2 Unix SMB/CIFS implementation.
6 Copyright (C) Andrew Tridgell 2003
7 Copyright (C) Stefan (metze) Metzmacher 2004
8 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005-2006
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #include "librpc/gen_ndr/ndr_drsuapi_c.h"
26 #include "torture/rpc/rpc.h"
27 #include "param/param.h"
29 #define TEST_MACHINE_NAME "torturetest"
31 bool test_DsBind(struct dcerpc_pipe
*p
,
32 struct torture_context
*tctx
,
33 struct DsPrivate
*priv
)
36 struct drsuapi_DsBind r
;
37 struct drsuapi_DsBindInfo28
*bind_info28
;
38 struct drsuapi_DsBindInfoCtr bind_info_ctr
;
40 ZERO_STRUCT(bind_info_ctr
);
41 bind_info_ctr
.length
= 28;
43 bind_info28
= &bind_info_ctr
.info
.info28
;
44 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_BASE
;
45 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION
;
46 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI
;
47 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2
;
48 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS
;
49 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1
;
50 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION
;
51 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE
;
52 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2
;
53 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION
;
54 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2
;
55 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD
;
56 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND
;
57 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO
;
58 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION
;
59 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01
;
60 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP
;
61 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY
;
62 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3
;
63 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2
;
64 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6
;
65 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS
;
66 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8
;
67 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5
;
68 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6
;
69 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3
;
70 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7
;
71 bind_info28
->supported_extensions
|= DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT
;
73 GUID_from_string(DRSUAPI_DS_BIND_GUID
, &priv
->bind_guid
);
75 r
.in
.bind_guid
= &priv
->bind_guid
;
76 r
.in
.bind_info
= &bind_info_ctr
;
77 r
.out
.bind_handle
= &priv
->bind_handle
;
79 torture_comment(tctx
, "testing DsBind\n");
81 status
= dcerpc_drsuapi_DsBind(p
, tctx
, &r
);
82 torture_drsuapi_assert_call(tctx
, p
, status
, &r
, "dcerpc_drsuapi_DsBind");
84 /* cache server supported extensions, i.e. bind_info */
85 priv
->srv_bind_info
= r
.out
.bind_info
->info
.info28
;
90 static bool test_DsGetDomainControllerInfo(struct torture_context
*tctx
,
91 struct DsPrivate
*priv
)
94 struct dcerpc_pipe
*p
= priv
->drs_pipe
;
95 struct drsuapi_DsGetDomainControllerInfo r
;
96 union drsuapi_DsGetDCInfoCtr ctr
;
97 int32_t level_out
= 0;
106 .name
= torture_join_dom_netbios_name(priv
->join
),
110 .name
= torture_join_dom_dns_name(priv
->join
),
114 .name
= "__UNKNOWN_DOMAIN__",
115 .expected
= WERR_DS_OBJ_NOT_FOUND
118 .name
= "unknown.domain.samba.example.com",
119 .expected
= WERR_DS_OBJ_NOT_FOUND
122 int levels
[] = {1, 2};
125 for (i
=0; i
< ARRAY_SIZE(levels
); i
++) {
126 for (j
=0; j
< ARRAY_SIZE(names
); j
++) {
127 union drsuapi_DsGetDCInfoRequest req
;
129 r
.in
.bind_handle
= &priv
->bind_handle
;
133 r
.in
.req
->req1
.domain_name
= names
[j
].name
;
134 r
.in
.req
->req1
.level
= level
;
137 r
.out
.level_out
= &level_out
;
139 torture_comment(tctx
,
140 "testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
141 r
.in
.req
->req1
.level
, r
.in
.req
->req1
.domain_name
);
143 status
= dcerpc_drsuapi_DsGetDomainControllerInfo(p
, tctx
, &r
);
144 torture_assert_ntstatus_ok(tctx
, status
,
145 "dcerpc_drsuapi_DsGetDomainControllerInfo with dns domain failed");
146 torture_assert_werr_equal(tctx
,
147 r
.out
.result
, names
[j
].expected
,
148 "DsGetDomainControllerInfo level with dns domain failed");
150 if (!W_ERROR_IS_OK(r
.out
.result
)) {
151 /* If this was an error, we can't read the result structure */
155 torture_assert_int_equal(tctx
,
156 r
.in
.req
->req1
.level
, *r
.out
.level_out
,
157 "dcerpc_drsuapi_DsGetDomainControllerInfo in/out level differs");
161 for (k
=0; k
< r
.out
.ctr
->ctr1
.count
; k
++) {
162 if (strcasecmp_m(r
.out
.ctr
->ctr1
.array
[k
].netbios_name
,
163 torture_join_netbios_name(priv
->join
)) == 0) {
170 for (k
=0; k
< r
.out
.ctr
->ctr2
.count
; k
++) {
171 if (strcasecmp_m(r
.out
.ctr
->ctr2
.array
[k
].netbios_name
,
172 torture_join_netbios_name(priv
->join
)) == 0) {
174 priv
->dcinfo
= r
.out
.ctr
->ctr2
.array
[k
];
180 torture_assert(tctx
, found
,
181 "dcerpc_drsuapi_DsGetDomainControllerInfo: Failed to find the domain controller we just created during the join");
185 r
.in
.bind_handle
= &priv
->bind_handle
;
189 r
.out
.level_out
= &level_out
;
191 r
.in
.req
->req1
.domain_name
= "__UNKNOWN_DOMAIN__"; /* This is clearly ignored for this level */
192 r
.in
.req
->req1
.level
= -1;
194 torture_comment(tctx
, "testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
195 r
.in
.req
->req1
.level
, r
.in
.req
->req1
.domain_name
);
197 status
= dcerpc_drsuapi_DsGetDomainControllerInfo(p
, tctx
, &r
);
199 torture_assert_ntstatus_ok(tctx
, status
,
200 "dcerpc_drsuapi_DsGetDomainControllerInfo with dns domain failed");
201 torture_assert_werr_ok(tctx
, r
.out
.result
,
202 "DsGetDomainControllerInfo with dns domain failed");
205 const char *dc_account
= talloc_asprintf(tctx
, "%s\\%s$",
206 torture_join_dom_netbios_name(priv
->join
),
207 priv
->dcinfo
.netbios_name
);
208 torture_comment(tctx
, "%s: Enum active LDAP sessions searching for %s\n", __func__
, dc_account
);
209 for (k
=0; k
< r
.out
.ctr
->ctr01
.count
; k
++) {
210 if (strcasecmp_m(r
.out
.ctr
->ctr01
.array
[k
].client_account
,
216 torture_assert(tctx
, found
,
217 "dcerpc_drsuapi_DsGetDomainControllerInfo level: Failed to find the domain controller in last logon records");
224 static bool test_DsWriteAccountSpn(struct torture_context
*tctx
,
225 struct DsPrivate
*priv
)
228 struct dcerpc_pipe
*p
= priv
->drs_pipe
;
229 struct drsuapi_DsWriteAccountSpn r
;
230 union drsuapi_DsWriteAccountSpnRequest req
;
231 struct drsuapi_DsNameString names
[2];
232 union drsuapi_DsWriteAccountSpnResult res
;
235 r
.in
.bind_handle
= &priv
->bind_handle
;
239 torture_comment(tctx
, "testing DsWriteAccountSpn\n");
241 r
.in
.req
->req1
.operation
= DRSUAPI_DS_SPN_OPERATION_ADD
;
242 r
.in
.req
->req1
.unknown1
= 0;
243 r
.in
.req
->req1
.object_dn
= priv
->dcinfo
.computer_dn
;
244 r
.in
.req
->req1
.count
= 2;
245 r
.in
.req
->req1
.spn_names
= names
;
246 names
[0].str
= talloc_asprintf(tctx
, "smbtortureSPN/%s",priv
->dcinfo
.netbios_name
);
247 names
[1].str
= talloc_asprintf(tctx
, "smbtortureSPN/%s",priv
->dcinfo
.dns_name
);
250 r
.out
.level_out
= &level_out
;
252 status
= dcerpc_drsuapi_DsWriteAccountSpn(p
, tctx
, &r
);
253 torture_drsuapi_assert_call(tctx
, p
, status
, &r
, "dcerpc_drsuapi_DsWriteAccountSpn");
255 r
.in
.req
->req1
.operation
= DRSUAPI_DS_SPN_OPERATION_DELETE
;
256 r
.in
.req
->req1
.unknown1
= 0;
258 status
= dcerpc_drsuapi_DsWriteAccountSpn(p
, tctx
, &r
);
259 torture_drsuapi_assert_call(tctx
, p
, status
, &r
, "dcerpc_drsuapi_DsWriteAccountSpn");
264 static bool test_DsReplicaGetInfo(struct torture_context
*tctx
,
265 struct DsPrivate
*priv
)
268 struct dcerpc_pipe
*p
= priv
->drs_pipe
;
269 struct drsuapi_DsReplicaGetInfo r
;
270 union drsuapi_DsReplicaGetInfoRequest req
;
271 union drsuapi_DsReplicaInfo info
;
272 enum drsuapi_DsReplicaInfoType info_type
;
280 DRSUAPI_DS_REPLICA_GET_INFO
,
281 DRSUAPI_DS_REPLICA_INFO_NEIGHBORS
,
284 DRSUAPI_DS_REPLICA_GET_INFO
,
285 DRSUAPI_DS_REPLICA_INFO_CURSORS
,
288 DRSUAPI_DS_REPLICA_GET_INFO
,
289 DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA
,
292 DRSUAPI_DS_REPLICA_GET_INFO
,
293 DRSUAPI_DS_REPLICA_INFO_KCC_DSA_CONNECT_FAILURES
,
296 DRSUAPI_DS_REPLICA_GET_INFO
,
297 DRSUAPI_DS_REPLICA_INFO_KCC_DSA_LINK_FAILURES
,
300 DRSUAPI_DS_REPLICA_GET_INFO
,
301 DRSUAPI_DS_REPLICA_INFO_PENDING_OPS
,
304 DRSUAPI_DS_REPLICA_GET_INFO2
,
305 DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA
,
308 DRSUAPI_DS_REPLICA_GET_INFO2
,
309 DRSUAPI_DS_REPLICA_INFO_CURSORS2
,
312 DRSUAPI_DS_REPLICA_GET_INFO2
,
313 DRSUAPI_DS_REPLICA_INFO_CURSORS3
,
316 DRSUAPI_DS_REPLICA_GET_INFO2
,
317 DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA2
,
320 DRSUAPI_DS_REPLICA_GET_INFO2
,
321 DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA2
,
324 DRSUAPI_DS_REPLICA_GET_INFO2
,
325 DRSUAPI_DS_REPLICA_INFO_NEIGHBORS02
,
328 DRSUAPI_DS_REPLICA_GET_INFO2
,
329 DRSUAPI_DS_REPLICA_INFO_CONNECTIONS04
,
332 DRSUAPI_DS_REPLICA_GET_INFO2
,
333 DRSUAPI_DS_REPLICA_INFO_CURSORS05
,
336 DRSUAPI_DS_REPLICA_GET_INFO2
,
337 DRSUAPI_DS_REPLICA_INFO_06
,
342 if (torture_setting_bool(tctx
, "samba4", false)) {
343 torture_comment(tctx
, "skipping DsReplicaGetInfo test against Samba4\n");
347 r
.in
.bind_handle
= &priv
->bind_handle
;
350 for (i
=0; i
< ARRAY_SIZE(array
); i
++) {
351 const char *object_dn
;
353 torture_comment(tctx
, "testing DsReplicaGetInfo level %d infotype %d\n",
354 array
[i
].level
, array
[i
].infotype
);
356 object_dn
= (array
[i
].obj_dn
? array
[i
].obj_dn
: priv
->domain_obj_dn
);
358 r
.in
.level
= array
[i
].level
;
360 case DRSUAPI_DS_REPLICA_GET_INFO
:
361 r
.in
.req
->req1
.info_type
= array
[i
].infotype
;
362 r
.in
.req
->req1
.object_dn
= object_dn
;
363 ZERO_STRUCT(r
.in
.req
->req1
.guid1
);
365 case DRSUAPI_DS_REPLICA_GET_INFO2
:
366 r
.in
.req
->req2
.info_type
= array
[i
].infotype
;
367 r
.in
.req
->req2
.object_dn
= object_dn
;
368 ZERO_STRUCT(r
.in
.req
->req2
.guid1
);
369 r
.in
.req
->req2
.flags
= 0;
370 r
.in
.req
->req2
.string1
= NULL
;
371 r
.in
.req
->req2
.string2
= NULL
;
372 r
.in
.req
->req2
.enumeration_context
= 0;
377 r
.out
.info_type
= &info_type
;
379 status
= dcerpc_drsuapi_DsReplicaGetInfo(p
, tctx
, &r
);
380 torture_drsuapi_assert_call(tctx
, p
, status
, &r
, "dcerpc_drsuapi_DsReplicaGetInfo");
381 if (!NT_STATUS_IS_OK(status
) && p
->last_fault_code
== DCERPC_FAULT_INVALID_TAG
) {
382 torture_comment(tctx
,
383 "DsReplicaGetInfo level %d and/or infotype %d not supported by server\n",
384 array
[i
].level
, array
[i
].infotype
);
386 torture_drsuapi_assert_call(tctx
, p
, status
, &r
, "dcerpc_drsuapi_DsReplicaGetInfo");
393 static bool test_DsReplicaSync(struct torture_context
*tctx
,
394 struct DsPrivate
*priv
)
397 struct dcerpc_pipe
*p
= priv
->drs_pipe
;
399 struct drsuapi_DsReplicaSync r
;
400 struct drsuapi_DsReplicaObjectIdentifier nc
;
401 struct GUID null_guid
;
402 struct dom_sid null_sid
;
411 if (!torture_setting_bool(tctx
, "dangerous", false)) {
412 torture_comment(tctx
, "DsReplicaSync disabled - enable dangerous tests to use\n");
416 if (torture_setting_bool(tctx
, "samba4", false)) {
417 torture_comment(tctx
, "skipping DsReplicaSync test against Samba4\n");
421 ZERO_STRUCT(null_guid
);
422 ZERO_STRUCT(null_sid
);
424 r
.in
.bind_handle
= &priv
->bind_handle
;
426 for (i
=0; i
< ARRAY_SIZE(array
); i
++) {
427 torture_comment(tctx
, "testing DsReplicaSync level %d\n",
430 r
.in
.level
= array
[i
].level
;
435 nc
.dn
= priv
->domain_obj_dn
?priv
->domain_obj_dn
:"";
437 r
.in
.req
.req1
.naming_context
= &nc
;
438 r
.in
.req
.req1
.source_dsa_guid
= priv
->dcinfo
.ntds_guid
;
439 r
.in
.req
.req1
.other_info
= NULL
;
440 r
.in
.req
.req1
.options
= 16;
444 status
= dcerpc_drsuapi_DsReplicaSync(p
, tctx
, &r
);
445 torture_drsuapi_assert_call(tctx
, p
, status
, &r
, "dcerpc_drsuapi_DsReplicaSync");
451 static bool test_DsReplicaUpdateRefs(struct torture_context
*tctx
,
452 struct DsPrivate
*priv
)
455 struct dcerpc_pipe
*p
= priv
->drs_pipe
;
456 struct drsuapi_DsReplicaUpdateRefs r
;
457 struct drsuapi_DsReplicaObjectIdentifier nc
;
458 struct GUID null_guid
;
459 struct GUID dest_dsa_guid
;
460 const char *dest_dsa_guid_str
;
461 struct dom_sid null_sid
;
463 ZERO_STRUCT(null_guid
);
464 ZERO_STRUCT(null_sid
);
465 dest_dsa_guid
= GUID_random();
466 dest_dsa_guid_str
= GUID_string(tctx
, &dest_dsa_guid
);
468 r
.in
.bind_handle
= &priv
->bind_handle
;
469 r
.in
.level
= 1; /* Only version 1 is defined presently */
472 nc
.guid
= priv
->domain_obj_dn
? null_guid
: priv
->domain_guid
;
474 nc
.dn
= priv
->domain_obj_dn
? priv
->domain_obj_dn
: "";
476 /* default setup for request */
477 r
.in
.req
.req1
.naming_context
= &nc
;
478 r
.in
.req
.req1
.dest_dsa_dns_name
= talloc_asprintf(tctx
, "%s._msdn.%s",
480 priv
->domain_dns_name
);
481 r
.in
.req
.req1
.dest_dsa_guid
= dest_dsa_guid
;
483 /* 1. deleting replica dest should fail */
484 torture_comment(tctx
, "delete: %s\n", r
.in
.req
.req1
.dest_dsa_dns_name
);
485 r
.in
.req
.req1
.options
= DRSUAPI_DRS_DEL_REF
;
486 status
= dcerpc_drsuapi_DsReplicaUpdateRefs(p
, tctx
, &r
);
487 torture_drsuapi_assert_call_werr(tctx
, p
,
488 status
, WERR_DS_DRA_REF_NOT_FOUND
, &r
,
489 "dcerpc_drsuapi_DsReplicaUpdateRefs");
491 /* 2. hopefully adding random replica dest should succeed */
492 torture_comment(tctx
, "add : %s\n", r
.in
.req
.req1
.dest_dsa_dns_name
);
493 r
.in
.req
.req1
.options
= DRSUAPI_DRS_ADD_REF
;
494 status
= dcerpc_drsuapi_DsReplicaUpdateRefs(p
, tctx
, &r
);
495 torture_drsuapi_assert_call_werr(tctx
, p
,
497 "dcerpc_drsuapi_DsReplicaUpdateRefs");
499 /* 3. try adding same replica dest - should fail */
500 torture_comment(tctx
, "add : %s\n", r
.in
.req
.req1
.dest_dsa_dns_name
);
501 r
.in
.req
.req1
.options
= DRSUAPI_DRS_ADD_REF
;
502 status
= dcerpc_drsuapi_DsReplicaUpdateRefs(p
, tctx
, &r
);
503 torture_drsuapi_assert_call_werr(tctx
, p
,
504 status
, WERR_DS_DRA_REF_ALREADY_EXISTS
, &r
,
505 "dcerpc_drsuapi_DsReplicaUpdateRefs");
507 /* 4. delete random replicate added at step 2. */
508 torture_comment(tctx
, "delete: %s\n", r
.in
.req
.req1
.dest_dsa_dns_name
);
509 r
.in
.req
.req1
.options
= DRSUAPI_DRS_DEL_REF
;
510 status
= dcerpc_drsuapi_DsReplicaUpdateRefs(p
, tctx
, &r
);
511 torture_drsuapi_assert_call_werr(tctx
, p
,
513 "dcerpc_drsuapi_DsReplicaUpdateRefs");
518 static bool test_DsGetNCChanges(struct torture_context
*tctx
,
519 struct DsPrivate
*priv
)
522 struct dcerpc_pipe
*p
= priv
->drs_pipe
;
524 struct drsuapi_DsGetNCChanges r
;
525 union drsuapi_DsGetNCChangesRequest req
;
526 union drsuapi_DsGetNCChangesCtr ctr
;
527 struct drsuapi_DsReplicaObjectIdentifier nc
;
528 struct GUID null_guid
;
529 struct dom_sid null_sid
;
542 if (torture_setting_bool(tctx
, "samba4", false)) {
543 torture_comment(tctx
, "skipping DsGetNCChanges test against Samba4\n");
547 ZERO_STRUCT(null_guid
);
548 ZERO_STRUCT(null_sid
);
550 for (i
=0; i
< ARRAY_SIZE(array
); i
++) {
551 torture_comment(tctx
,
552 "testing DsGetNCChanges level %d\n",
555 r
.in
.bind_handle
= &priv
->bind_handle
;
556 r
.in
.level
= array
[i
].level
;
557 r
.out
.level_out
= &level_out
;
560 switch (r
.in
.level
) {
564 nc
.dn
= priv
->domain_obj_dn
? priv
->domain_obj_dn
: "";
567 r
.in
.req
->req5
.destination_dsa_guid
= GUID_random();
568 r
.in
.req
->req5
.source_dsa_invocation_id
= null_guid
;
569 r
.in
.req
->req5
.naming_context
= &nc
;
570 r
.in
.req
->req5
.highwatermark
.tmp_highest_usn
= 0;
571 r
.in
.req
->req5
.highwatermark
.reserved_usn
= 0;
572 r
.in
.req
->req5
.highwatermark
.highest_usn
= 0;
573 r
.in
.req
->req5
.uptodateness_vector
= NULL
;
574 r
.in
.req
->req5
.replica_flags
= 0;
575 if (lp_parm_bool(tctx
->lp_ctx
, NULL
, "drsuapi", "compression", false)) {
576 r
.in
.req
->req5
.replica_flags
|= DRSUAPI_DRS_USE_COMPRESSION
;
578 r
.in
.req
->req5
.max_object_count
= 0;
579 r
.in
.req
->req5
.max_ndr_size
= 0;
580 r
.in
.req
->req5
.extended_op
= DRSUAPI_EXOP_NONE
;
581 r
.in
.req
->req5
.fsmo_info
= 0;
587 nc
.dn
= priv
->domain_obj_dn
? priv
->domain_obj_dn
: "";
590 r
.in
.req
->req8
.destination_dsa_guid
= GUID_random();
591 r
.in
.req
->req8
.source_dsa_invocation_id
= null_guid
;
592 r
.in
.req
->req8
.naming_context
= &nc
;
593 r
.in
.req
->req8
.highwatermark
.tmp_highest_usn
= 0;
594 r
.in
.req
->req8
.highwatermark
.reserved_usn
= 0;
595 r
.in
.req
->req8
.highwatermark
.highest_usn
= 0;
596 r
.in
.req
->req8
.uptodateness_vector
= NULL
;
597 r
.in
.req
->req8
.replica_flags
= 0;
598 if (lp_parm_bool(tctx
->lp_ctx
, NULL
, "drsuapi", "compression", false)) {
599 r
.in
.req
->req8
.replica_flags
|= DRSUAPI_DRS_USE_COMPRESSION
;
601 if (lp_parm_bool(tctx
->lp_ctx
, NULL
, "drsuapi", "neighbour_writeable", true)) {
602 r
.in
.req
->req8
.replica_flags
|= DRSUAPI_DRS_WRIT_REP
;
604 r
.in
.req
->req8
.replica_flags
|= DRSUAPI_DRS_INIT_SYNC
605 | DRSUAPI_DRS_PER_SYNC
606 | DRSUAPI_DRS_GET_ANC
607 | DRSUAPI_DRS_NEVER_SYNCED
609 r
.in
.req
->req8
.max_object_count
= 402;
610 r
.in
.req
->req8
.max_ndr_size
= 402116;
611 r
.in
.req
->req8
.extended_op
= DRSUAPI_EXOP_NONE
;
612 r
.in
.req
->req8
.fsmo_info
= 0;
613 r
.in
.req
->req8
.partial_attribute_set
= NULL
;
614 r
.in
.req
->req8
.partial_attribute_set_ex
= NULL
;
615 r
.in
.req
->req8
.mapping_ctr
.num_mappings
= 0;
616 r
.in
.req
->req8
.mapping_ctr
.mappings
= NULL
;
621 status
= dcerpc_drsuapi_DsGetNCChanges(p
, tctx
, &r
);
622 torture_drsuapi_assert_call(tctx
, p
, status
, &r
, "dcerpc_drsuapi_DsGetNCChanges");
628 bool test_QuerySitesByCost(struct torture_context
*tctx
,
629 struct DsPrivate
*priv
)
632 struct dcerpc_pipe
*p
= priv
->drs_pipe
;
633 struct drsuapi_QuerySitesByCost r
;
634 union drsuapi_QuerySitesByCostRequest req
;
636 const char *my_site
= "Default-First-Site-Name";
637 const char *remote_site1
= "smbtorture-nonexisting-site1";
638 const char *remote_site2
= "smbtorture-nonexisting-site2";
640 req
.req1
.site_from
= talloc_strdup(tctx
, my_site
);
641 req
.req1
.num_req
= 2;
642 req
.req1
.site_to
= talloc_zero_array(tctx
, const char *, 2);
643 req
.req1
.site_to
[0] = talloc_strdup(tctx
, remote_site1
);
644 req
.req1
.site_to
[1] = talloc_strdup(tctx
, remote_site2
);
647 r
.in
.bind_handle
= &priv
->bind_handle
;
651 status
= dcerpc_drsuapi_QuerySitesByCost(p
, tctx
, &r
);
652 torture_drsuapi_assert_call(tctx
, p
, status
, &r
, "dcerpc_drsuapi_QuerySitesByCost");
654 if (W_ERROR_IS_OK(r
.out
.result
)) {
655 torture_assert_werr_equal(tctx
,
656 r
.out
.ctr
->ctr1
.info
[0].error_code
, WERR_DS_OBJ_NOT_FOUND
,
657 "dcerpc_drsuapi_QuerySitesByCost");
658 torture_assert_werr_equal(tctx
,
659 r
.out
.ctr
->ctr1
.info
[1].error_code
, WERR_DS_OBJ_NOT_FOUND
,
660 "dcerpc_drsuapi_QuerySitesByCost expected error_code WERR_DS_OBJ_NOT_FOUND");
662 torture_assert_int_equal(tctx
,
663 r
.out
.ctr
->ctr1
.info
[0].site_cost
, -1,
664 "dcerpc_drsuapi_QuerySitesByCost");
665 torture_assert_int_equal(tctx
,
666 r
.out
.ctr
->ctr1
.info
[1].site_cost
, -1,
667 "dcerpc_drsuapi_QuerySitesByCost exptected site cost");
675 bool test_DsUnbind(struct dcerpc_pipe
*p
,
676 struct torture_context
*tctx
,
677 struct DsPrivate
*priv
)
680 struct drsuapi_DsUnbind r
;
682 r
.in
.bind_handle
= &priv
->bind_handle
;
683 r
.out
.bind_handle
= &priv
->bind_handle
;
685 torture_comment(tctx
, "testing DsUnbind\n");
687 status
= dcerpc_drsuapi_DsUnbind(p
, tctx
, &r
);
688 torture_drsuapi_assert_call(tctx
, p
, status
, &r
, "dcerpc_drsuapi_DsUnbind");
695 * Helper func to collect DC information for testing purposes.
696 * This function is almost identical to test_DsGetDomainControllerInfo
698 bool torture_rpc_drsuapi_get_dcinfo(struct torture_context
*torture
,
699 struct DsPrivate
*priv
)
702 int32_t level_out
= 0;
703 struct drsuapi_DsGetDomainControllerInfo r
;
704 union drsuapi_DsGetDCInfoCtr ctr
;
706 const char *names
[] = {
707 torture_join_dom_netbios_name(priv
->join
),
708 torture_join_dom_dns_name(priv
->join
)};
710 for (j
=0; j
< ARRAY_SIZE(names
); j
++) {
711 union drsuapi_DsGetDCInfoRequest req
;
712 r
.in
.bind_handle
= &priv
->bind_handle
;
716 r
.in
.req
->req1
.domain_name
= names
[j
];
717 r
.in
.req
->req1
.level
= 2;
720 r
.out
.level_out
= &level_out
;
722 status
= dcerpc_drsuapi_DsGetDomainControllerInfo(priv
->drs_pipe
, torture
, &r
);
723 if (!NT_STATUS_IS_OK(status
)) {
726 if (!W_ERROR_IS_OK(r
.out
.result
)) {
727 /* If this was an error, we can't read the result structure */
731 for (k
=0; k
< r
.out
.ctr
->ctr2
.count
; k
++) {
732 if (strcasecmp_m(r
.out
.ctr
->ctr2
.array
[k
].netbios_name
,
733 torture_join_netbios_name(priv
->join
)) == 0) {
734 priv
->dcinfo
= r
.out
.ctr
->ctr2
.array
[k
];
744 * Common test case setup function to be used
745 * in DRS suit of test when appropriate
747 bool torture_drsuapi_tcase_setup_common(struct torture_context
*tctx
, struct DsPrivate
*priv
)
750 struct cli_credentials
*machine_credentials
;
752 torture_assert(tctx
, priv
, "Invalid argument");
754 torture_comment(tctx
, "Create DRSUAPI pipe\n");
755 status
= torture_rpc_connection(tctx
,
758 torture_assert(tctx
, NT_STATUS_IS_OK(status
), "Unable to connect to DRSUAPI pipe");
760 torture_comment(tctx
, "About to join domain\n");
761 priv
->join
= torture_join_domain(tctx
, TEST_MACHINE_NAME
, ACB_SVRTRUST
,
762 &machine_credentials
);
763 torture_assert(tctx
, priv
->join
, "Failed to join as BDC");
765 if (!test_DsBind(priv
->drs_pipe
, tctx
, priv
)) {
767 torture_drsuapi_tcase_teardown_common(tctx
, priv
);
768 torture_fail(tctx
, "Failed execute test_DsBind()");
771 /* try collect some information for testing */
772 torture_rpc_drsuapi_get_dcinfo(tctx
, priv
);
778 * Common test case teardown function to be used
779 * in DRS suit of test when appropriate
781 bool torture_drsuapi_tcase_teardown_common(struct torture_context
*tctx
, struct DsPrivate
*priv
)
784 torture_leave_domain(tctx
, priv
->join
);
791 * Test case setup for DRSUAPI test case
793 static bool torture_drsuapi_tcase_setup(struct torture_context
*tctx
, void **data
)
795 struct DsPrivate
*priv
;
797 *data
= priv
= talloc_zero(tctx
, struct DsPrivate
);
799 return torture_drsuapi_tcase_setup_common(tctx
, priv
);
803 * Test case tear-down for DRSUAPI test case
805 static bool torture_drsuapi_tcase_teardown(struct torture_context
*tctx
, void *data
)
808 struct DsPrivate
*priv
= talloc_get_type(data
, struct DsPrivate
);
810 ret
= torture_drsuapi_tcase_teardown_common(tctx
, priv
);
817 * DRSUAPI test case implementation
819 void torture_rpc_drsuapi_tcase(struct torture_suite
*suite
)
821 typedef bool (*run_func
) (struct torture_context
*test
, void *tcase_data
);
823 struct torture_test
*test
;
824 struct torture_tcase
*tcase
= torture_suite_add_tcase(suite
, "DRSUAPI");
826 torture_tcase_set_fixture(tcase
,
827 torture_drsuapi_tcase_setup
,
828 torture_drsuapi_tcase_teardown
);
831 test
= torture_tcase_add_simple_test(tcase
, "QuerySitesByCost", (run_func
)test_QuerySitesByCost
);
834 test
= torture_tcase_add_simple_test(tcase
, "DsGetDomainControllerInfo", (run_func
)test_DsGetDomainControllerInfo
);
836 test
= torture_tcase_add_simple_test(tcase
, "DsCrackNames", (run_func
)test_DsCrackNames
);
838 test
= torture_tcase_add_simple_test(tcase
, "DsWriteAccountSpn", (run_func
)test_DsWriteAccountSpn
);
840 test
= torture_tcase_add_simple_test(tcase
, "DsReplicaGetInfo", (run_func
)test_DsReplicaGetInfo
);
842 test
= torture_tcase_add_simple_test(tcase
, "DsReplicaSync", (run_func
)test_DsReplicaSync
);
844 test
= torture_tcase_add_simple_test(tcase
, "DsReplicaUpdateRefs", (run_func
)test_DsReplicaUpdateRefs
);
846 test
= torture_tcase_add_simple_test(tcase
, "DsGetNCChanges", (run_func
)test_DsGetNCChanges
);