struct lsa_EnumAccountRights r;
struct lsa_RightSet rights;
- printf("Testing LSA EnumAccountRights\n");
+ torture_comment(tctx, "Testing LSA EnumAccountRights\n");
r.in.handle = lsa_handle;
r.in.sid = user_sid;
struct lsa_StringLarge names[2];
struct lsa_AddAccountRights r;
- printf("Testing LSA AddAccountRights\n");
+ torture_comment(tctx, "Testing LSA AddAccountRights\n");
init_lsa_StringLarge(&names[0], "SeMachineAccountPrivilege");
init_lsa_StringLarge(&names[1], NULL);
int i;
bool found_sid = false;
- printf("Testing LSA EnumAccounts\n");
+ torture_comment(tctx, "Testing LSA EnumAccounts\n");
r.in.handle = lsa_handle;
r.in.num_entries = 0x1000;
struct lsa_EnumAccountRights r;
struct lsa_RightSet user_rights;
- printf("Testing LSA EnumAccountRights\n");
+ torture_comment(tctx, "Testing LSA EnumAccountRights\n");
r.in.handle = lsa_handle;
r.in.sid = user_sid;
{
struct lsa_OpenAccount r;
- printf("Testing LSA OpenAccount\n");
+ torture_comment(tctx, "Testing LSA OpenAccount\n");
r.in.handle = lsa_handle;
r.in.sid = user_sid;
struct lsa_GetSystemAccessAccount r;
uint32_t access_mask;
- printf("Testing LSA GetSystemAccessAccount\n");
+ torture_comment(tctx, "Testing LSA GetSystemAccessAccount\n");
r.in.handle = &lsa_acct_handle;
r.out.access_mask = &access_mask;
{
struct lsa_Close r;
- printf("Testing LSA Close\n");
+ torture_comment(tctx, "Testing LSA Close\n");
r.in.handle = &lsa_acct_handle;
r.out.handle = &lsa_acct_handle;
{
struct samr_DeleteUser r;
- printf("Testing SAMR DeleteUser\n");
+ torture_comment(tctx, "Testing SAMR DeleteUser\n");
r.in.user_handle = user_handle;
r.out.user_handle = user_handle;
int i;
bool found_sid = false;
- printf("Testing LSA EnumAccounts\n");
+ torture_comment(tctx, "Testing LSA EnumAccounts\n");
r.in.handle = lsa_handle;
r.in.num_entries = 0x1000;
struct lsa_EnumAccountRights r;
struct lsa_RightSet user_rights;
- printf("Testing LSA EnumAccountRights\n");
+ torture_comment(tctx, "Testing LSA EnumAccountRights\n");
r.in.handle = lsa_handle;
r.in.sid = user_sid;
{
struct lsa_OpenAccount r;
- printf("Testing LSA OpenAccount\n");
+ torture_comment(tctx, "Testing LSA OpenAccount\n");
r.in.handle = lsa_handle;
r.in.sid = user_sid;
struct lsa_GetSystemAccessAccount r;
uint32_t access_mask;
- printf("Testing LSA GetSystemAccessAccount\n");
+ torture_comment(tctx, "Testing LSA GetSystemAccessAccount\n");
r.in.handle = &lsa_acct_handle;
r.out.access_mask = &access_mask;
{
struct lsa_DeleteObject r;
- printf("Testing LSA DeleteObject\n");
+ torture_comment(tctx, "Testing LSA DeleteObject\n");
r.in.handle = &lsa_acct_handle;
r.out.handle = &lsa_acct_handle;
int i;
bool found_sid = false;
- printf("Testing LSA EnumAccounts\n");
+ torture_comment(tctx, "Testing LSA EnumAccounts\n");
r.in.handle = lsa_handle;
r.in.num_entries = 0x1000;
struct lsa_EnumAccountRights r;
struct lsa_RightSet user_rights;
- printf("Testing LSA EnumAccountRights\n");
+ torture_comment(tctx, "Testing LSA EnumAccountRights\n");
r.in.handle = lsa_handle;
r.in.sid = user_sid;
if (strcmp(info->general.oem_information.string, domain_comment) != 0) {
printf("QueryDomainInfo level %u returned different oem_information (comment) (%s, expected %s)\n",
levels[i], info->general.oem_information.string, domain_comment);
- ret = false;
+ if (!torture_setting_bool(tctx, "samba3", false)) {
+ ret = false;
+ }
}
if (!info->general.primary.string) {
printf("QueryDomainInfo level %u returned no PDC name\n",
if (strcmp(info->oem.oem_information.string, domain_comment) != 0) {
printf("QueryDomainInfo level %u returned different oem_information (comment) (%s, expected %s)\n",
levels[i], info->oem.oem_information.string, domain_comment);
- ret = false;
+ if (!torture_setting_bool(tctx, "samba3", false)) {
+ ret = false;
+ }
}
break;
case 6:
if (strcmp(info->general2.general.oem_information.string, domain_comment) != 0) {
printf("QueryDomainInfo level %u returned different comment (%s, expected %s)\n",
levels[i], info->general2.general.oem_information.string, domain_comment);
- ret = false;
+ if (!torture_setting_bool(tctx, "samba3", false)) {
+ ret = false;
+ }
}
break;
}
struct samr_RidTypeArray *rids = NULL;
struct samr_SetMemberAttributesOfGroup s;
uint32_t rid;
+ bool found_member = false;
+ int i;
status = test_LookupName(p, tctx, domain_handle, TEST_ACCOUNT_NAME, &rid);
torture_assert_ntstatus_ok(tctx, status, "test_AddGroupMember looking up name " TEST_ACCOUNT_NAME);
r.in.rid = rid;
r.in.flags = 0; /* ??? */
- torture_comment(tctx, "Testing AddGroupMember and DeleteGroupMember\n");
+ torture_comment(tctx, "Testing AddGroupMember, QueryGroupMember and DeleteGroupMember\n");
d.in.group_handle = group_handle;
d.in.rid = rid;
if (torture_setting_bool(tctx, "samba4", false) ||
torture_setting_bool(tctx, "samba3", false)) {
- torture_comment(tctx, "skipping SetMemberAttributesOfGroup test against Samba4\n");
+ torture_comment(tctx, "skipping SetMemberAttributesOfGroup test against Samba\n");
} else {
/* this one is quite strange. I am using random inputs in the
hope of triggering an error that might give us a clue */
status = dcerpc_samr_QueryGroupMember(p, tctx, &q);
torture_assert_ntstatus_ok(tctx, status, "QueryGroupMember");
+ torture_assert(tctx, rids, "QueryGroupMember did not fill in rids structure");
+
+ for (i=0; i < rids->count; i++) {
+ if (rids->rids[i] == rid) {
+ found_member = true;
+ }
+ }
+
+ torture_assert(tctx, found_member, "QueryGroupMember did not list newly added member");
status = dcerpc_samr_DeleteGroupMember(p, tctx, &d);
torture_assert_ntstatus_ok(tctx, status, "DeleteGroupMember");
+ rids = NULL;
+ found_member = false;
+
+ status = dcerpc_samr_QueryGroupMember(p, tctx, &q);
+ torture_assert_ntstatus_ok(tctx, status, "QueryGroupMember");
+ torture_assert(tctx, rids, "QueryGroupMember did not fill in rids structure");
+
+ for (i=0; i < rids->count; i++) {
+ if (rids->rids[i] == rid) {
+ found_member = true;
+ }
+ }
+
+ torture_assert(tctx, !found_member, "QueryGroupMember does still list removed member");
+
status = dcerpc_samr_AddGroupMember(p, tctx, &r);
torture_assert_ntstatus_ok(tctx, status, "AddGroupMember");
return true;
}
+static bool test_QueryDisplayInfo_level(struct dcerpc_pipe *p,
+ struct torture_context *tctx,
+ struct policy_handle *handle,
+ uint16_t level,
+ uint32_t *total_num_entries_p)
+{
+ NTSTATUS status;
+ struct samr_QueryDisplayInfo r;
+ uint32_t total_num_entries = 0;
+
+ r.in.domain_handle = handle;
+ r.in.level = level;
+ r.in.start_idx = 0;
+ r.in.max_entries = (uint32_t)-1;
+ r.in.buf_size = (uint32_t)-1;
+
+ printf("Testing QueryDisplayInfo\n");
+
+ do {
+ uint32_t total_size;
+ uint32_t returned_size;
+ union samr_DispInfo info;
+
+ r.out.total_size = &total_size;
+ r.out.returned_size = &returned_size;
+ r.out.info = &info;
+
+ status = dcerpc_samr_QueryDisplayInfo(p, tctx, &r);
+ if (NT_STATUS_IS_ERR(status)) {
+ torture_assert_ntstatus_ok(tctx, status,
+ "failed to query displayinfo");
+ }
+
+ if (*r.out.returned_size == 0) {
+ break;
+ }
+
+ switch (r.in.level) {
+ case 1:
+ total_num_entries += info.info1.count;
+ r.in.start_idx += info.info1.entries[info.info1.count - 1].idx + 1;
+ break;
+ case 2:
+ total_num_entries += info.info2.count;
+ r.in.start_idx += info.info2.entries[info.info2.count - 1].idx + 1;
+ break;
+ case 3:
+ total_num_entries += info.info3.count;
+ r.in.start_idx += info.info3.entries[info.info3.count - 1].idx + 1;
+ break;
+ case 4:
+ total_num_entries += info.info4.count;
+ r.in.start_idx += info.info4.entries[info.info4.count - 1].idx + 1;
+ break;
+ case 5:
+ total_num_entries += info.info5.count;
+ r.in.start_idx += info.info5.entries[info.info5.count - 1].idx + 1;
+ break;
+ default:
+ return false;
+ }
+
+ } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
+
+ if (total_num_entries_p) {
+ *total_num_entries_p = total_num_entries;
+ }
+
+ return true;
+}
+
static bool test_ManyObjects(struct dcerpc_pipe *p,
struct torture_context *tctx,
struct policy_handle *domain_handle,
return false;
}
- /* TODO: dispinfo */
+ /* dispinfo */
switch (which_ops) {
case TORTURE_SAMR_MANY_ACCOUNTS:
+ ret &= test_QueryDisplayInfo_level(p, tctx, domain_handle, 1, &num_disp);
break;
case TORTURE_SAMR_MANY_GROUPS:
+ ret &= test_QueryDisplayInfo_level(p, tctx, domain_handle, 3, &num_disp);
break;
case TORTURE_SAMR_MANY_ALIASES:
+ /* no aliases in dispinfo */
break;
default:
return false;
}
-
- /* delete */
+ /* close or delete */
for (i=0; i < num_total; i++) {
continue;
}
- switch (which_ops) {
- case TORTURE_SAMR_MANY_ACCOUNTS:
- ret &= test_DeleteUser(p, tctx, &handles[i]);
- break;
- case TORTURE_SAMR_MANY_GROUPS:
- ret &= test_DeleteDomainGroup(p, tctx, &handles[i]);
- break;
- case TORTURE_SAMR_MANY_ALIASES:
- ret &= test_DeleteAlias(p, tctx, &handles[i]);
- break;
- default:
- return false;
+ if (torture_setting_bool(tctx, "samba3", false)) {
+ ret &= test_samr_handle_Close(p, tctx, &handles[i]);
+ } else {
+ switch (which_ops) {
+ case TORTURE_SAMR_MANY_ACCOUNTS:
+ ret &= test_DeleteUser(p, tctx, &handles[i]);
+ break;
+ case TORTURE_SAMR_MANY_GROUPS:
+ ret &= test_DeleteDomainGroup(p, tctx, &handles[i]);
+ break;
+ case TORTURE_SAMR_MANY_ALIASES:
+ ret &= test_DeleteAlias(p, tctx, &handles[i]);
+ break;
+ default:
+ return false;
+ }
}
}
talloc_free(handles);
-#if 0
- torture_assert_int_equal(tctx, num_disp, num_anounced + num_created,
- "unexpected number of results returned in dispinfo call");
-#endif
if (which_ops == TORTURE_SAMR_MANY_ACCOUNTS && num_enum != num_anounced + num_created) {
torture_comment(tctx,
"unexpected number of results (%u) returned in enum call, expected %u\n",
num_enum, num_anounced + num_created);
+
+ torture_comment(tctx,
+ "unexpected number of results (%u) returned in dispinfo, call, expected %u\n",
+ num_disp, num_anounced + num_created);
}
return ret;
}
struct torture_suite *suite = torture_suite_create(mem_ctx, "SAMR-PASSWORDS-PWDLASTSET");
struct torture_rpc_tcase *tcase;
- tcase = torture_suite_add_machine_rpc_iface_tcase(suite, "samr",
+ tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "samr",
&ndr_table_samr,
TEST_ACCOUNT_NAME_PWD);
struct torture_suite *suite = torture_suite_create(mem_ctx, "SAMR-USERS-PRIVILEGES");
struct torture_rpc_tcase *tcase;
- tcase = torture_suite_add_machine_rpc_iface_tcase(suite, "samr",
+ tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "samr",
&ndr_table_samr,
TEST_ACCOUNT_NAME_PWD);
struct torture_suite *suite = torture_suite_create(mem_ctx, "SAMR-LARGE-DC");
struct torture_rpc_tcase *tcase;
- tcase = torture_suite_add_machine_rpc_iface_tcase(suite, "samr",
+ tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "samr",
&ndr_table_samr,
TEST_ACCOUNT_NAME);