summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/torture/rpc/samr.c52
1 files changed, 38 insertions, 14 deletions
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index 692dddf73b..ae0c8c032f 100644
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -3999,9 +3999,11 @@ static bool test_DeleteAlias(struct dcerpc_pipe *p,
}
static bool test_CreateAlias(struct dcerpc_pipe *p, struct torture_context *tctx,
- struct policy_handle *domain_handle,
+ struct policy_handle *domain_handle,
+ const char *alias_name,
struct policy_handle *alias_handle,
- const struct dom_sid *domain_sid)
+ const struct dom_sid *domain_sid,
+ bool test_alias)
{
NTSTATUS status;
struct samr_CreateDomAlias r;
@@ -4009,7 +4011,7 @@ static bool test_CreateAlias(struct dcerpc_pipe *p, struct torture_context *tctx
uint32_t rid;
bool ret = true;
- init_lsa_String(&name, TEST_ALIASNAME);
+ init_lsa_String(&name, alias_name);
r.in.domain_handle = domain_handle;
r.in.alias_name = &name;
r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
@@ -4043,6 +4045,10 @@ static bool test_CreateAlias(struct dcerpc_pipe *p, struct torture_context *tctx
return false;
}
+ if (!test_alias) {
+ return ret;
+ }
+
if (!test_alias_ops(p, tctx, alias_handle, domain_sid)) {
ret = false;
}
@@ -4217,10 +4223,12 @@ static bool test_ChangePassword(struct dcerpc_pipe *p,
static bool test_CreateUser(struct dcerpc_pipe *p, struct torture_context *tctx,
struct policy_handle *domain_handle,
+ const char *user_name,
struct policy_handle *user_handle_out,
struct dom_sid *domain_sid,
enum torture_samr_choice which_ops,
- struct cli_credentials *machine_credentials)
+ struct cli_credentials *machine_credentials,
+ bool test_user)
{
TALLOC_CTX *user_ctx;
@@ -4239,7 +4247,7 @@ static bool test_CreateUser(struct dcerpc_pipe *p, struct torture_context *tctx,
struct policy_handle user_handle;
user_ctx = talloc_named(tctx, 0, "test_CreateUser2 per-user context");
- init_lsa_String(&name, TEST_ACCOUNT_NAME);
+ init_lsa_String(&name, user_name);
r.in.domain_handle = domain_handle;
r.in.account_name = &name;
@@ -4269,11 +4277,21 @@ static bool test_CreateUser(struct dcerpc_pipe *p, struct torture_context *tctx,
}
status = dcerpc_samr_CreateUser(p, user_ctx, &r);
}
+
if (!NT_STATUS_IS_OK(status)) {
talloc_free(user_ctx);
printf("CreateUser failed - %s\n", nt_errstr(status));
return false;
- } else {
+ }
+
+ if (!test_user) {
+ if (user_handle_out) {
+ *user_handle_out = user_handle;
+ }
+ return ret;
+ }
+
+ {
q.in.user_handle = &user_handle;
q.in.level = 16;
q.out.info = &info;
@@ -5931,10 +5949,12 @@ static bool test_AddGroupMember(struct dcerpc_pipe *p, struct torture_context *t
static bool test_CreateDomainGroup(struct dcerpc_pipe *p,
- struct torture_context *tctx,
+ struct torture_context *tctx,
struct policy_handle *domain_handle,
+ const char *group_name,
struct policy_handle *group_handle,
- struct dom_sid *domain_sid)
+ struct dom_sid *domain_sid,
+ bool test_group)
{
NTSTATUS status;
struct samr_CreateDomainGroup r;
@@ -5942,7 +5962,7 @@ static bool test_CreateDomainGroup(struct dcerpc_pipe *p,
struct lsa_String name;
bool ret = true;
- init_lsa_String(&name, TEST_GROUPNAME);
+ init_lsa_String(&name, group_name);
r.in.domain_handle = domain_handle;
r.in.name = &name;
@@ -5984,6 +6004,10 @@ static bool test_CreateDomainGroup(struct dcerpc_pipe *p,
}
torture_assert_ntstatus_ok(tctx, status, "CreateDomainGroup");
+ if (!test_group) {
+ return ret;
+ }
+
if (!test_AddGroupMember(p, tctx, domain_handle, group_handle)) {
printf("CreateDomainGroup failed - %s\n", nt_errstr(status));
ret = false;
@@ -6060,7 +6084,7 @@ static bool test_OpenDomain(struct dcerpc_pipe *p, struct torture_context *tctx,
if (!torture_setting_bool(tctx, "samba3", false)) {
ret &= test_CreateUser2(p, tctx, &domain_handle, sid, which_ops, NULL);
}
- ret &= test_CreateUser(p, tctx, &domain_handle, &user_handle, sid, which_ops, NULL);
+ ret &= test_CreateUser(p, tctx, &domain_handle, TEST_ACCOUNT_NAME, &user_handle, sid, which_ops, NULL, true);
/* This test needs 'complex' users to validate */
ret &= test_QueryDisplayInfo(p, tctx, &domain_handle);
if (!ret) {
@@ -6071,13 +6095,13 @@ static bool test_OpenDomain(struct dcerpc_pipe *p, struct torture_context *tctx,
if (!torture_setting_bool(tctx, "samba3", false)) {
ret &= test_CreateUser2(p, tctx, &domain_handle, sid, which_ops, machine_credentials);
}
- ret &= test_CreateUser(p, tctx, &domain_handle, &user_handle, sid, which_ops, machine_credentials);
+ ret &= test_CreateUser(p, tctx, &domain_handle, TEST_ACCOUNT_NAME, &user_handle, sid, which_ops, machine_credentials, true);
if (!ret) {
printf("Testing PASSWORDS PWDLASTSET on domain %s failed!\n", dom_sid_string(tctx, sid));
}
break;
case TORTURE_SAMR_OTHER:
- ret &= test_CreateUser(p, tctx, &domain_handle, &user_handle, sid, which_ops, NULL);
+ ret &= test_CreateUser(p, tctx, &domain_handle, TEST_ACCOUNT_NAME, &user_handle, sid, which_ops, NULL, true);
if (!ret) {
printf("Failed to CreateUser in SAMR-OTHER on domain %s!\n", dom_sid_string(tctx, sid));
}
@@ -6085,8 +6109,8 @@ static bool test_OpenDomain(struct dcerpc_pipe *p, struct torture_context *tctx,
ret &= test_QuerySecurity(p, tctx, &domain_handle);
}
ret &= test_RemoveMemberFromForeignDomain(p, tctx, &domain_handle);
- ret &= test_CreateAlias(p, tctx, &domain_handle, &alias_handle, sid);
- ret &= test_CreateDomainGroup(p, tctx, &domain_handle, &group_handle, sid);
+ ret &= test_CreateAlias(p, tctx, &domain_handle, TEST_ALIASNAME, &alias_handle, sid, true);
+ ret &= test_CreateDomainGroup(p, tctx, &domain_handle, TEST_GROUPNAME, &group_handle, sid, true);
ret &= test_QueryDomainInfo(p, tctx, &domain_handle);
ret &= test_QueryDomainInfo2(p, tctx, &domain_handle);
ret &= test_EnumDomainUsers(p, tctx, &domain_handle);