1/* 2 Unix SMB/CIFS implementation. 3 4 test suite for netlogon rpc operations 5 6 Copyright (C) Andrew Tridgell 2003 7 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2003-2004 8 Copyright (C) Tim Potter 2003 9 Copyright (C) Matthias Dieter Walln��fer 2009 10 11 This program is free software; you can redistribute it and/or modify 12 it under the terms of the GNU General Public License as published by 13 the Free Software Foundation; either version 3 of the License, or 14 (at your option) any later version. 15 16 This program is distributed in the hope that it will be useful, 17 but WITHOUT ANY WARRANTY; without even the implied warranty of 18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 19 GNU General Public License for more details. 20 21 You should have received a copy of the GNU General Public License 22 along with this program. If not, see <http://www.gnu.org/licenses/>. 23*/ 24 25#include "includes.h" 26#include "version.h" 27#include "torture/torture.h" 28#include "lib/events/events.h" 29#include "auth/auth.h" 30#include "auth/gensec/gensec.h" 31#include "lib/cmdline/popt_common.h" 32#include "torture/rpc/rpc.h" 33#include "torture/rpc/netlogon.h" 34#include "../lib/crypto/crypto.h" 35#include "libcli/auth/libcli_auth.h" 36#include "librpc/gen_ndr/ndr_netlogon_c.h" 37#include "librpc/gen_ndr/ndr_netlogon.h" 38#include "librpc/gen_ndr/ndr_lsa_c.h" 39#include "param/param.h" 40#include "libcli/security/security.h" 41#include "lib/ldb/include/ldb.h" 42#include "lib/util/util_ldb.h" 43#include "lib/ldb_wrap.h" 44 45#define TEST_MACHINE_NAME "torturetest" 46#define TEST_MACHINE_DNS_SUFFIX "torturedomain" 47 48static bool test_LogonUasLogon(struct torture_context *tctx, 49 struct dcerpc_pipe *p) 50{ 51 NTSTATUS status; 52 struct netr_LogonUasLogon r; 53 struct netr_UasInfo *info = NULL; 54 55 r.in.server_name = NULL; 56 r.in.account_name = cli_credentials_get_username(cmdline_credentials); 57 r.in.workstation = TEST_MACHINE_NAME; 58 r.out.info = &info; 59 60 status = dcerpc_netr_LogonUasLogon(p, tctx, &r); 61 torture_assert_ntstatus_ok(tctx, status, "LogonUasLogon"); 62 63 return true; 64} 65 66static bool test_LogonUasLogoff(struct torture_context *tctx, 67 struct dcerpc_pipe *p) 68{ 69 NTSTATUS status; 70 struct netr_LogonUasLogoff r; 71 struct netr_UasLogoffInfo info; 72 73 r.in.server_name = NULL; 74 r.in.account_name = cli_credentials_get_username(cmdline_credentials); 75 r.in.workstation = TEST_MACHINE_NAME; 76 r.out.info = &info; 77 78 status = dcerpc_netr_LogonUasLogoff(p, tctx, &r); 79 torture_assert_ntstatus_ok(tctx, status, "LogonUasLogoff"); 80 81 return true; 82} 83 84bool test_SetupCredentials(struct dcerpc_pipe *p, struct torture_context *tctx, 85 struct cli_credentials *credentials, 86 struct netlogon_creds_CredentialState **creds_out) 87{ 88 NTSTATUS status; 89 struct netr_ServerReqChallenge r; 90 struct netr_ServerAuthenticate a; 91 struct netr_Credential credentials1, credentials2, credentials3; 92 struct netlogon_creds_CredentialState *creds; 93 const struct samr_Password *mach_password; 94 const char *machine_name; 95 96 mach_password = cli_credentials_get_nt_hash(credentials, tctx); 97 machine_name = cli_credentials_get_workstation(credentials); 98 99 torture_comment(tctx, "Testing ServerReqChallenge\n"); 100 101 r.in.server_name = NULL; 102 r.in.computer_name = machine_name; 103 r.in.credentials = &credentials1; 104 r.out.return_credentials = &credentials2; 105 106 generate_random_buffer(credentials1.data, sizeof(credentials1.data)); 107 108 status = dcerpc_netr_ServerReqChallenge(p, tctx, &r); 109 torture_assert_ntstatus_ok(tctx, status, "ServerReqChallenge"); 110 111 a.in.server_name = NULL; 112 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name); 113 a.in.secure_channel_type = cli_credentials_get_secure_channel_type(credentials); 114 a.in.computer_name = machine_name; 115 a.in.credentials = &credentials3; 116 a.out.return_credentials = &credentials3; 117 118 creds = netlogon_creds_client_init(tctx, a.in.account_name, 119 a.in.computer_name, 120 &credentials1, &credentials2, 121 mach_password, &credentials3, 122 0); 123 torture_assert(tctx, creds != NULL, "memory allocation"); 124 125 126 torture_comment(tctx, "Testing ServerAuthenticate\n"); 127 128 status = dcerpc_netr_ServerAuthenticate(p, tctx, &a); 129 130 /* This allows the tests to continue against the more fussy windows 2008 */ 131 if (NT_STATUS_EQUAL(status, NT_STATUS_DOWNGRADE_DETECTED)) { 132 return test_SetupCredentials2(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS, 133 credentials, 134 cli_credentials_get_secure_channel_type(credentials), 135 creds_out); 136 } 137 138 torture_assert_ntstatus_ok(tctx, status, "ServerAuthenticate"); 139 140 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3), 141 "Credential chaining failed"); 142 143 *creds_out = creds; 144 return true; 145} 146 147bool test_SetupCredentials2(struct dcerpc_pipe *p, struct torture_context *tctx, 148 uint32_t negotiate_flags, 149 struct cli_credentials *machine_credentials, 150 int sec_chan_type, 151 struct netlogon_creds_CredentialState **creds_out) 152{ 153 NTSTATUS status; 154 struct netr_ServerReqChallenge r; 155 struct netr_ServerAuthenticate2 a; 156 struct netr_Credential credentials1, credentials2, credentials3; 157 struct netlogon_creds_CredentialState *creds; 158 const struct samr_Password *mach_password; 159 const char *machine_name; 160 161 mach_password = cli_credentials_get_nt_hash(machine_credentials, tctx); 162 machine_name = cli_credentials_get_workstation(machine_credentials); 163 164 torture_comment(tctx, "Testing ServerReqChallenge\n"); 165 166 167 r.in.server_name = NULL; 168 r.in.computer_name = machine_name; 169 r.in.credentials = &credentials1; 170 r.out.return_credentials = &credentials2; 171 172 generate_random_buffer(credentials1.data, sizeof(credentials1.data)); 173 174 status = dcerpc_netr_ServerReqChallenge(p, tctx, &r); 175 torture_assert_ntstatus_ok(tctx, status, "ServerReqChallenge"); 176 177 a.in.server_name = NULL; 178 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name); 179 a.in.secure_channel_type = sec_chan_type; 180 a.in.computer_name = machine_name; 181 a.in.negotiate_flags = &negotiate_flags; 182 a.out.negotiate_flags = &negotiate_flags; 183 a.in.credentials = &credentials3; 184 a.out.return_credentials = &credentials3; 185 186 creds = netlogon_creds_client_init(tctx, a.in.account_name, 187 a.in.computer_name, 188 &credentials1, &credentials2, 189 mach_password, &credentials3, 190 negotiate_flags); 191 192 torture_assert(tctx, creds != NULL, "memory allocation"); 193 194 torture_comment(tctx, "Testing ServerAuthenticate2\n"); 195 196 status = dcerpc_netr_ServerAuthenticate2(p, tctx, &a); 197 torture_assert_ntstatus_ok(tctx, status, "ServerAuthenticate2"); 198 199 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3), 200 "Credential chaining failed"); 201 202 torture_comment(tctx, "negotiate_flags=0x%08x\n", negotiate_flags); 203 204 *creds_out = creds; 205 return true; 206} 207 208 209static bool test_SetupCredentials3(struct dcerpc_pipe *p, struct torture_context *tctx, 210 uint32_t negotiate_flags, 211 struct cli_credentials *machine_credentials, 212 struct netlogon_creds_CredentialState **creds_out) 213{ 214 NTSTATUS status; 215 struct netr_ServerReqChallenge r; 216 struct netr_ServerAuthenticate3 a; 217 struct netr_Credential credentials1, credentials2, credentials3; 218 struct netlogon_creds_CredentialState *creds; 219 struct samr_Password mach_password; 220 uint32_t rid; 221 const char *machine_name; 222 const char *plain_pass; 223 224 machine_name = cli_credentials_get_workstation(machine_credentials); 225 plain_pass = cli_credentials_get_password(machine_credentials); 226 227 torture_comment(tctx, "Testing ServerReqChallenge\n"); 228 229 r.in.server_name = NULL; 230 r.in.computer_name = machine_name; 231 r.in.credentials = &credentials1; 232 r.out.return_credentials = &credentials2; 233 234 generate_random_buffer(credentials1.data, sizeof(credentials1.data)); 235 236 status = dcerpc_netr_ServerReqChallenge(p, tctx, &r); 237 torture_assert_ntstatus_ok(tctx, status, "ServerReqChallenge"); 238 239 E_md4hash(plain_pass, mach_password.hash); 240 241 a.in.server_name = NULL; 242 a.in.account_name = talloc_asprintf(tctx, "%s$", machine_name); 243 a.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials); 244 a.in.computer_name = machine_name; 245 a.in.negotiate_flags = &negotiate_flags; 246 a.in.credentials = &credentials3; 247 a.out.return_credentials = &credentials3; 248 a.out.negotiate_flags = &negotiate_flags; 249 a.out.rid = &rid; 250 251 creds = netlogon_creds_client_init(tctx, a.in.account_name, 252 a.in.computer_name, 253 &credentials1, &credentials2, 254 &mach_password, &credentials3, 255 negotiate_flags); 256 257 torture_assert(tctx, creds != NULL, "memory allocation"); 258 259 torture_comment(tctx, "Testing ServerAuthenticate3\n"); 260 261 status = dcerpc_netr_ServerAuthenticate3(p, tctx, &a); 262 torture_assert_ntstatus_ok(tctx, status, "ServerAuthenticate3"); 263 torture_assert(tctx, netlogon_creds_client_check(creds, &credentials3), "Credential chaining failed"); 264 265 torture_comment(tctx, "negotiate_flags=0x%08x\n", negotiate_flags); 266 267 /* Prove that requesting a challenge again won't break it */ 268 status = dcerpc_netr_ServerReqChallenge(p, tctx, &r); 269 torture_assert_ntstatus_ok(tctx, status, "ServerReqChallenge"); 270 271 *creds_out = creds; 272 return true; 273} 274 275/* 276 try a change password for our machine account 277*/ 278static bool test_SetPassword(struct torture_context *tctx, 279 struct dcerpc_pipe *p, 280 struct cli_credentials *machine_credentials) 281{ 282 NTSTATUS status; 283 struct netr_ServerPasswordSet r; 284 const char *password; 285 struct netlogon_creds_CredentialState *creds; 286 struct netr_Authenticator credential, return_authenticator; 287 struct samr_Password new_password; 288 289 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) { 290 return false; 291 } 292 293 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 294 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME); 295 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials); 296 r.in.computer_name = TEST_MACHINE_NAME; 297 r.in.credential = &credential; 298 r.in.new_password = &new_password; 299 r.out.return_authenticator = &return_authenticator; 300 301 password = generate_random_str(tctx, 8); 302 E_md4hash(password, new_password.hash); 303 304 netlogon_creds_des_encrypt(creds, &new_password); 305 306 torture_comment(tctx, "Testing ServerPasswordSet on machine account\n"); 307 torture_comment(tctx, "Changing machine account password to '%s'\n", 308 password); 309 310 netlogon_creds_client_authenticator(creds, &credential); 311 312 status = dcerpc_netr_ServerPasswordSet(p, tctx, &r); 313 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet"); 314 315 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) { 316 torture_comment(tctx, "Credential chaining failed\n"); 317 } 318 319 /* by changing the machine password twice we test the 320 credentials chaining fully, and we verify that the server 321 allows the password to be set to the same value twice in a 322 row (match win2k3) */ 323 torture_comment(tctx, 324 "Testing a second ServerPasswordSet on machine account\n"); 325 torture_comment(tctx, 326 "Changing machine account password to '%s' (same as previous run)\n", password); 327 328 netlogon_creds_client_authenticator(creds, &credential); 329 330 status = dcerpc_netr_ServerPasswordSet(p, tctx, &r); 331 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet (2)"); 332 333 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) { 334 torture_comment(tctx, "Credential chaining failed\n"); 335 } 336 337 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED); 338 339 torture_assert(tctx, 340 test_SetupCredentials(p, tctx, machine_credentials, &creds), 341 "ServerPasswordSet failed to actually change the password"); 342 343 return true; 344} 345 346/* 347 try a change password for our machine account 348*/ 349static bool test_SetPassword_flags(struct torture_context *tctx, 350 struct dcerpc_pipe *p, 351 struct cli_credentials *machine_credentials, 352 uint32_t negotiate_flags) 353{ 354 NTSTATUS status; 355 struct netr_ServerPasswordSet r; 356 const char *password; 357 struct netlogon_creds_CredentialState *creds; 358 struct netr_Authenticator credential, return_authenticator; 359 struct samr_Password new_password; 360 361 if (!test_SetupCredentials2(p, tctx, negotiate_flags, 362 machine_credentials, 363 cli_credentials_get_secure_channel_type(machine_credentials), 364 &creds)) { 365 return false; 366 } 367 368 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 369 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME); 370 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials); 371 r.in.computer_name = TEST_MACHINE_NAME; 372 r.in.credential = &credential; 373 r.in.new_password = &new_password; 374 r.out.return_authenticator = &return_authenticator; 375 376 password = generate_random_str(tctx, 8); 377 E_md4hash(password, new_password.hash); 378 379 netlogon_creds_des_encrypt(creds, &new_password); 380 381 torture_comment(tctx, "Testing ServerPasswordSet on machine account\n"); 382 torture_comment(tctx, "Changing machine account password to '%s'\n", 383 password); 384 385 netlogon_creds_client_authenticator(creds, &credential); 386 387 status = dcerpc_netr_ServerPasswordSet(p, tctx, &r); 388 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet"); 389 390 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) { 391 torture_comment(tctx, "Credential chaining failed\n"); 392 } 393 394 /* by changing the machine password twice we test the 395 credentials chaining fully, and we verify that the server 396 allows the password to be set to the same value twice in a 397 row (match win2k3) */ 398 torture_comment(tctx, 399 "Testing a second ServerPasswordSet on machine account\n"); 400 torture_comment(tctx, 401 "Changing machine account password to '%s' (same as previous run)\n", password); 402 403 netlogon_creds_client_authenticator(creds, &credential); 404 405 status = dcerpc_netr_ServerPasswordSet(p, tctx, &r); 406 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet (2)"); 407 408 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) { 409 torture_comment(tctx, "Credential chaining failed\n"); 410 } 411 412 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED); 413 414 torture_assert(tctx, 415 test_SetupCredentials(p, tctx, machine_credentials, &creds), 416 "ServerPasswordSet failed to actually change the password"); 417 418 return true; 419} 420 421 422/* 423 generate a random password for password change tests 424*/ 425static DATA_BLOB netlogon_very_rand_pass(TALLOC_CTX *mem_ctx, int len) 426{ 427 int i; 428 DATA_BLOB password = data_blob_talloc(mem_ctx, NULL, len * 2 /* number of unicode chars */); 429 generate_random_buffer(password.data, password.length); 430 431 for (i=0; i < len; i++) { 432 if (((uint16_t *)password.data)[i] == 0) { 433 ((uint16_t *)password.data)[i] = 1; 434 } 435 } 436 437 return password; 438} 439 440/* 441 try a change password for our machine account 442*/ 443static bool test_SetPassword2(struct torture_context *tctx, 444 struct dcerpc_pipe *p, 445 struct cli_credentials *machine_credentials) 446{ 447 NTSTATUS status; 448 struct netr_ServerPasswordSet2 r; 449 const char *password; 450 DATA_BLOB new_random_pass; 451 struct netlogon_creds_CredentialState *creds; 452 struct samr_CryptPassword password_buf; 453 struct samr_Password nt_hash; 454 struct netr_Authenticator credential, return_authenticator; 455 struct netr_CryptPassword new_password; 456 457 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) { 458 return false; 459 } 460 461 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 462 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME); 463 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials); 464 r.in.computer_name = TEST_MACHINE_NAME; 465 r.in.credential = &credential; 466 r.in.new_password = &new_password; 467 r.out.return_authenticator = &return_authenticator; 468 469 password = generate_random_str(tctx, 8); 470 encode_pw_buffer(password_buf.data, password, STR_UNICODE); 471 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516); 472 473 memcpy(new_password.data, password_buf.data, 512); 474 new_password.length = IVAL(password_buf.data, 512); 475 476 torture_comment(tctx, "Testing ServerPasswordSet2 on machine account\n"); 477 torture_comment(tctx, "Changing machine account password to '%s'\n", password); 478 479 netlogon_creds_client_authenticator(creds, &credential); 480 481 status = dcerpc_netr_ServerPasswordSet2(p, tctx, &r); 482 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet2"); 483 484 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) { 485 torture_comment(tctx, "Credential chaining failed\n"); 486 } 487 488 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED); 489 490 if (!torture_setting_bool(tctx, "dangerous", false)) { 491 torture_comment(tctx, 492 "Not testing ability to set password to '', enable dangerous tests to perform this test\n"); 493 } else { 494 /* by changing the machine password to "" 495 * we check if the server uses password restrictions 496 * for ServerPasswordSet2 497 * (win2k3 accepts "") 498 */ 499 password = ""; 500 encode_pw_buffer(password_buf.data, password, STR_UNICODE); 501 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516); 502 503 memcpy(new_password.data, password_buf.data, 512); 504 new_password.length = IVAL(password_buf.data, 512); 505 506 torture_comment(tctx, 507 "Testing ServerPasswordSet2 on machine account\n"); 508 torture_comment(tctx, 509 "Changing machine account password to '%s'\n", password); 510 511 netlogon_creds_client_authenticator(creds, &credential); 512 513 status = dcerpc_netr_ServerPasswordSet2(p, tctx, &r); 514 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet2"); 515 516 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) { 517 torture_comment(tctx, "Credential chaining failed\n"); 518 } 519 520 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED); 521 } 522 523 torture_assert(tctx, test_SetupCredentials(p, tctx, machine_credentials, &creds), 524 "ServerPasswordSet failed to actually change the password"); 525 526 /* now try a random password */ 527 password = generate_random_str(tctx, 8); 528 encode_pw_buffer(password_buf.data, password, STR_UNICODE); 529 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516); 530 531 memcpy(new_password.data, password_buf.data, 512); 532 new_password.length = IVAL(password_buf.data, 512); 533 534 torture_comment(tctx, "Testing second ServerPasswordSet2 on machine account\n"); 535 torture_comment(tctx, "Changing machine account password to '%s'\n", password); 536 537 netlogon_creds_client_authenticator(creds, &credential); 538 539 status = dcerpc_netr_ServerPasswordSet2(p, tctx, &r); 540 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet2 (2)"); 541 542 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) { 543 torture_comment(tctx, "Credential chaining failed\n"); 544 } 545 546 /* by changing the machine password twice we test the 547 credentials chaining fully, and we verify that the server 548 allows the password to be set to the same value twice in a 549 row (match win2k3) */ 550 torture_comment(tctx, 551 "Testing a second ServerPasswordSet2 on machine account\n"); 552 torture_comment(tctx, 553 "Changing machine account password to '%s' (same as previous run)\n", password); 554 555 netlogon_creds_client_authenticator(creds, &credential); 556 557 status = dcerpc_netr_ServerPasswordSet2(p, tctx, &r); 558 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet (3)"); 559 560 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) { 561 torture_comment(tctx, "Credential chaining failed\n"); 562 } 563 564 cli_credentials_set_password(machine_credentials, password, CRED_SPECIFIED); 565 566 torture_assert (tctx, 567 test_SetupCredentials(p, tctx, machine_credentials, &creds), 568 "ServerPasswordSet failed to actually change the password"); 569 570 new_random_pass = netlogon_very_rand_pass(tctx, 128); 571 572 /* now try a random stream of bytes for a password */ 573 set_pw_in_buffer(password_buf.data, &new_random_pass); 574 575 netlogon_creds_arcfour_crypt(creds, password_buf.data, 516); 576 577 memcpy(new_password.data, password_buf.data, 512); 578 new_password.length = IVAL(password_buf.data, 512); 579 580 torture_comment(tctx, 581 "Testing a third ServerPasswordSet2 on machine account, with a compleatly random password\n"); 582 583 netlogon_creds_client_authenticator(creds, &credential); 584 585 status = dcerpc_netr_ServerPasswordSet2(p, tctx, &r); 586 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordSet (3)"); 587 588 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) { 589 torture_comment(tctx, "Credential chaining failed\n"); 590 } 591 592 mdfour(nt_hash.hash, new_random_pass.data, new_random_pass.length); 593 594 cli_credentials_set_password(machine_credentials, NULL, CRED_UNINITIALISED); 595 cli_credentials_set_nt_hash(machine_credentials, &nt_hash, CRED_SPECIFIED); 596 597 torture_assert (tctx, 598 test_SetupCredentials(p, tctx, machine_credentials, &creds), 599 "ServerPasswordSet failed to actually change the password"); 600 601 return true; 602} 603 604static bool test_GetPassword(struct torture_context *tctx, 605 struct dcerpc_pipe *p, 606 struct cli_credentials *machine_credentials) 607{ 608 struct netr_ServerPasswordGet r; 609 struct netlogon_creds_CredentialState *creds; 610 struct netr_Authenticator credential; 611 NTSTATUS status; 612 struct netr_Authenticator return_authenticator; 613 struct samr_Password password; 614 615 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) { 616 return false; 617 } 618 619 netlogon_creds_client_authenticator(creds, &credential); 620 621 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 622 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME); 623 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials); 624 r.in.computer_name = TEST_MACHINE_NAME; 625 r.in.credential = &credential; 626 r.out.return_authenticator = &return_authenticator; 627 r.out.password = &password; 628 629 status = dcerpc_netr_ServerPasswordGet(p, tctx, &r); 630 torture_assert_ntstatus_ok(tctx, status, "ServerPasswordGet"); 631 632 return true; 633} 634 635static bool test_GetTrustPasswords(struct torture_context *tctx, 636 struct dcerpc_pipe *p, 637 struct cli_credentials *machine_credentials) 638{ 639 struct netr_ServerTrustPasswordsGet r; 640 struct netlogon_creds_CredentialState *creds; 641 struct netr_Authenticator credential; 642 NTSTATUS status; 643 struct netr_Authenticator return_authenticator; 644 struct samr_Password password, password2; 645 646 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) { 647 return false; 648 } 649 650 netlogon_creds_client_authenticator(creds, &credential); 651 652 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 653 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME); 654 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials); 655 r.in.computer_name = TEST_MACHINE_NAME; 656 r.in.credential = &credential; 657 r.out.return_authenticator = &return_authenticator; 658 r.out.password = &password; 659 r.out.password2 = &password2; 660 661 status = dcerpc_netr_ServerTrustPasswordsGet(p, tctx, &r); 662 torture_assert_ntstatus_ok(tctx, status, "ServerTrustPasswordsGet"); 663 664 return true; 665} 666 667/* 668 try a netlogon SamLogon 669*/ 670bool test_netlogon_ops(struct dcerpc_pipe *p, struct torture_context *tctx, 671 struct cli_credentials *credentials, 672 struct netlogon_creds_CredentialState *creds) 673{ 674 NTSTATUS status; 675 struct netr_LogonSamLogon r; 676 struct netr_Authenticator auth, auth2; 677 union netr_LogonLevel logon; 678 union netr_Validation validation; 679 uint8_t authoritative; 680 struct netr_NetworkInfo ninfo; 681 DATA_BLOB names_blob, chal, lm_resp, nt_resp; 682 int i; 683 int flags = CLI_CRED_NTLM_AUTH; 684 if (lp_client_lanman_auth(tctx->lp_ctx)) { 685 flags |= CLI_CRED_LANMAN_AUTH; 686 } 687 688 if (lp_client_ntlmv2_auth(tctx->lp_ctx)) { 689 flags |= CLI_CRED_NTLMv2_AUTH; 690 } 691 692 cli_credentials_get_ntlm_username_domain(cmdline_credentials, tctx, 693 &ninfo.identity_info.account_name.string, 694 &ninfo.identity_info.domain_name.string); 695 696 generate_random_buffer(ninfo.challenge, 697 sizeof(ninfo.challenge)); 698 chal = data_blob_const(ninfo.challenge, 699 sizeof(ninfo.challenge)); 700 701 names_blob = NTLMv2_generate_names_blob(tctx, cli_credentials_get_workstation(credentials), 702 cli_credentials_get_domain(credentials)); 703 704 status = cli_credentials_get_ntlm_response(cmdline_credentials, tctx, 705 &flags, 706 chal, 707 names_blob, 708 &lm_resp, &nt_resp, 709 NULL, NULL); 710 torture_assert_ntstatus_ok(tctx, status, "cli_credentials_get_ntlm_response failed"); 711 712 ninfo.lm.data = lm_resp.data; 713 ninfo.lm.length = lm_resp.length; 714 715 ninfo.nt.data = nt_resp.data; 716 ninfo.nt.length = nt_resp.length; 717 718 ninfo.identity_info.parameter_control = 0; 719 ninfo.identity_info.logon_id_low = 0; 720 ninfo.identity_info.logon_id_high = 0; 721 ninfo.identity_info.workstation.string = cli_credentials_get_workstation(credentials); 722 723 logon.network = &ninfo; 724 725 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 726 r.in.computer_name = cli_credentials_get_workstation(credentials); 727 r.in.credential = &auth; 728 r.in.return_authenticator = &auth2; 729 r.in.logon_level = 2; 730 r.in.logon = &logon; 731 r.out.validation = &validation; 732 r.out.authoritative = &authoritative; 733 734 d_printf("Testing LogonSamLogon with name %s\n", ninfo.identity_info.account_name.string); 735 736 for (i=2;i<3;i++) { 737 ZERO_STRUCT(auth2); 738 netlogon_creds_client_authenticator(creds, &auth); 739 740 r.in.validation_level = i; 741 742 status = dcerpc_netr_LogonSamLogon(p, tctx, &r); 743 torture_assert_ntstatus_ok(tctx, status, "LogonSamLogon failed"); 744 745 torture_assert(tctx, netlogon_creds_client_check(creds, 746 &r.out.return_authenticator->cred), 747 "Credential chaining failed"); 748 } 749 750 r.in.credential = NULL; 751 752 for (i=2;i<=3;i++) { 753 754 r.in.validation_level = i; 755 756 torture_comment(tctx, "Testing SamLogon with validation level %d and a NULL credential\n", i); 757 758 status = dcerpc_netr_LogonSamLogon(p, tctx, &r); 759 torture_assert_ntstatus_equal(tctx, status, NT_STATUS_INVALID_PARAMETER, 760 "LogonSamLogon expected INVALID_PARAMETER"); 761 762 } 763 764 return true; 765} 766 767/* 768 try a netlogon SamLogon 769*/ 770static bool test_SamLogon(struct torture_context *tctx, 771 struct dcerpc_pipe *p, 772 struct cli_credentials *credentials) 773{ 774 struct netlogon_creds_CredentialState *creds; 775 776 if (!test_SetupCredentials(p, tctx, credentials, &creds)) { 777 return false; 778 } 779 780 return test_netlogon_ops(p, tctx, credentials, creds); 781} 782 783/* we remember the sequence numbers so we can easily do a DatabaseDelta */ 784static uint64_t sequence_nums[3]; 785 786/* 787 try a netlogon DatabaseSync 788*/ 789static bool test_DatabaseSync(struct torture_context *tctx, 790 struct dcerpc_pipe *p, 791 struct cli_credentials *machine_credentials) 792{ 793 NTSTATUS status; 794 struct netr_DatabaseSync r; 795 struct netlogon_creds_CredentialState *creds; 796 const uint32_t database_ids[] = {SAM_DATABASE_DOMAIN, SAM_DATABASE_BUILTIN, SAM_DATABASE_PRIVS}; 797 int i; 798 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL; 799 struct netr_Authenticator credential, return_authenticator; 800 801 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) { 802 return false; 803 } 804 805 ZERO_STRUCT(return_authenticator); 806 807 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 808 r.in.computername = TEST_MACHINE_NAME; 809 r.in.preferredmaximumlength = (uint32_t)-1; 810 r.in.return_authenticator = &return_authenticator; 811 r.out.delta_enum_array = &delta_enum_array; 812 r.out.return_authenticator = &return_authenticator; 813 814 for (i=0;i<ARRAY_SIZE(database_ids);i++) { 815 816 uint32_t sync_context = 0; 817 818 r.in.database_id = database_ids[i]; 819 r.in.sync_context = &sync_context; 820 r.out.sync_context = &sync_context; 821 822 torture_comment(tctx, "Testing DatabaseSync of id %d\n", r.in.database_id); 823 824 do { 825 netlogon_creds_client_authenticator(creds, &credential); 826 827 r.in.credential = &credential; 828 829 status = dcerpc_netr_DatabaseSync(p, tctx, &r); 830 if (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) 831 break; 832 833 /* Native mode servers don't do this */ 834 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) { 835 return true; 836 } 837 torture_assert_ntstatus_ok(tctx, status, "DatabaseSync"); 838 839 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) { 840 torture_comment(tctx, "Credential chaining failed\n"); 841 } 842 843 if (delta_enum_array && 844 delta_enum_array->num_deltas > 0 && 845 delta_enum_array->delta_enum[0].delta_type == NETR_DELTA_DOMAIN && 846 delta_enum_array->delta_enum[0].delta_union.domain) { 847 sequence_nums[r.in.database_id] = 848 delta_enum_array->delta_enum[0].delta_union.domain->sequence_num; 849 torture_comment(tctx, "\tsequence_nums[%d]=%llu\n", 850 r.in.database_id, 851 (unsigned long long)sequence_nums[r.in.database_id]); 852 } 853 } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)); 854 } 855 856 return true; 857} 858 859 860/* 861 try a netlogon DatabaseDeltas 862*/ 863static bool test_DatabaseDeltas(struct torture_context *tctx, 864 struct dcerpc_pipe *p, 865 struct cli_credentials *machine_credentials) 866{ 867 NTSTATUS status; 868 struct netr_DatabaseDeltas r; 869 struct netlogon_creds_CredentialState *creds; 870 struct netr_Authenticator credential; 871 struct netr_Authenticator return_authenticator; 872 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL; 873 const uint32_t database_ids[] = {0, 1, 2}; 874 int i; 875 876 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) { 877 return false; 878 } 879 880 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 881 r.in.computername = TEST_MACHINE_NAME; 882 r.in.preferredmaximumlength = (uint32_t)-1; 883 ZERO_STRUCT(r.in.return_authenticator); 884 r.out.return_authenticator = &return_authenticator; 885 r.out.delta_enum_array = &delta_enum_array; 886 887 for (i=0;i<ARRAY_SIZE(database_ids);i++) { 888 r.in.database_id = database_ids[i]; 889 r.in.sequence_num = &sequence_nums[r.in.database_id]; 890 891 if (*r.in.sequence_num == 0) continue; 892 893 *r.in.sequence_num -= 1; 894 895 torture_comment(tctx, "Testing DatabaseDeltas of id %d at %llu\n", 896 r.in.database_id, (unsigned long long)*r.in.sequence_num); 897 898 do { 899 netlogon_creds_client_authenticator(creds, &credential); 900 901 status = dcerpc_netr_DatabaseDeltas(p, tctx, &r); 902 if (NT_STATUS_EQUAL(status, 903 NT_STATUS_SYNCHRONIZATION_REQUIRED)) { 904 torture_comment(tctx, "not considering %s to be an error\n", 905 nt_errstr(status)); 906 return true; 907 } 908 if (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) 909 break; 910 911 torture_assert_ntstatus_ok(tctx, status, "DatabaseDeltas"); 912 913 if (!netlogon_creds_client_check(creds, &return_authenticator.cred)) { 914 torture_comment(tctx, "Credential chaining failed\n"); 915 } 916 917 (*r.in.sequence_num)++; 918 } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)); 919 } 920 921 return true; 922} 923 924static bool test_DatabaseRedo(struct torture_context *tctx, 925 struct dcerpc_pipe *p, 926 struct cli_credentials *machine_credentials) 927{ 928 NTSTATUS status; 929 struct netr_DatabaseRedo r; 930 struct netlogon_creds_CredentialState *creds; 931 struct netr_Authenticator credential; 932 struct netr_Authenticator return_authenticator; 933 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL; 934 struct netr_ChangeLogEntry e; 935 struct dom_sid null_sid, *sid; 936 int i,d; 937 938 ZERO_STRUCT(null_sid); 939 940 sid = dom_sid_parse_talloc(tctx, "S-1-5-21-1111111111-2222222222-333333333-500"); 941 942 { 943 944 struct { 945 uint32_t rid; 946 uint16_t flags; 947 uint8_t db_index; 948 uint8_t delta_type; 949 struct dom_sid sid; 950 const char *name; 951 NTSTATUS expected_error; 952 uint32_t expected_num_results; 953 uint8_t expected_delta_type_1; 954 uint8_t expected_delta_type_2; 955 const char *comment; 956 } changes[] = { 957 958 /* SAM_DATABASE_DOMAIN */ 959 960 { 961 .rid = 0, 962 .flags = 0, 963 .db_index = SAM_DATABASE_DOMAIN, 964 .delta_type = NETR_DELTA_MODIFY_COUNT, 965 .sid = null_sid, 966 .name = NULL, 967 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED, 968 .expected_num_results = 0, 969 .comment = "NETR_DELTA_MODIFY_COUNT" 970 }, 971 { 972 .rid = 0, 973 .flags = 0, 974 .db_index = SAM_DATABASE_DOMAIN, 975 .delta_type = 0, 976 .sid = null_sid, 977 .name = NULL, 978 .expected_error = NT_STATUS_OK, 979 .expected_num_results = 1, 980 .expected_delta_type_1 = NETR_DELTA_DOMAIN, 981 .comment = "NULL DELTA" 982 }, 983 { 984 .rid = 0, 985 .flags = 0, 986 .db_index = SAM_DATABASE_DOMAIN, 987 .delta_type = NETR_DELTA_DOMAIN, 988 .sid = null_sid, 989 .name = NULL, 990 .expected_error = NT_STATUS_OK, 991 .expected_num_results = 1, 992 .expected_delta_type_1 = NETR_DELTA_DOMAIN, 993 .comment = "NETR_DELTA_DOMAIN" 994 }, 995 { 996 .rid = DOMAIN_RID_ADMINISTRATOR, 997 .flags = 0, 998 .db_index = SAM_DATABASE_DOMAIN, 999 .delta_type = NETR_DELTA_USER, 1000 .sid = null_sid, 1001 .name = NULL, 1002 .expected_error = NT_STATUS_OK, 1003 .expected_num_results = 1, 1004 .expected_delta_type_1 = NETR_DELTA_USER, 1005 .comment = "NETR_DELTA_USER by rid 500" 1006 }, 1007 { 1008 .rid = DOMAIN_RID_GUEST, 1009 .flags = 0, 1010 .db_index = SAM_DATABASE_DOMAIN, 1011 .delta_type = NETR_DELTA_USER, 1012 .sid = null_sid, 1013 .name = NULL, 1014 .expected_error = NT_STATUS_OK, 1015 .expected_num_results = 1, 1016 .expected_delta_type_1 = NETR_DELTA_USER, 1017 .comment = "NETR_DELTA_USER by rid 501" 1018 }, 1019 { 1020 .rid = 0, 1021 .flags = NETR_CHANGELOG_SID_INCLUDED, 1022 .db_index = SAM_DATABASE_DOMAIN, 1023 .delta_type = NETR_DELTA_USER, 1024 .sid = *sid, 1025 .name = NULL, 1026 .expected_error = NT_STATUS_OK, 1027 .expected_num_results = 1, 1028 .expected_delta_type_1 = NETR_DELTA_DELETE_USER, 1029 .comment = "NETR_DELTA_USER by sid and flags" 1030 }, 1031 { 1032 .rid = 0, 1033 .flags = NETR_CHANGELOG_SID_INCLUDED, 1034 .db_index = SAM_DATABASE_DOMAIN, 1035 .delta_type = NETR_DELTA_USER, 1036 .sid = null_sid, 1037 .name = NULL, 1038 .expected_error = NT_STATUS_OK, 1039 .expected_num_results = 1, 1040 .expected_delta_type_1 = NETR_DELTA_DELETE_USER, 1041 .comment = "NETR_DELTA_USER by null_sid and flags" 1042 }, 1043 { 1044 .rid = 0, 1045 .flags = NETR_CHANGELOG_NAME_INCLUDED, 1046 .db_index = SAM_DATABASE_DOMAIN, 1047 .delta_type = NETR_DELTA_USER, 1048 .sid = null_sid, 1049 .name = "administrator", 1050 .expected_error = NT_STATUS_OK, 1051 .expected_num_results = 1, 1052 .expected_delta_type_1 = NETR_DELTA_DELETE_USER, 1053 .comment = "NETR_DELTA_USER by name 'administrator'" 1054 }, 1055 { 1056 .rid = DOMAIN_RID_ADMINS, 1057 .flags = 0, 1058 .db_index = SAM_DATABASE_DOMAIN, 1059 .delta_type = NETR_DELTA_GROUP, 1060 .sid = null_sid, 1061 .name = NULL, 1062 .expected_error = NT_STATUS_OK, 1063 .expected_num_results = 2, 1064 .expected_delta_type_1 = NETR_DELTA_GROUP, 1065 .expected_delta_type_2 = NETR_DELTA_GROUP_MEMBER, 1066 .comment = "NETR_DELTA_GROUP by rid 512" 1067 }, 1068 { 1069 .rid = DOMAIN_RID_ADMINS, 1070 .flags = 0, 1071 .db_index = SAM_DATABASE_DOMAIN, 1072 .delta_type = NETR_DELTA_GROUP_MEMBER, 1073 .sid = null_sid, 1074 .name = NULL, 1075 .expected_error = NT_STATUS_OK, 1076 .expected_num_results = 2, 1077 .expected_delta_type_1 = NETR_DELTA_GROUP, 1078 .expected_delta_type_2 = NETR_DELTA_GROUP_MEMBER, 1079 .comment = "NETR_DELTA_GROUP_MEMBER by rid 512" 1080 }, 1081 1082 1083 /* SAM_DATABASE_BUILTIN */ 1084 1085 { 1086 .rid = 0, 1087 .flags = 0, 1088 .db_index = SAM_DATABASE_BUILTIN, 1089 .delta_type = NETR_DELTA_MODIFY_COUNT, 1090 .sid = null_sid, 1091 .name = NULL, 1092 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED, 1093 .expected_num_results = 0, 1094 .comment = "NETR_DELTA_MODIFY_COUNT" 1095 }, 1096 { 1097 .rid = 0, 1098 .flags = 0, 1099 .db_index = SAM_DATABASE_BUILTIN, 1100 .delta_type = NETR_DELTA_DOMAIN, 1101 .sid = null_sid, 1102 .name = NULL, 1103 .expected_error = NT_STATUS_OK, 1104 .expected_num_results = 1, 1105 .expected_delta_type_1 = NETR_DELTA_DOMAIN, 1106 .comment = "NETR_DELTA_DOMAIN" 1107 }, 1108 { 1109 .rid = DOMAIN_RID_ADMINISTRATOR, 1110 .flags = 0, 1111 .db_index = SAM_DATABASE_BUILTIN, 1112 .delta_type = NETR_DELTA_USER, 1113 .sid = null_sid, 1114 .name = NULL, 1115 .expected_error = NT_STATUS_OK, 1116 .expected_num_results = 1, 1117 .expected_delta_type_1 = NETR_DELTA_DELETE_USER, 1118 .comment = "NETR_DELTA_USER by rid 500" 1119 }, 1120 { 1121 .rid = 0, 1122 .flags = 0, 1123 .db_index = SAM_DATABASE_BUILTIN, 1124 .delta_type = NETR_DELTA_USER, 1125 .sid = null_sid, 1126 .name = NULL, 1127 .expected_error = NT_STATUS_OK, 1128 .expected_num_results = 1, 1129 .expected_delta_type_1 = NETR_DELTA_DELETE_USER, 1130 .comment = "NETR_DELTA_USER" 1131 }, 1132 { 1133 .rid = 544, 1134 .flags = 0, 1135 .db_index = SAM_DATABASE_BUILTIN, 1136 .delta_type = NETR_DELTA_ALIAS, 1137 .sid = null_sid, 1138 .name = NULL, 1139 .expected_error = NT_STATUS_OK, 1140 .expected_num_results = 2, 1141 .expected_delta_type_1 = NETR_DELTA_ALIAS, 1142 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER, 1143 .comment = "NETR_DELTA_ALIAS by rid 544" 1144 }, 1145 { 1146 .rid = 544, 1147 .flags = 0, 1148 .db_index = SAM_DATABASE_BUILTIN, 1149 .delta_type = NETR_DELTA_ALIAS_MEMBER, 1150 .sid = null_sid, 1151 .name = NULL, 1152 .expected_error = NT_STATUS_OK, 1153 .expected_num_results = 2, 1154 .expected_delta_type_1 = NETR_DELTA_ALIAS, 1155 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER, 1156 .comment = "NETR_DELTA_ALIAS_MEMBER by rid 544" 1157 }, 1158 { 1159 .rid = 544, 1160 .flags = 0, 1161 .db_index = SAM_DATABASE_BUILTIN, 1162 .delta_type = 0, 1163 .sid = null_sid, 1164 .name = NULL, 1165 .expected_error = NT_STATUS_OK, 1166 .expected_num_results = 1, 1167 .expected_delta_type_1 = NETR_DELTA_DOMAIN, 1168 .comment = "NULL DELTA by rid 544" 1169 }, 1170 { 1171 .rid = 544, 1172 .flags = NETR_CHANGELOG_SID_INCLUDED, 1173 .db_index = SAM_DATABASE_BUILTIN, 1174 .delta_type = 0, 1175 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"), 1176 .name = NULL, 1177 .expected_error = NT_STATUS_OK, 1178 .expected_num_results = 1, 1179 .expected_delta_type_1 = NETR_DELTA_DOMAIN, 1180 .comment = "NULL DELTA by rid 544 sid S-1-5-32-544 and flags" 1181 }, 1182 { 1183 .rid = 544, 1184 .flags = NETR_CHANGELOG_SID_INCLUDED, 1185 .db_index = SAM_DATABASE_BUILTIN, 1186 .delta_type = NETR_DELTA_ALIAS, 1187 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"), 1188 .name = NULL, 1189 .expected_error = NT_STATUS_OK, 1190 .expected_num_results = 2, 1191 .expected_delta_type_1 = NETR_DELTA_ALIAS, 1192 .expected_delta_type_2 = NETR_DELTA_ALIAS_MEMBER, 1193 .comment = "NETR_DELTA_ALIAS by rid 544 and sid S-1-5-32-544 and flags" 1194 }, 1195 { 1196 .rid = 0, 1197 .flags = NETR_CHANGELOG_SID_INCLUDED, 1198 .db_index = SAM_DATABASE_BUILTIN, 1199 .delta_type = NETR_DELTA_ALIAS, 1200 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32-544"), 1201 .name = NULL, 1202 .expected_error = NT_STATUS_OK, 1203 .expected_num_results = 1, 1204 .expected_delta_type_1 = NETR_DELTA_DELETE_ALIAS, 1205 .comment = "NETR_DELTA_ALIAS by sid S-1-5-32-544 and flags" 1206 }, 1207 1208 /* SAM_DATABASE_PRIVS */ 1209 1210 { 1211 .rid = 0, 1212 .flags = 0, 1213 .db_index = SAM_DATABASE_PRIVS, 1214 .delta_type = 0, 1215 .sid = null_sid, 1216 .name = NULL, 1217 .expected_error = NT_STATUS_ACCESS_DENIED, 1218 .expected_num_results = 0, 1219 .comment = "NULL DELTA" 1220 }, 1221 { 1222 .rid = 0, 1223 .flags = 0, 1224 .db_index = SAM_DATABASE_PRIVS, 1225 .delta_type = NETR_DELTA_MODIFY_COUNT, 1226 .sid = null_sid, 1227 .name = NULL, 1228 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED, 1229 .expected_num_results = 0, 1230 .comment = "NETR_DELTA_MODIFY_COUNT" 1231 }, 1232 { 1233 .rid = 0, 1234 .flags = 0, 1235 .db_index = SAM_DATABASE_PRIVS, 1236 .delta_type = NETR_DELTA_POLICY, 1237 .sid = null_sid, 1238 .name = NULL, 1239 .expected_error = NT_STATUS_OK, 1240 .expected_num_results = 1, 1241 .expected_delta_type_1 = NETR_DELTA_POLICY, 1242 .comment = "NETR_DELTA_POLICY" 1243 }, 1244 { 1245 .rid = 0, 1246 .flags = NETR_CHANGELOG_SID_INCLUDED, 1247 .db_index = SAM_DATABASE_PRIVS, 1248 .delta_type = NETR_DELTA_POLICY, 1249 .sid = null_sid, 1250 .name = NULL, 1251 .expected_error = NT_STATUS_OK, 1252 .expected_num_results = 1, 1253 .expected_delta_type_1 = NETR_DELTA_POLICY, 1254 .comment = "NETR_DELTA_POLICY by null sid and flags" 1255 }, 1256 { 1257 .rid = 0, 1258 .flags = NETR_CHANGELOG_SID_INCLUDED, 1259 .db_index = SAM_DATABASE_PRIVS, 1260 .delta_type = NETR_DELTA_POLICY, 1261 .sid = *dom_sid_parse_talloc(tctx, "S-1-5-32"), 1262 .name = NULL, 1263 .expected_error = NT_STATUS_OK, 1264 .expected_num_results = 1, 1265 .expected_delta_type_1 = NETR_DELTA_POLICY, 1266 .comment = "NETR_DELTA_POLICY by sid S-1-5-32 and flags" 1267 }, 1268 { 1269 .rid = DOMAIN_RID_ADMINISTRATOR, 1270 .flags = 0, 1271 .db_index = SAM_DATABASE_PRIVS, 1272 .delta_type = NETR_DELTA_ACCOUNT, 1273 .sid = null_sid, 1274 .name = NULL, 1275 .expected_error = NT_STATUS_SYNCHRONIZATION_REQUIRED, /* strange */ 1276 .expected_num_results = 0, 1277 .comment = "NETR_DELTA_ACCOUNT by rid 500" 1278 }, 1279 { 1280 .rid = 0, 1281 .flags = NETR_CHANGELOG_SID_INCLUDED, 1282 .db_index = SAM_DATABASE_PRIVS, 1283 .delta_type = NETR_DELTA_ACCOUNT, 1284 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"), 1285 .name = NULL, 1286 .expected_error = NT_STATUS_OK, 1287 .expected_num_results = 1, 1288 .expected_delta_type_1 = NETR_DELTA_ACCOUNT, 1289 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and flags" 1290 }, 1291 { 1292 .rid = 0, 1293 .flags = NETR_CHANGELOG_SID_INCLUDED | 1294 NETR_CHANGELOG_IMMEDIATE_REPL_REQUIRED, 1295 .db_index = SAM_DATABASE_PRIVS, 1296 .delta_type = NETR_DELTA_ACCOUNT, 1297 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"), 1298 .name = NULL, 1299 .expected_error = NT_STATUS_OK, 1300 .expected_num_results = 1, 1301 .expected_delta_type_1 = NETR_DELTA_ACCOUNT, 1302 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and 2 flags" 1303 }, 1304 { 1305 .rid = 0, 1306 .flags = NETR_CHANGELOG_SID_INCLUDED | 1307 NETR_CHANGELOG_NAME_INCLUDED, 1308 .db_index = SAM_DATABASE_PRIVS, 1309 .delta_type = NETR_DELTA_ACCOUNT, 1310 .sid = *dom_sid_parse_talloc(tctx, "S-1-1-0"), 1311 .name = NULL, 1312 .expected_error = NT_STATUS_INVALID_PARAMETER, 1313 .expected_num_results = 0, 1314 .comment = "NETR_DELTA_ACCOUNT by sid S-1-1-0 and invalid flags" 1315 }, 1316 { 1317 .rid = DOMAIN_RID_ADMINISTRATOR, 1318 .flags = NETR_CHANGELOG_SID_INCLUDED, 1319 .db_index = SAM_DATABASE_PRIVS, 1320 .delta_type = NETR_DELTA_ACCOUNT, 1321 .sid = *sid, 1322 .name = NULL, 1323 .expected_error = NT_STATUS_OK, 1324 .expected_num_results = 1, 1325 .expected_delta_type_1 = NETR_DELTA_DELETE_ACCOUNT, 1326 .comment = "NETR_DELTA_ACCOUNT by rid 500, sid and flags" 1327 }, 1328 { 1329 .rid = 0, 1330 .flags = NETR_CHANGELOG_NAME_INCLUDED, 1331 .db_index = SAM_DATABASE_PRIVS, 1332 .delta_type = NETR_DELTA_SECRET, 1333 .sid = null_sid, 1334 .name = "IsurelydontexistIhope", 1335 .expected_error = NT_STATUS_OK, 1336 .expected_num_results = 1, 1337 .expected_delta_type_1 = NETR_DELTA_DELETE_SECRET, 1338 .comment = "NETR_DELTA_SECRET by name 'IsurelydontexistIhope' and flags" 1339 }, 1340 { 1341 .rid = 0, 1342 .flags = NETR_CHANGELOG_NAME_INCLUDED, 1343 .db_index = SAM_DATABASE_PRIVS, 1344 .delta_type = NETR_DELTA_SECRET, 1345 .sid = null_sid, 1346 .name = "G$BCKUPKEY_P", 1347 .expected_error = NT_STATUS_OK, 1348 .expected_num_results = 1, 1349 .expected_delta_type_1 = NETR_DELTA_SECRET, 1350 .comment = "NETR_DELTA_SECRET by name 'G$BCKUPKEY_P' and flags" 1351 } 1352 }; 1353 1354 ZERO_STRUCT(return_authenticator); 1355 1356 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 1357 r.in.computername = TEST_MACHINE_NAME; 1358 r.in.return_authenticator = &return_authenticator; 1359 r.out.return_authenticator = &return_authenticator; 1360 r.out.delta_enum_array = &delta_enum_array; 1361 1362 for (d=0; d<3; d++) { 1363 1364 const char *database; 1365 1366 switch (d) { 1367 case 0: 1368 database = "SAM"; 1369 break; 1370 case 1: 1371 database = "BUILTIN"; 1372 break; 1373 case 2: 1374 database = "LSA"; 1375 break; 1376 default: 1377 break; 1378 } 1379 1380 torture_comment(tctx, "Testing DatabaseRedo\n"); 1381 1382 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) { 1383 return false; 1384 } 1385 1386 for (i=0;i<ARRAY_SIZE(changes);i++) { 1387 1388 if (d != changes[i].db_index) { 1389 continue; 1390 } 1391 1392 netlogon_creds_client_authenticator(creds, &credential); 1393 1394 r.in.credential = &credential; 1395 1396 e.serial_number1 = 0; 1397 e.serial_number2 = 0; 1398 e.object_rid = changes[i].rid; 1399 e.flags = changes[i].flags; 1400 e.db_index = changes[i].db_index; 1401 e.delta_type = changes[i].delta_type; 1402 1403 switch (changes[i].flags & (NETR_CHANGELOG_NAME_INCLUDED | NETR_CHANGELOG_SID_INCLUDED)) { 1404 case NETR_CHANGELOG_SID_INCLUDED: 1405 e.object.object_sid = changes[i].sid; 1406 break; 1407 case NETR_CHANGELOG_NAME_INCLUDED: 1408 e.object.object_name = changes[i].name; 1409 break; 1410 default: 1411 break; 1412 } 1413 1414 r.in.change_log_entry = e; 1415 1416 torture_comment(tctx, "Testing DatabaseRedo with database %s and %s\n", 1417 database, changes[i].comment); 1418 1419 status = dcerpc_netr_DatabaseRedo(p, tctx, &r); 1420 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) { 1421 return true; 1422 } 1423 1424 torture_assert_ntstatus_equal(tctx, status, changes[i].expected_error, changes[i].comment); 1425 if (delta_enum_array) { 1426 torture_assert_int_equal(tctx, 1427 delta_enum_array->num_deltas, 1428 changes[i].expected_num_results, 1429 changes[i].comment); 1430 if (delta_enum_array->num_deltas > 0) { 1431 torture_assert_int_equal(tctx, 1432 delta_enum_array->delta_enum[0].delta_type, 1433 changes[i].expected_delta_type_1, 1434 changes[i].comment); 1435 } 1436 if (delta_enum_array->num_deltas > 1) { 1437 torture_assert_int_equal(tctx, 1438 delta_enum_array->delta_enum[1].delta_type, 1439 changes[i].expected_delta_type_2, 1440 changes[i].comment); 1441 } 1442 } 1443 1444 if (!netlogon_creds_client_check(creds, &return_authenticator.cred)) { 1445 torture_comment(tctx, "Credential chaining failed\n"); 1446 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) { 1447 return false; 1448 } 1449 } 1450 } 1451 } 1452 } 1453 1454 return true; 1455} 1456 1457/* 1458 try a netlogon AccountDeltas 1459*/ 1460static bool test_AccountDeltas(struct torture_context *tctx, 1461 struct dcerpc_pipe *p, 1462 struct cli_credentials *machine_credentials) 1463{ 1464 NTSTATUS status; 1465 struct netr_AccountDeltas r; 1466 struct netlogon_creds_CredentialState *creds; 1467 1468 struct netr_AccountBuffer buffer; 1469 uint32_t count_returned = 0; 1470 uint32_t total_entries = 0; 1471 struct netr_UAS_INFO_0 recordid; 1472 struct netr_Authenticator return_authenticator; 1473 1474 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) { 1475 return false; 1476 } 1477 1478 ZERO_STRUCT(return_authenticator); 1479 1480 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 1481 r.in.computername = TEST_MACHINE_NAME; 1482 r.in.return_authenticator = &return_authenticator; 1483 netlogon_creds_client_authenticator(creds, &r.in.credential); 1484 ZERO_STRUCT(r.in.uas); 1485 r.in.count=10; 1486 r.in.level=0; 1487 r.in.buffersize=100; 1488 r.out.buffer = &buffer; 1489 r.out.count_returned = &count_returned; 1490 r.out.total_entries = &total_entries; 1491 r.out.recordid = &recordid; 1492 r.out.return_authenticator = &return_authenticator; 1493 1494 /* w2k3 returns "NOT IMPLEMENTED" for this call */ 1495 status = dcerpc_netr_AccountDeltas(p, tctx, &r); 1496 torture_assert_ntstatus_equal(tctx, status, NT_STATUS_NOT_IMPLEMENTED, "AccountDeltas"); 1497 1498 return true; 1499} 1500 1501/* 1502 try a netlogon AccountSync 1503*/ 1504static bool test_AccountSync(struct torture_context *tctx, struct dcerpc_pipe *p, 1505 struct cli_credentials *machine_credentials) 1506{ 1507 NTSTATUS status; 1508 struct netr_AccountSync r; 1509 struct netlogon_creds_CredentialState *creds; 1510 1511 struct netr_AccountBuffer buffer; 1512 uint32_t count_returned = 0; 1513 uint32_t total_entries = 0; 1514 uint32_t next_reference = 0; 1515 struct netr_UAS_INFO_0 recordid; 1516 struct netr_Authenticator return_authenticator; 1517 1518 ZERO_STRUCT(recordid); 1519 ZERO_STRUCT(return_authenticator); 1520 1521 if (!test_SetupCredentials(p, tctx, machine_credentials, &creds)) { 1522 return false; 1523 } 1524 1525 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 1526 r.in.computername = TEST_MACHINE_NAME; 1527 r.in.return_authenticator = &return_authenticator; 1528 netlogon_creds_client_authenticator(creds, &r.in.credential); 1529 r.in.recordid = &recordid; 1530 r.in.reference=0; 1531 r.in.level=0; 1532 r.in.buffersize=100; 1533 r.out.buffer = &buffer; 1534 r.out.count_returned = &count_returned; 1535 r.out.total_entries = &total_entries; 1536 r.out.next_reference = &next_reference; 1537 r.out.recordid = &recordid; 1538 r.out.return_authenticator = &return_authenticator; 1539 1540 /* w2k3 returns "NOT IMPLEMENTED" for this call */ 1541 status = dcerpc_netr_AccountSync(p, tctx, &r); 1542 torture_assert_ntstatus_equal(tctx, status, NT_STATUS_NOT_IMPLEMENTED, "AccountSync"); 1543 1544 return true; 1545} 1546 1547/* 1548 try a netlogon GetDcName 1549*/ 1550static bool test_GetDcName(struct torture_context *tctx, 1551 struct dcerpc_pipe *p) 1552{ 1553 NTSTATUS status; 1554 struct netr_GetDcName r; 1555 const char *dcname = NULL; 1556 1557 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 1558 r.in.domainname = lp_workgroup(tctx->lp_ctx); 1559 r.out.dcname = &dcname; 1560 1561 status = dcerpc_netr_GetDcName(p, tctx, &r); 1562 torture_assert_ntstatus_ok(tctx, status, "GetDcName"); 1563 torture_assert_werr_ok(tctx, r.out.result, "GetDcName"); 1564 1565 torture_comment(tctx, "\tDC is at '%s'\n", dcname); 1566 1567 return true; 1568} 1569 1570static const char *function_code_str(TALLOC_CTX *mem_ctx, 1571 enum netr_LogonControlCode function_code) 1572{ 1573 switch (function_code) { 1574 case NETLOGON_CONTROL_QUERY: 1575 return "NETLOGON_CONTROL_QUERY"; 1576 case NETLOGON_CONTROL_REPLICATE: 1577 return "NETLOGON_CONTROL_REPLICATE"; 1578 case NETLOGON_CONTROL_SYNCHRONIZE: 1579 return "NETLOGON_CONTROL_SYNCHRONIZE"; 1580 case NETLOGON_CONTROL_PDC_REPLICATE: 1581 return "NETLOGON_CONTROL_PDC_REPLICATE"; 1582 case NETLOGON_CONTROL_REDISCOVER: 1583 return "NETLOGON_CONTROL_REDISCOVER"; 1584 case NETLOGON_CONTROL_TC_QUERY: 1585 return "NETLOGON_CONTROL_TC_QUERY"; 1586 case NETLOGON_CONTROL_TRANSPORT_NOTIFY: 1587 return "NETLOGON_CONTROL_TRANSPORT_NOTIFY"; 1588 case NETLOGON_CONTROL_FIND_USER: 1589 return "NETLOGON_CONTROL_FIND_USER"; 1590 case NETLOGON_CONTROL_CHANGE_PASSWORD: 1591 return "NETLOGON_CONTROL_CHANGE_PASSWORD"; 1592 case NETLOGON_CONTROL_TC_VERIFY: 1593 return "NETLOGON_CONTROL_TC_VERIFY"; 1594 case NETLOGON_CONTROL_FORCE_DNS_REG: 1595 return "NETLOGON_CONTROL_FORCE_DNS_REG"; 1596 case NETLOGON_CONTROL_QUERY_DNS_REG: 1597 return "NETLOGON_CONTROL_QUERY_DNS_REG"; 1598 case NETLOGON_CONTROL_BACKUP_CHANGE_LOG: 1599 return "NETLOGON_CONTROL_BACKUP_CHANGE_LOG"; 1600 case NETLOGON_CONTROL_TRUNCATE_LOG: 1601 return "NETLOGON_CONTROL_TRUNCATE_LOG"; 1602 case NETLOGON_CONTROL_SET_DBFLAG: 1603 return "NETLOGON_CONTROL_SET_DBFLAG"; 1604 case NETLOGON_CONTROL_BREAKPOINT: 1605 return "NETLOGON_CONTROL_BREAKPOINT"; 1606 default: 1607 return talloc_asprintf(mem_ctx, "unknown function code: %d", 1608 function_code); 1609 } 1610} 1611 1612 1613/* 1614 try a netlogon LogonControl 1615*/ 1616static bool test_LogonControl(struct torture_context *tctx, 1617 struct dcerpc_pipe *p, 1618 struct cli_credentials *machine_credentials) 1619 1620{ 1621 NTSTATUS status; 1622 struct netr_LogonControl r; 1623 union netr_CONTROL_QUERY_INFORMATION query; 1624 int i,f; 1625 enum netr_SchannelType secure_channel_type = SEC_CHAN_NULL; 1626 1627 uint32_t function_codes[] = { 1628 NETLOGON_CONTROL_QUERY, 1629 NETLOGON_CONTROL_REPLICATE, 1630 NETLOGON_CONTROL_SYNCHRONIZE, 1631 NETLOGON_CONTROL_PDC_REPLICATE, 1632 NETLOGON_CONTROL_REDISCOVER, 1633 NETLOGON_CONTROL_TC_QUERY, 1634 NETLOGON_CONTROL_TRANSPORT_NOTIFY, 1635 NETLOGON_CONTROL_FIND_USER, 1636 NETLOGON_CONTROL_CHANGE_PASSWORD, 1637 NETLOGON_CONTROL_TC_VERIFY, 1638 NETLOGON_CONTROL_FORCE_DNS_REG, 1639 NETLOGON_CONTROL_QUERY_DNS_REG, 1640 NETLOGON_CONTROL_BACKUP_CHANGE_LOG, 1641 NETLOGON_CONTROL_TRUNCATE_LOG, 1642 NETLOGON_CONTROL_SET_DBFLAG, 1643 NETLOGON_CONTROL_BREAKPOINT 1644 }; 1645 1646 if (machine_credentials) { 1647 secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials); 1648 } 1649 1650 torture_comment(tctx, "testing LogonControl with secure channel type: %d\n", 1651 secure_channel_type); 1652 1653 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 1654 r.in.function_code = 1; 1655 r.out.query = &query; 1656 1657 for (f=0;f<ARRAY_SIZE(function_codes); f++) { 1658 for (i=1;i<5;i++) { 1659 1660 r.in.function_code = function_codes[f]; 1661 r.in.level = i; 1662 1663 torture_comment(tctx, "Testing LogonControl function code %s (%d) level %d\n", 1664 function_code_str(tctx, r.in.function_code), r.in.function_code, r.in.level); 1665 1666 status = dcerpc_netr_LogonControl(p, tctx, &r); 1667 torture_assert_ntstatus_ok(tctx, status, "LogonControl"); 1668 1669 switch (r.in.level) { 1670 case 1: 1671 switch (r.in.function_code) { 1672 case NETLOGON_CONTROL_REPLICATE: 1673 case NETLOGON_CONTROL_SYNCHRONIZE: 1674 case NETLOGON_CONTROL_PDC_REPLICATE: 1675 case NETLOGON_CONTROL_BREAKPOINT: 1676 case NETLOGON_CONTROL_BACKUP_CHANGE_LOG: 1677 if ((secure_channel_type == SEC_CHAN_BDC) || 1678 (secure_channel_type == SEC_CHAN_WKSTA)) { 1679 torture_assert_werr_equal(tctx, r.out.result, WERR_ACCESS_DENIED, 1680 "LogonControl returned unexpected error code"); 1681 } else { 1682 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED, 1683 "LogonControl returned unexpected error code"); 1684 } 1685 break; 1686 1687 case NETLOGON_CONTROL_REDISCOVER: 1688 case NETLOGON_CONTROL_TC_QUERY: 1689 case NETLOGON_CONTROL_TRANSPORT_NOTIFY: 1690 case NETLOGON_CONTROL_FIND_USER: 1691 case NETLOGON_CONTROL_CHANGE_PASSWORD: 1692 case NETLOGON_CONTROL_TC_VERIFY: 1693 case NETLOGON_CONTROL_FORCE_DNS_REG: 1694 case NETLOGON_CONTROL_QUERY_DNS_REG: 1695 case NETLOGON_CONTROL_SET_DBFLAG: 1696 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED, 1697 "LogonControl returned unexpected error code"); 1698 break; 1699 case NETLOGON_CONTROL_TRUNCATE_LOG: 1700 if ((secure_channel_type == SEC_CHAN_BDC) || 1701 (secure_channel_type == SEC_CHAN_WKSTA)) { 1702 torture_assert_werr_equal(tctx, r.out.result, WERR_ACCESS_DENIED, 1703 "LogonControl returned unexpected error code"); 1704 } else { 1705 torture_assert_werr_ok(tctx, r.out.result, 1706 "LogonControl returned unexpected result"); 1707 } 1708 break; 1709 default: 1710 torture_assert_werr_ok(tctx, r.out.result, 1711 "LogonControl returned unexpected result"); 1712 break; 1713 } 1714 break; 1715 case 2: 1716 torture_assert_werr_equal(tctx, r.out.result, WERR_NOT_SUPPORTED, 1717 "LogonControl returned unexpected error code"); 1718 break; 1719 default: 1720 torture_assert_werr_equal(tctx, r.out.result, WERR_UNKNOWN_LEVEL, 1721 "LogonControl returned unexpected error code"); 1722 break; 1723 } 1724 } 1725 } 1726 1727 return true; 1728} 1729 1730 1731/* 1732 try a netlogon GetAnyDCName 1733*/ 1734static bool test_GetAnyDCName(struct torture_context *tctx, 1735 struct dcerpc_pipe *p) 1736{ 1737 NTSTATUS status; 1738 struct netr_GetAnyDCName r; 1739 const char *dcname = NULL; 1740 1741 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 1742 r.in.domainname = lp_workgroup(tctx->lp_ctx); 1743 r.out.dcname = &dcname; 1744 1745 status = dcerpc_netr_GetAnyDCName(p, tctx, &r); 1746 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName"); 1747 torture_assert_werr_ok(tctx, r.out.result, "GetAnyDCName"); 1748 1749 if (dcname) { 1750 torture_comment(tctx, "\tDC is at '%s'\n", dcname); 1751 } 1752 1753 return true; 1754} 1755 1756 1757/* 1758 try a netlogon LogonControl2 1759*/ 1760static bool test_LogonControl2(struct torture_context *tctx, 1761 struct dcerpc_pipe *p, 1762 struct cli_credentials *machine_credentials) 1763 1764{ 1765 NTSTATUS status; 1766 struct netr_LogonControl2 r; 1767 union netr_CONTROL_DATA_INFORMATION data; 1768 union netr_CONTROL_QUERY_INFORMATION query; 1769 int i; 1770 1771 data.domain = lp_workgroup(tctx->lp_ctx); 1772 1773 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 1774 1775 r.in.function_code = NETLOGON_CONTROL_REDISCOVER; 1776 r.in.data = &data; 1777 r.out.query = &query; 1778 1779 for (i=1;i<4;i++) { 1780 r.in.level = i; 1781 1782 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n", 1783 i, r.in.function_code); 1784 1785 status = dcerpc_netr_LogonControl2(p, tctx, &r); 1786 torture_assert_ntstatus_ok(tctx, status, "LogonControl"); 1787 } 1788 1789 data.domain = lp_workgroup(tctx->lp_ctx); 1790 1791 r.in.function_code = NETLOGON_CONTROL_TC_QUERY; 1792 r.in.data = &data; 1793 1794 for (i=1;i<4;i++) { 1795 r.in.level = i; 1796 1797 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n", 1798 i, r.in.function_code); 1799 1800 status = dcerpc_netr_LogonControl2(p, tctx, &r); 1801 torture_assert_ntstatus_ok(tctx, status, "LogonControl"); 1802 } 1803 1804 data.domain = lp_workgroup(tctx->lp_ctx); 1805 1806 r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY; 1807 r.in.data = &data; 1808 1809 for (i=1;i<4;i++) { 1810 r.in.level = i; 1811 1812 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n", 1813 i, r.in.function_code); 1814 1815 status = dcerpc_netr_LogonControl2(p, tctx, &r); 1816 torture_assert_ntstatus_ok(tctx, status, "LogonControl"); 1817 } 1818 1819 data.debug_level = ~0; 1820 1821 r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG; 1822 r.in.data = &data; 1823 1824 for (i=1;i<4;i++) { 1825 r.in.level = i; 1826 1827 torture_comment(tctx, "Testing LogonControl2 level %d function %d\n", 1828 i, r.in.function_code); 1829 1830 status = dcerpc_netr_LogonControl2(p, tctx, &r); 1831 torture_assert_ntstatus_ok(tctx, status, "LogonControl"); 1832 } 1833 1834 return true; 1835} 1836 1837/* 1838 try a netlogon DatabaseSync2 1839*/ 1840static bool test_DatabaseSync2(struct torture_context *tctx, 1841 struct dcerpc_pipe *p, 1842 struct cli_credentials *machine_credentials) 1843{ 1844 NTSTATUS status; 1845 struct netr_DatabaseSync2 r; 1846 struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL; 1847 struct netr_Authenticator return_authenticator, credential; 1848 1849 struct netlogon_creds_CredentialState *creds; 1850 const uint32_t database_ids[] = {0, 1, 2}; 1851 int i; 1852 1853 if (!test_SetupCredentials2(p, tctx, NETLOGON_NEG_AUTH2_FLAGS, 1854 machine_credentials, 1855 cli_credentials_get_secure_channel_type(machine_credentials), 1856 &creds)) { 1857 return false; 1858 } 1859 1860 ZERO_STRUCT(return_authenticator); 1861 1862 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 1863 r.in.computername = TEST_MACHINE_NAME; 1864 r.in.preferredmaximumlength = (uint32_t)-1; 1865 r.in.return_authenticator = &return_authenticator; 1866 r.out.return_authenticator = &return_authenticator; 1867 r.out.delta_enum_array = &delta_enum_array; 1868 1869 for (i=0;i<ARRAY_SIZE(database_ids);i++) { 1870 1871 uint32_t sync_context = 0; 1872 1873 r.in.database_id = database_ids[i]; 1874 r.in.sync_context = &sync_context; 1875 r.out.sync_context = &sync_context; 1876 r.in.restart_state = 0; 1877 1878 torture_comment(tctx, "Testing DatabaseSync2 of id %d\n", r.in.database_id); 1879 1880 do { 1881 netlogon_creds_client_authenticator(creds, &credential); 1882 1883 r.in.credential = &credential; 1884 1885 status = dcerpc_netr_DatabaseSync2(p, tctx, &r); 1886 if (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) 1887 break; 1888 1889 /* Native mode servers don't do this */ 1890 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) { 1891 return true; 1892 } 1893 1894 torture_assert_ntstatus_ok(tctx, status, "DatabaseSync2"); 1895 1896 if (!netlogon_creds_client_check(creds, &r.out.return_authenticator->cred)) { 1897 torture_comment(tctx, "Credential chaining failed\n"); 1898 } 1899 1900 } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)); 1901 } 1902 1903 return true; 1904} 1905 1906 1907/* 1908 try a netlogon LogonControl2Ex 1909*/ 1910static bool test_LogonControl2Ex(struct torture_context *tctx, 1911 struct dcerpc_pipe *p, 1912 struct cli_credentials *machine_credentials) 1913 1914{ 1915 NTSTATUS status; 1916 struct netr_LogonControl2Ex r; 1917 union netr_CONTROL_DATA_INFORMATION data; 1918 union netr_CONTROL_QUERY_INFORMATION query; 1919 int i; 1920 1921 data.domain = lp_workgroup(tctx->lp_ctx); 1922 1923 r.in.logon_server = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 1924 1925 r.in.function_code = NETLOGON_CONTROL_REDISCOVER; 1926 r.in.data = &data; 1927 r.out.query = &query; 1928 1929 for (i=1;i<4;i++) { 1930 r.in.level = i; 1931 1932 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n", 1933 i, r.in.function_code); 1934 1935 status = dcerpc_netr_LogonControl2Ex(p, tctx, &r); 1936 torture_assert_ntstatus_ok(tctx, status, "LogonControl"); 1937 } 1938 1939 data.domain = lp_workgroup(tctx->lp_ctx); 1940 1941 r.in.function_code = NETLOGON_CONTROL_TC_QUERY; 1942 r.in.data = &data; 1943 1944 for (i=1;i<4;i++) { 1945 r.in.level = i; 1946 1947 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n", 1948 i, r.in.function_code); 1949 1950 status = dcerpc_netr_LogonControl2Ex(p, tctx, &r); 1951 torture_assert_ntstatus_ok(tctx, status, "LogonControl"); 1952 } 1953 1954 data.domain = lp_workgroup(tctx->lp_ctx); 1955 1956 r.in.function_code = NETLOGON_CONTROL_TRANSPORT_NOTIFY; 1957 r.in.data = &data; 1958 1959 for (i=1;i<4;i++) { 1960 r.in.level = i; 1961 1962 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n", 1963 i, r.in.function_code); 1964 1965 status = dcerpc_netr_LogonControl2Ex(p, tctx, &r); 1966 torture_assert_ntstatus_ok(tctx, status, "LogonControl"); 1967 } 1968 1969 data.debug_level = ~0; 1970 1971 r.in.function_code = NETLOGON_CONTROL_SET_DBFLAG; 1972 r.in.data = &data; 1973 1974 for (i=1;i<4;i++) { 1975 r.in.level = i; 1976 1977 torture_comment(tctx, "Testing LogonControl2Ex level %d function %d\n", 1978 i, r.in.function_code); 1979 1980 status = dcerpc_netr_LogonControl2Ex(p, tctx, &r); 1981 torture_assert_ntstatus_ok(tctx, status, "LogonControl"); 1982 } 1983 1984 return true; 1985} 1986 1987static bool test_netr_DsRGetForestTrustInformation(struct torture_context *tctx, 1988 struct dcerpc_pipe *p, const char *trusted_domain_name) 1989{ 1990 NTSTATUS status; 1991 struct netr_DsRGetForestTrustInformation r; 1992 struct lsa_ForestTrustInformation info, *info_ptr; 1993 1994 info_ptr = &info; 1995 1996 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 1997 r.in.trusted_domain_name = trusted_domain_name; 1998 r.in.flags = 0; 1999 r.out.forest_trust_info = &info_ptr; 2000 2001 torture_comment(tctx ,"Testing netr_DsRGetForestTrustInformation\n"); 2002 2003 status = dcerpc_netr_DsRGetForestTrustInformation(p, tctx, &r); 2004 torture_assert_ntstatus_ok(tctx, status, "DsRGetForestTrustInformation"); 2005 torture_assert_werr_ok(tctx, r.out.result, "DsRGetForestTrustInformation"); 2006 2007 return true; 2008} 2009 2010/* 2011 try a netlogon netr_DsrEnumerateDomainTrusts 2012*/ 2013static bool test_DsrEnumerateDomainTrusts(struct torture_context *tctx, 2014 struct dcerpc_pipe *p) 2015{ 2016 NTSTATUS status; 2017 struct netr_DsrEnumerateDomainTrusts r; 2018 struct netr_DomainTrustList trusts; 2019 int i; 2020 2021 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 2022 r.in.trust_flags = 0x3f; 2023 r.out.trusts = &trusts; 2024 2025 status = dcerpc_netr_DsrEnumerateDomainTrusts(p, tctx, &r); 2026 torture_assert_ntstatus_ok(tctx, status, "DsrEnumerateDomaintrusts"); 2027 torture_assert_werr_ok(tctx, r.out.result, "DsrEnumerateDomaintrusts"); 2028 2029 /* when trusted_domain_name is NULL, netr_DsRGetForestTrustInformation 2030 * will show non-forest trusts and all UPN suffixes of the own forest 2031 * as LSA_FOREST_TRUST_TOP_LEVEL_NAME types */ 2032 2033 if (r.out.trusts->count) { 2034 if (!test_netr_DsRGetForestTrustInformation(tctx, p, NULL)) { 2035 return false; 2036 } 2037 } 2038 2039 for (i=0; i<r.out.trusts->count; i++) { 2040 2041 /* get info for transitive forest trusts */ 2042 2043 if (r.out.trusts->array[i].trust_attributes & NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) { 2044 if (!test_netr_DsRGetForestTrustInformation(tctx, p, 2045 r.out.trusts->array[i].dns_name)) { 2046 return false; 2047 } 2048 } 2049 } 2050 2051 return true; 2052} 2053 2054static bool test_netr_NetrEnumerateTrustedDomains(struct torture_context *tctx, 2055 struct dcerpc_pipe *p) 2056{ 2057 NTSTATUS status; 2058 struct netr_NetrEnumerateTrustedDomains r; 2059 struct netr_Blob trusted_domains_blob; 2060 2061 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 2062 r.out.trusted_domains_blob = &trusted_domains_blob; 2063 2064 status = dcerpc_netr_NetrEnumerateTrustedDomains(p, tctx, &r); 2065 torture_assert_ntstatus_ok(tctx, status, "netr_NetrEnumerateTrustedDomains"); 2066 torture_assert_werr_ok(tctx, r.out.result, "NetrEnumerateTrustedDomains"); 2067 2068 return true; 2069} 2070 2071static bool test_netr_NetrEnumerateTrustedDomainsEx(struct torture_context *tctx, 2072 struct dcerpc_pipe *p) 2073{ 2074 NTSTATUS status; 2075 struct netr_NetrEnumerateTrustedDomainsEx r; 2076 struct netr_DomainTrustList dom_trust_list; 2077 2078 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 2079 r.out.dom_trust_list = &dom_trust_list; 2080 2081 status = dcerpc_netr_NetrEnumerateTrustedDomainsEx(p, tctx, &r); 2082 torture_assert_ntstatus_ok(tctx, status, "netr_NetrEnumerateTrustedDomainsEx"); 2083 torture_assert_werr_ok(tctx, r.out.result, "NetrEnumerateTrustedDomainsEx"); 2084 2085 return true; 2086} 2087 2088 2089static bool test_netr_DsRGetSiteName(struct dcerpc_pipe *p, struct torture_context *tctx, 2090 const char *computer_name, 2091 const char *expected_site) 2092{ 2093 NTSTATUS status; 2094 struct netr_DsRGetSiteName r; 2095 const char *site = NULL; 2096 2097 if (torture_setting_bool(tctx, "samba4", false)) 2098 torture_skip(tctx, "skipping DsRGetSiteName test against Samba4"); 2099 2100 r.in.computer_name = computer_name; 2101 r.out.site = &site; 2102 torture_comment(tctx, "Testing netr_DsRGetSiteName\n"); 2103 2104 status = dcerpc_netr_DsRGetSiteName(p, tctx, &r); 2105 torture_assert_ntstatus_ok(tctx, status, "DsRGetSiteName"); 2106 torture_assert_werr_ok(tctx, r.out.result, "DsRGetSiteName"); 2107 torture_assert_str_equal(tctx, expected_site, site, "netr_DsRGetSiteName"); 2108 2109 r.in.computer_name = talloc_asprintf(tctx, "\\\\%s", computer_name); 2110 torture_comment(tctx, 2111 "Testing netr_DsRGetSiteName with broken computer name: %s\n", r.in.computer_name); 2112 2113 status = dcerpc_netr_DsRGetSiteName(p, tctx, &r); 2114 torture_assert_ntstatus_ok(tctx, status, "DsRGetSiteName"); 2115 torture_assert_werr_equal(tctx, r.out.result, WERR_INVALID_COMPUTERNAME, "netr_DsRGetSiteName"); 2116 2117 return true; 2118} 2119 2120/* 2121 try a netlogon netr_DsRGetDCName 2122*/ 2123static bool test_netr_DsRGetDCName(struct torture_context *tctx, 2124 struct dcerpc_pipe *p) 2125{ 2126 NTSTATUS status; 2127 struct netr_DsRGetDCName r; 2128 struct netr_DsRGetDCNameInfo *info = NULL; 2129 2130 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 2131 r.in.domain_name = talloc_asprintf(tctx, "%s", lp_realm(tctx->lp_ctx)); 2132 r.in.domain_guid = NULL; 2133 r.in.site_guid = NULL; 2134 r.in.flags = DS_RETURN_DNS_NAME; 2135 r.out.info = &info; 2136 2137 status = dcerpc_netr_DsRGetDCName(p, tctx, &r); 2138 torture_assert_ntstatus_ok(tctx, status, "DsRGetDCName"); 2139 torture_assert_werr_ok(tctx, r.out.result, "DsRGetDCName"); 2140 return test_netr_DsRGetSiteName(p, tctx, 2141 info->dc_unc, 2142 info->dc_site_name); 2143} 2144 2145/* 2146 try a netlogon netr_DsRGetDCNameEx 2147*/ 2148static bool test_netr_DsRGetDCNameEx(struct torture_context *tctx, 2149 struct dcerpc_pipe *p) 2150{ 2151 NTSTATUS status; 2152 struct netr_DsRGetDCNameEx r; 2153 struct netr_DsRGetDCNameInfo *info = NULL; 2154 2155 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 2156 r.in.domain_name = talloc_asprintf(tctx, "%s", lp_realm(tctx->lp_ctx)); 2157 r.in.domain_guid = NULL; 2158 r.in.site_name = NULL; 2159 r.in.flags = DS_RETURN_DNS_NAME; 2160 r.out.info = &info; 2161 2162 status = dcerpc_netr_DsRGetDCNameEx(p, tctx, &r); 2163 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx"); 2164 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx"); 2165 2166 return test_netr_DsRGetSiteName(p, tctx, info->dc_unc, 2167 info->dc_site_name); 2168} 2169 2170/* 2171 try a netlogon netr_DsRGetDCNameEx2 2172*/ 2173static bool test_netr_DsRGetDCNameEx2(struct torture_context *tctx, 2174 struct dcerpc_pipe *p) 2175{ 2176 NTSTATUS status; 2177 struct netr_DsRGetDCNameEx2 r; 2178 struct netr_DsRGetDCNameInfo *info = NULL; 2179 2180 r.in.server_unc = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 2181 r.in.client_account = NULL; 2182 r.in.mask = 0x00000000; 2183 r.in.domain_name = talloc_asprintf(tctx, "%s", lp_realm(tctx->lp_ctx)); 2184 r.in.domain_guid = NULL; 2185 r.in.site_name = NULL; 2186 r.in.flags = DS_RETURN_DNS_NAME; 2187 r.out.info = &info; 2188 2189 torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 without client account\n"); 2190 2191 status = dcerpc_netr_DsRGetDCNameEx2(p, tctx, &r); 2192 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2"); 2193 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2"); 2194 2195 torture_comment(tctx, "Testing netr_DsRGetDCNameEx2 with client acount\n"); 2196 r.in.client_account = TEST_MACHINE_NAME"$"; 2197 r.in.mask = ACB_SVRTRUST; 2198 r.in.flags = DS_RETURN_FLAT_NAME; 2199 r.out.info = &info; 2200 2201 status = dcerpc_netr_DsRGetDCNameEx2(p, tctx, &r); 2202 torture_assert_ntstatus_ok(tctx, status, "netr_DsRGetDCNameEx2"); 2203 torture_assert_werr_ok(tctx, r.out.result, "netr_DsRGetDCNameEx2"); 2204 return test_netr_DsRGetSiteName(p, tctx, info->dc_unc, 2205 info->dc_site_name); 2206} 2207 2208static bool test_netr_DsrGetDcSiteCoverageW(struct torture_context *tctx, 2209 struct dcerpc_pipe *p) 2210{ 2211 NTSTATUS status; 2212 struct netr_DsrGetDcSiteCoverageW r; 2213 struct DcSitesCtr *ctr = NULL; 2214 2215 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 2216 r.out.ctr = &ctr; 2217 2218 status = dcerpc_netr_DsrGetDcSiteCoverageW(p, tctx, &r); 2219 torture_assert_ntstatus_ok(tctx, status, "failed"); 2220 torture_assert_werr_ok(tctx, r.out.result, "failed"); 2221 2222 return true; 2223} 2224 2225static bool test_netr_DsRAddressToSitenamesW(struct torture_context *tctx, 2226 struct dcerpc_pipe *p) 2227{ 2228 NTSTATUS status; 2229 struct netr_DsRAddressToSitenamesW r; 2230 struct netr_DsRAddress addr; 2231 struct netr_DsRAddressToSitenamesWCtr *ctr; 2232 2233 ctr = talloc(tctx, struct netr_DsRAddressToSitenamesWCtr); 2234 2235 addr.size = 16; 2236 addr.buffer = talloc_zero_array(tctx, uint8_t, addr.size); 2237 2238 addr.buffer[0] = 2; /* AF_INET */ 2239 addr.buffer[4] = 127; 2240 addr.buffer[5] = 0; 2241 addr.buffer[6] = 0; 2242 addr.buffer[7] = 1; 2243 2244 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 2245 r.in.count = 1; 2246 r.in.addresses = talloc_zero_array(tctx, struct netr_DsRAddress, r.in.count); 2247 r.in.addresses[0] = addr; 2248 r.out.ctr = &ctr; 2249 2250 status = dcerpc_netr_DsRAddressToSitenamesW(p, tctx, &r); 2251 torture_assert_ntstatus_ok(tctx, status, "failed"); 2252 torture_assert_werr_ok(tctx, r.out.result, "failed"); 2253 2254 return true; 2255} 2256 2257static bool test_netr_DsRAddressToSitenamesExW(struct torture_context *tctx, 2258 struct dcerpc_pipe *p) 2259{ 2260 NTSTATUS status; 2261 struct netr_DsRAddressToSitenamesExW r; 2262 struct netr_DsRAddress addr; 2263 struct netr_DsRAddressToSitenamesExWCtr *ctr; 2264 2265 ctr = talloc(tctx, struct netr_DsRAddressToSitenamesExWCtr); 2266 2267 addr.size = 16; 2268 addr.buffer = talloc_zero_array(tctx, uint8_t, addr.size); 2269 2270 addr.buffer[0] = 2; /* AF_INET */ 2271 addr.buffer[4] = 127; 2272 addr.buffer[5] = 0; 2273 addr.buffer[6] = 0; 2274 addr.buffer[7] = 1; 2275 2276 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 2277 r.in.count = 1; 2278 r.in.addresses = talloc_zero_array(tctx, struct netr_DsRAddress, r.in.count); 2279 r.in.addresses[0] = addr; 2280 r.out.ctr = &ctr; 2281 2282 status = dcerpc_netr_DsRAddressToSitenamesExW(p, tctx, &r); 2283 torture_assert_ntstatus_ok(tctx, status, "failed"); 2284 torture_assert_werr_ok(tctx, r.out.result, "failed"); 2285 2286 return true; 2287} 2288 2289static bool test_netr_ServerGetTrustInfo(struct torture_context *tctx, 2290 struct dcerpc_pipe *p, 2291 struct cli_credentials *machine_credentials) 2292{ 2293 NTSTATUS status; 2294 struct netr_ServerGetTrustInfo r; 2295 2296 struct netr_Authenticator a; 2297 struct netr_Authenticator return_authenticator; 2298 struct samr_Password new_owf_password; 2299 struct samr_Password old_owf_password; 2300 struct netr_TrustInfo *trust_info; 2301 2302 struct netlogon_creds_CredentialState *creds; 2303 2304 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS, 2305 machine_credentials, &creds)) { 2306 return false; 2307 } 2308 2309 netlogon_creds_client_authenticator(creds, &a); 2310 2311 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 2312 r.in.account_name = talloc_asprintf(tctx, "%s$", TEST_MACHINE_NAME); 2313 r.in.secure_channel_type = cli_credentials_get_secure_channel_type(machine_credentials); 2314 r.in.computer_name = TEST_MACHINE_NAME; 2315 r.in.credential = &a; 2316 2317 r.out.return_authenticator = &return_authenticator; 2318 r.out.new_owf_password = &new_owf_password; 2319 r.out.old_owf_password = &old_owf_password; 2320 r.out.trust_info = &trust_info; 2321 2322 status = dcerpc_netr_ServerGetTrustInfo(p, tctx, &r); 2323 torture_assert_ntstatus_ok(tctx, status, "failed"); 2324 torture_assert(tctx, netlogon_creds_client_check(creds, &return_authenticator.cred), "Credential chaining failed"); 2325 2326 return true; 2327} 2328 2329 2330static bool test_GetDomainInfo(struct torture_context *tctx, 2331 struct dcerpc_pipe *p, 2332 struct cli_credentials *machine_credentials) 2333{ 2334 NTSTATUS status; 2335 struct netr_LogonGetDomainInfo r; 2336 struct netr_WorkstationInformation q1; 2337 struct netr_Authenticator a; 2338 struct netlogon_creds_CredentialState *creds; 2339 struct netr_OsVersion os; 2340 union netr_WorkstationInfo query; 2341 union netr_DomainInfo info; 2342 const char* const attrs[] = { "dNSHostName", "operatingSystem", 2343 "operatingSystemServicePack", "operatingSystemVersion", 2344 "servicePrincipalName", NULL }; 2345 char *url; 2346 struct ldb_context *sam_ctx = NULL; 2347 struct ldb_message **res; 2348 struct ldb_message_element *spn_el; 2349 int ret, i; 2350 char *version_str; 2351 const char *old_dnsname = NULL; 2352 char **spns = NULL; 2353 int num_spns = 0; 2354 char *temp_str; 2355 2356 torture_comment(tctx, "Testing netr_LogonGetDomainInfo\n"); 2357 2358 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS, 2359 machine_credentials, &creds)) { 2360 return false; 2361 } 2362 2363 /* We won't double-check this when we are over 'local' transports */ 2364 if (dcerpc_server_name(p)) { 2365 /* Set up connection to SAMDB on DC */ 2366 url = talloc_asprintf(tctx, "ldap://%s", dcerpc_server_name(p)); 2367 sam_ctx = ldb_wrap_connect(tctx, tctx->ev, tctx->lp_ctx, url, 2368 NULL, 2369 cmdline_credentials, 2370 0, NULL); 2371 2372 torture_assert(tctx, sam_ctx, "Connection to the SAMDB on DC failed!"); 2373 } 2374 2375 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 1st call (no variation of DNS hostname)\n"); 2376 netlogon_creds_client_authenticator(creds, &a); 2377 2378 ZERO_STRUCT(r); 2379 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 2380 r.in.computer_name = TEST_MACHINE_NAME; 2381 r.in.credential = &a; 2382 r.in.level = 1; 2383 r.in.return_authenticator = &a; 2384 r.in.query = &query; 2385 r.out.return_authenticator = &a; 2386 r.out.info = &info; 2387 2388 ZERO_STRUCT(os); 2389 os.os.MajorVersion = 123; 2390 os.os.MinorVersion = 456; 2391 os.os.BuildNumber = 789; 2392 os.os.CSDVersion = "Service Pack 10"; 2393 os.os.ServicePackMajor = 10; 2394 os.os.ServicePackMinor = 1; 2395 os.os.SuiteMask = NETR_VER_SUITE_SINGLEUSERTS; 2396 os.os.ProductType = NETR_VER_NT_SERVER; 2397 os.os.Reserved = 0; 2398 2399 version_str = talloc_asprintf(tctx, "%d.%d (%d)", os.os.MajorVersion, 2400 os.os.MinorVersion, os.os.BuildNumber); 2401 2402 ZERO_STRUCT(q1); 2403 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME, 2404 TEST_MACHINE_DNS_SUFFIX); 2405 q1.sitename = "Default-First-Site-Name"; 2406 q1.os_version.os = &os; 2407 q1.os_name.string = talloc_asprintf(tctx, 2408 "Tortured by Samba4 RPC-NETLOGON: %s", 2409 timestring(tctx, time(NULL))); 2410 2411 /* The workstation handles the "servicePrincipalName" and DNS hostname 2412 updates */ 2413 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE; 2414 2415 query.workstation_info = &q1; 2416 2417 if (sam_ctx) { 2418 /* Gets back the old DNS hostname in AD */ 2419 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs, 2420 "(sAMAccountName=%s$)", TEST_MACHINE_NAME); 2421 old_dnsname = 2422 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL); 2423 2424 /* Gets back the "servicePrincipalName"s in AD */ 2425 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName"); 2426 if (spn_el != NULL) { 2427 for (i=0; i < spn_el->num_values; i++) { 2428 spns = talloc_realloc(tctx, spns, char *, i + 1); 2429 spns[i] = (char *) spn_el->values[i].data; 2430 } 2431 num_spns = i; 2432 } 2433 } 2434 2435 status = dcerpc_netr_LogonGetDomainInfo(p, tctx, &r); 2436 torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo"); 2437 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed"); 2438 2439 msleep(250); 2440 2441 if (sam_ctx) { 2442 /* AD workstation infos entry check */ 2443 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs, 2444 "(sAMAccountName=%s$)", TEST_MACHINE_NAME); 2445 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?"); 2446 torture_assert_str_equal(tctx, 2447 ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL), 2448 q1.os_name.string, "'operatingSystem' wrong!"); 2449 torture_assert_str_equal(tctx, 2450 ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL), 2451 os.os.CSDVersion, "'operatingSystemServicePack' wrong!"); 2452 torture_assert_str_equal(tctx, 2453 ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL), 2454 version_str, "'operatingSystemVersion' wrong!"); 2455 2456 if (old_dnsname != NULL) { 2457 /* If before a DNS hostname was set then it should remain 2458 the same in combination with the "servicePrincipalName"s. 2459 The DNS hostname should also be returned by our 2460 "LogonGetDomainInfo" call (in the domain info structure). */ 2461 2462 torture_assert_str_equal(tctx, 2463 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL), 2464 old_dnsname, "'DNS hostname' was not set!"); 2465 2466 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName"); 2467 torture_assert(tctx, ((spns != NULL) && (spn_el != NULL)), 2468 "'servicePrincipalName's not set!"); 2469 torture_assert(tctx, spn_el->num_values == num_spns, 2470 "'servicePrincipalName's incorrect!"); 2471 for (i=0; (i < spn_el->num_values) && (i < num_spns); i++) 2472 torture_assert_str_equal(tctx, 2473 (char *) spn_el->values[i].data, 2474 spns[i], "'servicePrincipalName's incorrect!"); 2475 2476 torture_assert_str_equal(tctx, 2477 info.domain_info->dns_hostname.string, 2478 old_dnsname, 2479 "Out 'DNS hostname' doesn't match the old one!"); 2480 } else { 2481 /* If no DNS hostname was set then also now none should be set, 2482 the "servicePrincipalName"s should remain empty and no DNS 2483 hostname should be returned by our "LogonGetDomainInfo" 2484 call (in the domain info structure). */ 2485 2486 torture_assert(tctx, 2487 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL) == NULL, 2488 "'DNS hostname' was set!"); 2489 2490 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName"); 2491 torture_assert(tctx, ((spns == NULL) && (spn_el == NULL)), 2492 "'servicePrincipalName's were set!"); 2493 2494 torture_assert(tctx, 2495 info.domain_info->dns_hostname.string == NULL, 2496 "Out 'DNS host name' was set!"); 2497 } 2498 } 2499 2500 /* Checks "workstation flags" */ 2501 torture_assert(tctx, 2502 info.domain_info->workstation_flags 2503 == NETR_WS_FLAG_HANDLES_SPN_UPDATE, 2504 "Out 'workstation flags' don't match!"); 2505 2506 2507 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 2nd call (variation of DNS hostname)\n"); 2508 netlogon_creds_client_authenticator(creds, &a); 2509 2510 /* Wipe out the osVersion, and prove which values still 'stick' */ 2511 q1.os_version.os = NULL; 2512 2513 /* Change also the DNS hostname to test differences in behaviour */ 2514 q1.dns_hostname = talloc_asprintf(tctx, "%s.newdomain", 2515 TEST_MACHINE_NAME); 2516 2517 /* Let the DC handle the "servicePrincipalName" and DNS hostname 2518 updates */ 2519 q1.workstation_flags = 0; 2520 2521 status = dcerpc_netr_LogonGetDomainInfo(p, tctx, &r); 2522 torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo"); 2523 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed"); 2524 2525 msleep(250); 2526 2527 if (sam_ctx) { 2528 /* AD workstation infos entry check */ 2529 ret = gendb_search(sam_ctx, tctx, NULL, &res, attrs, 2530 "(sAMAccountName=%s$)", TEST_MACHINE_NAME); 2531 torture_assert(tctx, ret == 1, "Test machine account not found in SAMDB on DC! Has the workstation been joined?"); 2532 torture_assert_str_equal(tctx, 2533 ldb_msg_find_attr_as_string(res[0], "operatingSystem", NULL), 2534 q1.os_name.string, "'operatingSystem' should stick!"); 2535 torture_assert(tctx, 2536 ldb_msg_find_attr_as_string(res[0], "operatingSystemServicePack", NULL) == NULL, 2537 "'operatingSystemServicePack' shouldn't stick!"); 2538 torture_assert(tctx, 2539 ldb_msg_find_attr_as_string(res[0], "operatingSystemVersion", NULL) == NULL, 2540 "'operatingSystemVersion' shouldn't stick!"); 2541 2542 /* The DNS host name should have been updated now by the server */ 2543 torture_assert_str_equal(tctx, 2544 ldb_msg_find_attr_as_string(res[0], "dNSHostName", NULL), 2545 q1.dns_hostname, "'DNS host name' didn't change!"); 2546 2547 /* Find the two "servicePrincipalName"s which the DC should have been 2548 updated (HOST/<Netbios name> and HOST/<FQDN name>) - see MS-NRPC 2549 3.5.4.3.9 */ 2550 spn_el = ldb_msg_find_element(res[0], "servicePrincipalName"); 2551 torture_assert(tctx, spn_el != NULL, 2552 "There should exist 'servicePrincipalName's in AD!"); 2553 temp_str = talloc_asprintf(tctx, "HOST/%s", TEST_MACHINE_NAME); 2554 for (i=0; i < spn_el->num_values; i++) 2555 if (strcmp((char *) spn_el->values[i].data, temp_str) == 0) 2556 break; 2557 torture_assert(tctx, i != spn_el->num_values, 2558 "'servicePrincipalName' HOST/<Netbios name> not found!"); 2559 temp_str = talloc_asprintf(tctx, "HOST/%s", q1.dns_hostname); 2560 for (i=0; i < spn_el->num_values; i++) 2561 if (strcmp((char *) spn_el->values[i].data, temp_str) == 0) 2562 break; 2563 torture_assert(tctx, i != spn_el->num_values, 2564 "'servicePrincipalName' HOST/<FQDN name> not found!"); 2565 2566 /* Check that the out DNS hostname was set properly */ 2567 torture_assert_str_equal(tctx, info.domain_info->dns_hostname.string, 2568 old_dnsname, "Out 'DNS hostname' doesn't match the old one!"); 2569 } 2570 2571 /* Checks "workstation flags" */ 2572 torture_assert(tctx, 2573 info.domain_info->workstation_flags == 0, 2574 "Out 'workstation flags' don't match!"); 2575 2576 2577 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 3rd call (verification of DNS hostname and check for trusted domains)\n"); 2578 netlogon_creds_client_authenticator(creds, &a); 2579 2580 /* The workstation handles the "servicePrincipalName" and DNS hostname 2581 updates */ 2582 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE; 2583 2584 status = dcerpc_netr_LogonGetDomainInfo(p, tctx, &r); 2585 torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo"); 2586 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed"); 2587 2588 msleep(250); 2589 2590 /* Now the in/out DNS hostnames should be the same */ 2591 torture_assert_str_equal(tctx, 2592 info.domain_info->dns_hostname.string, 2593 query.workstation_info->dns_hostname, 2594 "In/Out 'DNS hostnames' don't match!"); 2595 2596 /* Checks "workstation flags" */ 2597 torture_assert(tctx, 2598 info.domain_info->workstation_flags 2599 == NETR_WS_FLAG_HANDLES_SPN_UPDATE, 2600 "Out 'workstation flags' don't match!"); 2601 2602 /* Checks for trusted domains */ 2603 torture_assert(tctx, 2604 (info.domain_info->trusted_domain_count != 0) 2605 && (info.domain_info->trusted_domains != NULL), 2606 "Trusted domains have been requested!"); 2607 2608 2609 torture_comment(tctx, "Testing netr_LogonGetDomainInfo 4th call (check for trusted domains)\n"); 2610 netlogon_creds_client_authenticator(creds, &a); 2611 2612 /* The workstation handles the "servicePrincipalName" and DNS hostname 2613 updates and requests inbound trusts */ 2614 q1.workstation_flags = NETR_WS_FLAG_HANDLES_SPN_UPDATE 2615 | NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS; 2616 2617 status = dcerpc_netr_LogonGetDomainInfo(p, tctx, &r); 2618 torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo"); 2619 torture_assert(tctx, netlogon_creds_client_check(creds, &a.cred), "Credential chaining failed"); 2620 2621 msleep(250); 2622 2623 /* Checks "workstation flags" */ 2624 torture_assert(tctx, 2625 info.domain_info->workstation_flags 2626 == (NETR_WS_FLAG_HANDLES_SPN_UPDATE 2627 | NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS), 2628 "Out 'workstation flags' don't match!"); 2629 2630 /* Checks for trusted domains */ 2631 torture_assert(tctx, 2632 (info.domain_info->trusted_domain_count != 0) 2633 && (info.domain_info->trusted_domains != NULL), 2634 "Trusted domains have been requested!"); 2635 2636 return true; 2637} 2638 2639 2640static void async_callback(struct rpc_request *req) 2641{ 2642 int *counter = (int *)req->async.private_data; 2643 if (NT_STATUS_IS_OK(req->status)) { 2644 (*counter)++; 2645 } 2646} 2647 2648static bool test_GetDomainInfo_async(struct torture_context *tctx, 2649 struct dcerpc_pipe *p, 2650 struct cli_credentials *machine_credentials) 2651{ 2652 NTSTATUS status; 2653 struct netr_LogonGetDomainInfo r; 2654 struct netr_WorkstationInformation q1; 2655 struct netr_Authenticator a; 2656#define ASYNC_COUNT 100 2657 struct netlogon_creds_CredentialState *creds; 2658 struct netlogon_creds_CredentialState *creds_async[ASYNC_COUNT]; 2659 struct rpc_request *req[ASYNC_COUNT]; 2660 int i; 2661 int *async_counter = talloc(tctx, int); 2662 union netr_WorkstationInfo query; 2663 union netr_DomainInfo info; 2664 2665 torture_comment(tctx, "Testing netr_LogonGetDomainInfo - async count %d\n", ASYNC_COUNT); 2666 2667 if (!test_SetupCredentials3(p, tctx, NETLOGON_NEG_AUTH2_ADS_FLAGS, 2668 machine_credentials, &creds)) { 2669 return false; 2670 } 2671 2672 ZERO_STRUCT(r); 2673 r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); 2674 r.in.computer_name = TEST_MACHINE_NAME; 2675 r.in.credential = &a; 2676 r.in.level = 1; 2677 r.in.return_authenticator = &a; 2678 r.in.query = &query; 2679 r.out.return_authenticator = &a; 2680 r.out.info = &info; 2681 2682 ZERO_STRUCT(q1); 2683 q1.dns_hostname = talloc_asprintf(tctx, "%s.%s", TEST_MACHINE_NAME, 2684 TEST_MACHINE_DNS_SUFFIX); 2685 q1.sitename = "Default-First-Site-Name"; 2686 q1.os_name.string = "UNIX/Linux or similar"; 2687 2688 query.workstation_info = &q1; 2689 2690 *async_counter = 0; 2691 2692 for (i=0;i<ASYNC_COUNT;i++) { 2693 netlogon_creds_client_authenticator(creds, &a); 2694 2695 creds_async[i] = (struct netlogon_creds_CredentialState *)talloc_memdup(creds, creds, sizeof(*creds)); 2696 req[i] = dcerpc_netr_LogonGetDomainInfo_send(p, tctx, &r); 2697 2698 req[i]->async.callback = async_callback; 2699 req[i]->async.private_data = async_counter; 2700 2701 /* even with this flush per request a w2k3 server seems to 2702 clag with multiple outstanding requests. bleergh. */ 2703 torture_assert_int_equal(tctx, event_loop_once(dcerpc_event_context(p)), 0, 2704 "event_loop_once failed"); 2705 } 2706 2707 for (i=0;i<ASYNC_COUNT;i++) { 2708 status = dcerpc_ndr_request_recv(req[i]); 2709 2710 torture_assert_ntstatus_ok(tctx, status, "netr_LogonGetDomainInfo_async"); 2711 torture_assert_ntstatus_ok(tctx, r.out.result, "netr_LogonGetDomainInfo_async"); 2712 2713 torture_assert(tctx, netlogon_creds_client_check(creds_async[i], &a.cred), 2714 "Credential chaining failed at async"); 2715 } 2716 2717 torture_comment(tctx, 2718 "Testing netr_LogonGetDomainInfo - async count %d OK\n", *async_counter); 2719 2720 torture_assert_int_equal(tctx, (*async_counter), ASYNC_COUNT, "int"); 2721 2722 return true; 2723} 2724 2725static bool test_ManyGetDCName(struct torture_context *tctx, 2726 struct dcerpc_pipe *p) 2727{ 2728 NTSTATUS status; 2729 struct dcerpc_pipe *p2; 2730 struct lsa_ObjectAttribute attr; 2731 struct lsa_QosInfo qos; 2732 struct lsa_OpenPolicy2 o; 2733 struct policy_handle lsa_handle; 2734 struct lsa_DomainList domains; 2735 2736 struct lsa_EnumTrustDom t; 2737 uint32_t resume_handle = 0; 2738 struct netr_GetAnyDCName d; 2739 const char *dcname = NULL; 2740 2741 int i; 2742 2743 if (p->conn->transport.transport != NCACN_NP) { 2744 return true; 2745 } 2746 2747 torture_comment(tctx, "Torturing GetDCName\n"); 2748 2749 status = dcerpc_secondary_connection(p, &p2, p->binding); 2750 torture_assert_ntstatus_ok(tctx, status, "Failed to create secondary connection"); 2751 2752 status = dcerpc_bind_auth_none(p2, &ndr_table_lsarpc); 2753 torture_assert_ntstatus_ok(tctx, status, "Failed to create bind on secondary connection"); 2754 2755 qos.len = 0; 2756 qos.impersonation_level = 2; 2757 qos.context_mode = 1; 2758 qos.effective_only = 0; 2759 2760 attr.len = 0; 2761 attr.root_dir = NULL; 2762 attr.object_name = NULL; 2763 attr.attributes = 0; 2764 attr.sec_desc = NULL; 2765 attr.sec_qos = &qos; 2766 2767 o.in.system_name = "\\"; 2768 o.in.attr = &attr; 2769 o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; 2770 o.out.handle = &lsa_handle; 2771 2772 status = dcerpc_lsa_OpenPolicy2(p2, tctx, &o); 2773 torture_assert_ntstatus_ok(tctx, status, "OpenPolicy2 failed"); 2774 2775 t.in.handle = &lsa_handle; 2776 t.in.resume_handle = &resume_handle; 2777 t.in.max_size = 1000; 2778 t.out.domains = &domains; 2779 t.out.resume_handle = &resume_handle; 2780 2781 status = dcerpc_lsa_EnumTrustDom(p2, tctx, &t); 2782 2783 if ((!NT_STATUS_IS_OK(status) && 2784 (!NT_STATUS_EQUAL(status, NT_STATUS_NO_MORE_ENTRIES)))) 2785 torture_fail(tctx, "Could not list domains"); 2786 2787 talloc_free(p2); 2788 2789 d.in.logon_server = talloc_asprintf(tctx, "\\\\%s", 2790 dcerpc_server_name(p)); 2791 d.out.dcname = &dcname; 2792 2793 for (i=0; i<domains.count * 4; i++) { 2794 struct lsa_DomainInfo *info = 2795 &domains.domains[rand()%domains.count]; 2796 2797 d.in.domainname = info->name.string; 2798 2799 status = dcerpc_netr_GetAnyDCName(p, tctx, &d); 2800 torture_assert_ntstatus_ok(tctx, status, "GetAnyDCName"); 2801 2802 torture_comment(tctx, "\tDC for domain %s is %s\n", info->name.string, 2803 dcname ? dcname : "unknown"); 2804 } 2805 2806 return true; 2807} 2808 2809static bool test_SetPassword_with_flags(struct torture_context *tctx, 2810 struct dcerpc_pipe *p, 2811 struct cli_credentials *machine_credentials) 2812{ 2813 uint32_t flags[] = { 0, NETLOGON_NEG_STRONG_KEYS }; 2814 struct netlogon_creds_CredentialState *creds; 2815 int i; 2816 2817 if (!test_SetupCredentials2(p, tctx, 0, 2818 machine_credentials, 2819 cli_credentials_get_secure_channel_type(machine_credentials), 2820 &creds)) { 2821 torture_skip(tctx, "DC does not support negotiation of 64bit session keys"); 2822 } 2823 2824 for (i=0; i < ARRAY_SIZE(flags); i++) { 2825 torture_assert(tctx, 2826 test_SetPassword_flags(tctx, p, machine_credentials, flags[i]), 2827 talloc_asprintf(tctx, "failed to test SetPassword negotiating with 0x%08x flags", flags[i])); 2828 } 2829 2830 return true; 2831} 2832 2833struct torture_suite *torture_rpc_netlogon(TALLOC_CTX *mem_ctx) 2834{ 2835 struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON"); 2836 struct torture_rpc_tcase *tcase; 2837 struct torture_test *test; 2838 2839 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon", 2840 &ndr_table_netlogon, TEST_MACHINE_NAME); 2841 2842 torture_rpc_tcase_add_test(tcase, "LogonUasLogon", test_LogonUasLogon); 2843 torture_rpc_tcase_add_test(tcase, "LogonUasLogoff", test_LogonUasLogoff); 2844 torture_rpc_tcase_add_test_creds(tcase, "SamLogon", test_SamLogon); 2845 torture_rpc_tcase_add_test_creds(tcase, "SetPassword", test_SetPassword); 2846 torture_rpc_tcase_add_test_creds(tcase, "SetPassword2", test_SetPassword2); 2847 torture_rpc_tcase_add_test_creds(tcase, "GetPassword", test_GetPassword); 2848 torture_rpc_tcase_add_test_creds(tcase, "GetTrustPasswords", test_GetTrustPasswords); 2849 torture_rpc_tcase_add_test_creds(tcase, "GetDomainInfo", test_GetDomainInfo); 2850 torture_rpc_tcase_add_test_creds(tcase, "DatabaseSync", test_DatabaseSync); 2851 torture_rpc_tcase_add_test_creds(tcase, "DatabaseDeltas", test_DatabaseDeltas); 2852 torture_rpc_tcase_add_test_creds(tcase, "DatabaseRedo", test_DatabaseRedo); 2853 torture_rpc_tcase_add_test_creds(tcase, "AccountDeltas", test_AccountDeltas); 2854 torture_rpc_tcase_add_test_creds(tcase, "AccountSync", test_AccountSync); 2855 torture_rpc_tcase_add_test(tcase, "GetDcName", test_GetDcName); 2856 torture_rpc_tcase_add_test(tcase, "ManyGetDCName", test_ManyGetDCName); 2857 torture_rpc_tcase_add_test(tcase, "GetAnyDCName", test_GetAnyDCName); 2858 torture_rpc_tcase_add_test_creds(tcase, "DatabaseSync2", test_DatabaseSync2); 2859 torture_rpc_tcase_add_test(tcase, "DsrEnumerateDomainTrusts", test_DsrEnumerateDomainTrusts); 2860 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomains", test_netr_NetrEnumerateTrustedDomains); 2861 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomainsEx", test_netr_NetrEnumerateTrustedDomainsEx); 2862 test = torture_rpc_tcase_add_test_creds(tcase, "GetDomainInfo_async", test_GetDomainInfo_async); 2863 test->dangerous = true; 2864 torture_rpc_tcase_add_test(tcase, "DsRGetDCName", test_netr_DsRGetDCName); 2865 torture_rpc_tcase_add_test(tcase, "DsRGetDCNameEx", test_netr_DsRGetDCNameEx); 2866 torture_rpc_tcase_add_test(tcase, "DsRGetDCNameEx2", test_netr_DsRGetDCNameEx2); 2867 torture_rpc_tcase_add_test(tcase, "DsrGetDcSiteCoverageW", test_netr_DsrGetDcSiteCoverageW); 2868 torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesW", test_netr_DsRAddressToSitenamesW); 2869 torture_rpc_tcase_add_test(tcase, "DsRAddressToSitenamesExW", test_netr_DsRAddressToSitenamesExW); 2870 torture_rpc_tcase_add_test_creds(tcase, "ServerGetTrustInfo", test_netr_ServerGetTrustInfo); 2871 2872 return suite; 2873} 2874 2875struct torture_suite *torture_rpc_netlogon_s3(TALLOC_CTX *mem_ctx) 2876{ 2877 struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON-S3"); 2878 struct torture_rpc_tcase *tcase; 2879 2880 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon", 2881 &ndr_table_netlogon, TEST_MACHINE_NAME); 2882 2883 torture_rpc_tcase_add_test_creds(tcase, "SamLogon", test_SamLogon); 2884 torture_rpc_tcase_add_test_creds(tcase, "SetPassword", test_SetPassword); 2885 torture_rpc_tcase_add_test_creds(tcase, "SetPassword_with_flags", test_SetPassword_with_flags); 2886 torture_rpc_tcase_add_test_creds(tcase, "SetPassword2", test_SetPassword2); 2887 torture_rpc_tcase_add_test(tcase, "NetrEnumerateTrustedDomains", test_netr_NetrEnumerateTrustedDomains); 2888 2889 return suite; 2890} 2891 2892struct torture_suite *torture_rpc_netlogon_admin(TALLOC_CTX *mem_ctx) 2893{ 2894 struct torture_suite *suite = torture_suite_create(mem_ctx, "NETLOGON-ADMIN"); 2895 struct torture_rpc_tcase *tcase; 2896 2897 tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "netlogon", 2898 &ndr_table_netlogon, TEST_MACHINE_NAME); 2899 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl); 2900 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2); 2901 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex); 2902 2903 tcase = torture_suite_add_machine_workstation_rpc_iface_tcase(suite, "netlogon", 2904 &ndr_table_netlogon, TEST_MACHINE_NAME); 2905 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl); 2906 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2); 2907 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex); 2908 2909 tcase = torture_suite_add_rpc_iface_tcase(suite, "netlogon", 2910 &ndr_table_netlogon); 2911 torture_rpc_tcase_add_test_creds(tcase, "LogonControl", test_LogonControl); 2912 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2", test_LogonControl2); 2913 torture_rpc_tcase_add_test_creds(tcase, "LogonControl2Ex", test_LogonControl2Ex); 2914 2915 return suite; 2916} 2917