summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/torture/rpc/samsync.c13
-rw-r--r--source4/torture/rpc/testjoin.c68
2 files changed, 62 insertions, 19 deletions
diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c
index 35d36e9bf8..2f9b01ea10 100644
--- a/source4/torture/rpc/samsync.c
+++ b/source4/torture/rpc/samsync.c
@@ -31,6 +31,7 @@
#define TEST_MACHINE_NAME "samsynctest"
#define TEST_MACHINE_NAME2 "samsynctest2"
+#define TEST_USER_NAME "samsynctestuser"
/*
try a netlogon SamLogon
@@ -787,7 +788,7 @@ static BOOL samsync_handle_secret(TALLOC_CTX *mem_ctx, struct samsync_state *sam
status = sess_decrypt_blob(mem_ctx, &lsa_blob1, &session_key, &lsa_blob_out);
if (!NT_STATUS_IS_OK(status)) {
- printf("Failed to decrypt secrets OLD blob\n");
+ printf("Failed to decrypt secrets OLD blob: %s\n", nt_errstr(status));
return False;
}
@@ -1281,6 +1282,7 @@ BOOL torture_rpc_samsync(void)
BOOL ret = True;
struct test_join *join_ctx;
struct test_join *join_ctx2;
+ struct test_join *user_ctx;
const char *machine_password;
const char *machine_password2;
const char *binding = lp_parm_string(-1, "torture", "binding");
@@ -1312,6 +1314,14 @@ BOOL torture_rpc_samsync(void)
return False;
}
+ user_ctx = torture_create_testuser(TEST_USER_NAME,
+ lp_workgroup(),
+ ACB_NORMAL, NULL);
+ if (!user_ctx) {
+ printf("Failed to create test account\n");
+ return False;
+ }
+
samsync_state = talloc_zero(mem_ctx, struct samsync_state);
samsync_state->p_samr = torture_join_samr_pipe(join_ctx);
@@ -1469,6 +1479,7 @@ failed:
torture_leave_domain(join_ctx);
torture_leave_domain(join_ctx2);
+ torture_leave_domain(user_ctx);
talloc_free(mem_ctx);
diff --git a/source4/torture/rpc/testjoin.c b/source4/torture/rpc/testjoin.c
index 3921afb074..891bbcaf10 100644
--- a/source4/torture/rpc/testjoin.c
+++ b/source4/torture/rpc/testjoin.c
@@ -27,10 +27,10 @@
#include "includes.h"
#include "librpc/gen_ndr/ndr_samr.h"
+#include "system/time.h"
struct test_join {
struct dcerpc_pipe *p;
- const char *machine_password;
struct policy_handle user_handle;
};
@@ -81,14 +81,15 @@ static NTSTATUS DeleteUser_byname(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
}
/*
- join the domain as a test machine
+ create a test user in the domain
an opaque pointer is returned. Pass it to torture_leave_domain()
when finished
*/
-struct test_join *torture_join_domain(const char *machine_name,
- const char *domain,
- uint16_t acct_flags,
- const char **machine_password)
+
+struct test_join *torture_create_testuser(const char *username,
+ const char *domain,
+ uint16_t acct_type,
+ const char **random_password)
{
NTSTATUS status;
struct samr_Connect c;
@@ -104,8 +105,12 @@ struct test_join *torture_join_domain(const char *machine_name,
uint32_t rid;
DATA_BLOB session_key;
struct samr_String name;
+ struct samr_String comment;
+ struct samr_String full_name;
+
int policy_min_pw_len = 0;
struct test_join *join;
+ char *random_pw;
join = talloc(NULL, struct test_join);
if (join == NULL) {
@@ -161,13 +166,13 @@ struct test_join *torture_join_domain(const char *machine_name,
goto failed;
}
- printf("Creating machine account %s\n", machine_name);
+ printf("Creating account %s\n", username);
again:
- name.string = talloc_asprintf(join, "%s$", machine_name);
+ name.string = username;
r.in.domain_handle = &domain_handle;
r.in.account_name = &name;
- r.in.acct_flags = acct_flags;
+ r.in.acct_flags = acct_type;
r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
r.out.user_handle = &join->user_handle;
r.out.access_granted = &access_granted;
@@ -194,16 +199,16 @@ again:
policy_min_pw_len = pwp.out.info.min_password_length;
}
- join->machine_password = generate_random_str(join, MAX(8, policy_min_pw_len));
+ random_pw = generate_random_str(join, MAX(8, policy_min_pw_len));
- printf("Setting machine account password '%s'\n", join->machine_password);
+ printf("Setting account password '%s'\n", random_pw);
s.in.user_handle = &join->user_handle;
s.in.info = &u;
s.in.level = 24;
- encode_pw_buffer(u.info24.password.data, join->machine_password, STR_UNICODE);
- u.info24.pw_len = strlen(join->machine_password);
+ encode_pw_buffer(u.info24.password.data, random_pw, STR_UNICODE);
+ u.info24.pw_len = strlen(random_pw);
status = dcerpc_fetch_session_key(join->p, &session_key);
if (!NT_STATUS_IS_OK(status)) {
@@ -221,13 +226,23 @@ again:
goto failed;
}
+ ZERO_STRUCT(u);
s.in.user_handle = &join->user_handle;
s.in.info = &u;
- s.in.level = 16;
+ s.in.level = 21;
- u.info16.acct_flags = acct_flags;
+ u.info21.acct_flags = acct_type;
+ u.info21.fields_present = SAMR_FIELD_ACCT_FLAGS | SAMR_FIELD_COMMENT | SAMR_FIELD_FULL_NAME;
+ comment.string = talloc_asprintf(join,
+ "Tortured by Samba4: %s",
+ timestring(join, time(NULL)));
+ u.info21.comment = comment;
+ full_name.string = talloc_asprintf(join,
+ "Torture account for Samba4: %s",
+ timestring(join, time(NULL)));
+ u.info21.full_name = full_name;
- printf("Resetting ACB flags\n");
+ printf("Resetting ACB flags, force pw change time\n");
status = dcerpc_samr_SetUserInfo(join->p, join, &s);
if (!NT_STATUS_IS_OK(status)) {
@@ -235,8 +250,8 @@ again:
goto failed;
}
- if (machine_password) {
- *machine_password = join->machine_password;
+ if (random_password) {
+ *random_password = random_pw;
}
return join;
@@ -246,11 +261,28 @@ failed:
return NULL;
}
+
+struct test_join *torture_join_domain(const char *machine_name,
+ const char *domain,
+ uint16_t acct_flags,
+ const char **machine_password)
+{
+ char *username = talloc_asprintf(NULL, "%s$", machine_name);
+ struct test_join *tj = torture_create_testuser(username, domain, acct_flags, machine_password);
+ talloc_free(username);
+ return tj;
+}
+
struct dcerpc_pipe *torture_join_samr_pipe(struct test_join *join)
{
return join->p;
}
+struct policy_handle *torture_join_samr_user_policy(struct test_join *join)
+{
+ return &join->user_handle;
+}
+
/*
leave the domain, deleting the machine acct
*/