summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2005-03-18 03:16:53 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:11:06 -0500
commit00ac91fa29588fff203a25f9cb916169884ad89d (patch)
tree955db8147e3b10b8d297b0f5d13dc85571fe67c8
parentd4c0da18a732d5d437eb1f0d9dd3279ef8cda649 (diff)
downloadsamba-00ac91fa29588fff203a25f9cb916169884ad89d.tar.gz
samba-00ac91fa29588fff203a25f9cb916169884ad89d.tar.bz2
samba-00ac91fa29588fff203a25f9cb916169884ad89d.zip
r5876: Add a test account for the duration of the samsync - to ensure we have
a good variety of things to test against. Add code to testjoin to handle this just like test machine accounts Soon I'll remove the 'must change password' flag, so we can do logins with it. Andrew Bartlett (This used to be commit 08b47e2dc067f7e4a52b982d358ff1b0209cc1df)
-rw-r--r--source4/torture/rpc/samsync.c13
-rw-r--r--source4/torture/rpc/testjoin.c68
2 files changed, 62 insertions, 19 deletions
diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c
index 35d36e9bf8..2f9b01ea10 100644
--- a/source4/torture/rpc/samsync.c
+++ b/source4/torture/rpc/samsync.c
@@ -31,6 +31,7 @@
#define TEST_MACHINE_NAME "samsynctest"
#define TEST_MACHINE_NAME2 "samsynctest2"
+#define TEST_USER_NAME "samsynctestuser"
/*
try a netlogon SamLogon
@@ -787,7 +788,7 @@ static BOOL samsync_handle_secret(TALLOC_CTX *mem_ctx, struct samsync_state *sam
status = sess_decrypt_blob(mem_ctx, &lsa_blob1, &session_key, &lsa_blob_out);
if (!NT_STATUS_IS_OK(status)) {
- printf("Failed to decrypt secrets OLD blob\n");
+ printf("Failed to decrypt secrets OLD blob: %s\n", nt_errstr(status));
return False;
}
@@ -1281,6 +1282,7 @@ BOOL torture_rpc_samsync(void)
BOOL ret = True;
struct test_join *join_ctx;
struct test_join *join_ctx2;
+ struct test_join *user_ctx;
const char *machine_password;
const char *machine_password2;
const char *binding = lp_parm_string(-1, "torture", "binding");
@@ -1312,6 +1314,14 @@ BOOL torture_rpc_samsync(void)
return False;
}
+ user_ctx = torture_create_testuser(TEST_USER_NAME,
+ lp_workgroup(),
+ ACB_NORMAL, NULL);
+ if (!user_ctx) {
+ printf("Failed to create test account\n");
+ return False;
+ }
+
samsync_state = talloc_zero(mem_ctx, struct samsync_state);
samsync_state->p_samr = torture_join_samr_pipe(join_ctx);
@@ -1469,6 +1479,7 @@ failed:
torture_leave_domain(join_ctx);
torture_leave_domain(join_ctx2);
+ torture_leave_domain(user_ctx);
talloc_free(mem_ctx);
diff --git a/source4/torture/rpc/testjoin.c b/source4/torture/rpc/testjoin.c
index 3921afb074..891bbcaf10 100644
--- a/source4/torture/rpc/testjoin.c
+++ b/source4/torture/rpc/testjoin.c
@@ -27,10 +27,10 @@
#include "includes.h"
#include "librpc/gen_ndr/ndr_samr.h"
+#include "system/time.h"
struct test_join {
struct dcerpc_pipe *p;
- const char *machine_password;
struct policy_handle user_handle;
};
@@ -81,14 +81,15 @@ static NTSTATUS DeleteUser_byname(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
}
/*
- join the domain as a test machine
+ create a test user in the domain
an opaque pointer is returned. Pass it to torture_leave_domain()
when finished
*/
-struct test_join *torture_join_domain(const char *machine_name,
- const char *domain,
- uint16_t acct_flags,
- const char **machine_password)
+
+struct test_join *torture_create_testuser(const char *username,
+ const char *domain,
+ uint16_t acct_type,
+ const char **random_password)
{
NTSTATUS status;
struct samr_Connect c;
@@ -104,8 +105,12 @@ struct test_join *torture_join_domain(const char *machine_name,
uint32_t rid;
DATA_BLOB session_key;
struct samr_String name;
+ struct samr_String comment;
+ struct samr_String full_name;
+
int policy_min_pw_len = 0;
struct test_join *join;
+ char *random_pw;
join = talloc(NULL, struct test_join);
if (join == NULL) {
@@ -161,13 +166,13 @@ struct test_join *torture_join_domain(const char *machine_name,
goto failed;
}
- printf("Creating machine account %s\n", machine_name);
+ printf("Creating account %s\n", username);
again:
- name.string = talloc_asprintf(join, "%s$", machine_name);
+ name.string = username;
r.in.domain_handle = &domain_handle;
r.in.account_name = &name;
- r.in.acct_flags = acct_flags;
+ r.in.acct_flags = acct_type;
r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
r.out.user_handle = &join->user_handle;
r.out.access_granted = &access_granted;
@@ -194,16 +199,16 @@ again:
policy_min_pw_len = pwp.out.info.min_password_length;
}
- join->machine_password = generate_random_str(join, MAX(8, policy_min_pw_len));
+ random_pw = generate_random_str(join, MAX(8, policy_min_pw_len));
- printf("Setting machine account password '%s'\n", join->machine_password);
+ printf("Setting account password '%s'\n", random_pw);
s.in.user_handle = &join->user_handle;
s.in.info = &u;
s.in.level = 24;
- encode_pw_buffer(u.info24.password.data, join->machine_password, STR_UNICODE);
- u.info24.pw_len = strlen(join->machine_password);
+ encode_pw_buffer(u.info24.password.data, random_pw, STR_UNICODE);
+ u.info24.pw_len = strlen(random_pw);
status = dcerpc_fetch_session_key(join->p, &session_key);
if (!NT_STATUS_IS_OK(status)) {
@@ -221,13 +226,23 @@ again:
goto failed;
}
+ ZERO_STRUCT(u);
s.in.user_handle = &join->user_handle;
s.in.info = &u;
- s.in.level = 16;
+ s.in.level = 21;
- u.info16.acct_flags = acct_flags;
+ u.info21.acct_flags = acct_type;
+ u.info21.fields_present = SAMR_FIELD_ACCT_FLAGS | SAMR_FIELD_COMMENT | SAMR_FIELD_FULL_NAME;
+ comment.string = talloc_asprintf(join,
+ "Tortured by Samba4: %s",
+ timestring(join, time(NULL)));
+ u.info21.comment = comment;
+ full_name.string = talloc_asprintf(join,
+ "Torture account for Samba4: %s",
+ timestring(join, time(NULL)));
+ u.info21.full_name = full_name;
- printf("Resetting ACB flags\n");
+ printf("Resetting ACB flags, force pw change time\n");
status = dcerpc_samr_SetUserInfo(join->p, join, &s);
if (!NT_STATUS_IS_OK(status)) {
@@ -235,8 +250,8 @@ again:
goto failed;
}
- if (machine_password) {
- *machine_password = join->machine_password;
+ if (random_password) {
+ *random_password = random_pw;
}
return join;
@@ -246,11 +261,28 @@ failed:
return NULL;
}
+
+struct test_join *torture_join_domain(const char *machine_name,
+ const char *domain,
+ uint16_t acct_flags,
+ const char **machine_password)
+{
+ char *username = talloc_asprintf(NULL, "%s$", machine_name);
+ struct test_join *tj = torture_create_testuser(username, domain, acct_flags, machine_password);
+ talloc_free(username);
+ return tj;
+}
+
struct dcerpc_pipe *torture_join_samr_pipe(struct test_join *join)
{
return join->p;
}
+struct policy_handle *torture_join_samr_user_policy(struct test_join *join)
+{
+ return &join->user_handle;
+}
+
/*
leave the domain, deleting the machine acct
*/