diff options
author | Stefan Metzmacher <metze@samba.org> | 2006-12-01 17:30:41 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:28:43 -0500 |
commit | eb7187a9947831eac9da39fa0e9c693e5c6eb094 (patch) | |
tree | 7cfc03fb72817cd9b5544502e57c144d18064790 | |
parent | 61cb5f807e3d0a3bbffbc317c882517c724c35da (diff) | |
download | samba-eb7187a9947831eac9da39fa0e9c693e5c6eb094.tar.gz samba-eb7187a9947831eac9da39fa0e9c693e5c6eb094.tar.bz2 samba-eb7187a9947831eac9da39fa0e9c693e5c6eb094.zip |
r19987: some more notes about how to w2k3 becomes a dc
the strange thing is the DsGetNCChanges() calls are on their on DRSUAPI
connection, but use a bind_handle (policy handle from another connection)
metze
(This used to be commit a9c7d6e7f353e85234b93f26973969b157b1e7f1)
-rw-r--r-- | source4/torture/rpc/testjoin.c | 68 |
1 files changed, 54 insertions, 14 deletions
diff --git a/source4/torture/rpc/testjoin.c b/source4/torture/rpc/testjoin.c index 690388f668..9c3dc6a655 100644 --- a/source4/torture/rpc/testjoin.c +++ b/source4/torture/rpc/testjoin.c @@ -621,28 +621,59 @@ struct test_join_ads_dc *torture_join_domain_ads_dc(const char *machine_name, */ /* W2K3: */ + /* + * lookup DC: + * - using nbt name<1C> request and a samlogon mailslot request + * or + * - using a DNS SRV _ldap._tcp.dc._msdcs. request and a CLDAP netlogon request + */ + /* + * Open 1st LDAP connection to the DC using admin credentials + */ - /* DsAddEntry to create the CN=NTDS Settings,CN=<machine_name>,CN=Servers,CN=Default-First-Site-Name, ... - * +/* ... */ + + /* + * Open 1st DRSUAPI connection to the DC using admin credentials + * DsBind with DRSUAPI_DS_BIND_GUID_W2K3 ("6afab99c-6e26-464a-975f-f58f105218bc") + * (w2k3 does 2 DsBind() calls here..., where is first is unused and contains garbage at the end) */ - /* replicate CN=Schema,CN=Configuration,... - * using DRSUAPI_DS_BIND_GUID_W2K3 ("6afab99c-6e26-464a-975f-f58f105218bc") - * + /* + * DsAddEntry to create the CN=NTDS Settings,CN=<machine_name>,CN=Servers,CN=Default-First-Site-Name, ... + * on the 1st DRSUAPI connection */ - /* replicate CN=Configuration,... - * using DRSUAPI_DS_BIND_GUID_W2K3 ("6afab99c-6e26-464a-975f-f58f105218bc") - * + /* + * Open 2nd and 3rd DRSUAPI connection to the DC using admin credentials + * - a DsBind with DRSUAPI_DS_BIND_GUID_W2K3 ("6afab99c-6e26-464a-975f-f58f105218bc") + * on the 2nd connection + */ + + /* + * replicate CN=Schema,CN=Configuration,... + * on the 3rd DRSUAPI connection and the bind_handle from the 2nd connection */ - /* W2K3: modify userAccountControl from 4096 to 532480 */ + /* + * replicate CN=Configuration,... + * on the 3rd DRSUAPI connection and the bind_handle from the 2nd connection + */ + + /* + * LDAP unbind in the 1st LDAP connection + */ + + /* + * Open 2nd LDAP connection to the DC using admin credentials + */ + /* ldap modify userAccountControl from 4096 to 532480 */ - /* W2K3: modify RDN to OU=Domain Controllers and skip the $ from server name */ + /* ldap modify RDN to OU=Domain Controllers and skip the $ from server name */ - /* replicate Domain Partition - * using DRSUAPI_DS_BIND_GUID_W2K3 ("6afab99c-6e26-464a-975f-f58f105218bc") - * + /* + * replicate Domain Partition + * on the 3rd DRSUAPI connection and the bind_handle from the 2nd connection */ /* call DsReplicaUpdateRefs() for all partitions like this: @@ -662,12 +693,21 @@ struct test_join_ads_dc *torture_join_domain_ads_dc(const char *machine_name, * 0: DRSUAPI_DS_REPLICA_UPDATE_WRITEABLE * 1: DRSUAPI_DS_REPLICA_UPDATE_ADD_REFERENCE * 1: DRSUAPI_DS_REPLICA_UPDATE_DELETE_REFERENCE - * 1: DRSUAPI_DS_REPLICA_UPDATE_0x00000010 + * 1: DRSUAPI_DS_REPLICA_UPDATE_0x00000010 * * 4a0df188-a0b8-47ea-bbe5-e614723f16dd is the objectGUID the DsAddEntry() returned for the * CN=NTDS Settings,CN=<machine_name>,CN=Servers,CN=Default-First-Site-Name, ... + * on the 2nd!!! DRSUAPI connection */ + /* + * Windows does opens the 4th and 5th DRSUAPI connection... + * and does a DsBind() with the objectGUID from DsAddEntry() as bind_guid + * on the 4th connection + * + * and then 2 full replications of the domain partition on the 5th connection + * with the bind_handle from the 4th connection + */ return join; } |