summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
Diffstat (limited to 'source4')
-rw-r--r--source4/librpc/idl/samr.idl6
-rw-r--r--source4/torture/rpc/samr.c93
2 files changed, 74 insertions, 25 deletions
diff --git a/source4/librpc/idl/samr.idl b/source4/librpc/idl/samr.idl
index 14371f56ae..f1fce235a8 100644
--- a/source4/librpc/idl/samr.idl
+++ b/source4/librpc/idl/samr.idl
@@ -382,7 +382,11 @@
/************************/
/* Function 0x16 */
- NTSTATUS samr_ADD_GROUPMEM();
+ NTSTATUS samr_AddGroupMember(
+ [in,ref] policy_handle *handle,
+ [in] uint32 rid,
+ [in] uint32 flags
+ );
/************************/
/* Function 0x17 */
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index 1e38b8ad70..9930ba8b19 100644
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -433,29 +433,45 @@ static BOOL test_alias_ops(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
return ret;
}
-static BOOL test_DeleteUser_byname(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
- struct policy_handle *handle, const char *name)
+
+static NTSTATUS test_LookupName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+ struct policy_handle *domain_handle, const char *name,
+ uint32 *rid)
{
NTSTATUS status;
struct samr_LookupNames n;
- struct samr_OpenUser r;
- struct samr_DeleteUser d;
- struct policy_handle acct_handle;
struct samr_Name sname;
init_samr_Name(&sname, name);
- n.in.handle = handle;
+ n.in.handle = domain_handle;
n.in.num_names = 1;
n.in.names = &sname;
status = dcerpc_samr_LookupNames(p, mem_ctx, &n);
+ if (NT_STATUS_IS_OK(status)) {
+ *rid = n.out.rids.ids[0];
+ }
+
+ return status;
+}
+
+static BOOL test_DeleteUser_byname(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+ struct policy_handle *handle, const char *name)
+{
+ NTSTATUS status;
+ struct samr_OpenUser r;
+ struct samr_DeleteUser d;
+ struct policy_handle acct_handle;
+ uint32 rid;
+
+ status = test_LookupName(p, mem_ctx, handle, name, &rid);
if (!NT_STATUS_IS_OK(status)) {
goto failed;
}
r.in.handle = handle;
r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
- r.in.rid = n.out.rids.ids[0];
+ r.in.rid = rid;
r.out.acct_handle = &acct_handle;
status = dcerpc_samr_OpenUser(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
@@ -481,25 +497,19 @@ static BOOL test_DeleteGroup_byname(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
struct policy_handle *handle, const char *name)
{
NTSTATUS status;
- struct samr_LookupNames n;
struct samr_OpenGroup r;
struct samr_DeleteDomainGroup d;
struct policy_handle group_handle;
- struct samr_Name sname;
-
- init_samr_Name(&sname, name);
+ uint32 rid;
- n.in.handle = handle;
- n.in.num_names = 1;
- n.in.names = &sname;
- status = dcerpc_samr_LookupNames(p, mem_ctx, &n);
+ status = test_LookupName(p, mem_ctx, handle, name, &rid);
if (!NT_STATUS_IS_OK(status)) {
goto failed;
}
r.in.handle = handle;
r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
- r.in.rid = n.out.rids.ids[0];
+ r.in.rid = rid;
r.out.acct_handle = &group_handle;
status = dcerpc_samr_OpenGroup(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
@@ -525,26 +535,21 @@ static BOOL test_DeleteAlias_byname(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
struct policy_handle *domain_handle, const char *name)
{
NTSTATUS status;
- struct samr_LookupNames n;
struct samr_OpenAlias r;
struct samr_DeleteDomAlias d;
struct policy_handle alias_handle;
- struct samr_Name sname;
+ uint32 rid;
printf("testing DeleteAlias_byname\n");
- init_samr_Name(&sname, name);
- n.in.handle = domain_handle;
- n.in.num_names = 1;
- n.in.names = &sname;
- status = dcerpc_samr_LookupNames(p, mem_ctx, &n);
+ status = test_LookupName(p, mem_ctx, domain_handle, name, &rid);
if (!NT_STATUS_IS_OK(status)) {
goto failed;
}
r.in.handle = domain_handle;
r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
- r.in.rid = n.out.rids.ids[0];
+ r.in.rid = rid;
r.out.acct_handle = &alias_handle;
status = dcerpc_samr_OpenAlias(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
@@ -1421,6 +1426,42 @@ static BOOL test_DeleteDomainGroup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
return ret;
}
+static BOOL test_AddGroupMember(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+ struct policy_handle *domain_handle,
+ struct policy_handle *group_handle)
+{
+ NTSTATUS status;
+ struct samr_AddGroupMember r;
+ BOOL ret = True;
+ uint32 rid;
+
+ status = test_LookupName(p, mem_ctx, domain_handle, TEST_USERNAME, &rid);
+ if (!NT_STATUS_IS_OK(status)) {
+ return False;
+ }
+
+ r.in.handle = group_handle;
+ r.in.rid = rid;
+ r.in.flags = 0; /* ??? */
+
+ printf("Testing AddGroupMember\n");
+
+ status = dcerpc_samr_AddGroupMember(p, mem_ctx, &r);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("AddGroupMember failed - %s\n", nt_errstr(status));
+ return False;
+ }
+
+ status = dcerpc_samr_AddGroupMember(p, mem_ctx, &r);
+ if (!NT_STATUS_EQUAL(NT_STATUS_MEMBER_IN_GROUP, status)) {
+ printf("AddGroupMember gave %s - should be NT_STATUS_MEMBER_IN_GROUP\n",
+ nt_errstr(status));
+ return False;
+ }
+
+ return ret;
+}
+
static BOOL test_CreateDomainGroup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
struct policy_handle *domain_handle, struct policy_handle *group_handle)
@@ -1460,6 +1501,10 @@ static BOOL test_CreateDomainGroup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
return False;
}
+ if (!test_AddGroupMember(p, mem_ctx, domain_handle, group_handle)) {
+ ret = False;
+ }
+
return ret;
}