summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2006-12-21 00:53:38 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:29:34 -0500
commit03b05b9400d65efa2a0ad2a93adc8038df1e59af (patch)
tree884cd69ea88c785890be6a989ce272b9f8806ecd
parentc51289fc9bf4a7094c9bc6a0b863a3d3597a61a6 (diff)
downloadsamba-03b05b9400d65efa2a0ad2a93adc8038df1e59af.tar.gz
samba-03b05b9400d65efa2a0ad2a93adc8038df1e59af.tar.bz2
samba-03b05b9400d65efa2a0ad2a93adc8038df1e59af.zip
r20297: Finally got to the bottom of why we were failing the RPC-CRACKNAMES
test against my win2k3 domain. I have a child domain, and as such the BUILTIN domain SID appears multiple times in the tree, and is therefore not unique. Andrew Bartlett (This used to be commit 41e42843be783dd88785ba8d3a9bccacc68053a8)
-rw-r--r--source4/torture/rpc/drsuapi_cracknames.c40
1 files changed, 29 insertions, 11 deletions
diff --git a/source4/torture/rpc/drsuapi_cracknames.c b/source4/torture/rpc/drsuapi_cracknames.c
index a12e5d88fb..f8a6a48c95 100644
--- a/source4/torture/rpc/drsuapi_cracknames.c
+++ b/source4/torture/rpc/drsuapi_cracknames.c
@@ -425,6 +425,7 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
const char *str;
const char *expected_str;
enum drsuapi_DsNameStatus status;
+ enum drsuapi_DsNameStatus alternate_status;
enum drsuapi_DsNameFlags flags;
} crack[] = {
{
@@ -543,7 +544,8 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
.str = "CN=Microsoft Corporation,L=Redmond,S=Washington,C=US",
.comment = "display name for Microsoft Support Account",
- .status = DRSUAPI_DS_NAME_STATUS_OK
+ .status = DRSUAPI_DS_NAME_STATUS_OK,
+ .alternate_status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
},
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
@@ -626,7 +628,8 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
.comment = "Looking for the kadmin/changepw service as a serivce principal",
.str = talloc_asprintf(mem_ctx, "kadmin/changepw"),
.status = DRSUAPI_DS_NAME_STATUS_OK,
- .expected_str = talloc_asprintf(mem_ctx, "CN=krbtgt,CN=Users,%s", realm_dn_str)
+ .expected_str = talloc_asprintf(mem_ctx, "CN=krbtgt,CN=Users,%s", realm_dn_str),
+ .alternate_status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
},
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
@@ -752,7 +755,8 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
.format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
.comment = "BUITIN SID -> NT4 account",
.str = SID_BUILTIN,
- .status = DRSUAPI_DS_NAME_STATUS_NO_MAPPING
+ .status = DRSUAPI_DS_NAME_STATUS_NO_MAPPING,
+ .alternate_status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
},
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
@@ -760,21 +764,24 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
.str = SID_BUILTIN,
.comment = "Builtin Domain SID -> DN",
.status = DRSUAPI_DS_NAME_STATUS_OK,
- .expected_str = talloc_asprintf(mem_ctx, "CN=Builtin,%s", realm_dn_str)
+ .expected_str = talloc_asprintf(mem_ctx, "CN=Builtin,%s", realm_dn_str),
+ .alternate_status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
},
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
.str = SID_BUILTIN_ADMINISTRATORS,
.comment = "Builtin Administrors SID -> DN",
- .status = DRSUAPI_DS_NAME_STATUS_OK
+ .status = DRSUAPI_DS_NAME_STATUS_OK,
+ .alternate_status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
},
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
.format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
.str = SID_BUILTIN_ADMINISTRATORS,
.comment = "Builtin Administrors SID -> NT4 Account",
- .status = DRSUAPI_DS_NAME_STATUS_OK
+ .status = DRSUAPI_DS_NAME_STATUS_OK,
+ .alternate_status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
},
{
.format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
@@ -826,11 +833,22 @@ BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
ret = False;
} else if (r.out.ctr.ctr1->array[0].status != crack[i].status) {
- printf("DsCrackNames unexpected status %d, wanted %d on name: %s\n",
- r.out.ctr.ctr1->array[0].status,
- crack[i].status,
- crack[i].str);
- ret = False;
+ if (crack[i].alternate_status) {
+ if (r.out.ctr.ctr1->array[0].status != crack[i].alternate_status) {
+ printf("DsCrackNames unexpected status %d, wanted %d or %d on name: %s\n",
+ r.out.ctr.ctr1->array[0].status,
+ crack[i].status,
+ crack[i].alternate_status,
+ crack[i].str);
+ ret = False;
+ }
+ } else {
+ printf("DsCrackNames unexpected status %d, wanted %d on name: %s\n",
+ r.out.ctr.ctr1->array[0].status,
+ crack[i].status,
+ crack[i].str);
+ ret = False;
+ }
} else if (crack[i].expected_str
&& (strcmp(r.out.ctr.ctr1->array[0].result_name,
crack[i].expected_str) != 0)) {