %s\n", nt_errstr(status));
3179 static BOOL test_TestPrivateFunctionsDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3180 struct policy_handle *domain_handle)
3182 struct samr_TestPrivateFunctionsDomain r;
3186 printf("Testing TestPrivateFunctionsDomain\n");
3188 r.in.domain_handle = domain_handle;
3190 status = dcerpc_samr_TestPrivateFunctionsDomain(p, mem_ctx, &r);
3191 if (!NT_STATUS_EQUAL(NT_STATUS_NOT_IMPLEMENTED, status)) {
3192 printf("TestPrivateFunctionsDomain failed - %s\n", nt_errstr(status));
3199 static BOOL test_RidToSid(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3200 struct dom_sid *domain_sid,
3201 struct policy_handle *domain_handle)
3203 struct samr_RidToSid r;
3206 struct dom_sid *calc_sid;
3207 int rids[] = { 0, 42, 512, 10200 };
3210 for (i=0;i<ARRAY_SIZE(rids);i++) {
3212 printf("Testing RidToSid\n");
3214 calc_sid = dom_sid_dup(mem_ctx, domain_sid);
3215 r.in.domain_handle = domain_handle;
3218 status = dcerpc_samr_RidToSid(p, mem_ctx, &r);
3219 if (!NT_STATUS_IS_OK(status)) {
3220 printf("RidToSid for %d failed - %s\n", rids[i], nt_errstr(status));
3223 calc_sid = dom_sid_add_rid(calc_sid, calc_sid, rids[i]);
3225 if (!dom_sid_equal(calc_sid, r.out.sid)) {
3226 printf("RidToSid for %d failed - got %s, expected %s\n", rids[i],
3227 dom_sid_string(mem_ctx, r.out.sid),
3228 dom_sid_string(mem_ctx, calc_sid));
3237 static BOOL test_GetBootKeyInformation(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3238 struct policy_handle *domain_handle)
3240 struct samr_GetBootKeyInformation r;
3244 printf("Testing GetBootKeyInformation\n");
3246 r.in.domain_handle = domain_handle;
3248 status = dcerpc_samr_GetBootKeyInformation(p, mem_ctx, &r);
3249 if (!NT_STATUS_IS_OK(status)) {
3250 /* w2k3 seems to fail this sometimes and pass it sometimes */
3251 printf("GetBootKeyInformation (ignored) - %s\n", nt_errstr(status));
3257 static BOOL test_AddGroupMember(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3258 struct policy_handle *domain_handle,
3259 struct policy_handle *group_handle)
3262 struct samr_AddGroupMember r;
3263 struct samr_DeleteGroupMember d;
3264 struct samr_QueryGroupMember q;
3265 struct samr_SetMemberAttributesOfGroup s;
3269 status = test_LookupName(p, mem_ctx, domain_handle, TEST_ACCOUNT_NAME, &rid);
3270 if (!NT_STATUS_IS_OK(status)) {
3271 printf("test_AddGroupMember looking up name " TEST_ACCOUNT_NAME " failed - %s\n", nt_errstr(status));
3275 r.in.group_handle = group_handle;
3277 r.in.flags = 0; /* ??? */
3279 printf("Testing AddGroupMember and DeleteGroupMember\n");
3281 d.in.group_handle = group_handle;
3284 status = dcerpc_samr_DeleteGroupMember(p, mem_ctx, &d);
3285 if (!NT_STATUS_EQUAL(NT_STATUS_MEMBER_NOT_IN_GROUP, status)) {
3286 printf("DeleteGroupMember gave %s - should be NT_STATUS_MEMBER_NOT_IN_GROUP\n",
3291 status = dcerpc_samr_AddGroupMember(p, mem_ctx, &r);
3292 if (!NT_STATUS_IS_OK(status)) {
3293 printf("AddGroupMember failed - %s\n", nt_errstr(status));
3297 status = dcerpc_samr_AddGroupMember(p, mem_ctx, &r);
3298 if (!NT_STATUS_EQUAL(NT_STATUS_MEMBER_IN_GROUP, status)) {
3299 printf("AddGroupMember gave %s - should be NT_STATUS_MEMBER_IN_GROUP\n",
3304 if (lp_parm_bool(-1, "target", "samba4", False)) {
3305 printf("skipping SetMemberAttributesOfGroup test against Samba4\n");
3307 /* this one is quite strange. I am using random inputs in the
3308 hope of triggering an error that might give us a clue */
3310 s.in.group_handle = group_handle;
3311 s.in.unknown1 = random();
3312 s.in.unknown2 = random();
3314 status = dcerpc_samr_SetMemberAttributesOfGroup(p, mem_ctx, &s);
3315 if (!NT_STATUS_IS_OK(status)) {
3316 printf("SetMemberAttributesOfGroup failed - %s\n", nt_errstr(status));
3321 q.in.group_handle = group_handle;
3323 status = dcerpc_samr_QueryGroupMember(p, mem_ctx, &q);
3324 if (!NT_STATUS_IS_OK(status)) {
3325 printf("QueryGroupMember failed - %s\n", nt_errstr(status));
3329 status = dcerpc_samr_DeleteGroupMember(p, mem_ctx, &d);
3330 if (!NT_STATUS_IS_OK(status)) {
3331 printf("DeleteGroupMember failed - %s\n", nt_errstr(status));
3335 status = dcerpc_samr_AddGroupMember(p, mem_ctx, &r);
3336 if (!NT_STATUS_IS_OK(status)) {
3337 printf("AddGroupMember failed - %s\n", nt_errstr(status));
3345 static BOOL test_CreateDomainGroup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3346 struct policy_handle *domain_handle, struct policy_handle *group_handle)
3349 struct samr_CreateDomainGroup r;
3351 struct lsa_String name;
3354 init_lsa_String(&name, TEST_GROUPNAME);
3356 r.in.domain_handle = domain_handle;
3358 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
3359 r.out.group_handle = group_handle;
3362 printf("Testing CreateDomainGroup(%s)\n", r.in.name->string);
3364 status = dcerpc_samr_CreateDomainGroup(p, mem_ctx, &r);
3366 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
3367 printf("Server refused create of '%s'\n", r.in.name->string);
3368 ZERO_STRUCTP(group_handle);
3372 if (NT_STATUS_EQUAL(status, NT_STATUS_GROUP_EXISTS)) {
3373 if (!test_DeleteGroup_byname(p, mem_ctx, domain_handle, r.in.name->string)) {
3375 printf("CreateDomainGroup failed: Could not delete domain group %s - %s\n", r.in.name->string,
3379 status = dcerpc_samr_CreateDomainGroup(p, mem_ctx, &r);
3381 if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
3382 if (!test_DeleteUser_byname(p, mem_ctx, domain_handle, r.in.name->string)) {
3384 printf("CreateDomainGroup failed: Could not delete user %s - %s\n", r.in.name->string,
3388 status = dcerpc_samr_CreateDomainGroup(p, mem_ctx, &r);
3390 if (!NT_STATUS_IS_OK(status)) {
3391 printf("CreateDomainGroup failed - %s\n", nt_errstr(status));
3395 if (!test_AddGroupMember(p, mem_ctx, domain_handle, group_handle)) {
3396 printf("CreateDomainGroup failed - %s\n", nt_errstr(status));
3400 if (!test_SetGroupInfo(p, mem_ctx, group_handle)) {
3409 its not totally clear what this does. It seems to accept any sid you like.
3411 static BOOL test_RemoveMemberFromForeignDomain(struct dcerpc_pipe *p,
3412 TALLOC_CTX *mem_ctx,
3413 struct policy_handle *domain_handle)
3416 struct samr_RemoveMemberFromForeignDomain r;
3418 r.in.domain_handle = domain_handle;
3419 r.in.sid = dom_sid_parse_talloc(mem_ctx, "S-1-5-32-12-34-56-78");
3421 status = dcerpc_samr_RemoveMemberFromForeignDomain(p, mem_ctx, &r);
3422 if (!NT_STATUS_IS_OK(status)) {
3423 printf("RemoveMemberFromForeignDomain failed - %s\n", nt_errstr(status));
3432 static BOOL test_Connect(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3433 struct policy_handle *handle);
3435 static BOOL test_OpenDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3436 struct policy_handle *handle, struct dom_sid *sid,
3437 enum torture_samr_choice which_ops)
3440 struct samr_OpenDomain r;
3441 struct policy_handle domain_handle;
3442 struct policy_handle alias_handle;
3443 struct policy_handle user_handle;
3444 struct policy_handle group_handle;
3447 ZERO_STRUCT(alias_handle);
3448 ZERO_STRUCT(user_handle);
3449 ZERO_STRUCT(group_handle);
3450 ZERO_STRUCT(domain_handle);
3452 printf("Testing OpenDomain\n");
3454 r.in.connect_handle = handle;
3455 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
3457 r.out.domain_handle = &domain_handle;
3459 status = dcerpc_samr_OpenDomain(p, mem_ctx, &r);
3460 if (!NT_STATUS_IS_OK(status)) {
3461 printf("OpenDomain failed - %s\n", nt_errstr(status));
3465 /* run the domain tests with the main handle closed - this tests
3466 the servers reference counting */
3467 ret &= test_samr_handle_Close(p, mem_ctx, handle);
3469 switch (which_ops) {
3470 case TORTURE_SAMR_USER_ATTRIBUTES:
3471 case TORTURE_SAMR_PASSWORDS:
3472 ret &= test_CreateUser(p, mem_ctx, &domain_handle, NULL, which_ops);
3473 ret &= test_CreateUser2(p, mem_ctx, &domain_handle, which_ops);
3475 case TORTURE_SAMR_OTHER:
3476 ret &= test_CreateUser(p, mem_ctx, &domain_handle, &user_handle, which_ops);
3477 ret &= test_QuerySecurity(p, mem_ctx, &domain_handle);
3478 ret &= test_RemoveMemberFromForeignDomain(p, mem_ctx, &domain_handle);
3479 ret &= test_CreateAlias(p, mem_ctx, &domain_handle, &alias_handle, sid);
3480 ret &= test_CreateDomainGroup(p, mem_ctx, &domain_handle, &group_handle);
3481 ret &= test_QueryDomainInfo(p, mem_ctx, &domain_handle);
3482 ret &= test_QueryDomainInfo2(p, mem_ctx, &domain_handle);
3483 ret &= test_EnumDomainUsers(p, mem_ctx, &domain_handle);
3484 ret &= test_EnumDomainUsers_async(p, mem_ctx, &domain_handle);
3485 ret &= test_EnumDomainGroups(p, mem_ctx, &domain_handle);
3486 ret &= test_EnumDomainAliases(p, mem_ctx, &domain_handle);
3487 ret &= test_QueryDisplayInfo(p, mem_ctx, &domain_handle);
3488 ret &= test_QueryDisplayInfo2(p, mem_ctx, &domain_handle);
3489 ret &= test_QueryDisplayInfo3(p, mem_ctx, &domain_handle);
3490 ret &= test_QueryDisplayInfo_continue(p, mem_ctx, &domain_handle);
3492 if (lp_parm_bool(-1, "target", "samba4", False)) {
3493 printf("skipping GetDisplayEnumerationIndex test against Samba4\n");
3495 ret &= test_GetDisplayEnumerationIndex(p, mem_ctx, &domain_handle);
3496 ret &= test_GetDisplayEnumerationIndex2(p, mem_ctx, &domain_handle);
3498 ret &= test_GroupList(p, mem_ctx, &domain_handle);
3499 ret &= test_TestPrivateFunctionsDomain(p, mem_ctx, &domain_handle);
3500 ret &= test_RidToSid(p, mem_ctx, sid, &domain_handle);
3501 ret &= test_GetBootKeyInformation(p, mem_ctx, &domain_handle);
3505 if (!policy_handle_empty(&user_handle) &&
3506 !test_DeleteUser(p, mem_ctx, &user_handle)) {
3510 if (!policy_handle_empty(&alias_handle) &&
3511 !test_DeleteAlias(p, mem_ctx, &alias_handle)) {
3515 if (!policy_handle_empty(&group_handle) &&
3516 !test_DeleteDomainGroup(p, mem_ctx, &group_handle)) {
3520 ret &= test_samr_handle_Close(p, mem_ctx, &domain_handle);
3522 /* reconnect the main handle */
3523 ret &= test_Connect(p, mem_ctx, handle);
3526 printf("Testing domain %s failed!\n", dom_sid_string(mem_ctx, sid));
3532 static BOOL test_LookupDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3533 struct policy_handle *handle, const char *domain,
3534 enum torture_samr_choice which_ops)
3537 struct samr_LookupDomain r;
3538 struct lsa_String n1;
3539 struct lsa_String n2;
3542 printf("Testing LookupDomain(%s)\n", domain);
3544 /* check for correct error codes */
3545 r.in.connect_handle = handle;
3546 r.in.domain_name = &n2;
3549 status = dcerpc_samr_LookupDomain(p, mem_ctx, &r);
3550 if (!NT_STATUS_EQUAL(NT_STATUS_INVALID_PARAMETER, status)) {
3551 printf("failed: LookupDomain expected NT_STATUS_INVALID_PARAMETER - %s\n", nt_errstr(status));
3555 init_lsa_String(&n2, "xxNODOMAINxx");
3557 status = dcerpc_samr_LookupDomain(p, mem_ctx, &r);
3558 if (!NT_STATUS_EQUAL(NT_STATUS_NO_SUCH_DOMAIN, status)) {
3559 printf("failed: LookupDomain expected NT_STATUS_NO_SUCH_DOMAIN - %s\n", nt_errstr(status));
3563 r.in.connect_handle = handle;
3565 init_lsa_String(&n1, domain);
3566 r.in.domain_name = &n1;
3568 status = dcerpc_samr_LookupDomain(p, mem_ctx, &r);
3569 if (!NT_STATUS_IS_OK(status)) {
3570 printf("LookupDomain failed - %s\n", nt_errstr(status));
3574 if (!test_GetDomPwInfo(p, mem_ctx, &n1)) {
3578 if (!test_OpenDomain(p, mem_ctx, handle, r.out.sid, which_ops)) {
3586 static BOOL test_EnumDomains(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3587 struct policy_handle *handle, enum torture_samr_choice which_ops)
3590 struct samr_EnumDomains r;
3591 uint32_t resume_handle = 0;
3595 r.in.connect_handle = handle;
3596 r.in.resume_handle = &resume_handle;
3597 r.in.buf_size = (uint32_t)-1;
3598 r.out.resume_handle = &resume_handle;
3600 status = dcerpc_samr_EnumDomains(p, mem_ctx, &r);
3601 if (!NT_STATUS_IS_OK(status)) {
3602 printf("EnumDomains failed - %s\n", nt_errstr(status));
3610 for (i=0;i<r.out.sam->count;i++) {
3611 if (!test_LookupDomain(p, mem_ctx, handle,
3612 r.out.sam->entries[i].name.string, which_ops)) {
3617 status = dcerpc_samr_EnumDomains(p, mem_ctx, &r);
3618 if (!NT_STATUS_IS_OK(status)) {
3619 printf("EnumDomains failed - %s\n", nt_errstr(status));
3627 static BOOL test_Connect(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
3628 struct policy_handle *handle)
3631 struct samr_Connect r;
3632 struct samr_Connect2 r2;
3633 struct samr_Connect3 r3;
3634 struct samr_Connect4 r4;
3635 struct samr_Connect5 r5;
3636 union samr_ConnectInfo info;
3637 struct policy_handle h;
3638 BOOL ret = True, got_handle = False;
3640 printf("testing samr_Connect\n");
3642 r.in.system_name = 0;
3643 r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
3644 r.out.connect_handle = &h;
3646 status = dcerpc_samr_Connect(p, mem_ctx, &r);
3647 if (!NT_STATUS_IS_OK(status)) {
3648 printf("Connect failed - %s\n", nt_errstr(status));
3655 printf("testing samr_Connect2\n");
3657 r2.in.system_name = NULL;
3658 r2.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
3659 r2.out.connect_handle = &h;
3661 status = dcerpc_samr_Connect2(p, mem_ctx, &r2);
3662 if (!NT_STATUS_IS_OK(status)) {
3663 printf("Connect2 failed - %s\n", nt_errstr(status));
3667 test_samr_handle_Close(p, mem_ctx, handle);
3673 printf("testing samr_Connect3\n");
3675 r3.in.system_name = NULL;
3677 r3.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
3678 r3.out.connect_handle = &h;
3680 status = dcerpc_samr_Connect3(p, mem_ctx, &r3);
3681 if (!NT_STATUS_IS_OK(status)) {
3682 printf("Connect3 failed - %s\n", nt_errstr(status));
3686 test_samr_handle_Close(p, mem_ctx, handle);
3692 printf("testing samr_Connect4\n");
3694 r4.in.system_name = "";
3696 r4.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
3697 r4.out.connect_handle = &h;
3699 status = dcerpc_samr_Connect4(p, mem_ctx, &r4);
3700 if (!NT_STATUS_IS_OK(status)) {
3701 printf("Connect4 failed - %s\n", nt_errstr(status));
3705 test_samr_handle_Close(p, mem_ctx, handle);
3711 printf("testing samr_Connect5\n");
3713 info.info1.unknown1 = 0;
3714 info.info1.unknown2 = 0;
3716 r5.in.system_name = "";
3717 r5.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
3720 r5.out.info = &info;
3721 r5.out.connect_handle = &h;
3723 status = dcerpc_samr_Connect5(p, mem_ctx, &r5);
3724 if (!NT_STATUS_IS_OK(status)) {
3725 printf("Connect5 failed - %s\n", nt_errstr(status));
3729 test_samr_handle_Close(p, mem_ctx, handle);
3739 BOOL torture_rpc_samr(struct torture_context *torture)
3742 struct dcerpc_pipe *p;
3744 struct policy_handle handle;
3746 status = torture_rpc_connection(torture, &p, &dcerpc_table_samr);
3747 if (!NT_STATUS_IS_OK(status)) {
3751 ret &= test_Connect(p, torture, &handle);
3753 ret &= test_QuerySecurity(p, torture, &handle);
3755 ret &= test_EnumDomains(p, torture, &handle, TORTURE_SAMR_OTHER);
3757 ret &= test_SetDsrmPassword(p, torture, &handle);
3759 ret &= test_Shutdown(p, torture, &handle);
3761 ret &= test_samr_handle_Close(p, torture, &handle);
3767 BOOL torture_rpc_samr_users(struct torture_context *torture)
3770 struct dcerpc_pipe *p;
3772 struct policy_handle handle;
3774 status = torture_rpc_connection(torture, &p, &dcerpc_table_samr);
3775 if (!NT_STATUS_IS_OK(status)) {
3779 ret &= test_Connect(p, torture, &handle);
3781 ret &= test_QuerySecurity(p, torture, &handle);
3783 ret &= test_EnumDomains(p, torture, &handle, TORTURE_SAMR_USER_ATTRIBUTES);
3785 ret &= test_SetDsrmPassword(p, torture, &handle);
3787 ret &= test_Shutdown(p, torture, &handle);
3789 ret &= test_samr_handle_Close(p, torture, &handle);
3795 BOOL torture_rpc_samr_passwords(struct torture_context *torture)
3798 struct dcerpc_pipe *p;
3800 struct policy_handle handle;
3802 status = torture_rpc_connection(torture, &p, &dcerpc_table_samr);
3803 if (!NT_STATUS_IS_OK(status)) {
3807 ret &= test_Connect(p, torture, &handle);
3809 ret &= test_EnumDomains(p, torture, &handle, TORTURE_SAMR_PASSWORDS);
3811 ret &= test_samr_handle_Close(p, torture, &handle);