summaryrefslogtreecommitdiff
path: root/source4/torture/rpc/samsync.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/torture/rpc/samsync.c')
-rw-r--r--source4/torture/rpc/samsync.c45
1 files changed, 45 insertions, 0 deletions
diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c
index d77c5a0d5e..412b27c8ec 100644
--- a/source4/torture/rpc/samsync.c
+++ b/source4/torture/rpc/samsync.c
@@ -409,6 +409,7 @@ static BOOL samsync_handle_user(TALLOC_CTX *mem_ctx, struct samsync_state *samsy
struct samr_QueryUserInfo q;
struct policy_handle user_handle;
+ struct samr_GetGroupsForUser getgroups;
if (!samsync_state->domain_name || !samsync_state->domain_handle[database_id]) {
printf("SamSync needs domain information before the users\n");
return False;
@@ -431,9 +432,27 @@ static BOOL samsync_handle_user(TALLOC_CTX *mem_ctx, struct samsync_state *samsy
TEST_SEC_DESC_EQUAL(user->sdbuf, samr, &user_handle);
nt_status = dcerpc_samr_QueryUserInfo(samsync_state->p_samr, mem_ctx, &q);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ printf("QueryUserInfo level %u failed - %s\n",
+ q.in.level, nt_errstr(nt_status));
+ ret = False;
+ }
+
+ getgroups.in.user_handle = &user_handle;
+
+ nt_status = dcerpc_samr_GetGroupsForUser(samsync_state->p_samr, mem_ctx, &getgroups);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ printf("GetGroupsForUser failed - %s\n",
+ nt_errstr(nt_status));
+ ret = False;
+ }
+
if (!test_samr_handle_Close(samsync_state->p_samr, mem_ctx, &user_handle)) {
printf("samr_handle_Close failed - %s\n",
nt_errstr(nt_status));
+ ret = False;
+ }
+ if (!ret) {
return False;
}
@@ -608,6 +627,32 @@ static BOOL samsync_handle_user(TALLOC_CTX *mem_ctx, struct samsync_state *samsy
|| (info3->base.last_logoff == 0x7fffffffffffffffLL))) {
TEST_TIME_EQUAL(user->last_logoff, info3->base.last_logoff);
}
+
+ TEST_INT_EQUAL(getgroups.out.rids->count, info3->base.groups.count);
+ if (getgroups.out.rids->count == info3->base.groups.count) {
+ int i, j;
+ int count = getgroups.out.rids->count;
+ BOOL *matched = talloc_zero_array(mem_ctx, BOOL, getgroups.out.rids->count);
+
+ for (i = 0; i < count; i++) {
+ for (j = 0; j < count; j++) {
+ if ((getgroups.out.rids->rids[i].rid ==
+ info3->base.groups.rids[j].rid)
+ && (getgroups.out.rids->rids[i].type ==
+ info3->base.groups.rids[j].type)) {
+ matched[i] = True;
+ }
+ }
+ }
+
+ for (i = 0; i < getgroups.out.rids->count; i++) {
+ if (matched[i] == False) {
+ ret = False;
+ printf("Could not find group RID %u found in getgroups in NETLOGON reply\n",
+ getgroups.out.rids->rids[i].rid);
+ }
+ }
+ }
return ret;
} else {
printf("Could not validate password for user %s\\%s: %s\n",