search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3/docs: Raise version number up to 3.5.
[Samba/gebeck_regimport.git] / source4 / torture / rpc / drsuapi.c
blobda6ce2b5f5e83a92d5260137cc21f7c32d331c9f
1 /*
2 Unix SMB/CIFS implementation.
3
4 DRSUapi tests
5
6 Copyright (C) Andrew Tridgell 2003
7 Copyright (C) Stefan (metze) Metzmacher 2004
8 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005-2006
9
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
14
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 */
23
24 #include "includes.h"
25 #include "torture/torture.h"
26 #include "librpc/gen_ndr/ndr_drsuapi_c.h"
27 #include "torture/rpc/rpc.h"
28 #include "param/param.h"
29
30 #define TEST_MACHINE_NAME "torturetest"
31
32 bool test_DsBind(struct dcerpc_pipe *p, struct torture_context *tctx,
33 struct DsPrivate *priv)
34 {
35 NTSTATUS status;
36 struct drsuapi_DsBind r;
37
38 GUID_from_string(DRSUAPI_DS_BIND_GUID, &priv->bind_guid);
39
40 r.in.bind_guid = &priv->bind_guid;
41 r.in.bind_info = NULL;
42 r.out.bind_handle = &priv->bind_handle;
43
44 torture_comment(tctx, "testing DsBind\n");
45
46 status = dcerpc_drsuapi_DsBind(p, tctx, &r);
47 if (!NT_STATUS_IS_OK(status)) {
48 const char *errstr = nt_errstr(status);
49 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
50 errstr = dcerpc_errstr(tctx, p->last_fault_code);
51 }
52 torture_fail(tctx, "dcerpc_drsuapi_DsBind failed");
53 } else if (!W_ERROR_IS_OK(r.out.result)) {
54 torture_fail(tctx, "DsBind failed");
55 }
56
57 return true;
58 }
59
60 static bool test_DsGetDomainControllerInfo(struct dcerpc_pipe *p, struct torture_context *torture,
61 struct DsPrivate *priv)
62 {
63 NTSTATUS status;
64 struct drsuapi_DsGetDomainControllerInfo r;
65 union drsuapi_DsGetDCInfoCtr ctr;
66 int32_t level_out = 0;
67 bool found = false;
68 int i, j, k;
69
70 struct {
71 const char *name;
72 WERROR expected;
73 } names[] = {
74 {
75 .name = torture_join_dom_netbios_name(priv->join),
76 .expected = WERR_OK
77 },
78 {
79 .name = torture_join_dom_dns_name(priv->join),
80 .expected = WERR_OK
81 },
82 {
83 .name = "__UNKNOWN_DOMAIN__",
84 .expected = WERR_DS_OBJ_NOT_FOUND
85 },
86 {
87 .name = "unknown.domain.samba.example.com",
88 .expected = WERR_DS_OBJ_NOT_FOUND
89 },
90 };
91 int levels[] = {1, 2};
92 int level;
93
94 for (i=0; i < ARRAY_SIZE(levels); i++) {
95 for (j=0; j < ARRAY_SIZE(names); j++) {
96 union drsuapi_DsGetDCInfoRequest req;
97 level = levels[i];
98 r.in.bind_handle = &priv->bind_handle;
99 r.in.level = 1;
100 r.in.req = &req;
101
102 r.in.req->req1.domain_name = names[j].name;
103 r.in.req->req1.level = level;
104
105 r.out.ctr = &ctr;
106 r.out.level_out = &level_out;
107
108 torture_comment(torture,
109 "testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
110 r.in.req->req1.level, r.in.req->req1.domain_name);
111
112 status = dcerpc_drsuapi_DsGetDomainControllerInfo(p, torture, &r);
113 torture_assert_ntstatus_ok(torture, status,
114 "dcerpc_drsuapi_DsGetDomainControllerInfo with dns domain failed");
115 torture_assert_werr_equal(torture,
116 r.out.result, names[j].expected,
117 "DsGetDomainControllerInfo level with dns domain failed");
118
119 if (!W_ERROR_IS_OK(r.out.result)) {
120 /* If this was an error, we can't read the result structure */
121 continue;
122 }
123
124 torture_assert_int_equal(torture,
125 r.in.req->req1.level, *r.out.level_out,
126 "dcerpc_drsuapi_DsGetDomainControllerInfo level");
127
128 switch (level) {
129 case 1:
130 for (k=0; k < r.out.ctr->ctr1.count; k++) {
131 if (strcasecmp_m(r.out.ctr->ctr1.array[k].netbios_name,
132 torture_join_netbios_name(priv->join)) == 0) {
133 found = true;
134 break;
135 }
136 }
137 break;
138 case 2:
139 for (k=0; k < r.out.ctr->ctr2.count; k++) {
140 if (strcasecmp_m(r.out.ctr->ctr2.array[k].netbios_name,
141 torture_join_netbios_name(priv->join)) == 0) {
142 found = true;
143 priv->dcinfo = r.out.ctr->ctr2.array[k];
144 break;
145 }
146 }
147 break;
148 }
149 torture_assert(torture, found,
150 "dcerpc_drsuapi_DsGetDomainControllerInfo: Failed to find the domain controller we just created during the join");
151 }
152 }
153
154 r.in.bind_handle = &priv->bind_handle;
155 r.in.level = 1;
156
157 r.out.ctr = &ctr;
158 r.out.level_out = &level_out;
159
160 r.in.req->req1.domain_name = "__UNKNOWN_DOMAIN__"; /* This is clearly ignored for this level */
161 r.in.req->req1.level = -1;
162
163 printf("testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
164 r.in.req->req1.level, r.in.req->req1.domain_name);
165
166 status = dcerpc_drsuapi_DsGetDomainControllerInfo(p, torture, &r);
167
168 torture_assert_ntstatus_ok(torture, status,
169 "dcerpc_drsuapi_DsGetDomainControllerInfo with dns domain failed");
170 torture_assert_werr_ok(torture, r.out.result,
171 "DsGetDomainControllerInfo with dns domain failed");
172
173 {
174 const char *dc_account = talloc_asprintf(torture, "%s\\%s$",
175 torture_join_dom_netbios_name(priv->join),
176 priv->dcinfo.netbios_name);
177 for (k=0; k < r.out.ctr->ctr01.count; k++) {
178 if (strcasecmp_m(r.out.ctr->ctr01.array[k].client_account,
179 dc_account)) {
180 found = true;
181 break;
182 }
183 }
184 torture_assert(torture, found,
185 "dcerpc_drsuapi_DsGetDomainControllerInfo level: Failed to find the domain controller in last logon records");
186 }
187
188
189 return true;
190 }
191
192 static bool test_DsWriteAccountSpn(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
193 struct DsPrivate *priv)
194 {
195 NTSTATUS status;
196 struct drsuapi_DsWriteAccountSpn r;
197 union drsuapi_DsWriteAccountSpnRequest req;
198 struct drsuapi_DsNameString names[2];
199 union drsuapi_DsWriteAccountSpnResult res;
200 int32_t level_out;
201 bool ret = true;
202
203 r.in.bind_handle = &priv->bind_handle;
204 r.in.level = 1;
205 r.in.req = &req;
206
207 printf("testing DsWriteAccountSpn\n");
208
209 r.in.req->req1.operation = DRSUAPI_DS_SPN_OPERATION_ADD;
210 r.in.req->req1.unknown1 = 0;
211 r.in.req->req1.object_dn = priv->dcinfo.computer_dn;
212 r.in.req->req1.count = 2;
213 r.in.req->req1.spn_names = names;
214 names[0].str = talloc_asprintf(mem_ctx, "smbtortureSPN/%s",priv->dcinfo.netbios_name);
215 names[1].str = talloc_asprintf(mem_ctx, "smbtortureSPN/%s",priv->dcinfo.dns_name);
216
217 r.out.res = &res;
218 r.out.level_out = &level_out;
219
220 status = dcerpc_drsuapi_DsWriteAccountSpn(p, mem_ctx, &r);
221 if (!NT_STATUS_IS_OK(status)) {
222 const char *errstr = nt_errstr(status);
223 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
224 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
225 }
226 printf("dcerpc_drsuapi_DsWriteAccountSpn failed - %s\n", errstr);
227 ret = false;
228 } else if (!W_ERROR_IS_OK(r.out.result)) {
229 printf("DsWriteAccountSpn failed - %s\n", win_errstr(r.out.result));
230 ret = false;
231 }
232
233 r.in.req->req1.operation = DRSUAPI_DS_SPN_OPERATION_DELETE;
234 r.in.req->req1.unknown1 = 0;
235
236 status = dcerpc_drsuapi_DsWriteAccountSpn(p, mem_ctx, &r);
237 if (!NT_STATUS_IS_OK(status)) {
238 const char *errstr = nt_errstr(status);
239 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
240 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
241 }
242 printf("dcerpc_drsuapi_DsWriteAccountSpn failed - %s\n", errstr);
243 ret = false;
244 } else if (!W_ERROR_IS_OK(r.out.result)) {
245 printf("DsWriteAccountSpn failed - %s\n", win_errstr(r.out.result));
246 ret = false;
247 }
248
249 return ret;
250 }
251
252 static bool test_DsReplicaGetInfo(struct dcerpc_pipe *p, struct torture_context *tctx,
253 struct DsPrivate *priv)
254 {
255 NTSTATUS status;
256 struct drsuapi_DsReplicaGetInfo r;
257 union drsuapi_DsReplicaGetInfoRequest req;
258 union drsuapi_DsReplicaInfo info;
259 enum drsuapi_DsReplicaInfoType info_type;
260 bool ret = true;
261 int i;
262 struct {
263 int32_t level;
264 int32_t infotype;
265 const char *obj_dn;
266 } array[] = {
267 {
268 DRSUAPI_DS_REPLICA_GET_INFO,
269 DRSUAPI_DS_REPLICA_INFO_NEIGHBORS,
270 NULL
271 },{
272 DRSUAPI_DS_REPLICA_GET_INFO,
273 DRSUAPI_DS_REPLICA_INFO_CURSORS,
274 NULL
275 },{
276 DRSUAPI_DS_REPLICA_GET_INFO,
277 DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA,
278 NULL
279 },{
280 DRSUAPI_DS_REPLICA_GET_INFO,
281 DRSUAPI_DS_REPLICA_INFO_KCC_DSA_CONNECT_FAILURES,
282 NULL
283 },{
284 DRSUAPI_DS_REPLICA_GET_INFO,
285 DRSUAPI_DS_REPLICA_INFO_KCC_DSA_LINK_FAILURES,
286 NULL
287 },{
288 DRSUAPI_DS_REPLICA_GET_INFO,
289 DRSUAPI_DS_REPLICA_INFO_PENDING_OPS,
290 NULL
291 },{
292 DRSUAPI_DS_REPLICA_GET_INFO2,
293 DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA,
294 NULL
295 },{
296 DRSUAPI_DS_REPLICA_GET_INFO2,
297 DRSUAPI_DS_REPLICA_INFO_CURSORS2,
298 NULL
299 },{
300 DRSUAPI_DS_REPLICA_GET_INFO2,
301 DRSUAPI_DS_REPLICA_INFO_CURSORS3,
302 NULL
303 },{
304 DRSUAPI_DS_REPLICA_GET_INFO2,
305 DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA2,
306 NULL
307 },{
308 DRSUAPI_DS_REPLICA_GET_INFO2,
309 DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA2,
310 NULL
311 },{
312 DRSUAPI_DS_REPLICA_GET_INFO2,
313 DRSUAPI_DS_REPLICA_INFO_NEIGHBORS02,
314 NULL
315 },{
316 DRSUAPI_DS_REPLICA_GET_INFO2,
317 DRSUAPI_DS_REPLICA_INFO_CONNECTIONS04,
318 "__IGNORED__"
319 },{
320 DRSUAPI_DS_REPLICA_GET_INFO2,
321 DRSUAPI_DS_REPLICA_INFO_CURSORS05,
322 NULL
323 },{
324 DRSUAPI_DS_REPLICA_GET_INFO2,
325 DRSUAPI_DS_REPLICA_INFO_06,
326 NULL
327 }
328 };
329
330 if (torture_setting_bool(tctx, "samba4", false)) {
331 printf("skipping DsReplicaGetInfo test against Samba4\n");
332 return true;
333 }
334
335 r.in.bind_handle = &priv->bind_handle;
336 r.in.req = &req;
337
338 for (i=0; i < ARRAY_SIZE(array); i++) {
339 const char *object_dn;
340
341 printf("testing DsReplicaGetInfo level %d infotype %d\n",
342 array[i].level, array[i].infotype);
343
344 object_dn = (array[i].obj_dn ? array[i].obj_dn : priv->domain_obj_dn);
345
346 r.in.level = array[i].level;
347 switch(r.in.level) {
348 case DRSUAPI_DS_REPLICA_GET_INFO:
349 r.in.req->req1.info_type = array[i].infotype;
350 r.in.req->req1.object_dn = object_dn;
351 ZERO_STRUCT(r.in.req->req1.guid1);
352 break;
353 case DRSUAPI_DS_REPLICA_GET_INFO2:
354 r.in.req->req2.info_type = array[i].infotype;
355 r.in.req->req2.object_dn = object_dn;
356 ZERO_STRUCT(r.in.req->req2.guid1);
357 r.in.req->req2.unknown1 = 0;
358 r.in.req->req2.string1 = NULL;
359 r.in.req->req2.string2 = NULL;
360 r.in.req->req2.unknown2 = 0;
361 break;
362 }
363
364 r.out.info = &info;
365 r.out.info_type = &info_type;
366
367 status = dcerpc_drsuapi_DsReplicaGetInfo(p, tctx, &r);
368 if (!NT_STATUS_IS_OK(status)) {
369 const char *errstr = nt_errstr(status);
370 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
371 errstr = dcerpc_errstr(tctx, p->last_fault_code);
372 }
373 if (p->last_fault_code != DCERPC_FAULT_INVALID_TAG) {
374 printf("dcerpc_drsuapi_DsReplicaGetInfo failed - %s\n", errstr);
375 ret = false;
376 } else {
377 printf("DsReplicaGetInfo level %d and/or infotype %d not supported by server\n",
378 array[i].level, array[i].infotype);
379 }
380 } else if (!W_ERROR_IS_OK(r.out.result)) {
381 printf("DsReplicaGetInfo failed - %s\n", win_errstr(r.out.result));
382 ret = false;
383 }
384 }
385
386 return ret;
387 }
388
389 static bool test_DsReplicaSync(struct dcerpc_pipe *p, struct torture_context *tctx,
390 struct DsPrivate *priv)
391 {
392 NTSTATUS status;
393 bool ret = true;
394 int i;
395 struct drsuapi_DsReplicaSync r;
396 struct drsuapi_DsReplicaObjectIdentifier nc;
397 struct GUID null_guid;
398 struct dom_sid null_sid;
399 struct {
400 int32_t level;
401 } array[] = {
402 {
403 1
404 }
405 };
406
407 if (!torture_setting_bool(tctx, "dangerous", false)) {
408 printf("DsReplicaSync disabled - enable dangerous tests to use\n");
409 return true;
410 }
411
412 if (torture_setting_bool(tctx, "samba4", false)) {
413 printf("skipping DsReplicaSync test against Samba4\n");
414 return true;
415 }
416
417 ZERO_STRUCT(null_guid);
418 ZERO_STRUCT(null_sid);
419
420 r.in.bind_handle = &priv->bind_handle;
421
422 for (i=0; i < ARRAY_SIZE(array); i++) {
423 printf("testing DsReplicaSync level %d\n",
424 array[i].level);
425
426 r.in.level = array[i].level;
427 switch(r.in.level) {
428 case 1:
429 nc.guid = null_guid;
430 nc.sid = null_sid;
431 nc.dn = priv->domain_obj_dn?priv->domain_obj_dn:"";
432
433 r.in.req.req1.naming_context = &nc;
434 r.in.req.req1.source_dsa_guid = priv->dcinfo.ntds_guid;
435 r.in.req.req1.other_info = NULL;
436 r.in.req.req1.options = 16;
437 break;
438 }
439
440 status = dcerpc_drsuapi_DsReplicaSync(p, tctx, &r);
441 if (!NT_STATUS_IS_OK(status)) {
442 const char *errstr = nt_errstr(status);
443 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
444 errstr = dcerpc_errstr(tctx, p->last_fault_code);
445 }
446 printf("dcerpc_drsuapi_DsReplicaSync failed - %s\n", errstr);
447 ret = false;
448 } else if (!W_ERROR_IS_OK(r.out.result)) {
449 printf("DsReplicaSync failed - %s\n", win_errstr(r.out.result));
450 ret = false;
451 }
452 }
453
454 return ret;
455 }
456
457 static bool test_DsReplicaUpdateRefs(struct dcerpc_pipe *p, struct torture_context *tctx,
458 struct DsPrivate *priv)
459 {
460 NTSTATUS status;
461 bool ret = true;
462 int i;
463 struct drsuapi_DsReplicaUpdateRefs r;
464 struct drsuapi_DsReplicaObjectIdentifier nc;
465 struct GUID null_guid;
466 struct dom_sid null_sid;
467 struct {
468 int32_t level;
469 } array[] = {
470 {
471 1
472 }
473 };
474
475 if (torture_setting_bool(tctx, "samba4", false)) {
476 printf("skipping DsReplicaUpdateRefs test against Samba4\n");
477 return true;
478 }
479
480 ZERO_STRUCT(null_guid);
481 ZERO_STRUCT(null_sid);
482
483 r.in.bind_handle = &priv->bind_handle;
484
485 for (i=0; i < ARRAY_SIZE(array); i++) {
486 printf("testing DsReplicaUpdateRefs level %d\n",
487 array[i].level);
488
489 r.in.level = array[i].level;
490 switch(r.in.level) {
491 case 1:
492 nc.guid = null_guid;
493 nc.sid = null_sid;
494 nc.dn = priv->domain_obj_dn?priv->domain_obj_dn:"";
495
496 r.in.req.req1.naming_context = &nc;
497 r.in.req.req1.dest_dsa_dns_name = talloc_asprintf(tctx, "__some_dest_dsa_guid_string._msdn.%s",
498 priv->domain_dns_name);
499 r.in.req.req1.dest_dsa_guid = null_guid;
500 r.in.req.req1.options = 0;
501 break;
502 }
503
504 status = dcerpc_drsuapi_DsReplicaUpdateRefs(p, tctx, &r);
505 if (!NT_STATUS_IS_OK(status)) {
506 const char *errstr = nt_errstr(status);
507 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
508 errstr = dcerpc_errstr(tctx, p->last_fault_code);
509 }
510 printf("dcerpc_drsuapi_DsReplicaUpdateRefs failed - %s\n", errstr);
511 ret = false;
512 } else if (!W_ERROR_IS_OK(r.out.result)) {
513 printf("DsReplicaUpdateRefs failed - %s\n", win_errstr(r.out.result));
514 ret = false;
515 }
516 }
517
518 return ret;
519 }
520
521 static bool test_DsGetNCChanges(struct dcerpc_pipe *p, struct torture_context *tctx,
522 struct DsPrivate *priv)
523 {
524 NTSTATUS status;
525 bool ret = true;
526 int i;
527 struct drsuapi_DsGetNCChanges r;
528 union drsuapi_DsGetNCChangesRequest req;
529 union drsuapi_DsGetNCChangesCtr ctr;
530 struct drsuapi_DsReplicaObjectIdentifier nc;
531 struct GUID null_guid;
532 struct dom_sid null_sid;
533 int32_t level_out;
534 struct {
535 int32_t level;
536 } array[] = {
537 {
538 5
539 },
540 {
541 8
542 }
543 };
544
545 if (torture_setting_bool(tctx, "samba4", false)) {
546 printf("skipping DsGetNCChanges test against Samba4\n");
547 return true;
548 }
549
550 ZERO_STRUCT(null_guid);
551 ZERO_STRUCT(null_sid);
552
553 for (i=0; i < ARRAY_SIZE(array); i++) {
554 printf("testing DsGetNCChanges level %d\n",
555 array[i].level);
556
557 r.in.bind_handle = &priv->bind_handle;
558 r.in.level = array[i].level;
559 r.out.level_out = &level_out;
560 r.out.ctr = &ctr;
561
562 switch (r.in.level) {
563 case 5:
564 nc.guid = null_guid;
565 nc.sid = null_sid;
566 nc.dn = priv->domain_obj_dn?priv->domain_obj_dn:"";
567
568 r.in.req = &req;
569 r.in.req->req5.destination_dsa_guid = GUID_random();
570 r.in.req->req5.source_dsa_invocation_id = null_guid;
571 r.in.req->req5.naming_context = &nc;
572 r.in.req->req5.highwatermark.tmp_highest_usn = 0;
573 r.in.req->req5.highwatermark.reserved_usn = 0;
574 r.in.req->req5.highwatermark.highest_usn = 0;
575 r.in.req->req5.uptodateness_vector = NULL;
576 r.in.req->req5.replica_flags = 0;
577 if (lp_parm_bool(tctx->lp_ctx, NULL, "drsuapi","compression", false)) {
578 r.in.req->req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
579 }
580 r.in.req->req5.max_object_count = 0;
581 r.in.req->req5.max_ndr_size = 0;
582 r.in.req->req5.extended_op = DRSUAPI_EXOP_NONE;
583 r.in.req->req5.fsmo_info = 0;
584
585 break;
586 case 8:
587 nc.guid = null_guid;
588 nc.sid = null_sid;
589 nc.dn = priv->domain_obj_dn?priv->domain_obj_dn:"";
590
591 r.in.req = &req;
592 r.in.req->req8.destination_dsa_guid = GUID_random();
593 r.in.req->req8.source_dsa_invocation_id = null_guid;
594 r.in.req->req8.naming_context = &nc;
595 r.in.req->req8.highwatermark.tmp_highest_usn = 0;
596 r.in.req->req8.highwatermark.reserved_usn = 0;
597 r.in.req->req8.highwatermark.highest_usn = 0;
598 r.in.req->req8.uptodateness_vector = NULL;
599 r.in.req->req8.replica_flags = 0;
600 if (lp_parm_bool(tctx->lp_ctx, NULL, "drsuapi", "compression", false)) {
601 r.in.req->req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
602 }
603 if (lp_parm_bool(tctx->lp_ctx, NULL, "drsuapi", "neighbour_writeable", true)) {
604 r.in.req->req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE;
605 }
606 r.in.req->req8.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP
607 | DRSUAPI_DS_REPLICA_NEIGHBOUR_DO_SCHEDULED_SYNCS
608 | DRSUAPI_DS_REPLICA_NEIGHBOUR_RETURN_OBJECT_PARENTS
609 | DRSUAPI_DS_REPLICA_NEIGHBOUR_NEVER_SYNCED
610 ;
611 r.in.req->req8.max_object_count = 402;
612 r.in.req->req8.max_ndr_size = 402116;
613 r.in.req->req8.extended_op = DRSUAPI_EXOP_NONE;
614 r.in.req->req8.fsmo_info = 0;
615 r.in.req->req8.partial_attribute_set = NULL;
616 r.in.req->req8.partial_attribute_set_ex = NULL;
617 r.in.req->req8.mapping_ctr.num_mappings = 0;
618 r.in.req->req8.mapping_ctr.mappings = NULL;
619
620 break;
621 }
622
623 status = dcerpc_drsuapi_DsGetNCChanges(p, tctx, &r);
624 if (!NT_STATUS_IS_OK(status)) {
625 const char *errstr = nt_errstr(status);
626 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
627 errstr = dcerpc_errstr(tctx, p->last_fault_code);
628 }
629 printf("dcerpc_drsuapi_DsGetNCChanges failed - %s\n", errstr);
630 ret = false;
631 } else if (!W_ERROR_IS_OK(r.out.result)) {
632 printf("DsGetNCChanges failed - %s\n", win_errstr(r.out.result));
633 ret = false;
634 }
635 }
636
637 return ret;
638 }
639
640 bool test_QuerySitesByCost(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
641 struct DsPrivate *priv)
642 {
643 NTSTATUS status;
644 struct drsuapi_QuerySitesByCost r;
645 union drsuapi_QuerySitesByCostRequest req;
646 bool ret = true;
647
648 const char *my_site = "Default-First-Site-Name";
649 const char *remote_site1 = "smbtorture-nonexisting-site1";
650 const char *remote_site2 = "smbtorture-nonexisting-site2";
651
652 req.req1.site_from = talloc_strdup(mem_ctx, my_site);
653 req.req1.num_req = 2;
654 req.req1.site_to = talloc_zero_array(mem_ctx, const char *, 2);
655 req.req1.site_to[0] = talloc_strdup(mem_ctx, remote_site1);
656 req.req1.site_to[1] = talloc_strdup(mem_ctx, remote_site2);
657 req.req1.flags = 0;
658
659 r.in.bind_handle = &priv->bind_handle;
660 r.in.level = 1;
661 r.in.req = &req;
662
663 status = dcerpc_drsuapi_QuerySitesByCost(p, mem_ctx, &r);
664 if (!NT_STATUS_IS_OK(status)) {
665 const char *errstr = nt_errstr(status);
666 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
667 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
668 }
669 printf("drsuapi_QuerySitesByCost - %s\n", errstr);
670 ret = false;
671 } else if (!W_ERROR_IS_OK(r.out.result)) {
672 printf("QuerySitesByCost failed - %s\n", win_errstr(r.out.result));
673 ret = false;
674 }
675
676 if (W_ERROR_IS_OK(r.out.result)) {
677
678 if (!W_ERROR_EQUAL(r.out.ctr->ctr1.info[0].error_code, WERR_DS_OBJ_NOT_FOUND) ||
679 !W_ERROR_EQUAL(r.out.ctr->ctr1.info[1].error_code, WERR_DS_OBJ_NOT_FOUND)) {
680 printf("expected error_code WERR_DS_OBJ_NOT_FOUND, got %s\n",
681 win_errstr(r.out.ctr->ctr1.info[0].error_code));
682 ret = false;
683 }
684
685 if ((r.out.ctr->ctr1.info[0].site_cost != (uint32_t) -1) ||
686 (r.out.ctr->ctr1.info[1].site_cost != (uint32_t) -1)) {
687 printf("expected site_cost %d, got %d\n",
688 (uint32_t) -1, r.out.ctr->ctr1.info[0].site_cost);
689 ret = false;
690 }
691 }
692
693 return ret;
694
695
696 }
697
698 bool test_DsUnbind(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
699 struct DsPrivate *priv)
700 {
701 NTSTATUS status;
702 struct drsuapi_DsUnbind r;
703 bool ret = true;
704
705 r.in.bind_handle = &priv->bind_handle;
706 r.out.bind_handle = &priv->bind_handle;
707
708 printf("testing DsUnbind\n");
709
710 status = dcerpc_drsuapi_DsUnbind(p, mem_ctx, &r);
711 if (!NT_STATUS_IS_OK(status)) {
712 const char *errstr = nt_errstr(status);
713 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
714 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
715 }
716 printf("dcerpc_drsuapi_DsUnbind failed - %s\n", errstr);
717 ret = false;
718 } else if (!W_ERROR_IS_OK(r.out.result)) {
719 printf("DsBind failed - %s\n", win_errstr(r.out.result));
720 ret = false;
721 }
722
723 return ret;
724 }
725
726 bool torture_rpc_drsuapi(struct torture_context *torture)
727 {
728 NTSTATUS status;
729 struct dcerpc_pipe *p;
730 bool ret = true;
731 struct DsPrivate priv;
732 struct cli_credentials *machine_credentials;
733
734 ZERO_STRUCT(priv);
735
736 priv.join = torture_join_domain(torture, TEST_MACHINE_NAME, ACB_SVRTRUST,
737 &machine_credentials);
738 if (!priv.join) {
739 torture_fail(torture, "Failed to join as BDC");
740 }
741
742 status = torture_rpc_connection(torture,
743 &p,
744 &ndr_table_drsuapi);
745 if (!NT_STATUS_IS_OK(status)) {
746 torture_leave_domain(torture, priv.join);
747 torture_fail(torture, "Unable to connect to DRSUAPI pipe");
748 }
749
750 ret &= test_DsBind(p, torture, &priv);
751 #if 0
752 ret &= test_QuerySitesByCost(p, torture, &priv);
753 #endif
754 ret &= test_DsGetDomainControllerInfo(p, torture, &priv);
755
756 ret &= test_DsCrackNames(torture, p, torture, &priv);
757
758 ret &= test_DsWriteAccountSpn(p, torture, &priv);
759
760 ret &= test_DsReplicaGetInfo(p, torture, &priv);
761
762 ret &= test_DsReplicaSync(p, torture, &priv);
763
764 ret &= test_DsReplicaUpdateRefs(p, torture, &priv);
765
766 ret &= test_DsGetNCChanges(p, torture, &priv);
767
768 ret &= test_DsUnbind(p, torture, &priv);
769
770 torture_leave_domain(torture, priv.join);
771
772 return ret;
773 }
774
775
776 bool torture_rpc_drsuapi_cracknames(struct torture_context *torture)
777 {
778 NTSTATUS status;
779 struct dcerpc_pipe *p;
780 bool ret = true;
781 struct DsPrivate priv;
782 struct cli_credentials *machine_credentials;
783
784 torture_comment(torture, "Connected to DRSUAPI pipe\n");
785
786 ZERO_STRUCT(priv);
787
788 priv.join = torture_join_domain(torture, TEST_MACHINE_NAME, ACB_SVRTRUST,
789 &machine_credentials);
790 if (!priv.join) {
791 torture_fail(torture, "Failed to join as BDC\n");
792 }
793
794 status = torture_rpc_connection(torture,
795 &p,
796 &ndr_table_drsuapi);
797 if (!NT_STATUS_IS_OK(status)) {
798 torture_leave_domain(torture, priv.join);
799 torture_fail(torture, "Unable to connect to DRSUAPI pipe");
800 }
801
802 ret &= test_DsBind(p, torture, &priv);
803
804 if (ret) {
805 /* We don't care if this fails, we just need some info from it */
806 test_DsGetDomainControllerInfo(p, torture, &priv);
807
808 ret &= test_DsCrackNames(torture, p, torture, &priv);
809
810 ret &= test_DsUnbind(p, torture, &priv);
811 }
812
813 torture_leave_domain(torture, priv.join);
814
815 return ret;
816 }
817
reg import