2 Unix SMB/CIFS implementation.
4 DRSUAPI utility functions to be used in torture tests
6 Copyright (C) Kamen Mazdrashki <kamen.mazdrashki@postpath.com> 2009
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "torture/torture.h"
24 #include "dsdb/samdb/samdb.h"
25 #include "torture/rpc/drsuapi.h"
26 #include "../lib/util/asn1.h"
29 * Decode Attribute OID based on MS documentation
30 * See MS-DRSR.pdf - 5.16.4
32 * On success returns decoded OID and
33 * corresponding prefix_map index (if requested)
35 bool drs_util_oid_from_attid(struct torture_context *tctx,
36 const struct drsuapi_DsReplicaOIDMapping_Ctr *prefix_map,
42 uint32_t hi_word, lo_word;
43 DATA_BLOB bin_oid = {NULL, 0};
44 struct drsuapi_DsReplicaOIDMapping *map_entry = NULL;
45 TALLOC_CTX *mem_ctx = talloc_named(tctx, 0, "util_drsuapi_oid_from_attid");
47 /* crack attid value */
48 hi_word = attid >> 16;
49 lo_word = attid & 0xFFFF;
51 /* check last entry in the prefix map is the special one */
52 map_entry = &prefix_map->mappings[prefix_map->num_mappings-1];
54 (map_entry->id_prefix == 0)
55 && (*map_entry->oid.binary_oid == 0xFF),
56 "Last entry in Prefix Map is not the special one!");
58 /* locate corresponding prefixMap entry */
60 for (i = 0; i < prefix_map->num_mappings - 1; i++) {
62 if (hi_word == prefix_map->mappings[i].id_prefix) {
63 map_entry = &prefix_map->mappings[i];
64 if (map_idx) *map_idx = i;
69 torture_assert(tctx, map_entry, "Unable to locate corresponding Prefix Map entry");
71 /* copy partial oid making enough room */
72 bin_oid.length = map_entry->oid.length + 2;
73 bin_oid.data = talloc_array(mem_ctx, uint8_t, bin_oid.length);
74 torture_assert(tctx, bin_oid.data, "Not enough memory");
75 memcpy(bin_oid.data, map_entry->oid.binary_oid, map_entry->oid.length);
78 bin_oid.length = bin_oid.length - 1;
79 bin_oid.data[bin_oid.length-1] = lo_word;
82 if (lo_word >= 32768) {
85 bin_oid.data[bin_oid.length-2] = ((lo_word / 128) % 128) + 128; // (0x80 | ((lo_word>>7) & 0x7f))
86 bin_oid.data[bin_oid.length-1] = lo_word % 128; // lo_word & 0x7f
90 ber_read_OID_String(tctx, bin_oid, _oid),
91 "Failed to decode binary OID");
98 * Utility function to convert drsuapi_DsAttributeId to String
100 const char * drs_util_DsAttributeId_to_string(enum drsuapi_DsAttributeId r)
102 const char *val = NULL;
105 case DRSUAPI_ATTRIBUTE_objectClass: val = "DRSUAPI_ATTRIBUTE_objectClass"; break;
106 case DRSUAPI_ATTRIBUTE_description: val = "DRSUAPI_ATTRIBUTE_description"; break;
107 case DRSUAPI_ATTRIBUTE_member: val = "DRSUAPI_ATTRIBUTE_member"; break;
108 case DRSUAPI_ATTRIBUTE_instanceType: val = "DRSUAPI_ATTRIBUTE_instanceType"; break;
109 case DRSUAPI_ATTRIBUTE_whenCreated: val = "DRSUAPI_ATTRIBUTE_whenCreated"; break;
110 case DRSUAPI_ATTRIBUTE_hasMasterNCs: val = "DRSUAPI_ATTRIBUTE_hasMasterNCs"; break;
111 case DRSUAPI_ATTRIBUTE_governsID: val = "DRSUAPI_ATTRIBUTE_governsID"; break;
112 case DRSUAPI_ATTRIBUTE_attributeID: val = "DRSUAPI_ATTRIBUTE_attributeID"; break;
113 case DRSUAPI_ATTRIBUTE_attributeSyntax: val = "DRSUAPI_ATTRIBUTE_attributeSyntax"; break;
114 case DRSUAPI_ATTRIBUTE_isSingleValued: val = "DRSUAPI_ATTRIBUTE_isSingleValued"; break;
115 case DRSUAPI_ATTRIBUTE_rangeLower: val = "DRSUAPI_ATTRIBUTE_rangeLower"; break;
116 case DRSUAPI_ATTRIBUTE_rangeUpper: val = "DRSUAPI_ATTRIBUTE_rangeUpper"; break;
117 case DRSUAPI_ATTRIBUTE_dMDLocation: val = "DRSUAPI_ATTRIBUTE_dMDLocation"; break;
118 case DRSUAPI_ATTRIBUTE_objectVersion: val = "DRSUAPI_ATTRIBUTE_objectVersion"; break;
119 case DRSUAPI_ATTRIBUTE_invocationId: val = "DRSUAPI_ATTRIBUTE_invocationId"; break;
120 case DRSUAPI_ATTRIBUTE_showInAdvancedViewOnly: val = "DRSUAPI_ATTRIBUTE_showInAdvancedViewOnly"; break;
121 case DRSUAPI_ATTRIBUTE_adminDisplayName: val = "DRSUAPI_ATTRIBUTE_adminDisplayName"; break;
122 case DRSUAPI_ATTRIBUTE_adminDescription: val = "DRSUAPI_ATTRIBUTE_adminDescription"; break;
123 case DRSUAPI_ATTRIBUTE_oMSyntax: val = "DRSUAPI_ATTRIBUTE_oMSyntax"; break;
124 case DRSUAPI_ATTRIBUTE_ntSecurityDescriptor: val = "DRSUAPI_ATTRIBUTE_ntSecurityDescriptor"; break;
125 case DRSUAPI_ATTRIBUTE_searchFlags: val = "DRSUAPI_ATTRIBUTE_searchFlags"; break;
126 case DRSUAPI_ATTRIBUTE_lDAPDisplayName: val = "DRSUAPI_ATTRIBUTE_lDAPDisplayName"; break;
127 case DRSUAPI_ATTRIBUTE_name: val = "DRSUAPI_ATTRIBUTE_name"; break;
128 case DRSUAPI_ATTRIBUTE_userAccountControl: val = "DRSUAPI_ATTRIBUTE_userAccountControl"; break;
129 case DRSUAPI_ATTRIBUTE_currentValue: val = "DRSUAPI_ATTRIBUTE_currentValue"; break;
130 case DRSUAPI_ATTRIBUTE_homeDirectory: val = "DRSUAPI_ATTRIBUTE_homeDirectory"; break;
131 case DRSUAPI_ATTRIBUTE_homeDrive: val = "DRSUAPI_ATTRIBUTE_homeDrive"; break;
132 case DRSUAPI_ATTRIBUTE_scriptPath: val = "DRSUAPI_ATTRIBUTE_scriptPath"; break;
133 case DRSUAPI_ATTRIBUTE_profilePath: val = "DRSUAPI_ATTRIBUTE_profilePath"; break;
134 case DRSUAPI_ATTRIBUTE_objectSid: val = "DRSUAPI_ATTRIBUTE_objectSid"; break;
135 case DRSUAPI_ATTRIBUTE_schemaIDGUID: val = "DRSUAPI_ATTRIBUTE_schemaIDGUID"; break;
136 case DRSUAPI_ATTRIBUTE_dBCSPwd: val = "DRSUAPI_ATTRIBUTE_dBCSPwd"; break;
137 case DRSUAPI_ATTRIBUTE_logonHours: val = "DRSUAPI_ATTRIBUTE_logonHours"; break;
138 case DRSUAPI_ATTRIBUTE_userWorkstations: val = "DRSUAPI_ATTRIBUTE_userWorkstations"; break;
139 case DRSUAPI_ATTRIBUTE_unicodePwd: val = "DRSUAPI_ATTRIBUTE_unicodePwd"; break;
140 case DRSUAPI_ATTRIBUTE_ntPwdHistory: val = "DRSUAPI_ATTRIBUTE_ntPwdHistory"; break;
141 case DRSUAPI_ATTRIBUTE_priorValue: val = "DRSUAPI_ATTRIBUTE_priorValue"; break;
142 case DRSUAPI_ATTRIBUTE_supplementalCredentials: val = "DRSUAPI_ATTRIBUTE_supplementalCredentials"; break;
143 case DRSUAPI_ATTRIBUTE_trustAuthIncoming: val = "DRSUAPI_ATTRIBUTE_trustAuthIncoming"; break;
144 case DRSUAPI_ATTRIBUTE_trustAuthOutgoing: val = "DRSUAPI_ATTRIBUTE_trustAuthOutgoing"; break;
145 case DRSUAPI_ATTRIBUTE_lmPwdHistory: val = "DRSUAPI_ATTRIBUTE_lmPwdHistory"; break;
146 case DRSUAPI_ATTRIBUTE_sAMAccountName: val = "DRSUAPI_ATTRIBUTE_sAMAccountName"; break;
147 case DRSUAPI_ATTRIBUTE_sAMAccountType: val = "DRSUAPI_ATTRIBUTE_sAMAccountType"; break;
148 case DRSUAPI_ATTRIBUTE_fSMORoleOwner: val = "DRSUAPI_ATTRIBUTE_fSMORoleOwner"; break;
149 case DRSUAPI_ATTRIBUTE_systemFlags: val = "DRSUAPI_ATTRIBUTE_systemFlags"; break;
150 case DRSUAPI_ATTRIBUTE_serverReference: val = "DRSUAPI_ATTRIBUTE_serverReference"; break;
151 case DRSUAPI_ATTRIBUTE_serverReferenceBL: val = "DRSUAPI_ATTRIBUTE_serverReferenceBL"; break;
152 case DRSUAPI_ATTRIBUTE_initialAuthIncoming: val = "DRSUAPI_ATTRIBUTE_initialAuthIncoming"; break;
153 case DRSUAPI_ATTRIBUTE_initialAuthOutgoing: val = "DRSUAPI_ATTRIBUTE_initialAuthOutgoing"; break;
154 case DRSUAPI_ATTRIBUTE_wellKnownObjects: val = "DRSUAPI_ATTRIBUTE_wellKnownObjects"; break;
155 case DRSUAPI_ATTRIBUTE_dNSHostName: val = "DRSUAPI_ATTRIBUTE_dNSHostName"; break;
156 case DRSUAPI_ATTRIBUTE_isMemberOfPartialAttributeSet: val = "DRSUAPI_ATTRIBUTE_isMemberOfPartialAttributeSet"; break;
157 case DRSUAPI_ATTRIBUTE_userPrincipalName: val = "DRSUAPI_ATTRIBUTE_userPrincipalName"; break;
158 case DRSUAPI_ATTRIBUTE_groupType: val = "DRSUAPI_ATTRIBUTE_groupType"; break;
159 case DRSUAPI_ATTRIBUTE_servicePrincipalName: val = "DRSUAPI_ATTRIBUTE_servicePrincipalName"; break;
160 case DRSUAPI_ATTRIBUTE_objectCategory: val = "DRSUAPI_ATTRIBUTE_objectCategory"; break;
161 case DRSUAPI_ATTRIBUTE_gPLink: val = "DRSUAPI_ATTRIBUTE_gPLink"; break;
162 case DRSUAPI_ATTRIBUTE_msDS_Behavior_Version: val = "DRSUAPI_ATTRIBUTE_msDS_Behavior_Version"; break;
163 case DRSUAPI_ATTRIBUTE_msDS_KeyVersionNumber: val = "DRSUAPI_ATTRIBUTE_msDS_KeyVersionNumber"; break;
164 case DRSUAPI_ATTRIBUTE_msDS_HasDomainNCs: val = "DRSUAPI_ATTRIBUTE_msDS_HasDomainNCs"; break;
165 case DRSUAPI_ATTRIBUTE_msDS_hasMasterNCs: val = "DRSUAPI_ATTRIBUTE_msDS_hasMasterNCs"; break;
166 default: val = "UNKNOWN_ENUM_VALUE"; break;
173 * Loads dsdb_schema from ldb connection using remote prefixMap.
174 * Schema will be loaded only if:
175 * - ldb has no attached schema
176 * - reload_schema is true
178 * This function is to be used in tests that use GetNCChanges() function
180 bool drs_util_dsdb_schema_load_ldb(struct torture_context *tctx,
181 struct ldb_context *ldb,
182 const struct drsuapi_DsReplicaOIDMapping_Ctr *mapping_ctr,
188 struct ldb_result *a_res;
189 struct ldb_result *c_res;
190 struct ldb_dn *schema_dn;
191 struct dsdb_schema *ldap_schema;
193 ldap_schema = dsdb_get_schema(ldb, NULL);
194 if (ldap_schema && !reload_schema) {
198 schema_dn = ldb_get_schema_basedn(ldb);
199 torture_assert(tctx, schema_dn != NULL,
200 talloc_asprintf(tctx, "ldb_get_schema_basedn() failed: %s", ldb_errstring(ldb)));
202 ldap_schema = dsdb_new_schema(ldb);
203 torture_assert(tctx, ldap_schema != NULL, "dsdb_new_schema() failed!");
205 werr = dsdb_load_prefixmap_from_drsuapi(ldap_schema, mapping_ctr);
208 * load the attribute definitions
210 ret = ldb_search(ldb, ldap_schema, &a_res,
211 schema_dn, LDB_SCOPE_ONELEVEL, NULL,
212 "(objectClass=attributeSchema)");
213 if (ret != LDB_SUCCESS) {
214 err_msg = talloc_asprintf(tctx,
215 "failed to search attributeSchema objects: %s",
217 torture_fail(tctx, err_msg);
221 * load the objectClass definitions
223 ret = ldb_search(ldb, ldap_schema, &c_res,
224 schema_dn, LDB_SCOPE_ONELEVEL, NULL,
225 "(objectClass=classSchema)");
226 if (ret != LDB_SUCCESS) {
227 err_msg = talloc_asprintf(tctx,
228 "failed to search classSchema objects: %s",
230 torture_fail(tctx, err_msg);
234 for (i=0; i < a_res->count; i++) {
235 werr = dsdb_attribute_from_ldb(ldb, ldap_schema, a_res->msgs[i]);
236 torture_assert_werr_ok(tctx, werr,
237 talloc_asprintf(tctx,
238 "dsdb_attribute_from_ldb() failed for: %s",
239 ldb_dn_get_linearized(a_res->msgs[i]->dn)));
242 for (i=0; i < c_res->count; i++) {
243 werr = dsdb_class_from_ldb(ldap_schema, c_res->msgs[i]);
244 torture_assert_werr_ok(tctx, werr,
245 talloc_asprintf(tctx,
246 "dsdb_class_from_ldb() failed for: %s",
247 ldb_dn_get_linearized(c_res->msgs[i]->dn)));
253 ret = dsdb_set_schema(ldb, ldap_schema);
254 if (ret != LDB_SUCCESS) {
256 talloc_asprintf(tctx, "dsdb_set_schema() failed: %s", ldb_strerror(ret)));