diff options
-rw-r--r-- | source4/torture/rpc/samsync.c | 13 | ||||
-rw-r--r-- | source4/torture/rpc/testjoin.c | 68 |
2 files changed, 62 insertions, 19 deletions
diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c index 35d36e9bf8..2f9b01ea10 100644 --- a/source4/torture/rpc/samsync.c +++ b/source4/torture/rpc/samsync.c @@ -31,6 +31,7 @@ #define TEST_MACHINE_NAME "samsynctest" #define TEST_MACHINE_NAME2 "samsynctest2" +#define TEST_USER_NAME "samsynctestuser" /* try a netlogon SamLogon @@ -787,7 +788,7 @@ static BOOL samsync_handle_secret(TALLOC_CTX *mem_ctx, struct samsync_state *sam status = sess_decrypt_blob(mem_ctx, &lsa_blob1, &session_key, &lsa_blob_out); if (!NT_STATUS_IS_OK(status)) { - printf("Failed to decrypt secrets OLD blob\n"); + printf("Failed to decrypt secrets OLD blob: %s\n", nt_errstr(status)); return False; } @@ -1281,6 +1282,7 @@ BOOL torture_rpc_samsync(void) BOOL ret = True; struct test_join *join_ctx; struct test_join *join_ctx2; + struct test_join *user_ctx; const char *machine_password; const char *machine_password2; const char *binding = lp_parm_string(-1, "torture", "binding"); @@ -1312,6 +1314,14 @@ BOOL torture_rpc_samsync(void) return False; } + user_ctx = torture_create_testuser(TEST_USER_NAME, + lp_workgroup(), + ACB_NORMAL, NULL); + if (!user_ctx) { + printf("Failed to create test account\n"); + return False; + } + samsync_state = talloc_zero(mem_ctx, struct samsync_state); samsync_state->p_samr = torture_join_samr_pipe(join_ctx); @@ -1469,6 +1479,7 @@ failed: torture_leave_domain(join_ctx); torture_leave_domain(join_ctx2); + torture_leave_domain(user_ctx); talloc_free(mem_ctx); diff --git a/source4/torture/rpc/testjoin.c b/source4/torture/rpc/testjoin.c index 3921afb074..891bbcaf10 100644 --- a/source4/torture/rpc/testjoin.c +++ b/source4/torture/rpc/testjoin.c @@ -27,10 +27,10 @@ #include "includes.h" #include "librpc/gen_ndr/ndr_samr.h" +#include "system/time.h" struct test_join { struct dcerpc_pipe *p; - const char *machine_password; struct policy_handle user_handle; }; @@ -81,14 +81,15 @@ static NTSTATUS DeleteUser_byname(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, } /* - join the domain as a test machine + create a test user in the domain an opaque pointer is returned. Pass it to torture_leave_domain() when finished */ -struct test_join *torture_join_domain(const char *machine_name, - const char *domain, - uint16_t acct_flags, - const char **machine_password) + +struct test_join *torture_create_testuser(const char *username, + const char *domain, + uint16_t acct_type, + const char **random_password) { NTSTATUS status; struct samr_Connect c; @@ -104,8 +105,12 @@ struct test_join *torture_join_domain(const char *machine_name, uint32_t rid; DATA_BLOB session_key; struct samr_String name; + struct samr_String comment; + struct samr_String full_name; + int policy_min_pw_len = 0; struct test_join *join; + char *random_pw; join = talloc(NULL, struct test_join); if (join == NULL) { @@ -161,13 +166,13 @@ struct test_join *torture_join_domain(const char *machine_name, goto failed; } - printf("Creating machine account %s\n", machine_name); + printf("Creating account %s\n", username); again: - name.string = talloc_asprintf(join, "%s$", machine_name); + name.string = username; r.in.domain_handle = &domain_handle; r.in.account_name = &name; - r.in.acct_flags = acct_flags; + r.in.acct_flags = acct_type; r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; r.out.user_handle = &join->user_handle; r.out.access_granted = &access_granted; @@ -194,16 +199,16 @@ again: policy_min_pw_len = pwp.out.info.min_password_length; } - join->machine_password = generate_random_str(join, MAX(8, policy_min_pw_len)); + random_pw = generate_random_str(join, MAX(8, policy_min_pw_len)); - printf("Setting machine account password '%s'\n", join->machine_password); + printf("Setting account password '%s'\n", random_pw); s.in.user_handle = &join->user_handle; s.in.info = &u; s.in.level = 24; - encode_pw_buffer(u.info24.password.data, join->machine_password, STR_UNICODE); - u.info24.pw_len = strlen(join->machine_password); + encode_pw_buffer(u.info24.password.data, random_pw, STR_UNICODE); + u.info24.pw_len = strlen(random_pw); status = dcerpc_fetch_session_key(join->p, &session_key); if (!NT_STATUS_IS_OK(status)) { @@ -221,13 +226,23 @@ again: goto failed; } + ZERO_STRUCT(u); s.in.user_handle = &join->user_handle; s.in.info = &u; - s.in.level = 16; + s.in.level = 21; - u.info16.acct_flags = acct_flags; + u.info21.acct_flags = acct_type; + u.info21.fields_present = SAMR_FIELD_ACCT_FLAGS | SAMR_FIELD_COMMENT | SAMR_FIELD_FULL_NAME; + comment.string = talloc_asprintf(join, + "Tortured by Samba4: %s", + timestring(join, time(NULL))); + u.info21.comment = comment; + full_name.string = talloc_asprintf(join, + "Torture account for Samba4: %s", + timestring(join, time(NULL))); + u.info21.full_name = full_name; - printf("Resetting ACB flags\n"); + printf("Resetting ACB flags, force pw change time\n"); status = dcerpc_samr_SetUserInfo(join->p, join, &s); if (!NT_STATUS_IS_OK(status)) { @@ -235,8 +250,8 @@ again: goto failed; } - if (machine_password) { - *machine_password = join->machine_password; + if (random_password) { + *random_password = random_pw; } return join; @@ -246,11 +261,28 @@ failed: return NULL; } + +struct test_join *torture_join_domain(const char *machine_name, + const char *domain, + uint16_t acct_flags, + const char **machine_password) +{ + char *username = talloc_asprintf(NULL, "%s$", machine_name); + struct test_join *tj = torture_create_testuser(username, domain, acct_flags, machine_password); + talloc_free(username); + return tj; +} + struct dcerpc_pipe *torture_join_samr_pipe(struct test_join *join) { return join->p; } +struct policy_handle *torture_join_samr_user_policy(struct test_join *join) +{ + return &join->user_handle; +} + /* leave the domain, deleting the machine acct */ |