s4:torture/rpc/netlogon.c - enhance the "DsRGetDCName*" tests

[ddiss/samba.git] / source4 / torture / rpc / netlogon.c
diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c

index 9b8f9b7800d398a6a115f00f14e79d350003b3c9..f1d605c67413054561a25fe2500bd06d31c268b1 100644 (file)
--- a/source4/torture/rpc/netlogon.c
+++ b/source4/torture/rpc/netlogon.c
@@ -32,14 +32,72 @@
  #include "librpc/gen_ndr/ndr_lsa_c.h"
  #include "param/param.h"
  #include "libcli/security/security.h"
-#include "lib/ldb/include/ldb.h"
+#include <ldb.h>
  #include "lib/util/util_ldb.h"
-#include "lib/ldb_wrap.h"
+#include "ldb_wrap.h"
  #include "lib/replace/system/network.h"
  #include "dsdb/samdb/samdb.h"
  
  #define TEST_MACHINE_NAME "torturetest"
  
+static bool test_netr_broken_binding_handle(struct torture_context *tctx,
+                                           struct dcerpc_pipe *p)
+{
+       NTSTATUS status;
+       struct netr_DsRGetSiteName r;
+       const char *site = NULL;
+       struct dcerpc_binding_handle *b = p->binding_handle;
+
+       r.in.computer_name      = talloc_asprintf(tctx, "\\\\%s",
+                                                 dcerpc_server_name(p));
+       r.out.site              = &site;
+
+       torture_comment(tctx,
+                       "Testing netlogon request with correct binding handle: %s\n",
+                       r.in.computer_name);
+
+       status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
+       torture_assert_ntstatus_ok(tctx, status,
+                                  "Netlogon request with broken binding handle");
+       torture_assert_werr_ok(tctx, r.out.result,
+                              "Netlogon request with broken binding handle");
+
+       if (torture_setting_bool(tctx, "samba3", false) ||
+           torture_setting_bool(tctx, "samba4", false)) {
+               torture_skip(tctx,
+                            "Skipping broken binding handle check against Samba");
+       }
+
+       r.in.computer_name      = talloc_asprintf(tctx, "\\\\\\\\%s",
+                                                 dcerpc_server_name(p));
+
+       torture_comment(tctx,
+                       "Testing netlogon request with broken binding handle: %s\n",
+                       r.in.computer_name);
+
+       status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
+       torture_assert_ntstatus_ok(tctx, status,
+                                  "Netlogon request with broken binding handle");
+       torture_assert_werr_equal(tctx, r.out.result,
+                                 WERR_INVALID_COMPUTERNAME,
+                                 "Netlogon request with broken binding handle");
+
+       r.in.computer_name      = "\\\\\\\\THIS_IS_NOT_VALID";
+
+       torture_comment(tctx,
+                       "Testing netlogon request with broken binding handle: %s\n",
+                       r.in.computer_name);
+
+       status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
+       torture_assert_ntstatus_ok(tctx, status,
+                                  "Netlogon request with broken binding handle");
+       torture_assert_werr_equal(tctx, r.out.result,
+                                 WERR_INVALID_COMPUTERNAME,
+                                 "Netlogon request with broken binding handle");
+
+       return true;
+}
+
  static bool test_LogonUasLogon(struct torture_context *tctx, 
                                struct dcerpc_pipe *p)
  {
@@ -146,7 +204,7 @@ bool test_SetupCredentials(struct dcerpc_pipe *p, struct torture_context *tctx,
  bool test_SetupCredentials2(struct dcerpc_pipe *p, struct torture_context *tctx,
                             uint32_t negotiate_flags,
                             struct cli_credentials *machine_credentials,
-                           int sec_chan_type,
+                           enum netr_SchannelType sec_chan_type,
                             struct netlogon_creds_CredentialState **creds_out)
  {
         struct netr_ServerReqChallenge r;
@@ -207,7 +265,7 @@ bool test_SetupCredentials2(struct dcerpc_pipe *p, struct torture_context *tctx,
  }
  
  
-static bool test_SetupCredentials3(struct dcerpc_pipe *p, struct torture_context *tctx,
+bool test_SetupCredentials3(struct dcerpc_pipe *p, struct torture_context *tctx,
                             uint32_t negotiate_flags,
                             struct cli_credentials *machine_credentials,
                             struct netlogon_creds_CredentialState **creds_out)
@@ -590,7 +648,7 @@ static bool test_SetPassword2(struct torture_context *tctx,
         new_password.length = IVAL(password_buf.data, 512);
  
         torture_comment(tctx, 
-               "Testing a third ServerPasswordSet2 on machine account, with a compleatly random password\n");
+               "Testing a third ServerPasswordSet2 on machine account, with a completely random password\n");
  
         netlogon_creds_client_authenticator(creds, &credential);
  
@@ -690,6 +748,7 @@ static bool test_netlogon_ops_args(struct dcerpc_pipe *p, struct torture_context
         NTSTATUS status;
         struct netr_LogonSamLogon r;
         struct netr_Authenticator auth, auth2;
+       static const struct netr_Authenticator auth_zero;
         union netr_LogonLevel logon;
         union netr_Validation validation;
         uint8_t authoritative;
@@ -698,11 +757,11 @@ static bool test_netlogon_ops_args(struct dcerpc_pipe *p, struct torture_context
         int i;
         struct dcerpc_binding_handle *b = p->binding_handle;
         int flags = CLI_CRED_NTLM_AUTH;
-       if (lp_client_lanman_auth(tctx->lp_ctx)) {
+       if (lpcfg_client_lanman_auth(tctx->lp_ctx)) {
                 flags |= CLI_CRED_LANMAN_AUTH;
         }
  
-       if (lp_client_ntlmv2_auth(tctx->lp_ctx)) {
+       if (lpcfg_client_ntlmv2_auth(tctx->lp_ctx) && !null_domain) {
                 flags |= CLI_CRED_NTLMv2_AUTH;
         }
  
@@ -754,7 +813,7 @@ static bool test_netlogon_ops_args(struct dcerpc_pipe *p, struct torture_context
  
         d_printf("Testing LogonSamLogon with name %s\n", ninfo.identity_info.account_name.string);
         
-       for (i=2;i<3;i++) {
+       for (i=2;i<=3;i++) {
                 ZERO_STRUCT(auth2);
                 netlogon_creds_client_authenticator(creds, &auth);
                 
@@ -767,11 +826,75 @@ static bool test_netlogon_ops_args(struct dcerpc_pipe *p, struct torture_context
                 torture_assert(tctx, netlogon_creds_client_check(creds, 
                                                                  &r.out.return_authenticator->cred), 
                         "Credential chaining failed");
+               torture_assert_int_equal(tctx, *r.out.authoritative, 1,
+                                        "LogonSamLogon invalid  *r.out.authoritative");
+       }
+
+       /* this makes sure we get the unmarshalling right for invalid levels */
+       for (i=52;i<53;i++) {
+               ZERO_STRUCT(auth2);
+               /* the authenticator should be ignored by the server */
+               generate_random_buffer((uint8_t *) &auth, sizeof(auth));
+
+               r.in.validation_level = i;
+
+               torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
+                                          "LogonSamLogon failed");
+               torture_assert_ntstatus_equal(tctx, r.out.result,
+                                             NT_STATUS_INVALID_INFO_CLASS,
+                                             "LogonSamLogon failed");
+
+               torture_assert_int_equal(tctx, *r.out.authoritative, 1,
+                                        "LogonSamLogon invalid  *r.out.authoritative");
+               torture_assert(tctx,
+                              memcmp(&auth2, &auth_zero, sizeof(auth2)) == 0,
+                              "Return authenticator non zero");
+       }
+
+       for (i=2;i<=3;i++) {
+               ZERO_STRUCT(auth2);
+               netlogon_creds_client_authenticator(creds, &auth);
+
+               r.in.validation_level = i;
+
+               torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
+                       "LogonSamLogon failed");
+               torture_assert_ntstatus_ok(tctx, r.out.result, "LogonSamLogon failed");
+
+               torture_assert(tctx, netlogon_creds_client_check(creds,
+                                                                &r.out.return_authenticator->cred),
+                       "Credential chaining failed");
+               torture_assert_int_equal(tctx, *r.out.authoritative, 1,
+                                        "LogonSamLogon invalid  *r.out.authoritative");
+       }
+
+       r.in.logon_level = 52;
+
+       for (i=2;i<=3;i++) {
+               ZERO_STRUCT(auth2);
+               /* the authenticator should be ignored by the server */
+               generate_random_buffer((uint8_t *) &auth, sizeof(auth));
+
+               r.in.validation_level = i;
+
+               torture_comment(tctx, "Testing SamLogon with validation level %d and a NULL credential\n", i);
+
+               torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
+                       "LogonSamLogon failed");
+               torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_INVALID_PARAMETER,
+                       "LogonSamLogon expected INVALID_PARAMETER");
+
+               torture_assert(tctx,
+                              memcmp(&auth2, &auth_zero, sizeof(auth2)) == 0,
+                              "Return authenticator non zero");
+               torture_assert_int_equal(tctx, *r.out.authoritative, 1,
+                                        "LogonSamLogon invalid  *r.out.authoritative");
         }
  
         r.in.credential = NULL;
  
         for (i=2;i<=3;i++) {
+               ZERO_STRUCT(auth2);
  
                 r.in.validation_level = i;
  
@@ -782,6 +905,31 @@ static bool test_netlogon_ops_args(struct dcerpc_pipe *p, struct torture_context
                 torture_assert_ntstatus_equal(tctx, r.out.result, NT_STATUS_INVALID_PARAMETER,
                         "LogonSamLogon expected INVALID_PARAMETER");
  
+               torture_assert(tctx,
+                              memcmp(&auth2, &auth_zero, sizeof(auth2)) == 0,
+                              "Return authenticator non zero");
+               torture_assert_int_equal(tctx, *r.out.authoritative, 1,
+                                        "LogonSamLogon invalid  *r.out.authoritative");
+       }
+
+       r.in.logon_level = 2;
+       r.in.credential = &auth;
+
+       for (i=2;i<=3;i++) {
+               ZERO_STRUCT(auth2);
+               netlogon_creds_client_authenticator(creds, &auth);
+
+               r.in.validation_level = i;
+
+               torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonSamLogon_r(b, tctx, &r),
+                       "LogonSamLogon failed");
+               torture_assert_ntstatus_ok(tctx, r.out.result, "LogonSamLogon failed");
+
+               torture_assert(tctx, netlogon_creds_client_check(creds,
+                                                                &r.out.return_authenticator->cred),
+                       "Credential chaining failed");
+               torture_assert_int_equal(tctx, *r.out.authoritative, 1,
+                                        "LogonSamLogon invalid  *r.out.authoritative");
         }
  
         return true;
@@ -794,6 +942,60 @@ bool test_netlogon_ops(struct dcerpc_pipe *p, struct torture_context *tctx,
         return test_netlogon_ops_args(p, tctx, credentials, creds, false);
  }
  
+/*
+  try a netlogon GetCapabilities
+*/
+bool test_netlogon_capabilities(struct dcerpc_pipe *p, struct torture_context *tctx,
+                               struct cli_credentials *credentials,
+                               struct netlogon_creds_CredentialState *creds)
+{
+       NTSTATUS status;
+       struct netr_LogonGetCapabilities r;
+       union netr_Capabilities capabilities;
+       struct netr_Authenticator auth, return_auth;
+       struct netlogon_creds_CredentialState tmp_creds;
+       struct dcerpc_binding_handle *b = p->binding_handle;
+
+       r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
+       r.in.computer_name = cli_credentials_get_workstation(credentials);
+       r.in.credential = &auth;
+       r.in.return_authenticator = &return_auth;
+       r.in.query_level = 1;
+       r.out.capabilities = &capabilities;
+       r.out.return_authenticator = &return_auth;
+
+       torture_comment(tctx, "Testing LogonGetCapabilities\n");
+
+       ZERO_STRUCT(return_auth);
+
+       /*
+        * we need to operate on a temporary copy of creds
+        * because dcerpc_netr_LogonGetCapabilities was
+        * dcerpc_netr_DummyFunction and returns NT_STATUS_NOT_IMPLEMENTED
+        * without looking a the authenticator.
+        */
+       tmp_creds = *creds;
+       netlogon_creds_client_authenticator(&tmp_creds, &auth);
+
+       status = dcerpc_netr_LogonGetCapabilities_r(b, tctx, &r);
+       torture_assert_ntstatus_ok(tctx, status, "LogonGetCapabilities failed");
+       if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_IMPLEMENTED)) {
+               return true;
+       }
+
+       *creds = tmp_creds;
+
+       torture_assert(tctx, netlogon_creds_client_check(creds,
+                                                        &r.out.return_authenticator->cred),
+                      "Credential chaining failed");
+
+       torture_assert_int_equal(tctx, creds->negotiate_flags,
+                                capabilities.server_capabilities,
+                                "negotiate flags");
+
+       return true;
+}
+
  /*
    try a netlogon SamLogon
  */
@@ -1602,7 +1804,7 @@ static bool test_GetDcName(struct torture_context *tctx,
         struct dcerpc_binding_handle *b = p->binding_handle;
  
         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
-       r.in.domainname = lp_workgroup(tctx->lp_ctx);
+       r.in.domainname = lpcfg_workgroup(tctx->lp_ctx);
         r.out.dcname = &dcname;
  
         torture_assert_ntstatus_ok(tctx, dcerpc_netr_GetDcName_r(b, tctx, &r),
@@ -1772,6 +1974,13 @@ static bool test_LogonControl(struct torture_context *tctx,
         }
         }
  
+       r.in.level = 52;
+       torture_comment(tctx, "Testing LogonControl function code %s (%d) level %d\n",
+                       function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
+       status = dcerpc_netr_LogonControl_r(b, tctx, &r);
+       torture_assert_ntstatus_ok(tctx, status, "LogonControl");
+       torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_LEVEL, "LogonControl");
+
         return true;
  }
  
@@ -1787,7 +1996,7 @@ static bool test_GetAnyDCName(struct torture_context *tctx,
         const char *dcname = NULL;
         struct dcerpc_binding_handle *b = p->binding_handle;
  
-       r.in.domainname = lp_workgroup(tctx->lp_ctx);
+       r.in.domainname = lpcfg_workgroup(tctx->lp_ctx);
         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
         r.out.dcname = &dcname;
  
@@ -1839,7 +2048,7 @@ static bool test_LogonControl2(struct torture_context *tctx,
         int i;
         struct dcerpc_binding_handle *b = p->binding_handle;
  
-       data.domain = lp_workgroup(tctx->lp_ctx);
+       data.domain = lpcfg_workgroup(tctx->lp_ctx);
  
         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
  
@@ -1850,14 +2059,14 @@ static bool test_LogonControl2(struct torture_context *tctx,
         for (i=1;i<4;i++) {
                 r.in.level = i;
  
-               torture_comment(tctx, "Testing LogonControl2 level %d function %d\n", 
-                      i, r.in.function_code);
+               torture_comment(tctx, "Testing LogonControl2 function code %s (%d) level %d\n",
+                       function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
  
                 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
-               torture_assert_ntstatus_ok(tctx, status, "LogonControl");
+               torture_assert_ntstatus_ok(tctx, status, "LogonControl2");
         }
  
-       data.domain = lp_workgroup(tctx->lp_ctx);
+       data.domain = lpcfg_workgroup(tctx->lp_ctx);
  
         r.in.function_code = NETLOGON_CONTROL_TC_QUERY;
         r.in.data = &data;
@@ -1865,14 +2074,14 @@ static bool test_LogonControl2(struct torture_context *tctx,
         for (i=1;i<4;i++) {
                 r.in.level = i;
  
-               torture_comment(tctx, "Testing LogonControl2 level %d function %d\n", 
-                      i, r.in.function_code);
+               torture_comment(tctx, "Testing LogonControl2 function code %s (%d) level %d\n",
+                       function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
  
                 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
-               torture_assert_ntstatus_ok(tctx, status, "LogonControl");
+               torture_assert_ntstatus_ok(tctx, status, "LogonControl2");
         }
  
-       data.domain = lp_workgroup(tctx->lp_ctx);
+       data.domain = lpcfg_workgroup(tctx->lp_ctx);
  
         r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY;
         r.in.data = &data;
@@ -1880,11 +2089,11 @@ static bool test_LogonControl2(struct torture_context *tctx,
         for (i=1;i<4;i++) {
                 r.in.level = i;
  
-               torture_comment(tctx, "Testing LogonControl2 level %d function %d\n", 
-                      i, r.in.function_code);
+               torture_comment(tctx, "Testing LogonControl2 function code %s (%d) level %d\n",
+                       function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
  
                 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
-               torture_assert_ntstatus_ok(tctx, status, "LogonControl");
+               torture_assert_ntstatus_ok(tctx, status, "LogonControl2");
         }
  
         data.debug_level = ~0;
@@ -1895,13 +2104,37 @@ static bool test_LogonControl2(struct torture_context *tctx,
         for (i=1;i<4;i++) {
                 r.in.level = i;
  
-               torture_comment(tctx, "Testing LogonControl2 level %d function %d\n", 
-                      i, r.in.function_code);
+               torture_comment(tctx, "Testing LogonControl2 function code %s (%d) level %d\n",
+                       function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
  
                 status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
-               torture_assert_ntstatus_ok(tctx, status, "LogonControl");
+               torture_assert_ntstatus_ok(tctx, status, "LogonControl2");
         }
  
+       ZERO_STRUCT(data);
+       r.in.function_code = 52;
+       r.in.data = &data;
+
+       torture_comment(tctx, "Testing LogonControl2 function code %s (%d) level %d\n",
+                       function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
+
+       status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
+       torture_assert_ntstatus_ok(tctx, status, "LogonControl2");
+       torture_assert_werr_equal(tctx, r.out.result, WERR_UNKNOWN_LEVEL, "LogonControl2");
+
+       data.debug_level = ~0;
+
+       r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG;
+       r.in.data = &data;
+
+       r.in.level = 52;
+       torture_comment(tctx, "Testing LogonControl2 function code %s (%d) level %d\n",
+                       function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level);
+
+       status = dcerpc_netr_LogonControl2_r(b, tctx, &r);
+       torture_assert_ntstatus_ok(tctx, status, "LogonControl2");
+       torture_assert_werr_equal(tctx, r.out.result, WERR_UNKNOWN_LEVEL, "LogonControl2");
+
         return true;
  }
  
@@ -1991,7 +2224,7 @@ static bool test_LogonControl2Ex(struct torture_context *tctx,
         int i;
         struct dcerpc_binding_handle *b = p->binding_handle;
  
-       data.domain = lp_workgroup(tctx->lp_ctx);
+       data.domain = lpcfg_workgroup(tctx->lp_ctx);
  
         r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
  
@@ -2009,7 +2242,7 @@ static bool test_LogonControl2Ex(struct torture_context *tctx,
                 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
         }
  
-       data.domain = lp_workgroup(tctx->lp_ctx);
+       data.domain = lpcfg_workgroup(tctx->lp_ctx);
  
         r.in.function_code = NETLOGON_CONTROL_TC_QUERY;
         r.in.data = &data;
@@ -2024,7 +2257,7 @@ static bool test_LogonControl2Ex(struct torture_context *tctx,
                 torture_assert_ntstatus_ok(tctx, status, "LogonControl");
         }
  
-       data.domain = lp_workgroup(tctx->lp_ctx);
+       data.domain = lpcfg_workgroup(tctx->lp_ctx);
  
         r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY;
         r.in.data = &data;
@@ -2057,6 +2290,48 @@ static bool test_LogonControl2Ex(struct torture_context *tctx,
         return true;
  }
  
+static bool test_netr_GetForestTrustInformation(struct torture_context *tctx,
+                                               struct dcerpc_pipe *p,
+                                               struct cli_credentials *machine_credentials)
+{
+       struct netr_GetForestTrustInformation r;
+       struct netlogon_creds_CredentialState *creds;
+       struct netr_Authenticator a;
+       struct netr_Authenticator return_authenticator;
+       struct lsa_ForestTrustInformation *forest_trust_info;
+       struct dcerpc_binding_handle *b = p->binding_handle;
+
+       if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS,
+                                   machine_credentials, &creds)) {
+               return false;
+       }
+
+       netlogon_creds_client_authenticator(creds, &a);
+
+       r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
+       r.in.computer_name = TEST_MACHINE_NAME;
+       r.in.credential = &a;
+       r.in.flags = 0;
+       r.out.return_authenticator = &return_authenticator;
+       r.out.forest_trust_info = &forest_trust_info;
+
+       torture_assert_ntstatus_ok(tctx,
+               dcerpc_netr_GetForestTrustInformation_r(b, tctx, &r),
+               "netr_GetForestTrustInformation failed");
+       if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_NOT_IMPLEMENTED)) {
+               torture_comment(tctx, "not considering NT_STATUS_NOT_IMPLEMENTED as an error\n");
+       } else {
+               torture_assert_ntstatus_ok(tctx, r.out.result,
+                       "netr_GetForestTrustInformation failed");
+       }
+
+       torture_assert(tctx,
+               netlogon_creds_client_check(creds, &return_authenticator.cred),
+               "Credential chaining failed");
+
+       return true;
+}
+
  static bool test_netr_DsRGetForestTrustInformation(struct torture_context *tctx, 
                                                    struct dcerpc_pipe *p, const char *trusted_domain_name) 
  {
@@ -2139,7 +2414,7 @@ static bool test_netr_NetrEnumerateTrustedDomains(struct torture_context *tctx,
  
         status = dcerpc_netr_NetrEnumerateTrustedDomains_r(b, tctx, &r);
         torture_assert_ntstatus_ok(tctx, status, "netr_NetrEnumerateTrustedDomains");
-       torture_assert_werr_ok(tctx, r.out.result, "NetrEnumerateTrustedDomains");
+       torture_assert_ntstatus_ok(tctx, r.out.result, "NetrEnumerateTrustedDomains");
  
         return true;
  }
@@ -2181,17 +2456,6 @@ static bool test_netr_DsRGetSiteName(struct dcerpc_pipe *p, struct torture_conte
         torture_assert_werr_ok(tctx, r.out.result, "DsRGetSiteName");
         torture_assert_str_equal(tctx, expected_site, site, "netr_DsRGetSiteName");
  
-       if (torture_setting_bool(tctx, "samba4", false))
-               torture_skip(tctx, "skipping computer name check against Samba4");
-
-       r.in.computer_name              = talloc_asprintf(tctx, "\\\\%s", computer_name);
-       torture_comment(tctx, 
-                       "Testing netr_DsRGetSiteName with broken computer name: %s\n", r.in.computer_name);
-
-       status = dcerpc_netr_DsRGetSiteName_r(b, tctx, &r);
-       torture_assert_ntstatus_ok(tctx, status, "DsRGetSiteName");
-       torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_COMPUTERNAME, "netr_DsRGetSiteName");
-
         return true;
  }
  
@@ -2207,7 +2471,7 @@ static bool test_netr_DsRGetDCName(struct torture_context *tctx,
         struct dcerpc_binding_handle *b = p->binding_handle;
  
         r.in.server_unc         = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
-       r.in.domain_name        = lp_dnsdomain(tctx->lp_ctx);
+       r.in.domain_name        = lpcfg_dnsdomain(tctx->lp_ctx);
         r.in.domain_guid        = NULL;
         r.in.site_guid          = NULL;
         r.in.flags              = DS_RETURN_DNS_NAME;
@@ -2217,12 +2481,44 @@ static bool test_netr_DsRGetDCName(struct torture_context *tctx,
         torture_assert_ntstatus_ok(tctx, status, "DsRGetDCName");
         torture_assert_werr_ok(tctx, r.out.result, "DsRGetDCName");
  
-       r.in.domain_name        = lp_workgroup(tctx->lp_ctx);
+       torture_assert_int_equal(tctx,
+                                (info->dc_flags & (DS_DNS_CONTROLLER)),
+                                DS_DNS_CONTROLLER,
+                                "DsRGetDCName");
+       torture_assert_int_equal(tctx,
+                                (info->dc_flags & (DS_DNS_DOMAIN)),
+                                DS_DNS_DOMAIN,
+                                "DsRGetDCName");
+       torture_assert_int_equal(tctx,
+                                (info->dc_flags & (DS_DNS_FOREST_ROOT)),
+                                DS_DNS_FOREST_ROOT,
+                                "DsRGetDCName");
+
+       r.in.domain_name        = lpcfg_workgroup(tctx->lp_ctx);
+       r.in.flags              = 0;
  
         status = dcerpc_netr_DsRGetDCName_r(b, tctx, &r);
         torture_assert_ntstatus_ok(tctx, status, "DsRGetDCName");
         torture_assert_werr_ok(tctx, r.out.result, "DsRGetDCName");
  
+       torture_assert_int_equal(tctx,
+                                (info->dc_flags & (DS_DNS_CONTROLLER)), 0,
+                                "DsRGetDCName");
+       torture_assert_int_equal(tctx,
+                                (info->dc_flags & (DS_DNS_DOMAIN)), 0,
+                                "DsRGetDCName");
+       torture_assert_int_equal(tctx,
+                                (info->dc_flags & (DS_DNS_FOREST_ROOT)),
+                                DS_DNS_FOREST_ROOT,
+                                "DsRGetDCName");
+
+       if (strcasecmp(info->dc_site_name, info->client_site_name) == 0) {
+               torture_assert_int_equal(tctx,
+                                        (info->dc_flags & (DS_SERVER_CLOSEST)),
+                                        DS_SERVER_CLOSEST,
+                                        "DsRGetDCName");
+       }
+
         return test_netr_DsRGetSiteName(p, tctx, 
                                        info->dc_unc,
                                        info->dc_site_name);
@@ -2240,7 +2536,7 @@ static bool test_netr_DsRGetDCNameEx(struct torture_context *tctx,
         struct dcerpc_binding_handle *b = p->binding_handle;
  
         r.in.server_unc         = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
-       r.in.domain_name        = lp_dnsdomain(tctx->lp_ctx);
+       r.in.domain_name        = lpcfg_dnsdomain(tctx->lp_ctx);
         r.in.domain_guid        = NULL;
         r.in.site_name          = NULL;
         r.in.flags              = DS_RETURN_DNS_NAME;
@@ -2250,12 +2546,44 @@ static bool test_netr_DsRGetDCNameEx(struct torture_context *tctx,
         torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx");
         torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx");
  
-       r.in.domain_name        = lp_workgroup(tctx->lp_ctx);
+       torture_assert_int_equal(tctx,
+                                (info->dc_flags & (DS_DNS_CONTROLLER)),
+                                DS_DNS_CONTROLLER,
+                                "DsRGetDCNameEx");
+       torture_assert_int_equal(tctx,
+                                (info->dc_flags & (DS_DNS_DOMAIN)),
+                                DS_DNS_DOMAIN,
+                                "DsRGetDCNameEx");
+       torture_assert_int_equal(tctx,
+                                (info->dc_flags & (DS_DNS_FOREST_ROOT)),
+                                DS_DNS_FOREST_ROOT,
+                                "DsRGetDCNameEx");
+
+       r.in.domain_name        = lpcfg_workgroup(tctx->lp_ctx);
+       r.in.flags              = 0;
  
         status = dcerpc_netr_DsRGetDCNameEx_r(b, tctx, &r);
         torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx");
         torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx");
  
+       torture_assert_int_equal(tctx,
+                                (info->dc_flags & (DS_DNS_CONTROLLER)), 0,
+                                "DsRGetDCNameEx");
+       torture_assert_int_equal(tctx,
+                                (info->dc_flags & (DS_DNS_DOMAIN)), 0,
+                                "DsRGetDCNameEx");
+       torture_assert_int_equal(tctx,
+                                (info->dc_flags & (DS_DNS_FOREST_ROOT)),
+                                DS_DNS_FOREST_ROOT,
+                                "DsRGetDCNameEx");
+
+       if (strcasecmp(info->dc_site_name, info->client_site_name) == 0) {
+               torture_assert_int_equal(tctx,
+                                        (info->dc_flags & (DS_SERVER_CLOSEST)),
+                                        DS_SERVER_CLOSEST,
+                                        "DsRGetDCNameEx");
+       }
+
         return test_netr_DsRGetSiteName(p, tctx, info->dc_unc,
                                         info->dc_site_name);
  }
@@ -2271,10 +2599,32 @@ static bool test_netr_DsRGetDCNameEx2(struct torture_context *tctx,
         struct netr_DsRGetDCNameInfo *info = NULL;
         struct dcerpc_binding_handle *b = p->binding_handle;
  
+       torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 with no inputs\n");
+       ZERO_STRUCT(r.in);
+       r.in.flags              = DS_RETURN_DNS_NAME;
+       r.out.info              = &info;
+
+       status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
+       torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
+       torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
+
+       torture_assert_int_equal(tctx,
+                                (info->dc_flags & (DS_DNS_CONTROLLER)),
+                                DS_DNS_CONTROLLER,
+                                "DsRGetDCNameEx2");
+       torture_assert_int_equal(tctx,
+                                (info->dc_flags & (DS_DNS_DOMAIN)),
+                                DS_DNS_DOMAIN,
+                                "DsRGetDCNameEx2");
+       torture_assert_int_equal(tctx,
+                                (info->dc_flags & (DS_DNS_FOREST_ROOT)),
+                                DS_DNS_FOREST_ROOT,
+                                "DsRGetDCNameEx2");
+
         r.in.server_unc         = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p));
         r.in.client_account     = NULL;
         r.in.mask               = 0x00000000;
-       r.in.domain_name        = lp_dnsdomain(tctx->lp_ctx);
+       r.in.domain_name        = lpcfg_dnsdomain(tctx->lp_ctx);
         r.in.domain_guid        = NULL;
         r.in.site_name          = NULL;
         r.in.flags              = DS_RETURN_DNS_NAME;
@@ -2286,12 +2636,31 @@ static bool test_netr_DsRGetDCNameEx2(struct torture_context *tctx,
         torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
         torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
  
-       r.in.domain_name        = lp_workgroup(tctx->lp_ctx);
+       r.in.domain_name        = lpcfg_workgroup(tctx->lp_ctx);
+       r.in.flags              = 0;
  
         status = dcerpc_netr_DsRGetDCNameEx2_r(b, tctx, &r);
         torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2");
         torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2");
  
+       torture_assert_int_equal(tctx,
+                                (info->dc_flags & (DS_DNS_CONTROLLER)), 0,
+                                "DsRGetDCNameEx2");
+       torture_assert_int_equal(tctx,
+                                (info->dc_flags & (DS_DNS_DOMAIN)), 0,
+                                "DsRGetDCNameEx2");
+       torture_assert_int_equal(tctx,
+                                (info->dc_flags & (DS_DNS_FOREST_ROOT)),
+                                DS_DNS_FOREST_ROOT,
+                                "DsRGetDCNameEx2");
+
+       if (strcasecmp(info->dc_site_name, info->client_site_name) == 0) {
+               torture_assert_int_equal(tctx,
+                                        (info->dc_flags & (DS_SERVER_CLOSEST)),
+                                        DS_SERVER_CLOSEST,
+                                        "DsRGetDCNameEx2");
+       }
+
         torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 with client account\n");
         r.in.client_account     = TEST_MACHINE_NAME"$";
         r.in.mask               = ACB_SVRTRUST;
@@ -2306,6 +2675,55 @@ static bool test_netr_DsRGetDCNameEx2(struct torture_context *tctx,
                                         info->dc_site_name);
  }
  
+/* This is a substitution for "samdb_server_site_name" which relies on the
+ * correct "lp_ctx" and therefore can't be used here. */
+static const char *server_site_name(struct torture_context *tctx,
+                                   struct ldb_context *ldb)
+{
+       TALLOC_CTX *tmp_ctx;
+       struct ldb_dn *dn, *server_dn;
+       const struct ldb_val *site_name_val;
+       const char *server_dn_str, *site_name;
+
+       tmp_ctx = talloc_new(ldb);
+       if (tmp_ctx == NULL) {
+               goto failed;
+       }
+
+       dn = ldb_dn_new(tmp_ctx, ldb, "");
+       if (dn == NULL) {
+               goto failed;
+       }
+
+       server_dn_str = samdb_search_string(ldb, tmp_ctx, dn, "serverName",
+                                           NULL);
+       if (server_dn_str == NULL) {
+               goto failed;
+       }
+
+       server_dn = ldb_dn_new(tmp_ctx, ldb, server_dn_str);
+       if (server_dn == NULL) {
+               goto failed;
+       }
+
+       /* CN=<Server name>, CN=Servers, CN=<Site name>, CN=Sites, ... */
+       site_name_val = ldb_dn_get_component_val(server_dn, 2);
+       if (site_name_val == NULL) {
+               goto failed;
+       }
+
+       site_name = (const char *) site_name_val->data;
+
+       talloc_steal(tctx, site_name);
+       talloc_free(tmp_ctx);
+
+       return site_name;
+
+failed:
+       talloc_free(tmp_ctx);
+       return NULL;
+}
+
  static bool test_netr_DsrGetDcSiteCoverageW(struct torture_context *tctx, 
                                             struct dcerpc_pipe *p)
  {
@@ -2341,7 +2759,7 @@ static bool test_netr_DsrGetDcSiteCoverageW(struct torture_context *tctx,
                        "we should per default only get the default site");
         if (sam_ctx != NULL) {
                 torture_assert_casestr_equal(tctx, ctr->sites[0].string,
-                                            samdb_server_site_name(sam_ctx, tctx),
+                                            server_site_name(tctx, sam_ctx),
                                              "didn't return default site");
         }
  
@@ -2357,7 +2775,9 @@ static bool test_netr_DsRAddressToSitenamesW(struct torture_context *tctx,
         struct netr_DsRAddressToSitenamesW r;
         struct netr_DsRAddress addrs[6];
         struct sockaddr_in *addr;
+#ifdef HAVE_IPV6
         struct sockaddr_in6 *addr6;
+#endif
         struct netr_DsRAddressToSitenamesWCtr *ctr;
         struct dcerpc_binding_handle *b = p->binding_handle;
         uint32_t i;
@@ -2382,45 +2802,69 @@ static bool test_netr_DsRAddressToSitenamesW(struct torture_context *tctx,
         addrs[0].size = sizeof(struct sockaddr_in);
         addrs[0].buffer = talloc_zero_array(tctx, uint8_t, addrs[0].size);
         addr = (struct sockaddr_in *) addrs[0].buffer;
-       addr->sin_family = AF_INET;
+       addrs[0].buffer[0] = AF_INET;
         ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
         torture_assert(tctx, ret > 0, "inet_pton failed");
  
         addrs[1].size = sizeof(struct sockaddr_in);
         addrs[1].buffer = talloc_zero_array(tctx, uint8_t, addrs[1].size);
         addr = (struct sockaddr_in *) addrs[1].buffer;
-       addr->sin_family = AF_INET;
+       addrs[1].buffer[0] = AF_INET;
         ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
         torture_assert(tctx, ret > 0, "inet_pton failed");
  
         addrs[2].size = sizeof(struct sockaddr_in);
         addrs[2].buffer = talloc_zero_array(tctx, uint8_t, addrs[2].size);
         addr = (struct sockaddr_in *) addrs[2].buffer;
-       addr->sin_family = AF_INET;
-       ret = inet_pton(AF_INET, "255.255.255.255",
-                       &((struct sockaddr_in *)addrs[2].buffer)->sin_addr);
+       addrs[2].buffer[0] = AF_INET;
+       ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
         torture_assert(tctx, ret > 0, "inet_pton failed");
  
+#ifdef HAVE_IPV6
         addrs[3].size = sizeof(struct sockaddr_in6);
         addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
         addr6 = (struct sockaddr_in6 *) addrs[3].buffer;
-       addr6->sin6_family = AF_INET6;
+       addrs[3].buffer[0] = AF_INET6;
         ret = inet_pton(AF_INET6, "::1", &addr6->sin6_addr);
         torture_assert(tctx, ret > 0, "inet_pton failed");
  
         addrs[4].size = sizeof(struct sockaddr_in6);
         addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
         addr6 = (struct sockaddr_in6 *) addrs[4].buffer;
-       addr6->sin6_family = AF_INET6;
+       addrs[4].buffer[0] = AF_INET6;
         ret = inet_pton(AF_INET6, "::", &addr6->sin6_addr);
         torture_assert(tctx, ret > 0, "inet_pton failed");
  
         addrs[5].size = sizeof(struct sockaddr_in6);
         addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
         addr6 = (struct sockaddr_in6 *) addrs[5].buffer;
-       addr6->sin6_family = AF_INET6;
+       addrs[5].buffer[0] = AF_INET6;
         ret = inet_pton(AF_INET6, "ff02::1", &addr6->sin6_addr);
         torture_assert(tctx, ret > 0, "inet_pton failed");
+#else
+       /* the test cases are repeated to have exactly 6. This is for
+        * compatibility with IPv4-only machines */
+       addrs[3].size = sizeof(struct sockaddr_in);
+       addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
+       addr = (struct sockaddr_in *) addrs[3].buffer;
+       addrs[3].buffer[0] = AF_INET;
+       ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
+       torture_assert(tctx, ret > 0, "inet_pton failed");
+
+       addrs[4].size = sizeof(struct sockaddr_in);
+       addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
+       addr = (struct sockaddr_in *) addrs[4].buffer;
+       addrs[4].buffer[0] = AF_INET;
+       ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
+       torture_assert(tctx, ret > 0, "inet_pton failed");
+
+       addrs[5].size = sizeof(struct sockaddr_in);
+       addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
+       addr = (struct sockaddr_in *) addrs[5].buffer;
+       addrs[5].buffer[0] = AF_INET;
+       ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
+       torture_assert(tctx, ret > 0, "inet_pton failed");
+#endif
  
         ctr = talloc(tctx, struct netr_DsRAddressToSitenamesWCtr);
  
@@ -2437,16 +2881,18 @@ static bool test_netr_DsRAddressToSitenamesW(struct torture_context *tctx,
                 for (i = 0; i < 3; i++) {
                         torture_assert_casestr_equal(tctx,
                                                      ctr->sitename[i].string,
-                                                    samdb_server_site_name(sam_ctx, tctx),
+                                                    server_site_name(tctx, sam_ctx),
                                                      "didn't return default site");
                 }
                 for (i = 3; i < 6; i++) {
-/* Windows returns "NULL" for the sitename if it isn't IPv6 configured
-                       torture_assert_casestr_equal(tctx,
-                                                    ctr->sitename[i].string,
-                                                    samdb_server_site_name(sam_ctx, tctx),
-                                                    "didn't return default site");
-*/
+                       /* Windows returns "NULL" for the sitename if it isn't
+                        * IPv6 configured */
+                       if (torture_setting_bool(tctx, "samba4", false)) {
+                               torture_assert_casestr_equal(tctx,
+                                                            ctr->sitename[i].string,
+                                                            server_site_name(tctx, sam_ctx),
+                                                            "didn't return default site");
+                       }
                 }
         }
  
@@ -2474,16 +2920,16 @@ static bool test_netr_DsRAddressToSitenamesW(struct torture_context *tctx,
         addrs[0].size = 10;
         addrs[0].buffer[0] = AF_UNSPEC;
         addrs[1].size = 10;
-       addrs[1].buffer[0] = AF_LOCAL;
+       addrs[1].buffer[0] = AF_UNIX; /* AF_LOCAL = AF_UNIX */
         addrs[2].size = 10;
         addrs[2].buffer[0] = AF_UNIX;
  
         addrs[3].size = 10;
-       addrs[3].buffer[0] = AF_FILE;
+       addrs[3].buffer[0] = 250;
         addrs[4].size = 10;
-       addrs[4].buffer[0] = AF_AX25;
+       addrs[4].buffer[0] = 251;
         addrs[5].size = 10;
-       addrs[5].buffer[0] = AF_IPX;
+       addrs[5].buffer[0] = 252;
  
         status = dcerpc_netr_DsRAddressToSitenamesW_r(b, tctx, &r);
         torture_assert_ntstatus_ok(tctx, status, "failed");
@@ -2506,7 +2952,9 @@ static bool test_netr_DsRAddressToSitenamesExW(struct torture_context *tctx,
         struct netr_DsRAddressToSitenamesExW r;
         struct netr_DsRAddress addrs[6];
         struct sockaddr_in *addr;
+#ifdef HAVE_IPV6
         struct sockaddr_in6 *addr6;
+#endif
         struct netr_DsRAddressToSitenamesExWCtr *ctr;
         struct dcerpc_binding_handle *b = p->binding_handle;
         uint32_t i;
@@ -2531,45 +2979,69 @@ static bool test_netr_DsRAddressToSitenamesExW(struct torture_context *tctx,
         addrs[0].size = sizeof(struct sockaddr_in);
         addrs[0].buffer = talloc_zero_array(tctx, uint8_t, addrs[0].size);
         addr = (struct sockaddr_in *) addrs[0].buffer;
-       addr->sin_family = AF_INET;
+       addrs[0].buffer[0] = AF_INET;
         ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
         torture_assert(tctx, ret > 0, "inet_pton failed");
  
         addrs[1].size = sizeof(struct sockaddr_in);
         addrs[1].buffer = talloc_zero_array(tctx, uint8_t, addrs[1].size);
         addr = (struct sockaddr_in *) addrs[1].buffer;
-       addr->sin_family = AF_INET;
+       addrs[1].buffer[0] = AF_INET;
         ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
         torture_assert(tctx, ret > 0, "inet_pton failed");
  
         addrs[2].size = sizeof(struct sockaddr_in);
         addrs[2].buffer = talloc_zero_array(tctx, uint8_t, addrs[2].size);
         addr = (struct sockaddr_in *) addrs[2].buffer;
-       addr->sin_family = AF_INET;
-       ret = inet_pton(AF_INET, "255.255.255.255",
-                       &((struct sockaddr_in *)addrs[2].buffer)->sin_addr);
+       addrs[2].buffer[0] = AF_INET;
+       ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
         torture_assert(tctx, ret > 0, "inet_pton failed");
  
+#ifdef HAVE_IPV6
         addrs[3].size = sizeof(struct sockaddr_in6);
         addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
         addr6 = (struct sockaddr_in6 *) addrs[3].buffer;
-       addr6->sin6_family = AF_INET6;
+       addrs[3].buffer[0] = AF_INET6;
         ret = inet_pton(AF_INET6, "::1", &addr6->sin6_addr);
         torture_assert(tctx, ret > 0, "inet_pton failed");
  
         addrs[4].size = sizeof(struct sockaddr_in6);
         addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
         addr6 = (struct sockaddr_in6 *) addrs[4].buffer;
-       addr6->sin6_family = AF_INET6;
+       addrs[4].buffer[0] = AF_INET6;
         ret = inet_pton(AF_INET6, "::", &addr6->sin6_addr);
         torture_assert(tctx, ret > 0, "inet_pton failed");
  
         addrs[5].size = sizeof(struct sockaddr_in6);
         addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
         addr6 = (struct sockaddr_in6 *) addrs[5].buffer;
-       addr6->sin6_family = AF_INET6;
+       addrs[5].buffer[0] = AF_INET6;
         ret = inet_pton(AF_INET6, "ff02::1", &addr6->sin6_addr);
         torture_assert(tctx, ret > 0, "inet_pton failed");
+#else
+       /* the test cases are repeated to have exactly 6. This is for
+        * compatibility with IPv4-only machines */
+       addrs[3].size = sizeof(struct sockaddr_in);
+       addrs[3].buffer = talloc_zero_array(tctx, uint8_t, addrs[3].size);
+       addr = (struct sockaddr_in *) addrs[3].buffer;
+       addrs[3].buffer[0] = AF_INET;
+       ret = inet_pton(AF_INET, "127.0.0.1", &addr->sin_addr);
+       torture_assert(tctx, ret > 0, "inet_pton failed");
+
+       addrs[4].size = sizeof(struct sockaddr_in);
+       addrs[4].buffer = talloc_zero_array(tctx, uint8_t, addrs[4].size);
+       addr = (struct sockaddr_in *) addrs[4].buffer;
+       addrs[4].buffer[0] = AF_INET;
+       ret = inet_pton(AF_INET, "0.0.0.0", &addr->sin_addr);
+       torture_assert(tctx, ret > 0, "inet_pton failed");
+
+       addrs[5].size = sizeof(struct sockaddr_in);
+       addrs[5].buffer = talloc_zero_array(tctx, uint8_t, addrs[5].size);
+       addr = (struct sockaddr_in *) addrs[5].buffer;
+       addrs[5].buffer[0] = AF_INET;
+       ret = inet_pton(AF_INET, "255.255.255.255", &addr->sin_addr);
+       torture_assert(tctx, ret > 0, "inet_pton failed");
+#endif
  
         ctr = talloc(tctx, struct netr_DsRAddressToSitenamesExWCtr);
  
@@ -2586,18 +3058,20 @@ static bool test_netr_DsRAddressToSitenamesExW(struct torture_context *tctx,
                 for (i = 0; i < 3; i++) {
                         torture_assert_casestr_equal(tctx,
                                                      ctr->sitename[i].string,
-                                                    samdb_server_site_name(sam_ctx, tctx),
+                                                    server_site_name(tctx, sam_ctx),
                                                      "didn't return default site");
                         torture_assert(tctx, ctr->subnetname[i].string == NULL,
                                        "subnet should be null");
                 }
                 for (i = 3; i < 6; i++) {
-/* Windows returns "NULL" for the sitename if it isn't IPv6 configured
-                       torture_assert_casestr_equal(tctx,
-                                                    ctr->sitename[i].string,
-                                                    samdb_server_site_name(sam_ctx, tctx),
-                                                    "didn't return default site");
-*/
+                       /* Windows returns "NULL" for the sitename if it isn't
+                        * IPv6 configured */
+                       if (torture_setting_bool(tctx, "samba4", false)) {
+                               torture_assert_casestr_equal(tctx,
+                                                            ctr->sitename[i].string,
+                                                            server_site_name(tctx, sam_ctx),
+                                                            "didn't return default site");
+                       }
                         torture_assert(tctx, ctr->subnetname[i].string == NULL,
                                        "subnet should be null");
                 }
@@ -2627,16 +3101,16 @@ static bool test_netr_DsRAddressToSitenamesExW(struct torture_context *tctx,
         addrs[0].size = 10;
         addrs[0].buffer[0] = AF_UNSPEC;
         addrs[1].size = 10;
-       addrs[1].buffer[0] = AF_LOCAL;
+       addrs[1].buffer[0] = AF_UNIX; /* AF_LOCAL = AF_UNIX */
         addrs[2].size = 10;
         addrs[2].buffer[0] = AF_UNIX;
  
         addrs[3].size = 10;
-       addrs[3].buffer[0] = AF_FILE;
+       addrs[3].buffer[0] = 250;
         addrs[4].size = 10;
-       addrs[4].buffer[0] = AF_AX25;
+       addrs[4].buffer[0] = 251;
         addrs[5].size = 10;
-       addrs[5].buffer[0] = AF_IPX;
+       addrs[5].buffer[0] = 252;
  
         status = dcerpc_netr_DsRAddressToSitenamesExW_r(b, tctx, &r);
         torture_assert_ntstatus_ok(tctx, status, "failed");
@@ -2768,7 +3242,7 @@ static bool test_GetDomainInfo(struct torture_context *tctx,
  
         ZERO_STRUCT(q1);
         q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
-               lp_dnsdomain(tctx->lp_ctx));
+               lpcfg_dnsdomain(tctx->lp_ctx));
         q1.sitename = "Default-First-Site-Name";
         q1.os_version.os = &os;
         q1.os_name.string = talloc_asprintf(tctx,
@@ -2804,7 +3278,7 @@ static bool test_GetDomainInfo(struct torture_context *tctx,
         torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
         torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
  
-       msleep(250);
+       smb_msleep(250);
  
         if (sam_ctx) {
                 /* AD workstation infos entry check */
@@ -2881,7 +3355,7 @@ static bool test_GetDomainInfo(struct torture_context *tctx,
         /* Change also the DNS hostname to test differences in behaviour */
         talloc_free(discard_const_p(char, q1.dns_hostname));
         q1.dns_hostname = talloc_asprintf(tctx, "%s2.%s", TEST_MACHINE_NAME,
-               lp_dnsdomain(tctx->lp_ctx));
+               lpcfg_dnsdomain(tctx->lp_ctx));
  
         /* The workstation handles the "servicePrincipalName" and DNS hostname
            updates */
@@ -2893,7 +3367,7 @@ static bool test_GetDomainInfo(struct torture_context *tctx,
  
         torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
  
-       msleep(250);
+       smb_msleep(250);
  
         if (sam_ctx) {
                 /* AD workstation infos entry check */
@@ -2955,7 +3429,7 @@ static bool test_GetDomainInfo(struct torture_context *tctx,
         /* Change also the DNS hostname to test differences in behaviour */
         talloc_free(discard_const_p(char, q1.dns_hostname));
         q1.dns_hostname = talloc_asprintf(tctx, "%s2.%s", TEST_MACHINE_NAME,
-               lp_dnsdomain(tctx->lp_ctx));
+               lpcfg_dnsdomain(tctx->lp_ctx));
  
         /* Wipe out the osVersion, and prove which values still 'stick' */
         q1.os_version.os = NULL;
@@ -2969,7 +3443,7 @@ static bool test_GetDomainInfo(struct torture_context *tctx,
         torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
         torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
  
-       msleep(250);
+       smb_msleep(250);
  
         if (sam_ctx) {
                 /* AD workstation infos entry check */
@@ -3029,7 +3503,7 @@ static bool test_GetDomainInfo(struct torture_context *tctx,
         /* Put the DNS hostname back */
         talloc_free(discard_const_p(char, q1.dns_hostname));
         q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
-               lp_dnsdomain(tctx->lp_ctx));
+               lpcfg_dnsdomain(tctx->lp_ctx));
  
         /* The workstation handles the "servicePrincipalName" and DNS hostname
            updates */
@@ -3040,13 +3514,14 @@ static bool test_GetDomainInfo(struct torture_context *tctx,
         torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
         torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
  
-       msleep(250);
+       smb_msleep(250);
  
         /* Now the in/out DNS hostnames should be the same */
         torture_assert_str_equal(tctx,
                 info.domain_info->dns_hostname.string,
                 query.workstation_info->dns_hostname,
                 "In/Out 'DNS hostnames' don't match!");
+       old_dnsname = info.domain_info->dns_hostname.string;
  
         /* Checks "workstation flags" */
         torture_assert(tctx,
@@ -3074,7 +3549,7 @@ static bool test_GetDomainInfo(struct torture_context *tctx,
         torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
         torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
  
-       msleep(250);
+       smb_msleep(250);
  
         /* Checks "workstation flags" */
         torture_assert(tctx,
@@ -3089,6 +3564,40 @@ static bool test_GetDomainInfo(struct torture_context *tctx,
                 && (info.domain_info->trusted_domains != NULL),
                 "Trusted domains have been requested!");
  
+
+       torture_comment(tctx, "Testing netr_LogonGetDomainInfo 6th call (no DNS hostname)\n");
+       netlogon_creds_client_authenticator(creds, &a);
+
+       query.workstation_info->dns_hostname = NULL;
+
+       torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
+               "LogonGetDomainInfo failed");
+       torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
+       torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
+
+       /* The old DNS hostname should stick */
+       torture_assert_str_equal(tctx,
+               info.domain_info->dns_hostname.string,
+               old_dnsname,
+               "'DNS hostname' changed!");
+
+
+       if (!torture_setting_bool(tctx, "dangerous", false)) {
+               torture_comment(tctx, "Not testing netr_LogonGetDomainInfo 7th call (no workstation info) - enable dangerous tests in order to do so\n");
+       } else {
+               /* Try a call without the workstation information structure */
+
+               torture_comment(tctx, "Testing netr_LogonGetDomainInfo 7th call (no workstation info)\n");
+               netlogon_creds_client_authenticator(creds, &a);
+
+               query.workstation_info = NULL;
+
+               torture_assert_ntstatus_ok(tctx, dcerpc_netr_LogonGetDomainInfo_r(b, tctx, &r),
+                       "LogonGetDomainInfo failed");
+               torture_assert_ntstatus_ok(tctx, r.out.result, "LogonGetDomainInfo failed");
+               torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed");
+       }
+
         return true;
  }
  
@@ -3127,7 +3636,7 @@ static bool test_GetDomainInfo_async(struct torture_context *tctx,
  
         ZERO_STRUCT(q1);
         q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME,
-               lp_dnsdomain(tctx->lp_ctx));
+               lpcfg_dnsdomain(tctx->lp_ctx));
         q1.sitename = "Default-First-Site-Name";
         q1.os_name.string = "UNIX/Linux or similar";
  
@@ -3141,8 +3650,8 @@ static bool test_GetDomainInfo_async(struct torture_context *tctx,
  
                 /* even with this flush per request a w2k3 server seems to 
                    clag with multiple outstanding requests. bleergh. */
-               torture_assert_int_equal(tctx, event_loop_once(dcerpc_event_context(p)), 0, 
-                                        "event_loop_once failed");
+               torture_assert_int_equal(tctx, tevent_loop_once(dcerpc_event_context(p)), 0, 
+                                        "tevent_loop_once failed");
         }
  
         for (i=0;i<ASYNC_COUNT;i++) {
@@ -3279,13 +3788,16 @@ static bool test_SetPassword_with_flags(struct torture_context *tctx,
  
  struct torture_suite *torture_rpc_netlogon(TALLOC_CTX *mem_ctx)
  {
-       struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON");
+       struct torture_suite *suite = torture_suite_create(mem_ctx, "netlogon");
         struct torture_rpc_tcase *tcase;
         struct torture_test *test;
  
         tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
                                                   &ndr_table_netlogon, TEST_MACHINE_NAME);
  
+       torture_rpc_tcase_add_test(tcase, "Broken RPC binding handle",
+                                  test_netr_broken_binding_handle);
+
         torture_rpc_tcase_add_test(tcase, "LogonUasLogon", test_LogonUasLogon);
         torture_rpc_tcase_add_test(tcase, "LogonUasLogoff", test_LogonUasLogoff);
         torture_rpc_tcase_add_test_creds(tcase, "SamLogon", test_SamLogon);
@@ -3315,13 +3827,14 @@ struct torture_suite *torture_rpc_netlogon(TALLOC_CTX *mem_ctx)
         torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesW", test_netr_DsRAddressToSitenamesW);
         torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesExW", test_netr_DsRAddressToSitenamesExW);
         torture_rpc_tcase_add_test_creds(tcase, "ServerGetTrustInfo", test_netr_ServerGetTrustInfo);
+       torture_rpc_tcase_add_test_creds(tcase, "GetForestTrustInformation", test_netr_GetForestTrustInformation);
  
         return suite;
  }
  
  struct torture_suite *torture_rpc_netlogon_s3(TALLOC_CTX *mem_ctx)
  {
-       struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON-S3");
+       struct torture_suite *suite = torture_suite_create(mem_ctx, "netlogon-s3");
         struct torture_rpc_tcase *tcase;
  
         tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",
@@ -3339,7 +3852,7 @@ struct torture_suite *torture_rpc_netlogon_s3(TALLOC_CTX *mem_ctx)
  
  struct torture_suite *torture_rpc_netlogon_admin(TALLOC_CTX *mem_ctx)
  {
-       struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON-ADMIN");
+       struct torture_suite *suite = torture_suite_create(mem_ctx, "netlogon.admin");
         struct torture_rpc_tcase *tcase;
  
         tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon",