2 Unix SMB/CIFS implementation.
6 Copyright (C) Andrew Tridgell 2003
7 Copyright (C) Stefan (metze) Metzmacher 2004
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 #include "librpc/gen_ndr/ndr_drsuapi.h"
28 struct policy_handle bind_handle;
29 struct GUID bind_guid;
30 const char *domain_obj_dn;
31 const char *domain_guid_str;
32 const char *domain_dns_name;
33 struct GUID domain_guid;
34 struct drsuapi_DsGetDCInfo2 dcinfo;
37 static BOOL test_DsBind(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
38 struct DsPrivate *priv)
41 struct drsuapi_DsBind r;
44 GUID_from_string(DRSUAPI_DS_BIND_GUID, &priv->bind_guid);
46 r.in.bind_guid = &priv->bind_guid;
47 r.in.bind_info = NULL;
48 r.out.bind_handle = &priv->bind_handle;
50 printf("testing DsBind\n");
52 status = dcerpc_drsuapi_DsBind(p, mem_ctx, &r);
53 if (!NT_STATUS_IS_OK(status)) {
54 const char *errstr = nt_errstr(status);
55 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
56 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
58 printf("dcerpc_drsuapi_DsBind failed - %s\n", errstr);
60 } else if (!W_ERROR_IS_OK(r.out.result)) {
61 printf("DsBind failed - %s\n", win_errstr(r.out.result));
68 static BOOL test_DsCrackNamesMatrix(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
69 struct DsPrivate *priv, const char *dn,
70 const char *user_principal_name, const char *service_principal_name)
76 struct drsuapi_DsCrackNames r;
77 struct drsuapi_DsNameString names[1];
78 enum drsuapi_DsNameFormat formats[] = {
79 DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
80 DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
81 DRSUAPI_DS_NAME_FORMAT_DISPLAY,
82 DRSUAPI_DS_NAME_FORMAT_GUID,
83 DRSUAPI_DS_NAME_FORMAT_CANONICAL,
84 DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
85 DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX,
86 DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
87 DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
88 DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN
92 const char *n_matrix[ARRAY_SIZE(formats)][ARRAY_SIZE(formats)];
93 const char *n_from[ARRAY_SIZE(formats)];
96 r.in.bind_handle = &priv->bind_handle;
98 r.in.req.req1.unknown1 = 0x000004e4;
99 r.in.req.req1.unknown2 = 0x00000407;
100 r.in.req.req1.count = 1;
101 r.in.req.req1.names = names;
102 r.in.req.req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS;
106 for (i = 0; i < ARRAY_SIZE(formats); i++) {
107 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
108 r.in.req.req1.format_desired = formats[i];
110 printf("testing DsCrackNames (matrix prep) with name '%s' from format: %d desired format:%d ",
111 names[0].str, r.in.req.req1.format_offered, r.in.req.req1.format_desired);
113 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
114 if (!NT_STATUS_IS_OK(status)) {
115 const char *errstr = nt_errstr(status);
116 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
117 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
119 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
121 } else if (!W_ERROR_IS_OK(r.out.result)) {
122 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
129 switch (formats[i]) {
130 case DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL:
131 if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE) {
132 printf(__location__ ": Unexpected error (%d): This name lookup should fail\n",
133 r.out.ctr.ctr1->array[0].status);
136 printf ("(expected) error\n");
138 case DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL:
139 if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NO_MAPPING) {
140 printf(__location__ ": Unexpected error (%d): This name lookup should fail\n",
141 r.out.ctr.ctr1->array[0].status);
144 printf ("(expected) error\n");
146 case DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN:
147 case DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY:
148 if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR) {
149 printf(__location__ ": Unexpected error (%d): This name lookup should fail\n",
150 r.out.ctr.ctr1->array[0].status);
153 printf ("(expected) error\n");
156 if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
157 printf("Error: %d\n", r.out.ctr.ctr1->array[0].status);
162 switch (formats[i]) {
163 case DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL:
164 n_from[i] = user_principal_name;
166 case DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL:
167 n_from[i] = service_principal_name;
169 case DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY:
170 case DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN:
174 n_from[i] = r.out.ctr.ctr1->array[0].result_name;
175 printf("%s\n", n_from[i]);
179 for (i = 0; i < ARRAY_SIZE(formats); i++) {
180 for (j = 0; j < ARRAY_SIZE(formats); j++) {
181 r.in.req.req1.format_offered = formats[i];
182 r.in.req.req1.format_desired = formats[j];
184 n_matrix[i][j] = NULL;
187 names[0].str = n_from[i];
188 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
189 if (!NT_STATUS_IS_OK(status)) {
190 const char *errstr = nt_errstr(status);
191 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
192 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
194 printf("testing DsCrackNames (matrix) with name '%s' from format: %d desired format:%d failed - %s",
195 names[0].str, r.in.req.req1.format_offered, r.in.req.req1.format_desired, errstr);
197 } else if (!W_ERROR_IS_OK(r.out.result)) {
198 printf("testing DsCrackNames (matrix) with name '%s' from format: %d desired format:%d failed - %s",
199 names[0].str, r.in.req.req1.format_offered, r.in.req.req1.format_desired,
200 win_errstr(r.out.result));
207 if (r.out.ctr.ctr1->array[0].status == DRSUAPI_DS_NAME_STATUS_OK) {
208 n_matrix[i][j] = r.out.ctr.ctr1->array[0].result_name;
210 n_matrix[i][j] = NULL;
215 for (i = 0; i < ARRAY_SIZE(formats); i++) {
216 for (j = 0; j < ARRAY_SIZE(formats); j++) {
217 if (n_matrix[i][j] == n_from[j]) {
219 /* We don't have a from name for these yet (and we can't map to them to find it out) */
220 } else if (n_matrix[i][j] == NULL && n_from[i] == NULL) {
222 /* we can't map to these two */
223 } else if (n_matrix[i][j] == NULL && formats[j] == DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL) {
224 } else if (n_matrix[i][j] == NULL && formats[j] == DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL) {
225 } else if (n_matrix[i][j] == NULL && n_from[j] != NULL) {
226 printf("dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s\n", formats[i], formats[j], n_matrix[i][j], n_from[j]);
228 } else if (n_matrix[i][j] != NULL && n_from[j] == NULL) {
229 printf("dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s\n", formats[i], formats[j], n_matrix[i][j], n_from[j]);
231 } else if (strcmp(n_matrix[i][j], n_from[j]) != 0) {
232 printf("dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s\n", formats[i], formats[j], n_matrix[i][j], n_from[j]);
240 static BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
241 struct DsPrivate *priv, const char *test_dc)
244 struct drsuapi_DsCrackNames r;
245 struct drsuapi_DsNameString names[1];
247 const char *dns_domain;
248 const char *nt4_domain;
249 const char *FQDN_1779_name;
250 const char *user_principal_name;
251 const char *service_principal_name;
254 r.in.bind_handle = &priv->bind_handle;
256 r.in.req.req1.unknown1 = 0x000004e4;
257 r.in.req.req1.unknown2 = 0x00000407;
258 r.in.req.req1.count = 1;
259 r.in.req.req1.names = names;
260 r.in.req.req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS;
262 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_CANONICAL;
263 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
264 names[0].str = talloc_asprintf(mem_ctx, "%s/", lp_realm());
266 printf("testing DsCrackNames with name '%s' desired format:%d\n",
267 names[0].str, r.in.req.req1.format_desired);
269 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
270 if (!NT_STATUS_IS_OK(status)) {
271 const char *errstr = nt_errstr(status);
272 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
273 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
275 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
277 } else if (!W_ERROR_IS_OK(r.out.result)) {
278 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
280 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
281 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
289 dns_domain = r.out.ctr.ctr1->array[0].dns_domain_name;
290 nt4_domain = r.out.ctr.ctr1->array[0].result_name;
292 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_GUID;
294 printf("testing DsCrackNames with name '%s' desired format:%d\n",
295 names[0].str, r.in.req.req1.format_desired);
297 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
298 if (!NT_STATUS_IS_OK(status)) {
299 const char *errstr = nt_errstr(status);
300 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
301 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
303 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
305 } else if (!W_ERROR_IS_OK(r.out.result)) {
306 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
308 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
309 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
317 priv->domain_dns_name = r.out.ctr.ctr1->array[0].dns_domain_name;
318 priv->domain_guid_str = r.out.ctr.ctr1->array[0].result_name;
319 GUID_from_string(priv->domain_guid_str, &priv->domain_guid);
321 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
323 printf("testing DsCrackNames with name '%s' desired format:%d\n",
324 names[0].str, r.in.req.req1.format_desired);
326 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
327 if (!NT_STATUS_IS_OK(status)) {
328 const char *errstr = nt_errstr(status);
329 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
330 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
332 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
334 } else if (!W_ERROR_IS_OK(r.out.result)) {
335 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
337 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
338 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
346 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID;
347 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
348 names[0].str = priv->domain_guid_str;
350 printf("testing DsCrackNames with GUID '%s' desired format:%d\n",
351 names[0].str, r.in.req.req1.format_desired);
353 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
354 if (!NT_STATUS_IS_OK(status)) {
355 const char *errstr = nt_errstr(status);
356 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
357 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
359 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
361 } else if (!W_ERROR_IS_OK(r.out.result)) {
362 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
364 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
365 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
373 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
374 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
375 names[0].str = nt4_domain;
377 printf("testing DsCrackNames with name '%s' desired format:%d\n",
378 names[0].str, r.in.req.req1.format_desired);
380 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
381 if (!NT_STATUS_IS_OK(status)) {
382 const char *errstr = nt_errstr(status);
383 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
384 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
386 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
388 } else if (!W_ERROR_IS_OK(r.out.result)) {
389 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
391 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
392 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
400 priv->domain_obj_dn = r.out.ctr.ctr1->array[0].result_name;
402 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
403 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
404 names[0].str = talloc_asprintf(mem_ctx, "%s%s$", nt4_domain, test_dc);
406 printf("testing DsCrackNames with name '%s' desired format:%d\n",
407 names[0].str, r.in.req.req1.format_desired);
409 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
410 if (!NT_STATUS_IS_OK(status)) {
411 const char *errstr = nt_errstr(status);
412 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
413 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
415 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
417 } else if (!W_ERROR_IS_OK(r.out.result)) {
418 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
420 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
421 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
429 FQDN_1779_name = r.out.ctr.ctr1->array[0].result_name;
431 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL;
432 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
433 names[0].str = talloc_asprintf(mem_ctx, "%s$@%s", test_dc, dns_domain);
434 user_principal_name = names[0].str;
436 printf("testing DsCrackNames with name '%s' desired format:%d\n",
437 names[0].str, r.in.req.req1.format_desired);
439 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
440 if (!NT_STATUS_IS_OK(status)) {
441 const char *errstr = nt_errstr(status);
442 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
443 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
445 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
447 } else if (!W_ERROR_IS_OK(r.out.result)) {
448 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
450 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
451 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
459 if (strcmp(r.out.ctr.ctr1->array[0].result_name, FQDN_1779_name) != 0) {
460 printf("DsCrackNames failed - %s != %s\n", r.out.ctr.ctr1->array[0].result_name, FQDN_1779_name);
464 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL;
465 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
466 names[0].str = talloc_asprintf(mem_ctx, "HOST/%s", test_dc);
467 service_principal_name = names[0].str;
469 printf("testing DsCrackNames with name '%s' desired format:%d\n",
470 names[0].str, r.in.req.req1.format_desired);
472 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
473 if (!NT_STATUS_IS_OK(status)) {
474 const char *errstr = nt_errstr(status);
475 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
476 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
478 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
480 } else if (!W_ERROR_IS_OK(r.out.result)) {
481 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
483 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
484 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
492 if (strcmp(r.out.ctr.ctr1->array[0].result_name, FQDN_1779_name) != 0) {
493 printf("DsCrackNames failed - %s != %s\n", r.out.ctr.ctr1->array[0].result_name, FQDN_1779_name);
497 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL;
498 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
499 names[0].str = talloc_asprintf(mem_ctx, "cifs/%s.%s", test_dc, dns_domain);
501 printf("testing DsCrackNames with name '%s' desired format:%d\n",
502 names[0].str, r.in.req.req1.format_desired);
504 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
505 if (!NT_STATUS_IS_OK(status)) {
506 const char *errstr = nt_errstr(status);
507 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
508 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
510 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
512 } else if (!W_ERROR_IS_OK(r.out.result)) {
513 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
515 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
516 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
524 if (strcmp(r.out.ctr.ctr1->array[0].result_name, FQDN_1779_name) != 0) {
525 printf("DsCrackNames failed - %s != %s\n", r.out.ctr.ctr1->array[0].result_name, FQDN_1779_name);
529 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL;
530 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
531 names[0].str = talloc_asprintf(mem_ctx, "krbtgt/%s", dns_domain);
533 printf("testing DsCrackNames with name '%s' desired format:%d\n",
534 names[0].str, r.in.req.req1.format_desired);
536 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
537 if (!NT_STATUS_IS_OK(status)) {
538 const char *errstr = nt_errstr(status);
539 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
540 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
542 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
544 } else if (!W_ERROR_IS_OK(r.out.result)) {
545 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
547 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY) {
548 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
556 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
557 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_CANONICAL;
558 names[0].str = FQDN_1779_name;
560 printf("testing DsCrackNames with name '%s' desired format:%d\n",
561 names[0].str, r.in.req.req1.format_desired);
563 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
564 if (!NT_STATUS_IS_OK(status)) {
565 const char *errstr = nt_errstr(status);
566 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
567 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
569 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
571 } else if (!W_ERROR_IS_OK(r.out.result)) {
572 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
574 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
575 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
583 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_DISPLAY;
585 printf("testing DsCrackNames with name '%s' desired format:%d\n",
586 names[0].str, r.in.req.req1.format_desired);
588 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
589 if (!NT_STATUS_IS_OK(status)) {
590 const char *errstr = nt_errstr(status);
591 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
592 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
594 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
596 } else if (!W_ERROR_IS_OK(r.out.result)) {
597 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
599 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
600 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
608 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_GUID;
610 printf("testing DsCrackNames with name '%s' desired format:%d\n",
611 names[0].str, r.in.req.req1.format_desired);
613 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
614 if (!NT_STATUS_IS_OK(status)) {
615 const char *errstr = nt_errstr(status);
616 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
617 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
619 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
621 } else if (!W_ERROR_IS_OK(r.out.result)) {
622 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
624 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
625 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
633 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID;
634 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
635 names[0].str = GUID_string2(mem_ctx, &priv->dcinfo.site_guid);
637 printf("testing DsCrackNames with Site GUID '%s' desired format:%d\n",
638 names[0].str, r.in.req.req1.format_desired);
640 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
641 if (!NT_STATUS_IS_OK(status)) {
642 const char *errstr = nt_errstr(status);
643 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
644 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
646 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
648 } else if (!W_ERROR_IS_OK(r.out.result)) {
649 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
651 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
652 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
660 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
661 names[0].str = GUID_string2(mem_ctx, &priv->dcinfo.computer_guid);
663 printf("testing DsCrackNames with Computer GUID '%s' desired format:%d\n",
664 names[0].str, r.in.req.req1.format_desired);
666 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
667 if (!NT_STATUS_IS_OK(status)) {
668 const char *errstr = nt_errstr(status);
669 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
670 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
672 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
674 } else if (!W_ERROR_IS_OK(r.out.result)) {
675 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
677 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
678 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
686 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID;
687 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
688 names[0].str = GUID_string2(mem_ctx, &priv->dcinfo.server_guid);
690 printf("testing DsCrackNames with Server GUID '%s' desired format:%d\n",
691 names[0].str, r.in.req.req1.format_desired);
693 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
694 if (!NT_STATUS_IS_OK(status)) {
695 const char *errstr = nt_errstr(status);
696 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
697 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
699 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
701 } else if (!W_ERROR_IS_OK(r.out.result)) {
702 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
704 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
705 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
713 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID;
714 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
715 names[0].str = GUID_string2(mem_ctx, &priv->dcinfo.ntds_guid);
717 printf("testing DsCrackNames with NTDS GUID '%s' desired format:%d\n",
718 names[0].str, r.in.req.req1.format_desired);
720 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
721 if (!NT_STATUS_IS_OK(status)) {
722 const char *errstr = nt_errstr(status);
723 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
724 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
726 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
728 } else if (!W_ERROR_IS_OK(r.out.result)) {
729 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
731 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
732 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
740 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY;
741 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
742 names[0].str = SID_BUILTIN;
744 printf("testing DsCrackNames with SID '%s' desired format:%d\n",
745 names[0].str, r.in.req.req1.format_desired);
747 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
748 if (!NT_STATUS_IS_OK(status)) {
749 const char *errstr = nt_errstr(status);
750 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
751 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
753 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
755 } else if (!W_ERROR_IS_OK(r.out.result)) {
756 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
758 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
759 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
768 /* NEGATIVE tests. This should parse, but not succeed */
769 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL;
770 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
771 names[0].str = talloc_asprintf(mem_ctx, "krbtgt/%s", dns_domain);
773 printf("testing DsCrackNames with name '%s' desired format:%d\n",
774 names[0].str, r.in.req.req1.format_desired);
776 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
777 if (!NT_STATUS_IS_OK(status)) {
778 const char *errstr = nt_errstr(status);
779 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
780 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
782 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
784 } else if (!W_ERROR_IS_OK(r.out.result)) {
785 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
787 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY) {
788 printf("DsCrackNames incorrect error on name - %d\n", r.out.ctr.ctr1->array[0].status);
796 /* NEGATIVE tests. This should parse, but not succeed */
797 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL;
798 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
799 names[0].str = talloc_asprintf(mem_ctx, "krbtgt");
801 printf("testing DsCrackNames with name '%s' desired format:%d\n",
802 names[0].str, r.in.req.req1.format_desired);
804 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
805 if (!NT_STATUS_IS_OK(status)) {
806 const char *errstr = nt_errstr(status);
807 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
808 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
810 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
812 } else if (!W_ERROR_IS_OK(r.out.result)) {
813 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
815 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NOT_FOUND) {
816 printf("DsCrackNames incorrect error on name - %d\n", r.out.ctr.ctr1->array[0].status);
824 /* NEGATIVE tests. This should parse, but not succeed */
825 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL;
826 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
827 names[0].str = talloc_asprintf(mem_ctx, "cifs/%s.%s@%s",
831 printf("testing DsCrackNames with Service Principal '%s' desired format:%d\n",
832 names[0].str, r.in.req.req1.format_desired);
834 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
835 if (!NT_STATUS_IS_OK(status)) {
836 const char *errstr = nt_errstr(status);
837 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
838 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
840 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
842 } else if (!W_ERROR_IS_OK(r.out.result)) {
843 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
845 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY) {
846 printf("DsCrackNames incorrect error on name - %d\n", r.out.ctr.ctr1->array[0].status);
854 /* NEGATIVE tests. This should parse, but not succeed */
855 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID;
856 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
857 names[0].str = "NOT A GUID";
859 printf("testing DsCrackNames with GUID '%s' desired format:%d\n",
860 names[0].str, r.in.req.req1.format_desired);
862 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
863 if (!NT_STATUS_IS_OK(status)) {
864 const char *errstr = nt_errstr(status);
865 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
866 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
868 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
870 } else if (!W_ERROR_IS_OK(r.out.result)) {
871 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
873 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NOT_FOUND) {
874 printf("DsCrackNames incorrect error on name - %d\n", r.out.ctr.ctr1->array[0].status);
882 /* NEGATIVE tests. This should parse, but not succeed */
883 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY;
884 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
885 names[0].str = "NOT A SID";
887 printf("testing DsCrackNames with SID '%s' desired format:%d\n",
888 names[0].str, r.in.req.req1.format_desired);
890 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
891 if (!NT_STATUS_IS_OK(status)) {
892 const char *errstr = nt_errstr(status);
893 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
894 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
896 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
898 } else if (!W_ERROR_IS_OK(r.out.result)) {
899 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
901 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NOT_FOUND) {
902 printf("DsCrackNames incorrect error on name - %d\n", r.out.ctr.ctr1->array[0].status);
910 /* NEGATIVE tests. This should parse, but not succeed */
911 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
912 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
913 names[0].str = "NOT AN NT4 NAME";
915 printf("testing DsCrackNames with NT4 Name '%s' desired format:%d\n",
916 names[0].str, r.in.req.req1.format_desired);
918 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
919 if (!NT_STATUS_IS_OK(status)) {
920 const char *errstr = nt_errstr(status);
921 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
922 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
924 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
926 } else if (!W_ERROR_IS_OK(r.out.result)) {
927 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
929 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NOT_FOUND) {
930 printf("DsCrackNames incorrect error on name - %d\n", r.out.ctr.ctr1->array[0].status);
938 /* NEGATIVE tests. This should parse, but not succeed */
939 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
940 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_GUID;
941 names[0].str = "NOT A DN";
943 printf("testing DsCrackNames with DN '%s' desired format:%d\n",
944 names[0].str, r.in.req.req1.format_desired);
946 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
947 if (!NT_STATUS_IS_OK(status)) {
948 const char *errstr = nt_errstr(status);
949 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
950 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
952 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
954 } else if (!W_ERROR_IS_OK(r.out.result)) {
955 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
957 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NOT_FOUND) {
958 printf("DsCrackNames incorrect error on name - %d\n", r.out.ctr.ctr1->array[0].status);
966 /* NEGATIVE tests. This should parse, but not succeed */
967 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL;
968 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
969 names[0].str = "NOT A PRINCIPAL";
971 printf("testing DsCrackNames with user principal '%s' desired format:%d\n",
972 names[0].str, r.in.req.req1.format_desired);
974 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
975 if (!NT_STATUS_IS_OK(status)) {
976 const char *errstr = nt_errstr(status);
977 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
978 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
980 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
982 } else if (!W_ERROR_IS_OK(r.out.result)) {
983 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
985 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NOT_FOUND) {
986 printf("DsCrackNames incorrect error on name - %d\n", r.out.ctr.ctr1->array[0].status);
994 /* NEGATIVE tests. This should parse, but not succeed */
995 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL;
996 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
997 names[0].str = "NOT A SERVICE PRINCIPAL";
999 printf("testing DsCrackNames with service principal '%s' desired format:%d\n",
1000 names[0].str, r.in.req.req1.format_desired);
1002 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
1003 if (!NT_STATUS_IS_OK(status)) {
1004 const char *errstr = nt_errstr(status);
1005 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1006 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1008 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
1010 } else if (!W_ERROR_IS_OK(r.out.result)) {
1011 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
1013 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NOT_FOUND) {
1014 printf("DsCrackNames incorrect error on name - %d\n", r.out.ctr.ctr1->array[0].status);
1022 /* NEGATIVE tests. This should parse, but not succeed */
1023 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID;
1024 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
1025 names[0].str = GUID_string2(mem_ctx, &priv->bind_guid);
1027 printf("testing DsCrackNames with BIND GUID '%s' desired format:%d\n",
1028 names[0].str, r.in.req.req1.format_desired);
1030 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
1031 if (!NT_STATUS_IS_OK(status)) {
1032 const char *errstr = nt_errstr(status);
1033 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1034 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1036 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
1038 } else if (!W_ERROR_IS_OK(r.out.result)) {
1039 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
1041 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NOT_FOUND) {
1042 printf("DsCrackNames incorrect error on name - %d\n", r.out.ctr.ctr1->array[0].status);
1046 /* NEGATIVE tests. This should parse, but not succeed */
1047 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL;
1048 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
1049 names[0].str = talloc_asprintf(mem_ctx, "%s$", test_dc);
1051 printf("testing DsCrackNames with user principal name '%s' desired format:%d\n",
1052 names[0].str, r.in.req.req1.format_desired);
1054 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
1055 if (!NT_STATUS_IS_OK(status)) {
1056 const char *errstr = nt_errstr(status);
1057 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1058 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1060 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
1062 } else if (!W_ERROR_IS_OK(r.out.result)) {
1063 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
1065 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NOT_FOUND) {
1066 printf("DsCrackNames incorrect error on name - %d\n", r.out.ctr.ctr1->array[0].status);
1070 /* NEGATIVE tests. This should parse, but not succeed */
1071 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL;
1072 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
1073 names[0].str = talloc_asprintf(mem_ctx, "%s$", test_dc);
1075 printf("testing DsCrackNames with service principal name '%s' desired format:%d\n",
1076 names[0].str, r.in.req.req1.format_desired);
1078 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
1079 if (!NT_STATUS_IS_OK(status)) {
1080 const char *errstr = nt_errstr(status);
1081 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1082 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1084 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
1086 } else if (!W_ERROR_IS_OK(r.out.result)) {
1087 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
1089 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NOT_FOUND) {
1090 printf("DsCrackNames incorrect error on name - %d\n", r.out.ctr.ctr1->array[0].status);
1099 /* NEGATIVE tests. This should parse, but not succeed */
1100 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
1101 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
1102 names[0].str = talloc_asprintf(mem_ctx, "%s\\", lp_realm());
1104 printf("testing DsCrackNames with name '%s' desired format:%d\n",
1105 names[0].str, r.in.req.req1.format_desired);
1107 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
1108 if (!NT_STATUS_IS_OK(status)) {
1109 const char *errstr = nt_errstr(status);
1110 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1111 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1113 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
1115 } else if (!W_ERROR_IS_OK(r.out.result)) {
1116 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
1118 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NOT_FOUND) {
1119 printf("DsCrackNames incorrect error on name - %d\n", r.out.ctr.ctr1->array[0].status);
1127 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY;
1128 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
1129 names[0].str = SID_BUILTIN;
1131 printf("testing DsCrackNames with SID '%s' desired format:%d\n",
1132 names[0].str, r.in.req.req1.format_desired);
1134 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
1135 if (!NT_STATUS_IS_OK(status)) {
1136 const char *errstr = nt_errstr(status);
1137 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1138 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1140 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
1142 } else if (!W_ERROR_IS_OK(r.out.result)) {
1143 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
1145 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
1146 printf("DsCrackNames failed on name - %d\n", r.out.ctr.ctr1->array[0].status);
1155 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY;
1156 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
1157 names[0].str = SID_BUILTIN_ADMINISTRATORS;
1159 printf("testing DsCrackNames with SID '%s' desired format:%d\n",
1160 names[0].str, r.in.req.req1.format_desired);
1162 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
1163 if (!NT_STATUS_IS_OK(status)) {
1164 const char *errstr = nt_errstr(status);
1165 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1166 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1168 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
1170 } else if (!W_ERROR_IS_OK(r.out.result)) {
1171 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
1173 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NO_MAPPING) {
1174 printf("DsCrackNames incorrect error on name - %d\n", r.out.ctr.ctr1->array[0].status);
1183 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY;
1184 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
1185 names[0].str = SID_BUILTIN_ADMINISTRATORS;
1187 printf("testing DsCrackNames with SID '%s' desired format:%d\n",
1188 names[0].str, r.in.req.req1.format_desired);
1190 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
1191 if (!NT_STATUS_IS_OK(status)) {
1192 const char *errstr = nt_errstr(status);
1193 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1194 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1196 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
1198 } else if (!W_ERROR_IS_OK(r.out.result)) {
1199 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
1201 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NO_MAPPING) {
1202 printf("DsCrackNames incorrect error on name - %d\n", r.out.ctr.ctr1->array[0].status);
1211 /* NEGATIVE tests. This should parse, but not succeed */
1212 r.in.req.req1.format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL;
1213 r.in.req.req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
1214 names[0].str = "foo@bar";
1216 printf("testing DsCrackNames with user principal name '%s' desired format:%d\n",
1217 names[0].str, r.in.req.req1.format_desired);
1219 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
1220 if (!NT_STATUS_IS_OK(status)) {
1221 const char *errstr = nt_errstr(status);
1222 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1223 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1225 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
1227 } else if (!W_ERROR_IS_OK(r.out.result)) {
1228 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
1230 } else if (r.out.ctr.ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY) {
1231 printf("DsCrackNames incorrect error on name - %d\n", r.out.ctr.ctr1->array[0].status);
1236 return test_DsCrackNamesMatrix(p, mem_ctx, priv, FQDN_1779_name, user_principal_name, service_principal_name);
1242 static BOOL test_DsGetDCInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1243 struct DsPrivate *priv)
1246 struct drsuapi_DsGetDomainControllerInfo r;
1249 r.in.bind_handle = &priv->bind_handle;
1252 r.in.req.req1.domain_name = talloc_strdup(mem_ctx, lp_realm());
1253 r.in.req.req1.level = 1;
1255 printf("testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
1256 r.in.req.req1.level, r.in.req.req1.domain_name);
1258 status = dcerpc_drsuapi_DsGetDomainControllerInfo(p, mem_ctx, &r);
1259 if (!NT_STATUS_IS_OK(status)) {
1260 const char *errstr = nt_errstr(status);
1261 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1262 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1264 printf("dcerpc_drsuapi_DsGetDomainControllerInfo level %d\n"
1265 " with dns domain failed - %s\n",
1266 r.in.req.req1.level, errstr);
1268 } else if (!W_ERROR_IS_OK(r.out.result)) {
1269 printf("DsGetDomainControllerInfo level %d\n"
1270 " with dns domain failed - %s\n",
1271 r.in.req.req1.level, win_errstr(r.out.result));
1275 r.in.req.req1.level = 2;
1277 printf("testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
1278 r.in.req.req1.level, r.in.req.req1.domain_name);
1280 status = dcerpc_drsuapi_DsGetDomainControllerInfo(p, mem_ctx, &r);
1281 if (!NT_STATUS_IS_OK(status)) {
1282 const char *errstr = nt_errstr(status);
1283 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1284 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1286 printf("dcerpc_drsuapi_DsGetDomainControllerInfo level %d\n"
1287 " with dns domain failed - %s\n",
1288 r.in.req.req1.level, errstr);
1290 } else if (!W_ERROR_IS_OK(r.out.result)) {
1291 printf("DsGetDomainControllerInfo level %d\n"
1292 " with dns domain failed - %s\n",
1293 r.in.req.req1.level, win_errstr(r.out.result));
1296 if (r.out.ctr.ctr2.count > 0) {
1297 priv->dcinfo = r.out.ctr.ctr2.array[0];
1301 r.in.req.req1.level = -1;
1303 printf("testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
1304 r.in.req.req1.level, r.in.req.req1.domain_name);
1306 status = dcerpc_drsuapi_DsGetDomainControllerInfo(p, mem_ctx, &r);
1307 if (!NT_STATUS_IS_OK(status)) {
1308 const char *errstr = nt_errstr(status);
1309 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1310 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1312 printf("dcerpc_drsuapi_DsGetDomainControllerInfo level %d\n"
1313 " with dns domain failed - %s\n",
1314 r.in.req.req1.level, errstr);
1316 } else if (!W_ERROR_IS_OK(r.out.result)) {
1317 printf("DsGetDomainControllerInfo level %d\n"
1318 " with dns domain failed - %s\n",
1319 r.in.req.req1.level, win_errstr(r.out.result));
1323 r.in.req.req1.domain_name = talloc_strdup(mem_ctx, lp_workgroup());
1324 r.in.req.req1.level = 2;
1326 printf("testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
1327 r.in.req.req1.level, r.in.req.req1.domain_name);
1329 status = dcerpc_drsuapi_DsGetDomainControllerInfo(p, mem_ctx, &r);
1330 if (!NT_STATUS_IS_OK(status)) {
1331 const char *errstr = nt_errstr(status);
1332 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1333 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1335 printf("dcerpc_drsuapi_DsGetDomainControllerInfo level %d\n"
1336 " with netbios domain failed - %s\n",
1337 r.in.req.req1.level, errstr);
1339 } else if (!W_ERROR_IS_OK(r.out.result)) {
1340 printf("DsGetDomainControllerInfo level %d\n"
1341 " with netbios domain failed - %s\n",
1342 r.in.req.req1.level, win_errstr(r.out.result));
1346 r.in.req.req1.domain_name = "__UNKNOWN_DOMAIN__";
1347 r.in.req.req1.level = 2;
1349 printf("testing DsGetDomainControllerInfo level %d on domainname '%s'\n",
1350 r.in.req.req1.level, r.in.req.req1.domain_name);
1352 status = dcerpc_drsuapi_DsGetDomainControllerInfo(p, mem_ctx, &r);
1353 if (!NT_STATUS_IS_OK(status)) {
1354 const char *errstr = nt_errstr(status);
1355 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1356 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1358 printf("dcerpc_drsuapi_DsGetDomainControllerInfo level %d\n"
1359 " with invalid domain failed - %s\n",
1360 r.in.req.req1.level, errstr);
1362 } else if (!W_ERROR_EQUAL(r.out.result, WERR_DS_OBJ_NOT_FOUND)) {
1363 printf("DsGetDomainControllerInfo level %d\n"
1364 " with invalid domain not expected error (WERR_DS_OBJ_NOT_FOUND) - %s\n",
1365 r.in.req.req1.level, win_errstr(r.out.result));
1372 static BOOL test_DsWriteAccountSpn(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1373 struct DsPrivate *priv)
1376 struct drsuapi_DsWriteAccountSpn r;
1377 struct drsuapi_DsNameString names[2];
1380 r.in.bind_handle = &priv->bind_handle;
1383 printf("testing DsWriteAccountSpn\n");
1385 r.in.req.req1.operation = DRSUAPI_DS_SPN_OPERATION_ADD;
1386 r.in.req.req1.unknown1 = 0;
1387 r.in.req.req1.object_dn = priv->dcinfo.computer_dn;
1388 r.in.req.req1.count = 2;
1389 r.in.req.req1.spn_names = names;
1390 names[0].str = talloc_asprintf(mem_ctx, "smbtortureSPN/%s",priv->dcinfo.netbios_name);
1391 names[1].str = talloc_asprintf(mem_ctx, "smbtortureSPN/%s",priv->dcinfo.dns_name);
1393 status = dcerpc_drsuapi_DsWriteAccountSpn(p, mem_ctx, &r);
1394 if (!NT_STATUS_IS_OK(status)) {
1395 const char *errstr = nt_errstr(status);
1396 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1397 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1399 printf("dcerpc_drsuapi_DsWriteAccountSpn failed - %s\n", errstr);
1401 } else if (!W_ERROR_IS_OK(r.out.result)) {
1402 printf("DsWriteAccountSpn failed - %s\n", win_errstr(r.out.result));
1406 r.in.req.req1.operation = DRSUAPI_DS_SPN_OPERATION_DELETE;
1407 r.in.req.req1.unknown1 = 0;
1409 status = dcerpc_drsuapi_DsWriteAccountSpn(p, mem_ctx, &r);
1410 if (!NT_STATUS_IS_OK(status)) {
1411 const char *errstr = nt_errstr(status);
1412 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1413 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1415 printf("dcerpc_drsuapi_DsWriteAccountSpn failed - %s\n", errstr);
1417 } else if (!W_ERROR_IS_OK(r.out.result)) {
1418 printf("DsWriteAccountSpn failed - %s\n", win_errstr(r.out.result));
1425 static BOOL test_DsReplicaGetInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1426 struct DsPrivate *priv)
1429 struct drsuapi_DsReplicaGetInfo r;
1438 DRSUAPI_DS_REPLICA_GET_INFO,
1439 DRSUAPI_DS_REPLICA_INFO_NEIGHBORS,
1442 DRSUAPI_DS_REPLICA_GET_INFO,
1443 DRSUAPI_DS_REPLICA_INFO_CURSORS,
1446 DRSUAPI_DS_REPLICA_GET_INFO,
1447 DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA,
1450 DRSUAPI_DS_REPLICA_GET_INFO,
1451 DRSUAPI_DS_REPLICA_INFO_KCC_DSA_CONNECT_FAILURES,
1454 DRSUAPI_DS_REPLICA_GET_INFO,
1455 DRSUAPI_DS_REPLICA_INFO_KCC_DSA_LINK_FAILURES,
1458 DRSUAPI_DS_REPLICA_GET_INFO,
1459 DRSUAPI_DS_REPLICA_INFO_PENDING_OPS,
1462 DRSUAPI_DS_REPLICA_GET_INFO2,
1463 DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA,
1466 DRSUAPI_DS_REPLICA_GET_INFO2,
1467 DRSUAPI_DS_REPLICA_INFO_CURSORS2,
1470 DRSUAPI_DS_REPLICA_GET_INFO2,
1471 DRSUAPI_DS_REPLICA_INFO_CURSORS3,
1474 DRSUAPI_DS_REPLICA_GET_INFO2,
1475 DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA2,
1478 DRSUAPI_DS_REPLICA_GET_INFO2,
1479 DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA2,
1482 DRSUAPI_DS_REPLICA_GET_INFO2,
1483 DRSUAPI_DS_REPLICA_INFO_NEIGHBORS02,
1486 DRSUAPI_DS_REPLICA_GET_INFO2,
1487 DRSUAPI_DS_REPLICA_INFO_CONNECTIONS04,
1490 DRSUAPI_DS_REPLICA_GET_INFO2,
1491 DRSUAPI_DS_REPLICA_INFO_CURSURS05,
1494 DRSUAPI_DS_REPLICA_GET_INFO2,
1495 DRSUAPI_DS_REPLICA_INFO_06,
1500 r.in.bind_handle = &priv->bind_handle;
1502 for (i=0; i < ARRAY_SIZE(array); i++) {
1503 const char *object_dn;
1505 printf("testing DsReplicaGetInfo level %d infotype %d\n",
1506 array[i].level, array[i].infotype);
1508 object_dn = (array[i].obj_dn ? array[i].obj_dn : priv->domain_obj_dn);
1510 r.in.level = array[i].level;
1511 switch(r.in.level) {
1512 case DRSUAPI_DS_REPLICA_GET_INFO:
1513 r.in.req.req1.info_type = array[i].infotype;
1514 r.in.req.req1.object_dn = object_dn;
1515 ZERO_STRUCT(r.in.req.req1.guid1);
1517 case DRSUAPI_DS_REPLICA_GET_INFO2:
1518 r.in.req.req2.info_type = array[i].infotype;
1519 r.in.req.req2.object_dn = object_dn;
1520 ZERO_STRUCT(r.in.req.req1.guid1);
1521 r.in.req.req2.unknown1 = 0;
1522 r.in.req.req2.string1 = NULL;
1523 r.in.req.req2.string2 = NULL;
1524 r.in.req.req2.unknown2 = 0;
1528 status = dcerpc_drsuapi_DsReplicaGetInfo(p, mem_ctx, &r);
1529 if (!NT_STATUS_IS_OK(status)) {
1530 const char *errstr = nt_errstr(status);
1531 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1532 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1534 if (p->last_fault_code != DCERPC_FAULT_INVALID_TAG) {
1535 printf("dcerpc_drsuapi_DsReplicaGetInfo failed - %s\n", errstr);
1538 printf("DsReplicaGetInfo level %d and/or infotype %d not supported by server\n",
1539 array[i].level, array[i].infotype);
1541 } else if (!W_ERROR_IS_OK(r.out.result)) {
1542 printf("DsReplicaGetInfo failed - %s\n", win_errstr(r.out.result));
1550 static BOOL test_DsReplicaSync(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1551 struct DsPrivate *priv)
1556 struct drsuapi_DsReplicaSync r;
1557 struct drsuapi_DsReplicaObjectIdentifier nc;
1558 struct GUID null_guid;
1559 struct dom_sid null_sid;
1568 if (!lp_parm_bool(-1, "torture", "dangerous", False)) {
1569 printf("DsReplicaSync disabled - enable dangerous tests to use\n");
1573 ZERO_STRUCT(null_guid);
1574 ZERO_STRUCT(null_sid);
1576 r.in.bind_handle = &priv->bind_handle;
1578 for (i=0; i < ARRAY_SIZE(array); i++) {
1579 printf("testing DsReplicaSync level %d\n",
1582 r.in.level = array[i].level;
1583 switch(r.in.level) {
1585 nc.guid = null_guid;
1587 nc.dn = priv->domain_obj_dn?priv->domain_obj_dn:"";
1589 r.in.req.req1.naming_context = &nc;
1590 r.in.req.req1.guid1 = priv->dcinfo.ntds_guid;
1591 r.in.req.req1.string1 = NULL;
1592 r.in.req.req1.options = 16;
1596 status = dcerpc_drsuapi_DsReplicaSync(p, mem_ctx, &r);
1597 if (!NT_STATUS_IS_OK(status)) {
1598 const char *errstr = nt_errstr(status);
1599 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1600 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1602 printf("dcerpc_drsuapi_DsReplicaSync failed - %s\n", errstr);
1604 } else if (!W_ERROR_IS_OK(r.out.result)) {
1605 printf("DsReplicaSync failed - %s\n", win_errstr(r.out.result));
1613 static BOOL test_DsReplicaUpdateRefs(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1614 struct DsPrivate *priv)
1619 struct drsuapi_DsReplicaUpdateRefs r;
1620 struct drsuapi_DsReplicaObjectIdentifier nc;
1621 struct GUID null_guid;
1622 struct dom_sid null_sid;
1631 ZERO_STRUCT(null_guid);
1632 ZERO_STRUCT(null_sid);
1634 r.in.bind_handle = &priv->bind_handle;
1636 for (i=0; i < ARRAY_SIZE(array); i++) {
1637 printf("testing DsReplicaUpdateRefs level %d\n",
1640 r.in.level = array[i].level;
1641 switch(r.in.level) {
1643 nc.guid = null_guid;
1645 nc.dn = priv->domain_obj_dn?priv->domain_obj_dn:"";
1647 r.in.req.req1.naming_context = &nc;
1648 r.in.req.req1.dest_dsa_dns_name = talloc_asprintf(mem_ctx, "__some_dest_dsa_guid_string._msdn.%s",
1649 priv->domain_dns_name);
1650 r.in.req.req1.dest_dsa_guid = null_guid;
1651 r.in.req.req1.options = 0;
1655 status = dcerpc_drsuapi_DsReplicaUpdateRefs(p, mem_ctx, &r);
1656 if (!NT_STATUS_IS_OK(status)) {
1657 const char *errstr = nt_errstr(status);
1658 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1659 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1661 printf("dcerpc_drsuapi_DsReplicaUpdateRefs failed - %s\n", errstr);
1663 } else if (!W_ERROR_IS_OK(r.out.result)) {
1664 printf("DsReplicaUpdateRefs failed - %s\n", win_errstr(r.out.result));
1672 static BOOL test_DsGetNCChanges(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1673 struct DsPrivate *priv)
1678 struct drsuapi_DsGetNCChanges r;
1679 struct drsuapi_DsReplicaObjectIdentifier nc;
1680 struct GUID null_guid;
1681 struct dom_sid null_sid;
1693 ZERO_STRUCT(null_guid);
1694 ZERO_STRUCT(null_sid);
1696 for (i=0; i < ARRAY_SIZE(array); i++) {
1697 printf("testing DsGetNCChanges level %d\n",
1700 r.in.bind_handle = &priv->bind_handle;
1701 r.in.level = array[i].level;
1703 switch (r.in.level) {
1705 nc.guid = null_guid;
1707 nc.dn = priv->domain_obj_dn?priv->domain_obj_dn:"";
1709 r.in.req.req5.destination_dsa_guid = GUID_random();
1710 r.in.req.req5.source_dsa_guid = null_guid;
1711 r.in.req.req5.naming_context = &nc;
1712 r.in.req.req5.highwatermark.tmp_highest_usn = 0;
1713 r.in.req.req5.highwatermark.reserved_usn = 0;
1714 r.in.req.req5.highwatermark.highest_usn = 0;
1715 r.in.req.req5.uptodateness_vector = NULL;
1716 r.in.req.req5.replica_flags = 0;
1717 if (lp_parm_bool(-1, "drsuapi","compression", False)) {
1718 r.in.req.req5.replica_flags |= DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES;
1720 r.in.req.req5.unknown2 = 0;
1721 r.in.req.req5.unknown3 = 0;
1722 r.in.req.req5.unknown4 = 0;
1723 r.in.req.req5.h1 = 0;
1727 nc.guid = null_guid;
1729 nc.dn = priv->domain_obj_dn?priv->domain_obj_dn:"";
1731 r.in.req.req8.destination_dsa_guid = GUID_random();
1732 r.in.req.req8.source_dsa_guid = null_guid;
1733 r.in.req.req8.naming_context = &nc;
1734 r.in.req.req8.highwatermark.tmp_highest_usn = 0;
1735 r.in.req.req8.highwatermark.reserved_usn = 0;
1736 r.in.req.req8.highwatermark.highest_usn = 0;
1737 r.in.req.req8.uptodateness_vector = NULL;
1738 r.in.req.req8.replica_flags = 0
1739 | DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE
1740 | DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP
1741 | DRSUAPI_DS_REPLICA_NEIGHBOUR_DO_SCHEDULED_SYNCS
1742 | DRSUAPI_DS_REPLICA_NEIGHBOUR_RETURN_OBJECT_PARENTS
1743 | DRSUAPI_DS_REPLICA_NEIGHBOUR_NEVER_SYNCED
1744 | DRSUAPI_DS_REPLICA_NEIGHBOUR_COMPRESS_CHANGES
1746 r.in.req.req8.unknown2 = 402;
1747 r.in.req.req8.unknown3 = 402116;
1748 r.in.req.req8.unknown4 = 0;
1749 r.in.req.req8.h1 = 0;
1750 r.in.req.req8.unique_ptr1 = 0;
1751 r.in.req.req8.unique_ptr2 = 0;
1752 r.in.req.req8.ctr12.count = 0;
1753 r.in.req.req8.ctr12.array = NULL;
1758 status = dcerpc_drsuapi_DsGetNCChanges(p, mem_ctx, &r);
1759 if (!NT_STATUS_IS_OK(status)) {
1760 const char *errstr = nt_errstr(status);
1761 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1762 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1764 printf("dcerpc_drsuapi_DsGetNCChanges failed - %s\n", errstr);
1766 } else if (!W_ERROR_IS_OK(r.out.result)) {
1767 printf("DsGetNCChanges failed - %s\n", win_errstr(r.out.result));
1775 static BOOL test_DsUnbind(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
1776 struct DsPrivate *priv)
1779 struct drsuapi_DsUnbind r;
1782 r.in.bind_handle = &priv->bind_handle;
1783 r.out.bind_handle = &priv->bind_handle;
1785 printf("testing DsUnbind\n");
1787 status = dcerpc_drsuapi_DsUnbind(p, mem_ctx, &r);
1788 if (!NT_STATUS_IS_OK(status)) {
1789 const char *errstr = nt_errstr(status);
1790 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
1791 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
1793 printf("dcerpc_drsuapi_DsUnbind failed - %s\n", errstr);
1795 } else if (!W_ERROR_IS_OK(r.out.result)) {
1796 printf("DsBind failed - %s\n", win_errstr(r.out.result));
1803 BOOL torture_rpc_drsuapi(void)
1806 struct dcerpc_pipe *p;
1807 TALLOC_CTX *mem_ctx;
1809 struct DsPrivate priv;
1811 mem_ctx = talloc_init("torture_rpc_drsuapi");
1813 status = torture_rpc_connection(mem_ctx,
1815 DCERPC_DRSUAPI_NAME,
1816 DCERPC_DRSUAPI_UUID,
1817 DCERPC_DRSUAPI_VERSION);
1818 if (!NT_STATUS_IS_OK(status)) {
1819 talloc_free(mem_ctx);
1823 printf("Connected to DRAUAPI pipe\n");
1827 ret &= test_DsBind(p, mem_ctx, &priv);
1829 ret &= test_DsGetDCInfo(p, mem_ctx, &priv);
1831 ret &= test_DsCrackNames(p, mem_ctx, &priv, priv.dcinfo.netbios_name);
1833 ret &= test_DsWriteAccountSpn(p, mem_ctx, &priv);
1835 ret &= test_DsReplicaGetInfo(p, mem_ctx, &priv);
1837 ret &= test_DsReplicaSync(p, mem_ctx, &priv);
1839 ret &= test_DsReplicaUpdateRefs(p, mem_ctx, &priv);
1841 ret &= test_DsGetNCChanges(p, mem_ctx, &priv);
1843 ret &= test_DsUnbind(p, mem_ctx, &priv);
1845 talloc_free(mem_ctx);
1850 BOOL torture_rpc_drsuapi_cracknames(void)
1853 struct dcerpc_pipe *p;
1854 TALLOC_CTX *mem_ctx;
1856 struct DsPrivate priv;
1858 mem_ctx = talloc_init("torture_rpc_drsuapi");
1860 status = torture_rpc_connection(mem_ctx,
1862 DCERPC_DRSUAPI_NAME,
1863 DCERPC_DRSUAPI_UUID,
1864 DCERPC_DRSUAPI_VERSION);
1865 if (!NT_STATUS_IS_OK(status)) {
1866 talloc_free(mem_ctx);
1870 printf("Connected to DRAUAPI pipe\n");
1874 ret &= test_DsBind(p, mem_ctx, &priv);
1876 ret &= test_DsCrackNames(p, mem_ctx, &priv, lp_parm_string(-1, "torture", "host"));
1878 ret &= test_DsUnbind(p, mem_ctx, &priv);
1880 talloc_free(mem_ctx);