2 Unix SMB/CIFS implementation.
6 Copyright (C) Andrew Tridgell 2003
7 Copyright (C) Stefan (metze) Metzmacher 2004
8 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #include "librpc/gen_ndr/ndr_drsuapi_c.h"
26 #include "torture/rpc/torture_rpc.h"
28 #include "libcli/security/security.h"
30 struct DsCrackNamesPrivate
{
31 struct DsPrivate base
;
33 /* following names are used in Crack Names Matrix test */
34 const char *fqdn_name
;
35 const char *user_principal_name
;
36 const char *service_principal_name
;
39 static bool test_DsCrackNamesMatrix(struct torture_context
*tctx
,
40 struct DsPrivate
*priv
, const char *dn
,
41 const char *user_principal_name
, const char *service_principal_name
)
45 struct drsuapi_DsCrackNames r
;
46 union drsuapi_DsNameRequest req
;
48 union drsuapi_DsNameCtr ctr
;
49 struct dcerpc_pipe
*p
= priv
->drs_pipe
;
50 TALLOC_CTX
*mem_ctx
= priv
;
52 enum drsuapi_DsNameFormat formats
[] = {
53 DRSUAPI_DS_NAME_FORMAT_UNKNOWN
,
54 DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
55 DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT
,
56 DRSUAPI_DS_NAME_FORMAT_DISPLAY
,
57 DRSUAPI_DS_NAME_FORMAT_GUID
,
58 DRSUAPI_DS_NAME_FORMAT_CANONICAL
,
59 DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL
,
60 DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX
,
61 DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL
,
62 DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY
,
63 DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN
65 struct drsuapi_DsNameString names
[ARRAY_SIZE(formats
)];
68 const char *n_matrix
[ARRAY_SIZE(formats
)][ARRAY_SIZE(formats
)];
69 const char *n_from
[ARRAY_SIZE(formats
)];
72 r
.in
.bind_handle
= &priv
->bind_handle
;
75 r
.in
.req
->req1
.codepage
= 1252; /* german */
76 r
.in
.req
->req1
.language
= 0x00000407; /* german */
77 r
.in
.req
->req1
.count
= 1;
78 r
.in
.req
->req1
.names
= names
;
79 r
.in
.req
->req1
.format_flags
= DRSUAPI_DS_NAME_FLAG_NO_FLAGS
;
81 r
.out
.level_out
= &level_out
;
86 for (i
= 0; i
< ARRAY_SIZE(formats
); i
++) {
87 r
.in
.req
->req1
.format_offered
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
;
88 r
.in
.req
->req1
.format_desired
= formats
[i
];
90 torture_comment(tctx
, "Testing DsCrackNames (matrix prep) with name '%s'"
91 " offered format: %d desired format:%d\n",
93 r
.in
.req
->req1
.format_offered
,
94 r
.in
.req
->req1
.format_desired
);
95 status
= dcerpc_drsuapi_DsCrackNames_r(p
->binding_handle
, mem_ctx
, &r
);
96 if (!NT_STATUS_IS_OK(status
)) {
97 const char *errstr
= nt_errstr(status
);
98 err_msg
= talloc_asprintf(mem_ctx
,
99 "testing DsCrackNames (matrix prep) with name '%s' from format: %d desired format:%d failed - %s",
100 names
[0].str
, r
.in
.req
->req1
.format_offered
, r
.in
.req
->req1
.format_desired
, errstr
);
101 torture_fail(tctx
, err_msg
);
102 } else if (!W_ERROR_IS_OK(r
.out
.result
)) {
103 err_msg
= talloc_asprintf(mem_ctx
,
104 "testing DsCrackNames (matrix prep) with name '%s' from format: %d desired format:%d failed - %s",
105 names
[0].str
, r
.in
.req
->req1
.format_offered
, r
.in
.req
->req1
.format_desired
, win_errstr(r
.out
.result
));
106 torture_fail(tctx
, err_msg
);
109 switch (formats
[i
]) {
110 case DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL
:
111 if (r
.out
.ctr
->ctr1
->array
[0].status
!= DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
) {
112 err_msg
= talloc_asprintf(mem_ctx
,
113 "Unexpected error (%d): This name lookup should fail",
114 r
.out
.ctr
->ctr1
->array
[0].status
);
115 torture_fail(tctx
, err_msg
);
117 torture_comment(tctx
, __location__
": (expected) error\n");
119 case DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL
:
120 if (r
.out
.ctr
->ctr1
->array
[0].status
!= DRSUAPI_DS_NAME_STATUS_NO_MAPPING
) {
121 err_msg
= talloc_asprintf(mem_ctx
,
122 "Unexpected error (%d): This name lookup should fail",
123 r
.out
.ctr
->ctr1
->array
[0].status
);
124 torture_fail(tctx
, err_msg
);
126 torture_comment(tctx
, __location__
": (expected) error\n");
128 case DRSUAPI_DS_NAME_FORMAT_UNKNOWN
: /* should fail as we ask server to convert to Unknown format */
129 case DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN
:
130 case DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY
:
131 if (r
.out
.ctr
->ctr1
->array
[0].status
!= DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR
) {
132 err_msg
= talloc_asprintf(mem_ctx
,
133 "Unexpected error (%d): This name lookup should fail",
134 r
.out
.ctr
->ctr1
->array
[0].status
);
135 torture_fail(tctx
, err_msg
);
137 torture_comment(tctx
, __location__
": (expected) error\n");
140 if (r
.out
.ctr
->ctr1
->array
[0].status
!= DRSUAPI_DS_NAME_STATUS_OK
) {
141 err_msg
= talloc_asprintf(mem_ctx
,
142 "DsCrackNames error: %d",
143 r
.out
.ctr
->ctr1
->array
[0].status
);
144 torture_fail(tctx
, err_msg
);
149 switch (formats
[i
]) {
150 case DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL
:
151 n_from
[i
] = user_principal_name
;
153 case DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL
:
154 n_from
[i
] = service_principal_name
;
156 case DRSUAPI_DS_NAME_FORMAT_UNKNOWN
:
157 case DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY
:
158 case DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN
:
162 n_from
[i
] = r
.out
.ctr
->ctr1
->array
[0].result_name
;
163 printf("%s\n", n_from
[i
]);
168 for (i
= 0; i
< ARRAY_SIZE(formats
); i
++) {
169 for (j
= 0; j
< ARRAY_SIZE(formats
); j
++) {
170 r
.in
.req
->req1
.format_offered
= formats
[i
];
171 r
.in
.req
->req1
.format_desired
= formats
[j
];
173 n_matrix
[i
][j
] = NULL
;
176 names
[0].str
= n_from
[i
];
177 status
= dcerpc_drsuapi_DsCrackNames_r(p
->binding_handle
, mem_ctx
, &r
);
178 if (!NT_STATUS_IS_OK(status
)) {
179 const char *errstr
= nt_errstr(status
);
180 err_msg
= talloc_asprintf(mem_ctx
,
181 "testing DsCrackNames (matrix) with name '%s' from format: %d desired format:%d failed - %s",
182 names
[0].str
, r
.in
.req
->req1
.format_offered
, r
.in
.req
->req1
.format_desired
, errstr
);
183 torture_fail(tctx
, err_msg
);
184 } else if (!W_ERROR_IS_OK(r
.out
.result
)) {
185 err_msg
= talloc_asprintf(mem_ctx
,
186 "testing DsCrackNames (matrix) with name '%s' from format: %d desired format:%d failed - %s",
187 names
[0].str
, r
.in
.req
->req1
.format_offered
, r
.in
.req
->req1
.format_desired
,
188 win_errstr(r
.out
.result
));
189 torture_fail(tctx
, err_msg
);
192 if (r
.out
.ctr
->ctr1
->array
[0].status
== DRSUAPI_DS_NAME_STATUS_OK
) {
193 n_matrix
[i
][j
] = r
.out
.ctr
->ctr1
->array
[0].result_name
;
195 n_matrix
[i
][j
] = NULL
;
200 for (i
= 0; i
< ARRAY_SIZE(formats
); i
++) {
201 for (j
= 0; j
< ARRAY_SIZE(formats
); j
++) {
202 torture_comment(tctx
, "Converting %s (format %d)"
204 n_from
[i
], formats
[i
],
205 formats
[j
], n_matrix
[i
][j
]);
206 if (n_matrix
[i
][j
] == n_from
[j
]) {
208 /* We don't have a from name for these yet (and we can't map to them to find it out) */
209 } else if (n_matrix
[i
][j
] == NULL
&& n_from
[i
] == NULL
) {
211 /* we can't map to these two */
212 } else if (n_matrix
[i
][j
] == NULL
&& formats
[j
] == DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL
) {
213 } else if (n_matrix
[i
][j
] == NULL
&& formats
[j
] == DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL
) {
214 } else if (n_matrix
[i
][j
] == NULL
&& n_from
[j
] != NULL
) {
215 err_msg
= talloc_asprintf(mem_ctx
,
216 "dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s",
217 formats
[i
], formats
[j
], n_matrix
[i
][j
], n_from
[j
]);
218 torture_fail(tctx
, err_msg
);
219 } else if (n_matrix
[i
][j
] != NULL
&& n_from
[j
] == NULL
) {
220 err_msg
= talloc_asprintf(mem_ctx
,
221 "dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s",
222 formats
[i
], formats
[j
], n_matrix
[i
][j
], n_from
[j
]);
223 torture_fail(tctx
, err_msg
);
224 } else if (strcmp(n_matrix
[i
][j
], n_from
[j
]) != 0) {
225 err_msg
= talloc_asprintf(mem_ctx
,
226 "dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s",
227 formats
[i
], formats
[j
], n_matrix
[i
][j
], n_from
[j
]);
228 torture_fail(tctx
, err_msg
);
236 bool test_DsCrackNames(struct torture_context
*tctx
,
237 struct DsPrivate
*priv
)
241 struct drsuapi_DsCrackNames r
;
242 union drsuapi_DsNameRequest req
;
244 union drsuapi_DsNameCtr ctr
;
245 struct drsuapi_DsNameString names
[1];
246 const char *dns_domain
;
247 const char *nt4_domain
;
248 const char *FQDN_1779_name
;
249 struct ldb_context
*ldb
;
250 struct ldb_dn
*FQDN_1779_dn
;
251 struct ldb_dn
*realm_dn
;
252 const char *realm_dn_str
;
253 const char *realm_canonical
;
254 const char *realm_canonical_ex
;
255 const char *user_principal_name
;
256 char *user_principal_name_short
;
257 const char *service_principal_name
;
258 const char *canonical_name
;
259 const char *canonical_ex_name
;
261 const char *test_dc
= torture_join_netbios_name(priv
->join
);
262 struct dcerpc_pipe
*p
= priv
->drs_pipe
;
263 TALLOC_CTX
*mem_ctx
= priv
;
266 r
.in
.bind_handle
= &priv
->bind_handle
;
269 r
.in
.req
->req1
.codepage
= 1252; /* german */
270 r
.in
.req
->req1
.language
= 0x00000407; /* german */
271 r
.in
.req
->req1
.count
= 1;
272 r
.in
.req
->req1
.names
= names
;
273 r
.in
.req
->req1
.format_flags
= DRSUAPI_DS_NAME_FLAG_NO_FLAGS
;
275 r
.in
.req
->req1
.format_offered
= DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY
;
276 r
.in
.req
->req1
.format_desired
= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT
;
278 r
.out
.level_out
= &level_out
;
281 dom_sid
= dom_sid_string(mem_ctx
, torture_join_sid(priv
->join
));
283 names
[0].str
= dom_sid
;
285 torture_comment(tctx
, "Testing DsCrackNames with name '%s'"
286 " offered format: %d desired format:%d\n",
288 r
.in
.req
->req1
.format_offered
,
289 r
.in
.req
->req1
.format_desired
);
291 status
= dcerpc_drsuapi_DsCrackNames_r(p
->binding_handle
, mem_ctx
, &r
);
292 if (!NT_STATUS_IS_OK(status
)) {
293 const char *errstr
= nt_errstr(status
);
294 err_msg
= talloc_asprintf(mem_ctx
, "dcerpc_drsuapi_DsCrackNames failed - %s", errstr
);
295 torture_fail(tctx
, err_msg
);
296 } else if (!W_ERROR_IS_OK(r
.out
.result
)) {
297 err_msg
= talloc_asprintf(mem_ctx
, "DsCrackNames failed - %s", win_errstr(r
.out
.result
));
298 torture_fail(tctx
, err_msg
);
299 } else if (r
.out
.ctr
->ctr1
->array
[0].status
!= DRSUAPI_DS_NAME_STATUS_OK
) {
300 err_msg
= talloc_asprintf(mem_ctx
, "DsCrackNames failed on name - %d",
301 r
.out
.ctr
->ctr1
->array
[0].status
);
302 torture_fail(tctx
, err_msg
);
305 dns_domain
= r
.out
.ctr
->ctr1
->array
[0].dns_domain_name
;
306 nt4_domain
= r
.out
.ctr
->ctr1
->array
[0].result_name
;
308 r
.in
.req
->req1
.format_desired
= DRSUAPI_DS_NAME_FORMAT_GUID
;
310 torture_comment(tctx
, "Testing DsCrackNames with name '%s'"
311 " offered format: %d desired format:%d\n",
313 r
.in
.req
->req1
.format_offered
,
314 r
.in
.req
->req1
.format_desired
);
316 status
= dcerpc_drsuapi_DsCrackNames_r(p
->binding_handle
, mem_ctx
, &r
);
317 if (!NT_STATUS_IS_OK(status
)) {
318 const char *errstr
= nt_errstr(status
);
319 err_msg
= talloc_asprintf(mem_ctx
, "dcerpc_drsuapi_DsCrackNames failed - %s", errstr
);
320 torture_fail(tctx
, err_msg
);
321 } else if (!W_ERROR_IS_OK(r
.out
.result
)) {
322 err_msg
= talloc_asprintf(mem_ctx
, "DsCrackNames failed - %s", win_errstr(r
.out
.result
));
323 torture_fail(tctx
, err_msg
);
324 } else if (r
.out
.ctr
->ctr1
->array
[0].status
!= DRSUAPI_DS_NAME_STATUS_OK
) {
325 err_msg
= talloc_asprintf(mem_ctx
, "DsCrackNames failed on name - %d",
326 r
.out
.ctr
->ctr1
->array
[0].status
);
327 torture_fail(tctx
, err_msg
);
330 priv
->domain_dns_name
= r
.out
.ctr
->ctr1
->array
[0].dns_domain_name
;
331 priv
->domain_guid_str
= r
.out
.ctr
->ctr1
->array
[0].result_name
;
332 GUID_from_string(priv
->domain_guid_str
, &priv
->domain_guid
);
334 r
.in
.req
->req1
.format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
;
336 torture_comment(tctx
, "Testing DsCrackNames with name '%s'"
337 " offered format: %d desired format:%d\n",
339 r
.in
.req
->req1
.format_offered
,
340 r
.in
.req
->req1
.format_desired
);
342 status
= dcerpc_drsuapi_DsCrackNames_r(p
->binding_handle
, mem_ctx
, &r
);
343 if (!NT_STATUS_IS_OK(status
)) {
344 const char *errstr
= nt_errstr(status
);
345 err_msg
= talloc_asprintf(mem_ctx
, "dcerpc_drsuapi_DsCrackNames failed - %s", errstr
);
346 torture_fail(tctx
, err_msg
);
347 } else if (!W_ERROR_IS_OK(r
.out
.result
)) {
348 err_msg
= talloc_asprintf(mem_ctx
, "DsCrackNames failed - %s", win_errstr(r
.out
.result
));
349 torture_fail(tctx
, err_msg
);
350 } else if (r
.out
.ctr
->ctr1
->array
[0].status
!= DRSUAPI_DS_NAME_STATUS_OK
) {
351 err_msg
= talloc_asprintf(mem_ctx
, "DsCrackNames failed on name - %d",
352 r
.out
.ctr
->ctr1
->array
[0].status
);
353 torture_fail(tctx
, err_msg
);
356 ldb
= ldb_init(mem_ctx
, tctx
->ev
);
358 realm_dn_str
= r
.out
.ctr
->ctr1
->array
[0].result_name
;
359 realm_dn
= ldb_dn_new(mem_ctx
, ldb
, realm_dn_str
);
360 realm_canonical
= ldb_dn_canonical_string(mem_ctx
, realm_dn
);
362 if (strcmp(realm_canonical
,
363 talloc_asprintf(mem_ctx
, "%s/", dns_domain
))!= 0) {
364 err_msg
= talloc_asprintf(mem_ctx
, "local Round trip on canonical name failed: %s != %s!",
366 talloc_asprintf(mem_ctx
, "%s/", dns_domain
));
367 torture_fail(tctx
, err_msg
);
370 realm_canonical_ex
= ldb_dn_canonical_ex_string(mem_ctx
, realm_dn
);
372 if (strcmp(realm_canonical_ex
,
373 talloc_asprintf(mem_ctx
, "%s\n", dns_domain
))!= 0) {
374 err_msg
= talloc_asprintf(mem_ctx
, "local Round trip on canonical ex name failed: %s != %s!",
376 talloc_asprintf(mem_ctx
, "%s\n", dns_domain
));
377 torture_fail(tctx
, err_msg
);
380 r
.in
.req
->req1
.format_offered
= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT
;
381 r
.in
.req
->req1
.format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
;
382 names
[0].str
= nt4_domain
;
384 torture_comment(tctx
, "Testing DsCrackNames with name '%s'"
385 " offered format: %d desired format:%d\n",
387 r
.in
.req
->req1
.format_offered
,
388 r
.in
.req
->req1
.format_desired
);
390 status
= dcerpc_drsuapi_DsCrackNames_r(p
->binding_handle
, mem_ctx
, &r
);
391 if (!NT_STATUS_IS_OK(status
)) {
392 const char *errstr
= nt_errstr(status
);
393 err_msg
= talloc_asprintf(mem_ctx
, "dcerpc_drsuapi_DsCrackNames failed - %s", errstr
);
394 torture_fail(tctx
, err_msg
);
395 } else if (!W_ERROR_IS_OK(r
.out
.result
)) {
396 err_msg
= talloc_asprintf(mem_ctx
, "DsCrackNames failed - %s", win_errstr(r
.out
.result
));
397 torture_fail(tctx
, err_msg
);
398 } else if (r
.out
.ctr
->ctr1
->array
[0].status
!= DRSUAPI_DS_NAME_STATUS_OK
) {
399 err_msg
= talloc_asprintf(mem_ctx
, "DsCrackNames failed on name - %d",
400 r
.out
.ctr
->ctr1
->array
[0].status
);
401 torture_fail(tctx
, err_msg
);
404 priv
->domain_obj_dn
= r
.out
.ctr
->ctr1
->array
[0].result_name
;
406 r
.in
.req
->req1
.format_offered
= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT
;
407 r
.in
.req
->req1
.format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
;
408 names
[0].str
= talloc_asprintf(mem_ctx
, "%s%s$", nt4_domain
, test_dc
);
410 torture_comment(tctx
, "Testing DsCrackNames with name '%s'"
411 " offered format: %d desired format:%d\n",
413 r
.in
.req
->req1
.format_offered
,
414 r
.in
.req
->req1
.format_desired
);
416 status
= dcerpc_drsuapi_DsCrackNames_r(p
->binding_handle
, mem_ctx
, &r
);
417 if (!NT_STATUS_IS_OK(status
)) {
418 const char *errstr
= nt_errstr(status
);
419 err_msg
= talloc_asprintf(mem_ctx
, "dcerpc_drsuapi_DsCrackNames failed - %s", errstr
);
420 torture_fail(tctx
, err_msg
);
421 } else if (!W_ERROR_IS_OK(r
.out
.result
)) {
422 err_msg
= talloc_asprintf(mem_ctx
, "DsCrackNames failed - %s", win_errstr(r
.out
.result
));
423 torture_fail(tctx
, err_msg
);
424 } else if (r
.out
.ctr
->ctr1
->array
[0].status
!= DRSUAPI_DS_NAME_STATUS_OK
) {
425 err_msg
= talloc_asprintf(mem_ctx
, "DsCrackNames failed on name - %d",
426 r
.out
.ctr
->ctr1
->array
[0].status
);
427 torture_fail(tctx
, err_msg
);
430 FQDN_1779_name
= r
.out
.ctr
->ctr1
->array
[0].result_name
;
432 r
.in
.req
->req1
.format_offered
= DRSUAPI_DS_NAME_FORMAT_GUID
;
433 r
.in
.req
->req1
.format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
;
434 names
[0].str
= priv
->domain_guid_str
;
436 torture_comment(tctx
, "Testing DsCrackNames with name '%s'"
437 " offered format: %d desired format:%d\n",
439 r
.in
.req
->req1
.format_offered
,
440 r
.in
.req
->req1
.format_desired
);
442 status
= dcerpc_drsuapi_DsCrackNames_r(p
->binding_handle
, mem_ctx
, &r
);
443 if (!NT_STATUS_IS_OK(status
)) {
444 const char *errstr
= nt_errstr(status
);
445 err_msg
= talloc_asprintf(mem_ctx
, "dcerpc_drsuapi_DsCrackNames failed - %s", errstr
);
446 torture_fail(tctx
, err_msg
);
447 } else if (!W_ERROR_IS_OK(r
.out
.result
)) {
448 err_msg
= talloc_asprintf(mem_ctx
, "DsCrackNames failed - %s", win_errstr(r
.out
.result
));
449 torture_fail(tctx
, err_msg
);
450 } else if (r
.out
.ctr
->ctr1
->array
[0].status
!= DRSUAPI_DS_NAME_STATUS_OK
) {
451 err_msg
= talloc_asprintf(mem_ctx
, "DsCrackNames failed on name - %d",
452 r
.out
.ctr
->ctr1
->array
[0].status
);
453 torture_fail(tctx
, err_msg
);
456 if (strcmp(priv
->domain_dns_name
, r
.out
.ctr
->ctr1
->array
[0].dns_domain_name
) != 0) {
457 err_msg
= talloc_asprintf(mem_ctx
,
458 "DsCrackNames failed to return same DNS name - expected %s got %s",
459 priv
->domain_dns_name
, r
.out
.ctr
->ctr1
->array
[0].dns_domain_name
);
460 torture_fail(tctx
, err_msg
);
463 FQDN_1779_dn
= ldb_dn_new(mem_ctx
, ldb
, FQDN_1779_name
);
465 canonical_name
= ldb_dn_canonical_string(mem_ctx
, FQDN_1779_dn
);
466 canonical_ex_name
= ldb_dn_canonical_ex_string(mem_ctx
, FQDN_1779_dn
);
468 user_principal_name
= talloc_asprintf(mem_ctx
, "%s$@%s", test_dc
, dns_domain
);
470 /* form up a user@DOMAIN */
471 user_principal_name_short
= talloc_asprintf(mem_ctx
, "%s$@%s", test_dc
, nt4_domain
);
472 /* variable nt4_domain includs a trailing \ */
473 user_principal_name_short
[strlen(user_principal_name_short
) - 1] = '\0';
475 service_principal_name
= talloc_asprintf(mem_ctx
, "HOST/%s", test_dc
);
479 enum drsuapi_DsNameFormat format_offered
;
480 enum drsuapi_DsNameFormat format_desired
;
483 const char *expected_str
;
484 const char *expected_dns
;
485 enum drsuapi_DsNameStatus status
;
486 enum drsuapi_DsNameStatus alternate_status
;
487 enum drsuapi_DsNameFlags flags
;
491 .format_offered
= DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL
,
492 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
493 .str
= user_principal_name
,
494 .expected_str
= FQDN_1779_name
,
495 .status
= DRSUAPI_DS_NAME_STATUS_OK
498 .format_offered
= DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL
,
499 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
500 .str
= user_principal_name_short
,
501 .expected_str
= FQDN_1779_name
,
502 .status
= DRSUAPI_DS_NAME_STATUS_OK
505 .format_offered
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
506 .format_desired
= DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL
,
507 .str
= FQDN_1779_name
,
508 .status
= DRSUAPI_DS_NAME_STATUS_NO_MAPPING
511 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL
,
512 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
513 .str
= service_principal_name
,
514 .expected_str
= FQDN_1779_name
,
515 .status
= DRSUAPI_DS_NAME_STATUS_OK
518 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL
,
519 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
520 .str
= talloc_asprintf(mem_ctx
, "cifs/%s.%s", test_dc
, dns_domain
),
521 .comment
= "ServicePrincipal Name",
522 .expected_str
= FQDN_1779_name
,
523 .status
= DRSUAPI_DS_NAME_STATUS_OK
526 .format_offered
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
527 .format_desired
= DRSUAPI_DS_NAME_FORMAT_CANONICAL
,
528 .str
= FQDN_1779_name
,
529 .expected_str
= canonical_name
,
530 .status
= DRSUAPI_DS_NAME_STATUS_OK
533 .format_offered
= DRSUAPI_DS_NAME_FORMAT_CANONICAL
,
534 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
535 .str
= canonical_name
,
536 .expected_str
= FQDN_1779_name
,
537 .status
= DRSUAPI_DS_NAME_STATUS_OK
540 .format_offered
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
541 .format_desired
= DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX
,
542 .str
= FQDN_1779_name
,
543 .expected_str
= canonical_ex_name
,
544 .status
= DRSUAPI_DS_NAME_STATUS_OK
547 .format_offered
= DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX
,
548 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
549 .str
= canonical_ex_name
,
550 .expected_str
= FQDN_1779_name
,
551 .status
= DRSUAPI_DS_NAME_STATUS_OK
554 .format_offered
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
555 .format_desired
= DRSUAPI_DS_NAME_FORMAT_CANONICAL
,
556 .str
= FQDN_1779_name
,
557 .comment
= "DN to cannoical syntactial only",
558 .status
= DRSUAPI_DS_NAME_STATUS_OK
,
559 .expected_str
= canonical_name
,
560 .flags
= DRSUAPI_DS_NAME_FLAG_SYNTACTICAL_ONLY
563 .format_offered
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
564 .format_desired
= DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX
,
565 .str
= FQDN_1779_name
,
566 .comment
= "DN to cannoical EX syntactial only",
567 .status
= DRSUAPI_DS_NAME_STATUS_OK
,
568 .expected_str
= canonical_ex_name
,
569 .flags
= DRSUAPI_DS_NAME_FLAG_SYNTACTICAL_ONLY
572 .format_offered
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
573 .format_desired
= DRSUAPI_DS_NAME_FORMAT_DISPLAY
,
574 .str
= FQDN_1779_name
,
575 .status
= DRSUAPI_DS_NAME_STATUS_OK
578 .format_offered
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
579 .format_desired
= DRSUAPI_DS_NAME_FORMAT_GUID
,
580 .str
= FQDN_1779_name
,
581 .status
= DRSUAPI_DS_NAME_STATUS_OK
584 .format_offered
= DRSUAPI_DS_NAME_FORMAT_GUID
,
585 .format_desired
= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT
,
586 .str
= priv
->domain_guid_str
,
587 .comment
= "Domain GUID to NT4 ACCOUNT",
588 .expected_str
= nt4_domain
,
589 .status
= DRSUAPI_DS_NAME_STATUS_OK
592 .format_offered
= DRSUAPI_DS_NAME_FORMAT_GUID
,
593 .format_desired
= DRSUAPI_DS_NAME_FORMAT_CANONICAL
,
594 .str
= priv
->domain_guid_str
,
595 .comment
= "Domain GUID to Canonical",
596 .expected_str
= talloc_asprintf(mem_ctx
, "%s/", dns_domain
),
597 .status
= DRSUAPI_DS_NAME_STATUS_OK
600 .format_offered
= DRSUAPI_DS_NAME_FORMAT_GUID
,
601 .format_desired
= DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX
,
602 .str
= priv
->domain_guid_str
,
603 .comment
= "Domain GUID to Canonical EX",
604 .expected_str
= talloc_asprintf(mem_ctx
, "%s\n", dns_domain
),
605 .status
= DRSUAPI_DS_NAME_STATUS_OK
608 .format_offered
= DRSUAPI_DS_NAME_FORMAT_DISPLAY
,
609 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
610 .str
= "CN=Microsoft Corporation,L=Redmond,S=Washington,C=US",
611 .comment
= "display name for Microsoft Support Account",
612 .status
= DRSUAPI_DS_NAME_STATUS_OK
,
613 .alternate_status
= DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
,
614 .skip
= torture_setting_bool(tctx
, "samba4", false)
617 .format_offered
= DRSUAPI_DS_NAME_FORMAT_GUID
,
618 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
619 .str
= GUID_string2(mem_ctx
, torture_join_user_guid(priv
->join
)),
620 .comment
= "Account GUID -> DN",
621 .expected_str
= FQDN_1779_name
,
622 .status
= DRSUAPI_DS_NAME_STATUS_OK
625 .format_offered
= DRSUAPI_DS_NAME_FORMAT_GUID
,
626 .format_desired
= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT
,
627 .str
= GUID_string2(mem_ctx
, torture_join_user_guid(priv
->join
)),
628 .comment
= "Account GUID -> NT4 Account",
629 .expected_str
= talloc_asprintf(mem_ctx
, "%s%s$", nt4_domain
, test_dc
),
630 .status
= DRSUAPI_DS_NAME_STATUS_OK
633 .format_offered
= DRSUAPI_DS_NAME_FORMAT_GUID
,
634 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
635 .str
= GUID_string2(mem_ctx
, &priv
->dcinfo
.site_guid
),
636 .comment
= "Site GUID",
637 .expected_str
= priv
->dcinfo
.site_dn
,
638 .status
= DRSUAPI_DS_NAME_STATUS_OK
641 .format_offered
= DRSUAPI_DS_NAME_FORMAT_GUID
,
642 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
643 .str
= GUID_string2(mem_ctx
, &priv
->dcinfo
.computer_guid
),
644 .comment
= "Computer GUID",
645 .expected_str
= priv
->dcinfo
.computer_dn
,
646 .status
= DRSUAPI_DS_NAME_STATUS_OK
649 .format_offered
= DRSUAPI_DS_NAME_FORMAT_GUID
,
650 .format_desired
= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT
,
651 .str
= GUID_string2(mem_ctx
, &priv
->dcinfo
.computer_guid
),
652 .comment
= "Computer GUID -> NT4 Account",
653 .status
= DRSUAPI_DS_NAME_STATUS_OK
656 .format_offered
= DRSUAPI_DS_NAME_FORMAT_GUID
,
657 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
658 .str
= GUID_string2(mem_ctx
, &priv
->dcinfo
.server_guid
),
659 .comment
= "Server GUID",
660 .expected_str
= priv
->dcinfo
.server_dn
,
661 .status
= DRSUAPI_DS_NAME_STATUS_OK
664 .format_offered
= DRSUAPI_DS_NAME_FORMAT_GUID
,
665 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
666 .str
= GUID_string2(mem_ctx
, &priv
->dcinfo
.ntds_guid
),
667 .comment
= "NTDS GUID",
668 .expected_str
= priv
->dcinfo
.ntds_dn
,
669 .status
= DRSUAPI_DS_NAME_STATUS_OK
,
670 .skip
= GUID_all_zero(&priv
->dcinfo
.ntds_guid
)
673 .format_offered
= DRSUAPI_DS_NAME_FORMAT_DISPLAY
,
674 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
676 .comment
= "DISLPAY NAME search for DC short name",
677 .status
= DRSUAPI_DS_NAME_STATUS_NOT_FOUND
680 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL
,
681 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
682 .str
= talloc_asprintf(mem_ctx
, "krbtgt/%s", dns_domain
),
683 .comment
= "Looking for KRBTGT as a serivce principal",
684 .status
= DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY
,
685 .expected_dns
= dns_domain
688 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL
,
689 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
690 .str
= talloc_asprintf(mem_ctx
, "bogus/%s", dns_domain
),
691 .comment
= "Looking for bogus serivce principal",
692 .status
= DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY
,
693 .expected_dns
= dns_domain
696 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL
,
697 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
698 .str
= talloc_asprintf(mem_ctx
, "bogus/%s.%s", test_dc
, dns_domain
),
699 .comment
= "Looking for bogus serivce on test DC",
700 .status
= DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY
,
701 .expected_dns
= talloc_asprintf(mem_ctx
, "%s.%s", test_dc
, dns_domain
)
704 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL
,
705 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
706 .str
= talloc_asprintf(mem_ctx
, "krbtgt"),
707 .status
= DRSUAPI_DS_NAME_STATUS_NOT_FOUND
710 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL
,
711 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
712 .comment
= "Looking for the kadmin/changepw service as a serivce principal",
713 .str
= talloc_asprintf(mem_ctx
, "kadmin/changepw"),
714 .status
= DRSUAPI_DS_NAME_STATUS_OK
,
715 .expected_str
= talloc_asprintf(mem_ctx
, "CN=krbtgt,CN=Users,%s", realm_dn_str
),
716 .alternate_status
= DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
719 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL
,
720 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
721 .str
= talloc_asprintf(mem_ctx
, "cifs/%s.%s@%s",
724 .status
= DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY
727 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL
,
728 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
729 .str
= talloc_asprintf(mem_ctx
, "cifs/%s.%s@%s",
732 .status
= DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY
,
733 .expected_dns
= "BOGUS"
736 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL
,
737 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
738 .str
= talloc_asprintf(mem_ctx
, "cifs/%s.%s@%s",
741 .status
= DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY
,
742 .expected_dns
= "BOGUS"
745 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL
,
746 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
747 .str
= talloc_asprintf(mem_ctx
, "cifs/%s.%s",
748 test_dc
, dns_domain
),
749 .status
= DRSUAPI_DS_NAME_STATUS_OK
752 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL
,
753 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
754 .str
= talloc_asprintf(mem_ctx
, "cifs/%s",
756 .status
= DRSUAPI_DS_NAME_STATUS_OK
759 .format_offered
= DRSUAPI_DS_NAME_FORMAT_GUID
,
760 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
762 .status
= DRSUAPI_DS_NAME_STATUS_NOT_FOUND
765 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY
,
766 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
768 .status
= DRSUAPI_DS_NAME_STATUS_NOT_FOUND
771 .format_offered
= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT
,
772 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
773 .str
= "NOT AN NT4 NAME",
774 .status
= DRSUAPI_DS_NAME_STATUS_NOT_FOUND
777 .format_offered
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
778 .format_desired
= DRSUAPI_DS_NAME_FORMAT_GUID
,
779 .comment
= "Unparsable DN",
781 .status
= DRSUAPI_DS_NAME_STATUS_NOT_FOUND
784 .format_offered
= DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL
,
785 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
786 .comment
= "Unparsable user principal",
787 .str
= "NOT A PRINCIPAL",
788 .status
= DRSUAPI_DS_NAME_STATUS_NOT_FOUND
791 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL
,
792 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
793 .comment
= "Unparsable service principal",
794 .str
= "NOT A SERVICE PRINCIPAL",
795 .status
= DRSUAPI_DS_NAME_STATUS_NOT_FOUND
798 .format_offered
= DRSUAPI_DS_NAME_FORMAT_GUID
,
799 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
800 .comment
= "BIND GUID (ie, not in the directory)",
801 .str
= GUID_string2(mem_ctx
, &priv
->bind_guid
),
802 .status
= DRSUAPI_DS_NAME_STATUS_NOT_FOUND
805 .format_offered
= DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL
,
806 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
807 .comment
= "Unqualified Machine account as user principal",
808 .str
= talloc_asprintf(mem_ctx
, "%s$", test_dc
),
809 .status
= DRSUAPI_DS_NAME_STATUS_NOT_FOUND
812 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL
,
813 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
814 .comment
= "Machine account as service principal",
815 .str
= talloc_asprintf(mem_ctx
, "%s$", test_dc
),
816 .status
= DRSUAPI_DS_NAME_STATUS_NOT_FOUND
819 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL
,
820 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
821 .comment
= "Full Machine account as service principal",
822 .str
= user_principal_name
,
823 .status
= DRSUAPI_DS_NAME_STATUS_NOT_FOUND
826 .format_offered
= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT
,
827 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
828 .comment
= "Realm as an NT4 domain lookup",
829 .str
= talloc_asprintf(mem_ctx
, "%s\\", dns_domain
),
830 .status
= DRSUAPI_DS_NAME_STATUS_NOT_FOUND
833 .format_offered
= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT
,
834 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
835 .comment
= "BUILTIN\\ -> DN",
837 .status
= DRSUAPI_DS_NAME_STATUS_NOT_FOUND
840 .format_offered
= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT
,
841 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
842 .comment
= "NT AUTHORITY\\ -> DN",
843 .str
= "NT AUTHORITY\\",
844 .status
= DRSUAPI_DS_NAME_STATUS_NOT_FOUND
847 .format_offered
= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT
,
848 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
849 .comment
= "NT AUTHORITY\\ANONYMOUS LOGON -> DN",
850 .str
= "NT AUTHORITY\\ANONYMOUS LOGON",
851 .status
= DRSUAPI_DS_NAME_STATUS_NOT_FOUND
854 .format_offered
= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT
,
855 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
856 .comment
= "NT AUTHORITY\\SYSTEM -> DN",
857 .str
= "NT AUTHORITY\\SYSTEM",
858 .status
= DRSUAPI_DS_NAME_STATUS_NOT_FOUND
861 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY
,
862 .format_desired
= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT
,
863 .comment
= "BUITIN SID -> NT4 account",
865 .status
= DRSUAPI_DS_NAME_STATUS_NO_MAPPING
,
866 .alternate_status
= DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
869 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY
,
870 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
872 .comment
= "Builtin Domain SID -> DN",
873 .status
= DRSUAPI_DS_NAME_STATUS_OK
,
874 .expected_str
= talloc_asprintf(mem_ctx
, "CN=Builtin,%s", realm_dn_str
),
875 .alternate_status
= DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
878 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY
,
879 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
880 .str
= SID_BUILTIN_ADMINISTRATORS
,
881 .comment
= "Builtin Administrors SID -> DN",
882 .status
= DRSUAPI_DS_NAME_STATUS_OK
,
883 .alternate_status
= DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
886 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY
,
887 .format_desired
= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT
,
888 .str
= SID_BUILTIN_ADMINISTRATORS
,
889 .comment
= "Builtin Administrors SID -> NT4 Account",
890 .status
= DRSUAPI_DS_NAME_STATUS_OK
,
891 .alternate_status
= DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
894 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY
,
895 .format_desired
= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT
,
896 .str
= SID_NT_ANONYMOUS
,
897 .comment
= "NT Anonymous SID -> NT4 Account",
898 .status
= DRSUAPI_DS_NAME_STATUS_NOT_FOUND
901 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY
,
902 .format_desired
= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT
,
903 .str
= SID_NT_SYSTEM
,
904 .comment
= "NT SYSTEM SID -> NT4 Account",
905 .status
= DRSUAPI_DS_NAME_STATUS_NOT_FOUND
908 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY
,
909 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
910 .comment
= "Domain SID -> DN",
912 .expected_str
= realm_dn_str
,
913 .status
= DRSUAPI_DS_NAME_STATUS_OK
916 .format_offered
= DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY
,
917 .format_desired
= DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT
,
918 .comment
= "Domain SID -> NT4 account",
920 .expected_str
= nt4_domain
,
921 .status
= DRSUAPI_DS_NAME_STATUS_OK
924 .format_offered
= DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL
,
925 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
926 .comment
= "invalid user principal name",
928 .status
= DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY
,
929 .expected_dns
= "bar"
932 .format_offered
= DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL
,
933 .format_desired
= DRSUAPI_DS_NAME_FORMAT_FQDN_1779
,
934 .comment
= "invalid user principal name in valid domain",
935 .str
= talloc_asprintf(mem_ctx
, "invalidusername@%s", dns_domain
),
936 .status
= DRSUAPI_DS_NAME_STATUS_NOT_FOUND
941 for (i
=0; i
< ARRAY_SIZE(crack
); i
++) {
944 torture_comment(tctx
, "Testing DsCrackNames with name '%s'"
945 " offered format: %d desired format:%d\n",
947 crack
[i
].format_offered
,
948 crack
[i
].format_desired
);
950 r
.in
.req
->req1
.format_flags
= crack
[i
].flags
;
951 r
.in
.req
->req1
.format_offered
= crack
[i
].format_offered
;
952 r
.in
.req
->req1
.format_desired
= crack
[i
].format_desired
;
953 names
[0].str
= crack
[i
].str
;
955 if (crack
[i
].comment
) {
956 comment
= talloc_asprintf(mem_ctx
,
957 "'%s' with name '%s' offered format:%d desired format:%d\n",
958 crack
[i
].comment
, names
[0].str
,
959 r
.in
.req
->req1
.format_offered
,
960 r
.in
.req
->req1
.format_desired
);
962 comment
= talloc_asprintf(mem_ctx
, "'%s' offered format:%d desired format:%d\n",
964 r
.in
.req
->req1
.format_offered
,
965 r
.in
.req
->req1
.format_desired
);
968 torture_comment(tctx
, "skipping: %s", comment
);
971 status
= dcerpc_drsuapi_DsCrackNames_r(p
->binding_handle
, mem_ctx
, &r
);
972 if (!NT_STATUS_IS_OK(status
)) {
973 const char *errstr
= nt_errstr(status
);
974 err_msg
= talloc_asprintf(mem_ctx
, "dcerpc_drsuapi_DsCrackNames failed - %s", errstr
);
975 torture_fail(tctx
, err_msg
);
976 } else if (!W_ERROR_IS_OK(r
.out
.result
)) {
977 err_msg
= talloc_asprintf(mem_ctx
, "DsCrackNames failed - %s", win_errstr(r
.out
.result
));
978 torture_fail(tctx
, err_msg
);
979 } else if (r
.out
.ctr
->ctr1
->array
[0].status
!= crack
[i
].status
) {
980 if (crack
[i
].alternate_status
) {
981 if (r
.out
.ctr
->ctr1
->array
[0].status
!= crack
[i
].alternate_status
) {
982 err_msg
= talloc_asprintf(mem_ctx
,
983 "DsCrackNames unexpected status %d, wanted %d or %d on: %s",
984 r
.out
.ctr
->ctr1
->array
[0].status
,
986 crack
[i
].alternate_status
,
988 torture_fail(tctx
, err_msg
);
991 err_msg
= talloc_asprintf(mem_ctx
,
992 "DsCrackNames unexpected status %d, wanted %d on: %s\n",
993 r
.out
.ctr
->ctr1
->array
[0].status
,
996 torture_fail(tctx
, err_msg
);
998 } else if (crack
[i
].expected_str
&&
999 (!r
.out
.ctr
->ctr1
->count
||
1000 !r
.out
.ctr
->ctr1
->array
[0].result_name
))
1002 if (!r
.out
.ctr
->ctr1
->count
) {
1003 err_msg
= talloc_asprintf(mem_ctx
,
1004 "DsCrackNames failed - got 0 entries, expected %s on %s",
1005 crack
[i
].expected_str
, comment
);
1006 torture_fail(tctx
, err_msg
);
1008 err_msg
= talloc_asprintf(mem_ctx
,
1009 "DsCrackNames failed - got NULL pointer, expected %s on %s",
1010 crack
[i
].expected_str
, comment
);
1011 torture_fail(tctx
, err_msg
);
1013 } else if (crack
[i
].expected_str
1014 && (strcmp(r
.out
.ctr
->ctr1
->array
[0].result_name
,
1015 crack
[i
].expected_str
) != 0))
1017 if (strcasecmp(r
.out
.ctr
->ctr1
->array
[0].result_name
,
1018 crack
[i
].expected_str
) != 0) {
1019 err_msg
= talloc_asprintf(mem_ctx
,
1020 "DsCrackNames failed - got %s, expected %s on %s",
1021 r
.out
.ctr
->ctr1
->array
[0].result_name
,
1022 crack
[i
].expected_str
, comment
);
1023 torture_fail(tctx
, err_msg
);
1025 torture_comment(tctx
,
1026 "(warning) DsCrackNames returned different case - got %s, expected %s on %s\n",
1027 r
.out
.ctr
->ctr1
->array
[0].result_name
,
1028 crack
[i
].expected_str
, comment
);
1030 } else if (crack
[i
].expected_dns
1031 && (strcmp(r
.out
.ctr
->ctr1
->array
[0].dns_domain_name
,
1032 crack
[i
].expected_dns
) != 0)) {
1033 err_msg
= talloc_asprintf(mem_ctx
,
1034 "DsCrackNames failed - got DNS name %s, expected %s on %s",
1035 r
.out
.ctr
->ctr1
->array
[0].result_name
,
1036 crack
[i
].expected_str
, comment
);
1037 torture_fail(tctx
, err_msg
);
1040 torture_comment(tctx
, "Testing DsCrackNames got %s\n", r
.out
.ctr
->ctr1
->array
[0].result_name
);
1044 return test_DsCrackNamesMatrix(tctx
, priv
, FQDN_1779_name
,
1045 user_principal_name
, service_principal_name
);
1049 * Test case setup for CrackNames
1051 static bool torture_drsuapi_cracknames_setup(struct torture_context
*tctx
, void **data
)
1053 struct DsCrackNamesPrivate
*priv
;
1055 *data
= priv
= talloc_zero(tctx
, struct DsCrackNamesPrivate
);
1057 return torture_drsuapi_tcase_setup_common(tctx
, &priv
->base
);
1061 * Test case tear-down for CrackNames
1063 static bool torture_drsuapi_cracknames_teardown(struct torture_context
*tctx
, void *data
)
1065 struct DsCrackNamesPrivate
*priv
= talloc_get_type(data
, struct DsCrackNamesPrivate
);
1067 return torture_drsuapi_tcase_teardown_common(tctx
, &priv
->base
);
1071 * CRACKNAMES test suite implementation
1073 void torture_rpc_drsuapi_cracknames_tcase(struct torture_suite
*suite
)
1075 typedef bool (*run_func
) (struct torture_context
*test
, void *tcase_data
);
1077 struct torture_tcase
*tcase
= torture_suite_add_tcase(suite
, "cracknames");
1079 torture_tcase_set_fixture(tcase
,
1080 torture_drsuapi_cracknames_setup
,
1081 torture_drsuapi_cracknames_teardown
);
1083 torture_tcase_add_simple_test(tcase
, "cracknames-test", (run_func
)test_DsCrackNames
);