2 Unix SMB/CIFS implementation.
6 Copyright (C) Andrew Tridgell 2003
7 Copyright (C) Stefan (metze) Metzmacher 2004
8 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005-2006
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #include "librpc/gen_ndr/ndr_drsuapi_c.h"
26 #include "torture/rpc/torture_rpc.h"
27 #include "param/param.h"
29 #define TEST_MACHINE_NAME "torturetest"
31 static bool test_DsBind(struct dcerpc_pipe
*p
,
32 struct torture_context
*tctx
,
33 struct policy_handle
*bind_handle
,
34 struct drsuapi_DsBindInfo28
*srv_info28
)
37 struct drsuapi_DsBind r
;
38 struct GUID bind_guid
;
39 struct drsuapi_DsBindInfo28
*bind_info28
;
40 struct drsuapi_DsBindInfoCtr bind_info_ctr
;
42 ZERO_STRUCT(bind_info_ctr
);
43 bind_info_ctr
.length
= 28;
45 bind_info28
= &bind_info_ctr
.info
.info28
;
46 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_BASE
;
47 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION
;
48 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI
;
49 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2
;
50 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS
;
51 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1
;
52 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION
;
53 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE
;
54 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2
;
55 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION
;
56 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2
;
57 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD
;
58 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND
;
59 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO
;
60 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION
;
61 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01
;
62 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP
;
63 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY
;
64 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3
;
65 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2
;
66 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6
;
67 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS
;
68 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8
;
69 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5
;
70 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6
;
71 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3
;
72 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7
;
73 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT
;
75 GUID_from_string(DRSUAPI_DS_BIND_GUID
, &bind_guid
);
77 r
.in
.bind_guid
= &bind_guid
;
78 r
.in
.bind_info
= &bind_info_ctr
;
79 r
.out
.bind_handle
= bind_handle
;
81 torture_comment(tctx
, "Testing DsBind\n");
83 status
= dcerpc_drsuapi_DsBind_r(p
->binding_handle
, tctx
, &r
);
84 torture_drsuapi_assert_call(tctx
, p
, status
, &r
, "dcerpc_drsuapi_DsBind");
86 if (srv_info28
!= NULL
) {
87 *srv_info28
= r
.out
.bind_info
->info
.info28
;
93 static bool test_DsGetDomainControllerInfo(struct torture_context
*tctx
,
94 struct DsPrivate
*priv
)
97 struct dcerpc_pipe
*p
= priv
->drs_pipe
;
98 struct drsuapi_DsGetDomainControllerInfo r
;
99 union drsuapi_DsGetDCInfoCtr ctr
;
100 union drsuapi_DsGetDCInfoRequest req
;
101 int32_t level_out
= 0;
110 .name
= torture_join_dom_netbios_name(priv
->join
),
114 .name
= torture_join_dom_dns_name(priv
->join
),
118 .name
= "__UNKNOWN_DOMAIN__",
119 .expected
= WERR_DS_OBJ_NOT_FOUND
122 .name
= "unknown.domain.samba.example.com",
123 .expected
= WERR_DS_OBJ_NOT_FOUND
126 int levels
[] = {1, 2};
129 for (i
=0; i
< ARRAY_SIZE(levels
); i
++) {
130 for (j
=0; j
< ARRAY_SIZE(names
); j
++) {
132 r
.in
.bind_handle
= &priv
->bind_handle
;
136 r
.in
.req
->req1
.domain_name
= names
[j
].name
;
137 r
.in
.req
->req1
.level
= level
;
140 r
.out
.level_out
= &level_out
;
142 torture_comment(tctx
,
143 "Testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
144 r
.in
.req
->req1
.level
, r
.in
.req
->req1
.domain_name
);
146 status
= dcerpc_drsuapi_DsGetDomainControllerInfo_r(p
->binding_handle
, tctx
, &r
);
147 torture_assert_ntstatus_ok(tctx
, status
,
148 "dcerpc_drsuapi_DsGetDomainControllerInfo with dns domain failed");
149 torture_assert_werr_equal(tctx
,
150 r
.out
.result
, names
[j
].expected
,
151 "DsGetDomainControllerInfo level with dns domain failed");
153 if (!W_ERROR_IS_OK(r
.out
.result
)) {
154 /* If this was an error, we can't read the result structure */
158 torture_assert_int_equal(tctx
,
159 r
.in
.req
->req1
.level
, *r
.out
.level_out
,
160 "dcerpc_drsuapi_DsGetDomainControllerInfo in/out level differs");
164 for (k
=0; k
< r
.out
.ctr
->ctr1
.count
; k
++) {
165 if (strcasecmp_m(r
.out
.ctr
->ctr1
.array
[k
].netbios_name
,
166 torture_join_netbios_name(priv
->join
)) == 0) {
173 for (k
=0; k
< r
.out
.ctr
->ctr2
.count
; k
++) {
174 if (strcasecmp_m(r
.out
.ctr
->ctr2
.array
[k
].netbios_name
,
175 torture_join_netbios_name(priv
->join
)) == 0) {
177 priv
->dcinfo
= r
.out
.ctr
->ctr2
.array
[k
];
183 torture_assert(tctx
, found
,
184 "dcerpc_drsuapi_DsGetDomainControllerInfo: Failed to find the domain controller we just created during the join");
188 r
.in
.bind_handle
= &priv
->bind_handle
;
192 r
.out
.level_out
= &level_out
;
194 r
.in
.req
->req1
.domain_name
= "__UNKNOWN_DOMAIN__"; /* This is clearly ignored for this level */
195 r
.in
.req
->req1
.level
= -1;
197 torture_comment(tctx
, "Testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
198 r
.in
.req
->req1
.level
, r
.in
.req
->req1
.domain_name
);
200 status
= dcerpc_drsuapi_DsGetDomainControllerInfo_r(p
->binding_handle
, tctx
, &r
);
202 torture_assert_ntstatus_ok(tctx
, status
,
203 "dcerpc_drsuapi_DsGetDomainControllerInfo with dns domain failed");
204 torture_assert_werr_ok(tctx
, r
.out
.result
,
205 "DsGetDomainControllerInfo with dns domain failed");
208 const char *dc_account
= talloc_asprintf(tctx
, "%s\\%s$",
209 torture_join_dom_netbios_name(priv
->join
),
210 priv
->dcinfo
.netbios_name
);
211 torture_comment(tctx
, "%s: Enum active LDAP sessions searching for %s\n", __func__
, dc_account
);
212 for (k
=0; k
< r
.out
.ctr
->ctr01
.count
; k
++) {
213 if (strcasecmp_m(r
.out
.ctr
->ctr01
.array
[k
].client_account
,
219 torture_assert(tctx
, found
,
220 "dcerpc_drsuapi_DsGetDomainControllerInfo level: Failed to find the domain controller in last logon records");
227 static bool test_DsWriteAccountSpn(struct torture_context
*tctx
,
228 struct DsPrivate
*priv
)
231 struct dcerpc_pipe
*p
= priv
->drs_pipe
;
232 struct drsuapi_DsWriteAccountSpn r
;
233 union drsuapi_DsWriteAccountSpnRequest req
;
234 struct drsuapi_DsNameString names
[2];
235 union drsuapi_DsWriteAccountSpnResult res
;
238 r
.in
.bind_handle
= &priv
->bind_handle
;
242 torture_comment(tctx
, "Testing DsWriteAccountSpn\n");
244 r
.in
.req
->req1
.operation
= DRSUAPI_DS_SPN_OPERATION_ADD
;
245 r
.in
.req
->req1
.unknown1
= 0;
246 r
.in
.req
->req1
.object_dn
= priv
->dcinfo
.computer_dn
;
247 r
.in
.req
->req1
.count
= 2;
248 r
.in
.req
->req1
.spn_names
= names
;
249 names
[0].str
= talloc_asprintf(tctx
, "smbtortureSPN/%s",priv
->dcinfo
.netbios_name
);
250 names
[1].str
= talloc_asprintf(tctx
, "smbtortureSPN/%s",priv
->dcinfo
.dns_name
);
253 r
.out
.level_out
= &level_out
;
255 status
= dcerpc_drsuapi_DsWriteAccountSpn_r(p
->binding_handle
, tctx
, &r
);
256 torture_drsuapi_assert_call(tctx
, p
, status
, &r
, "dcerpc_drsuapi_DsWriteAccountSpn");
258 r
.in
.req
->req1
.operation
= DRSUAPI_DS_SPN_OPERATION_DELETE
;
259 r
.in
.req
->req1
.unknown1
= 0;
261 status
= dcerpc_drsuapi_DsWriteAccountSpn_r(p
->binding_handle
, tctx
, &r
);
262 torture_drsuapi_assert_call(tctx
, p
, status
, &r
, "dcerpc_drsuapi_DsWriteAccountSpn");
267 static bool test_DsReplicaGetInfo(struct torture_context
*tctx
,
268 struct DsPrivate
*priv
)
271 struct dcerpc_pipe
*p
= priv
->drs_pipe
;
272 struct drsuapi_DsReplicaGetInfo r
;
273 union drsuapi_DsReplicaGetInfoRequest req
;
274 union drsuapi_DsReplicaInfo info
;
275 enum drsuapi_DsReplicaInfoType info_type
;
283 DRSUAPI_DS_REPLICA_GET_INFO
,
284 DRSUAPI_DS_REPLICA_INFO_NEIGHBORS
,
287 DRSUAPI_DS_REPLICA_GET_INFO
,
288 DRSUAPI_DS_REPLICA_INFO_CURSORS
,
291 DRSUAPI_DS_REPLICA_GET_INFO
,
292 DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA
,
295 DRSUAPI_DS_REPLICA_GET_INFO
,
296 DRSUAPI_DS_REPLICA_INFO_KCC_DSA_CONNECT_FAILURES
,
299 DRSUAPI_DS_REPLICA_GET_INFO
,
300 DRSUAPI_DS_REPLICA_INFO_KCC_DSA_LINK_FAILURES
,
303 DRSUAPI_DS_REPLICA_GET_INFO
,
304 DRSUAPI_DS_REPLICA_INFO_PENDING_OPS
,
307 DRSUAPI_DS_REPLICA_GET_INFO2
,
308 DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA
,
311 DRSUAPI_DS_REPLICA_GET_INFO2
,
312 DRSUAPI_DS_REPLICA_INFO_CURSORS2
,
315 DRSUAPI_DS_REPLICA_GET_INFO2
,
316 DRSUAPI_DS_REPLICA_INFO_CURSORS3
,
319 DRSUAPI_DS_REPLICA_GET_INFO2
,
320 DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA2
,
323 DRSUAPI_DS_REPLICA_GET_INFO2
,
324 DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA2
,
327 DRSUAPI_DS_REPLICA_GET_INFO2
,
328 DRSUAPI_DS_REPLICA_INFO_REPSTO
,
331 DRSUAPI_DS_REPLICA_GET_INFO2
,
332 DRSUAPI_DS_REPLICA_INFO_CLIENT_CONTEXTS
,
335 DRSUAPI_DS_REPLICA_GET_INFO2
,
336 DRSUAPI_DS_REPLICA_INFO_UPTODATE_VECTOR_V1
,
339 DRSUAPI_DS_REPLICA_GET_INFO2
,
340 DRSUAPI_DS_REPLICA_INFO_SERVER_OUTGOING_CALLS
,
345 if (torture_setting_bool(tctx
, "samba4", false)) {
346 torture_comment(tctx
, "skipping DsReplicaGetInfo test against Samba4\n");
350 r
.in
.bind_handle
= &priv
->bind_handle
;
353 for (i
=0; i
< ARRAY_SIZE(array
); i
++) {
354 const char *object_dn
;
356 torture_comment(tctx
, "Testing DsReplicaGetInfo level %d infotype %d\n",
357 array
[i
].level
, array
[i
].infotype
);
359 object_dn
= (array
[i
].obj_dn
? array
[i
].obj_dn
: priv
->domain_obj_dn
);
361 r
.in
.level
= array
[i
].level
;
363 case DRSUAPI_DS_REPLICA_GET_INFO
:
364 r
.in
.req
->req1
.info_type
= array
[i
].infotype
;
365 r
.in
.req
->req1
.object_dn
= object_dn
;
366 ZERO_STRUCT(r
.in
.req
->req1
.source_dsa_guid
);
368 case DRSUAPI_DS_REPLICA_GET_INFO2
:
369 r
.in
.req
->req2
.info_type
= array
[i
].infotype
;
370 r
.in
.req
->req2
.object_dn
= object_dn
;
371 ZERO_STRUCT(r
.in
.req
->req2
.source_dsa_guid
);
372 r
.in
.req
->req2
.flags
= 0;
373 r
.in
.req
->req2
.attribute_name
= NULL
;
374 r
.in
.req
->req2
.value_dn_str
= NULL
;
375 r
.in
.req
->req2
.enumeration_context
= 0;
380 r
.out
.info_type
= &info_type
;
382 status
= dcerpc_drsuapi_DsReplicaGetInfo_r(p
->binding_handle
, tctx
, &r
);
383 torture_drsuapi_assert_call(tctx
, p
, status
, &r
, "dcerpc_drsuapi_DsReplicaGetInfo");
384 if (NT_STATUS_EQUAL(status
, NT_STATUS_RPC_ENUM_VALUE_OUT_OF_RANGE
)) {
385 torture_comment(tctx
,
386 "DsReplicaGetInfo level %d and/or infotype %d not supported by server\n",
387 array
[i
].level
, array
[i
].infotype
);
389 torture_drsuapi_assert_call(tctx
, p
, status
, &r
, "dcerpc_drsuapi_DsReplicaGetInfo");
396 static bool test_DsReplicaSync(struct torture_context
*tctx
,
397 struct DsPrivate
*priv
)
400 struct dcerpc_pipe
*p
= priv
->drs_pipe
;
402 struct drsuapi_DsReplicaSync r
;
403 union drsuapi_DsReplicaSyncRequest sync_req
;
404 struct drsuapi_DsReplicaObjectIdentifier nc
;
405 struct dom_sid null_sid
;
414 if (!torture_setting_bool(tctx
, "dangerous", false)) {
415 torture_comment(tctx
, "DsReplicaSync disabled - enable dangerous tests to use\n");
419 if (torture_setting_bool(tctx
, "samba4", false)) {
420 torture_comment(tctx
, "skipping DsReplicaSync test against Samba4\n");
424 ZERO_STRUCT(null_sid
);
426 r
.in
.bind_handle
= &priv
->bind_handle
;
428 for (i
=0; i
< ARRAY_SIZE(array
); i
++) {
429 torture_comment(tctx
, "Testing DsReplicaSync level %d\n",
432 r
.in
.level
= array
[i
].level
;
435 nc
.guid
= GUID_zero();
437 nc
.dn
= priv
->domain_obj_dn
?priv
->domain_obj_dn
:"";
439 sync_req
.req1
.naming_context
= &nc
;
440 sync_req
.req1
.source_dsa_guid
= priv
->dcinfo
.ntds_guid
;
441 sync_req
.req1
.source_dsa_dns
= NULL
;
442 sync_req
.req1
.options
= 16;
444 r
.in
.req
= &sync_req
;
448 status
= dcerpc_drsuapi_DsReplicaSync_r(p
->binding_handle
, tctx
, &r
);
449 torture_drsuapi_assert_call(tctx
, p
, status
, &r
, "dcerpc_drsuapi_DsReplicaSync");
455 static bool test_DsReplicaUpdateRefs(struct torture_context
*tctx
,
456 struct DsPrivate
*priv
)
459 struct dcerpc_pipe
*p
= priv
->drs_pipe
;
460 struct drsuapi_DsReplicaUpdateRefs r
;
461 struct drsuapi_DsReplicaObjectIdentifier nc
;
462 struct GUID dest_dsa_guid
;
463 const char *dest_dsa_guid_str
;
464 struct dom_sid null_sid
;
466 ZERO_STRUCT(null_sid
);
467 dest_dsa_guid
= GUID_random();
468 dest_dsa_guid_str
= GUID_string(tctx
, &dest_dsa_guid
);
470 r
.in
.bind_handle
= &priv
->bind_handle
;
471 r
.in
.level
= 1; /* Only version 1 is defined presently */
474 nc
.guid
= priv
->domain_obj_dn
? GUID_zero():priv
->domain_guid
;
476 nc
.dn
= priv
->domain_obj_dn
? priv
->domain_obj_dn
: "";
478 /* default setup for request */
479 r
.in
.req
.req1
.naming_context
= &nc
;
480 r
.in
.req
.req1
.dest_dsa_dns_name
= talloc_asprintf(tctx
, "%s._msdn.%s",
482 priv
->domain_dns_name
);
483 r
.in
.req
.req1
.dest_dsa_guid
= dest_dsa_guid
;
485 /* 1. deleting replica dest should fail */
486 torture_comment(tctx
, "delete: %s\n", r
.in
.req
.req1
.dest_dsa_dns_name
);
487 r
.in
.req
.req1
.options
= DRSUAPI_DRS_DEL_REF
;
488 status
= dcerpc_drsuapi_DsReplicaUpdateRefs_r(p
->binding_handle
, tctx
, &r
);
489 torture_drsuapi_assert_call_werr(tctx
, p
,
490 status
, WERR_DS_DRA_REF_NOT_FOUND
, &r
,
491 "dcerpc_drsuapi_DsReplicaUpdateRefs");
493 /* 2. hopefully adding random replica dest should succeed */
494 torture_comment(tctx
, "add : %s\n", r
.in
.req
.req1
.dest_dsa_dns_name
);
495 r
.in
.req
.req1
.options
= DRSUAPI_DRS_ADD_REF
;
496 status
= dcerpc_drsuapi_DsReplicaUpdateRefs_r(p
->binding_handle
, tctx
, &r
);
497 torture_drsuapi_assert_call_werr(tctx
, p
,
499 "dcerpc_drsuapi_DsReplicaUpdateRefs");
501 /* 3. try adding same replica dest - should fail */
502 torture_comment(tctx
, "add : %s\n", r
.in
.req
.req1
.dest_dsa_dns_name
);
503 r
.in
.req
.req1
.options
= DRSUAPI_DRS_ADD_REF
;
504 status
= dcerpc_drsuapi_DsReplicaUpdateRefs_r(p
->binding_handle
, tctx
, &r
);
505 torture_drsuapi_assert_call_werr(tctx
, p
,
506 status
, WERR_DS_DRA_REF_ALREADY_EXISTS
, &r
,
507 "dcerpc_drsuapi_DsReplicaUpdateRefs");
509 /* 4. try resetting same replica dest - should succeed */
510 torture_comment(tctx
, "reset : %s\n", r
.in
.req
.req1
.dest_dsa_dns_name
);
511 r
.in
.req
.req1
.options
= DRSUAPI_DRS_DEL_REF
| DRSUAPI_DRS_ADD_REF
;
512 status
= dcerpc_drsuapi_DsReplicaUpdateRefs_r(p
->binding_handle
, tctx
, &r
);
513 torture_drsuapi_assert_call_werr(tctx
, p
,
515 "dcerpc_drsuapi_DsReplicaUpdateRefs");
517 /* 5. delete random replicate added at step 2. */
518 torture_comment(tctx
, "delete : %s\n", r
.in
.req
.req1
.dest_dsa_dns_name
);
519 r
.in
.req
.req1
.options
= DRSUAPI_DRS_DEL_REF
;
520 status
= dcerpc_drsuapi_DsReplicaUpdateRefs_r(p
->binding_handle
, tctx
, &r
);
521 torture_drsuapi_assert_call_werr(tctx
, p
,
523 "dcerpc_drsuapi_DsReplicaUpdateRefs");
525 /* 6. try replace on non-existing replica dest - should succeed */
526 torture_comment(tctx
, "replace: %s\n", r
.in
.req
.req1
.dest_dsa_dns_name
);
527 r
.in
.req
.req1
.options
= DRSUAPI_DRS_DEL_REF
| DRSUAPI_DRS_ADD_REF
;
528 status
= dcerpc_drsuapi_DsReplicaUpdateRefs_r(p
->binding_handle
, tctx
, &r
);
529 torture_drsuapi_assert_call_werr(tctx
, p
,
531 "dcerpc_drsuapi_DsReplicaUpdateRefs");
533 /* 7. delete random replicate added at step 6. */
534 torture_comment(tctx
, "delete : %s\n", r
.in
.req
.req1
.dest_dsa_dns_name
);
535 r
.in
.req
.req1
.options
= DRSUAPI_DRS_DEL_REF
;
536 status
= dcerpc_drsuapi_DsReplicaUpdateRefs_r(p
->binding_handle
, tctx
, &r
);
537 torture_drsuapi_assert_call_werr(tctx
, p
,
539 "dcerpc_drsuapi_DsReplicaUpdateRefs");
544 static bool test_DsGetNCChanges(struct torture_context
*tctx
,
545 struct DsPrivate
*priv
)
548 struct dcerpc_pipe
*p
= priv
->drs_pipe
;
550 struct drsuapi_DsGetNCChanges r
;
551 union drsuapi_DsGetNCChangesRequest req
;
552 union drsuapi_DsGetNCChangesCtr ctr
;
553 struct drsuapi_DsReplicaObjectIdentifier nc
;
554 struct dom_sid null_sid
;
567 if (torture_setting_bool(tctx
, "samba4", false)) {
568 torture_comment(tctx
, "skipping DsGetNCChanges test against Samba4\n");
572 ZERO_STRUCT(null_sid
);
574 for (i
=0; i
< ARRAY_SIZE(array
); i
++) {
575 torture_comment(tctx
,
576 "Testing DsGetNCChanges level %d\n",
579 r
.in
.bind_handle
= &priv
->bind_handle
;
580 r
.in
.level
= array
[i
].level
;
581 r
.out
.level_out
= &level_out
;
584 switch (r
.in
.level
) {
586 nc
.guid
= GUID_zero();
588 nc
.dn
= priv
->domain_obj_dn
? priv
->domain_obj_dn
: "";
591 r
.in
.req
->req5
.destination_dsa_guid
= GUID_random();
592 r
.in
.req
->req5
.source_dsa_invocation_id
= GUID_zero();
593 r
.in
.req
->req5
.naming_context
= &nc
;
594 r
.in
.req
->req5
.highwatermark
.tmp_highest_usn
= 0;
595 r
.in
.req
->req5
.highwatermark
.reserved_usn
= 0;
596 r
.in
.req
->req5
.highwatermark
.highest_usn
= 0;
597 r
.in
.req
->req5
.uptodateness_vector
= NULL
;
598 r
.in
.req
->req5
.replica_flags
= 0;
599 if (lpcfg_parm_bool(tctx
->lp_ctx
, NULL
, "drsuapi", "compression", false)) {
600 r
.in
.req
->req5
.replica_flags
|= DRSUAPI_DRS_USE_COMPRESSION
;
602 r
.in
.req
->req5
.max_object_count
= 0;
603 r
.in
.req
->req5
.max_ndr_size
= 0;
604 r
.in
.req
->req5
.extended_op
= DRSUAPI_EXOP_NONE
;
605 r
.in
.req
->req5
.fsmo_info
= 0;
609 nc
.guid
= GUID_zero();
611 nc
.dn
= priv
->domain_obj_dn
? priv
->domain_obj_dn
: "";
614 r
.in
.req
->req8
.destination_dsa_guid
= GUID_random();
615 r
.in
.req
->req8
.source_dsa_invocation_id
= GUID_zero();
616 r
.in
.req
->req8
.naming_context
= &nc
;
617 r
.in
.req
->req8
.highwatermark
.tmp_highest_usn
= 0;
618 r
.in
.req
->req8
.highwatermark
.reserved_usn
= 0;
619 r
.in
.req
->req8
.highwatermark
.highest_usn
= 0;
620 r
.in
.req
->req8
.uptodateness_vector
= NULL
;
621 r
.in
.req
->req8
.replica_flags
= 0;
622 if (lpcfg_parm_bool(tctx
->lp_ctx
, NULL
, "drsuapi", "compression", false)) {
623 r
.in
.req
->req8
.replica_flags
|= DRSUAPI_DRS_USE_COMPRESSION
;
625 if (lpcfg_parm_bool(tctx
->lp_ctx
, NULL
, "drsuapi", "neighbour_writeable", true)) {
626 r
.in
.req
->req8
.replica_flags
|= DRSUAPI_DRS_WRIT_REP
;
628 r
.in
.req
->req8
.replica_flags
|= DRSUAPI_DRS_INIT_SYNC
629 | DRSUAPI_DRS_PER_SYNC
630 | DRSUAPI_DRS_GET_ANC
631 | DRSUAPI_DRS_NEVER_SYNCED
633 r
.in
.req
->req8
.max_object_count
= 402;
634 r
.in
.req
->req8
.max_ndr_size
= 402116;
635 r
.in
.req
->req8
.extended_op
= DRSUAPI_EXOP_NONE
;
636 r
.in
.req
->req8
.fsmo_info
= 0;
637 r
.in
.req
->req8
.partial_attribute_set
= NULL
;
638 r
.in
.req
->req8
.partial_attribute_set_ex
= NULL
;
639 r
.in
.req
->req8
.mapping_ctr
.num_mappings
= 0;
640 r
.in
.req
->req8
.mapping_ctr
.mappings
= NULL
;
645 status
= dcerpc_drsuapi_DsGetNCChanges_r(p
->binding_handle
, tctx
, &r
);
646 torture_drsuapi_assert_call(tctx
, p
, status
, &r
, "dcerpc_drsuapi_DsGetNCChanges");
652 bool test_QuerySitesByCost(struct torture_context
*tctx
,
653 struct DsPrivate
*priv
)
656 struct dcerpc_pipe
*p
= priv
->drs_pipe
;
657 struct drsuapi_QuerySitesByCost r
;
658 union drsuapi_QuerySitesByCostRequest req
;
660 const char *my_site
= "Default-First-Site-Name";
661 const char *remote_site1
= "smbtorture-nonexisting-site1";
662 const char *remote_site2
= "smbtorture-nonexisting-site2";
664 req
.req1
.site_from
= talloc_strdup(tctx
, my_site
);
665 req
.req1
.num_req
= 2;
666 req
.req1
.site_to
= talloc_zero_array(tctx
, const char *, 2);
667 req
.req1
.site_to
[0] = talloc_strdup(tctx
, remote_site1
);
668 req
.req1
.site_to
[1] = talloc_strdup(tctx
, remote_site2
);
671 r
.in
.bind_handle
= &priv
->bind_handle
;
675 status
= dcerpc_drsuapi_QuerySitesByCost_r(p
->binding_handle
, tctx
, &r
);
676 torture_drsuapi_assert_call(tctx
, p
, status
, &r
, "dcerpc_drsuapi_QuerySitesByCost");
678 if (W_ERROR_IS_OK(r
.out
.result
)) {
679 torture_assert_werr_equal(tctx
,
680 r
.out
.ctr
->ctr1
.info
[0].error_code
, WERR_DS_OBJ_NOT_FOUND
,
681 "dcerpc_drsuapi_QuerySitesByCost");
682 torture_assert_werr_equal(tctx
,
683 r
.out
.ctr
->ctr1
.info
[1].error_code
, WERR_DS_OBJ_NOT_FOUND
,
684 "dcerpc_drsuapi_QuerySitesByCost expected error_code WERR_DS_OBJ_NOT_FOUND");
686 torture_assert_int_equal(tctx
,
687 r
.out
.ctr
->ctr1
.info
[0].site_cost
, -1,
688 "dcerpc_drsuapi_QuerySitesByCost");
689 torture_assert_int_equal(tctx
,
690 r
.out
.ctr
->ctr1
.info
[1].site_cost
, -1,
691 "dcerpc_drsuapi_QuerySitesByCost exptected site cost");
699 bool test_DsUnbind(struct dcerpc_pipe
*p
,
700 struct torture_context
*tctx
,
701 struct DsPrivate
*priv
)
704 struct drsuapi_DsUnbind r
;
706 r
.in
.bind_handle
= &priv
->bind_handle
;
707 r
.out
.bind_handle
= &priv
->bind_handle
;
709 torture_comment(tctx
, "Testing DsUnbind\n");
711 status
= dcerpc_drsuapi_DsUnbind_r(p
->binding_handle
, tctx
, &r
);
712 torture_drsuapi_assert_call(tctx
, p
, status
, &r
, "dcerpc_drsuapi_DsUnbind");
719 * Helper func to collect DC information for testing purposes.
720 * This function is almost identical to test_DsGetDomainControllerInfo
722 bool torture_rpc_drsuapi_get_dcinfo(struct torture_context
*torture
,
723 struct DsPrivate
*priv
)
726 int32_t level_out
= 0;
727 struct drsuapi_DsGetDomainControllerInfo r
;
728 union drsuapi_DsGetDCInfoCtr ctr
;
730 const char *names
[] = {
731 torture_join_dom_netbios_name(priv
->join
),
732 torture_join_dom_dns_name(priv
->join
)};
734 for (j
=0; j
< ARRAY_SIZE(names
); j
++) {
735 union drsuapi_DsGetDCInfoRequest req
;
736 struct dcerpc_binding_handle
*b
= priv
->drs_pipe
->binding_handle
;
737 r
.in
.bind_handle
= &priv
->bind_handle
;
741 r
.in
.req
->req1
.domain_name
= names
[j
];
742 r
.in
.req
->req1
.level
= 2;
745 r
.out
.level_out
= &level_out
;
747 status
= dcerpc_drsuapi_DsGetDomainControllerInfo_r(b
, torture
, &r
);
748 if (!NT_STATUS_IS_OK(status
)) {
751 if (!W_ERROR_IS_OK(r
.out
.result
)) {
752 /* If this was an error, we can't read the result structure */
756 for (k
=0; k
< r
.out
.ctr
->ctr2
.count
; k
++) {
757 if (strcasecmp_m(r
.out
.ctr
->ctr2
.array
[k
].netbios_name
,
758 torture_join_netbios_name(priv
->join
)) == 0) {
759 priv
->dcinfo
= r
.out
.ctr
->ctr2
.array
[k
];
769 * Common test case setup function to be used
770 * in DRS suit of test when appropriate
772 bool torture_drsuapi_tcase_setup_common(struct torture_context
*tctx
, struct DsPrivate
*priv
)
775 int rnd
= rand() % 1000;
776 char *name
= talloc_asprintf(tctx
, "%s%d", TEST_MACHINE_NAME
, rnd
);
778 torture_assert(tctx
, priv
, "Invalid argument");
780 torture_comment(tctx
, "Create DRSUAPI pipe\n");
781 status
= torture_rpc_connection(tctx
,
784 torture_assert(tctx
, NT_STATUS_IS_OK(status
), "Unable to connect to DRSUAPI pipe");
786 torture_comment(tctx
, "About to join domain with name %s\n", name
);
787 priv
->join
= torture_join_domain(tctx
, name
, ACB_SVRTRUST
,
788 &priv
->dc_credentials
);
789 torture_assert(tctx
, priv
->join
, "Failed to join as BDC");
791 if (!test_DsBind(priv
->drs_pipe
, tctx
,
793 &priv
->srv_bind_info
))
796 torture_drsuapi_tcase_teardown_common(tctx
, priv
);
797 torture_fail(tctx
, "Failed execute test_DsBind()");
800 /* try collect some information for testing */
801 torture_rpc_drsuapi_get_dcinfo(tctx
, priv
);
807 * Common test case teardown function to be used
808 * in DRS suit of test when appropriate
810 bool torture_drsuapi_tcase_teardown_common(struct torture_context
*tctx
, struct DsPrivate
*priv
)
813 torture_leave_domain(tctx
, priv
->join
);
820 * Test case setup for DRSUAPI test case
822 static bool torture_drsuapi_tcase_setup(struct torture_context
*tctx
, void **data
)
824 struct DsPrivate
*priv
;
826 *data
= priv
= talloc_zero(tctx
, struct DsPrivate
);
828 return torture_drsuapi_tcase_setup_common(tctx
, priv
);
832 * Test case tear-down for DRSUAPI test case
834 static bool torture_drsuapi_tcase_teardown(struct torture_context
*tctx
, void *data
)
837 struct DsPrivate
*priv
= talloc_get_type(data
, struct DsPrivate
);
839 ret
= torture_drsuapi_tcase_teardown_common(tctx
, priv
);
846 * DRSUAPI test case implementation
848 void torture_rpc_drsuapi_tcase(struct torture_suite
*suite
)
850 typedef bool (*run_func
) (struct torture_context
*test
, void *tcase_data
);
852 struct torture_tcase
*tcase
= torture_suite_add_tcase(suite
, "drsuapi");
854 torture_tcase_set_fixture(tcase
, torture_drsuapi_tcase_setup
,
855 torture_drsuapi_tcase_teardown
);
858 test
= torture_tcase_add_simple_test(tcase
, "QuerySitesByCost", (run_func
)test_QuerySitesByCost
);
861 torture_tcase_add_simple_test(tcase
, "DsGetDomainControllerInfo", (run_func
)test_DsGetDomainControllerInfo
);
863 torture_tcase_add_simple_test(tcase
, "DsCrackNames", (run_func
)test_DsCrackNames
);
865 torture_tcase_add_simple_test(tcase
, "DsWriteAccountSpn", (run_func
)test_DsWriteAccountSpn
);
867 torture_tcase_add_simple_test(tcase
, "DsReplicaGetInfo", (run_func
)test_DsReplicaGetInfo
);
869 torture_tcase_add_simple_test(tcase
, "DsReplicaSync", (run_func
)test_DsReplicaSync
);
871 torture_tcase_add_simple_test(tcase
, "DsReplicaUpdateRefs", (run_func
)test_DsReplicaUpdateRefs
);
873 torture_tcase_add_simple_test(tcase
, "DsGetNCChanges", (run_func
)test_DsGetNCChanges
);