summaryrefslogtreecommitdiff
path: root/source4/torture/rpc/drsuapi.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r22120: Expand the RPC-CRACKNAMES test, to test more values and expose patterns.Andrew Bartlett1-3/+2
Fix up our server side implementation to pass almost all the tests (a couple are skipped). Don't require the DsGetDomainControllerInfo calls to pass, just get some info from them. Andrew Bartlett (This used to be commit a29eb8f7e541d2021726601faf52355e312c916b)
2007-10-10r21817: give fields a meaningStefan Metzmacher1-2/+2
metze (This used to be commit 521355b57b74dbdccc6ae15738345e1d989ce262)
2007-10-10r20676: Add ref pointer to fix warning.Jelmer Vernooij1-2/+2
(This used to be commit 1afcf850679b6752935455a8f9198679649922b8)
2007-10-10r20510: fix spellingStefan Metzmacher1-1/+1
metze (This used to be commit 58066e2252001b7689705d296a16438733cfdfc4)
2007-10-10r20369: Remember to break if we find a match.Andrew Bartlett1-1/+3
Andrew Bartlett (This used to be commit 4bd8dbcf41f04be28e2f5d6e15a22f08ba80b948)
2007-10-10r20359: level -1 of DsGetDomainControllerInfo gives back a listStefan Metzmacher1-2/+2
of all active connections to the Directory Service Agent (DSA) (This can be LDAP or DRSUAPI connections) abartlet: you had just luck by using flag(BIG_ENDIAN) as BIG_ENDIAN is defined in <endian.h>, it should be flag(NDR_BIG_ENDIAN)... metze (This used to be commit c7e639763de1f8ddccfb954227feeaddb7386edc)
2007-10-10r20353: Restructure the DRSUAPI DsGetDomainControllerInfo test, because asAndrew Bartlett1-97/+125
usual things are more complex than they appear. Also remove the incorrect server-side implementation, which blindly assumed some sense of consistancy across the API switch levels. Andrew Bartlett (This used to be commit 79941adbff843f5027dacd31b972deca4a1557ec)
2007-10-10r20315: Implement the server side of DsGetDomainControllerInfo. This is aAndrew Bartlett1-5/+0
supprisingly complex call... It turns out that the in/out parameter 'level' is not in/out, but set seperatly by the server-side code from r->req.req1.level. This commit also breaks out some common code from samldb into samdb. Andrew Bartlett (This used to be commit 2eb9e6445c64840399171f4f56b1e43786dbcfa7)
2007-10-10r20251: I found out that the oid-prefix to uint32-id-prefix mapping is ↵Stefan Metzmacher1-2/+2
transferred in replication replies, but I don't know the exact encoding. for example the oids are transferred as: 2.5.4 => uint8_t v[] = { 0x55, 0x04 }; 2.5.5 => uint8_t v[] = { 0x55, 0x05 }; 2.5.6 => uint8_t v[] = { 0x55, 0x06 }; 2.5.18 => uint8_t v[] = { 0x55, 0x12 }; 2.5.20 => uint8_t v[] = { 0x55, 0x14 }; 2.5.21 => uint8_t v[] = { 0x55, 0x15 }; 1.2.840.113556.1.2 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x02 }; 1.2.840.113556.1.3 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x03 }; 1.2.840.113556.1.4 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x04 }; 1.2.840.113556.1.5 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x05 }; 1.2.840.113556.1.5.7000 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x01, 0x05, 0xb6, 0x58 }; 1.2.840.113549.1.9 => uint8_t v[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09 }; 2.16.840.1.113730.3 => uint8_t v[] = { 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x03 }; 2.16.840.1.113730.3.1 => uint8_t v[] = { 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x03, 0x01 }; 2.16.840.1.113730.3.2 => uint8_t v[] = { 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x03, 0x02 }; 0.9.2342.19200300.100.1 => uint8_t v[] = { 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x01 }; 0.9.2342.19200300.100.4 => uint8_t v[] = { 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x04 }; 1.3.6.1.4.1.250.1 => uint8_t v[] = { 0x2b, 0x06, 0x01, 0x04, 0x01, 0x81, 0x7a, 0x01 }; 1.3.6.1.4.1.1466.101.119=> uint8_t v[] = { 0x2b, 0x06, 0x01, 0x04, 0x01, 0x8b, 0x3a, 0x65, 0x77 }; if someone knows how the encoding works, please tell me:-) I assume some ASN.1 encoding... metze (This used to be commit aa720a15319392fee5c532959192d0df5bf4c718)
2007-10-10r20113: Update the DRSUAPI CrackNames test to explore a few more cases, and inAndrew Bartlett1-4/+53
particular to verify more expected results. Also return more details from the join process. Now we also return the machine account's GUID. Andrew Bartlett (This used to be commit 5b32f102af1fc7acb56bf7eaa40068d60a1ee396)
2007-10-10r20079: the 2nd guid is the source_dsa invocation_id not the objectGUID,Stefan Metzmacher1-2/+2
this wasn't noticed because on the 1st dc in the forest both have the same value metze (This used to be commit 527bd9a0a361e19606e25e885b92da316e740bf9)
2007-10-10r19967: this unknowns are max_object_count and max_ndr_sizeStefan Metzmacher1-4/+4
metze (This used to be commit 3e6264d872e4fc39a8e0712293492ad413345de9)
2007-10-10r19760: Create a DC account for the drsuapi tests to work on, rather thanAndrew Bartlett1-6/+45
choosing an existing DC. Allow to skip some tests under Samba4. Andrew Bartlett (This used to be commit 705fbae325267fd0ed11f463f954f8e45802d6d5)
2007-10-10r14720: Add torture_context argument to all torture testsJelmer Vernooij1-1/+1
(This used to be commit 3c7a5ce29108dd82210dc3e1f00414f545949e1d)
2007-10-10r14470: Remove some unnecessary headers.Jelmer Vernooij1-1/+0
(This used to be commit f7312dab3b9aba2b2b82e8a6e0c483a32a03a63a)
2007-10-10r14402: Generate seperate headers for RPC client functions.Jelmer Vernooij1-0/+1
(This used to be commit 7054ebf0249930843a2baf4d023ae8f62cedb109)
2007-10-10r14379: Build torture/rpc/ as a seperate smbtorture module. Move helperJelmer Vernooij1-3/+1
functions for rpc out of torture/torture.c (This used to be commit 1d2d970f3b8aef3f36c2befb94b5dd72c0086639)
2007-10-10r14363: Remove credentials.h from the global includes.Jelmer Vernooij1-0/+1
(This used to be commit 98c4c3051391c6f89df5d133665f51bef66b1563)
2007-10-10r13346: use private proto header files for the torture testsStefan Metzmacher1-0/+1
metze (This used to be commit 67837dbd2bcff8ec1917ba02884ee2eaa0776b46)
2007-10-10r12693: Move core data structures out of smb.h into core.hJelmer Vernooij1-0/+1
torture prototypes in seperate header (This used to be commit 73610639b23ca3743077193fa0b1de7c7f65944d)
2007-10-10r12510: Change the DCE/RPC interfaces to take a pointer to aJelmer Vernooij1-3/+1
dcerpc_interface_table struct rather then a tuple of interface name, UUID and version. This removes the requirement for having a global list of DCE/RPC interfaces, except for these parts of the code that use that list explicitly (ndrdump and the scanner torture test). This should also allow us to remove the hack that put the authservice parameter in the dcerpc_binding struct as it can now be read directly from dcerpc_interface_table. I will now modify some of these functions to take a dcerpc_syntax_id structure rather then a full dcerpc_interface_table. (This used to be commit 8aae0f168e54c01d0866ad6e0da141dbd828574f)
2007-10-10r10865: merge branches/SOC/SAMBA_4_0 into main the main SAMBA_4_0 treeStefan Metzmacher1-4/+8
metze r8017@SERNOX: metze | 2005-06-30 13:44:23 +0200 create the SAMBA_4_0 branch for the Summer Of Code Project metze r8730@SERNOX: brad | 2005-07-24 03:09:48 +0200 Branching Samba 4 r8731@SERNOX: brad | 2005-07-24 06:39:00 +0200 added 'make installmisc' to howto.txt added existing 'compression' option to level8 drsuapi torture test added new 'neighbour_writeable' option to level8 drsuapi torture test r8732@SERNOX: brad | 2005-07-24 06:42:38 +0200 added metze's dssync patch as source/torture/rpc/dssync.c r8739@SERNOX: brad | 2005-07-25 00:24:46 +0200 added a test called RPC-DSSYNC to config.mk hacking at dssync.c in an attempt to make it compile r8754@SERNOX: brad | 2005-07-25 15:19:21 +0200 Changing dssync.c to use ldb routines for accessing ldap rather than raw ldap calls. r8765@SERNOX: brad | 2005-07-26 03:35:38 +0200 more ldb changes to test_CompleteJoin(), it mostly kind of almost works now! r8766@SERNOX: brad | 2005-07-26 03:56:00 +0200 Trying to fix the crazy nesting in the branch r8769@SERNOX: brad | 2005-07-26 04:48:29 +0200 merging latest changes r8770@SERNOX: brad | 2005-07-26 04:53:43 +0200 removing nested branch r8793@SERNOX: jerry | 2005-07-27 05:04:57 +0200 merging on of Brad missing changes from the nested 4.0 branch debacle r8794@SERNOX: jerry | 2005-07-27 05:14:42 +0200 syncing up with the main 4_0 branch for Brad r8842@SERNOX: brad | 2005-07-29 00:26:30 +0200 merging changes from branches/SAMBA_4_0 r8850@SERNOX: brad | 2005-07-29 21:07:57 +0200 Bringing my tree up to date r8851@SERNOX: brad | 2005-07-30 00:48:04 +0200 making dssync.c more ldb-centric, reverted samlogon.c from rev. 8845 to get my branch to compile again. r8856@SERNOX: brad | 2005-07-30 03:20:33 +0200 I think I have the ldb code down in test_CompleteJoin (not complete yet though) r8860@SERNOX: brad | 2005-07-30 07:08:13 +0200 Changed comments to C style /**/ (thanks Richard), some more changes to test_CompleteJoin(). r8862@SERNOX: brad | 2005-07-31 04:45:32 +0200 Bringing the SOC/SAMBA_4_0 branch up to date. r8863@SERNOX: brad | 2005-07-31 20:00:41 +0200 Updated some missing files from the branch r8864@SERNOX: brad | 2005-07-31 20:25:50 +0200 Removing autogenerated files from branch r8865@SERNOX: brad | 2005-07-31 20:43:58 +0200 last of the unneeded files in SOC/SAMBA_4_0 r9004@SERNOX: brad | 2005-08-03 18:51:23 +0200 r5214@buttercup: j0j0 | 2005-08-03 10:44:30 -0600 r@buttercup: j0j0 | 2005-08-02 22:54:13 -0600 creating a local branch of branches/SAMBA_4_0 r9013@SERNOX: brad | 2005-08-03 20:57:48 +0200 r5228@buttercup: j0j0 | 2005-08-03 13:00:11 -0600 Fixing differences between this branch and /branches/SAMBA_4_0 r9014@SERNOX: brad | 2005-08-03 21:18:05 +0200 r5231@buttercup: j0j0 | 2005-08-03 13:23:12 -0600 Updating config.mk so that smbtorture builds again r9061@SERNOX: brad | 2005-08-04 18:17:36 +0200 r5249@buttercup: j0j0 | 2005-08-03 21:01:02 -0600 Start using libnet_Join() for DC join. r9062@SERNOX: brad | 2005-08-04 18:17:47 +0200 r5250@buttercup: j0j0 | 2005-08-04 10:21:34 -0600 Some more work towards performing a dc join. r9064@SERNOX: brad | 2005-08-04 18:53:51 +0200 r5253@buttercup: j0j0 | 2005-08-04 10:53:00 -0600 Fixed a bug (passing a TALLOC_CTX to libnet_context_init() ) r9069@SERNOX: brad | 2005-08-04 21:59:55 +0200 r5279@buttercup: j0j0 | 2005-08-04 14:04:55 -0600 Some more work on the domain join r9117@SERNOX: brad | 2005-08-05 16:50:26 +0200 r5281@buttercup: j0j0 | 2005-08-05 08:55:58 -0600 Committing minor changes before merge r9180@SERNOX: brad | 2005-08-07 17:25:25 +0200 r5314@buttercup: j0j0 | 2005-08-07 09:30:12 -0600 Reworked libnet_join to use two join levels, AUTOMATIC and SPECIFIED. r9181@SERNOX: brad | 2005-08-07 17:25:36 +0200 r5315@buttercup: j0j0 | 2005-08-07 09:31:22 -0600 Working with libnet_Join(), code cleanup needed in the near future. r9192@SERNOX: brad | 2005-08-07 21:40:22 +0200 r5373@buttercup: j0j0 | 2005-08-07 13:46:09 -0600 Some code cleanup to make things a little more readable. r9249@SERNOX: brad | 2005-08-12 01:31:48 +0200 r5375@buttercup: j0j0 | 2005-08-11 17:38:44 -0600 Split libnet_JoinDomain() into libnet_JoinDomain() and libnet_JoinADSDomain(). r9256@SERNOX: brad | 2005-08-12 04:55:11 +0200 r5413@buttercup: j0j0 | 2005-08-11 21:02:27 -0600 Clean up libnet_JoinADSDomain() a little, added a comment to the test_join struct. r9314@SERNOX: brad | 2005-08-16 03:53:20 +0200 r5436@buttercup: j0j0 | 2005-08-15 20:01:21 -0600 libnet_JoinDomain() should honour LIBNET_JOIN_TORTURE now. torture_join_domain() should properly use libnet_JoinDomain(). dssync.c uses torture_join_domain() again. r9351@SERNOX: brad | 2005-08-17 07:15:31 +0200 r5438@buttercup: j0j0 | 2005-08-16 23:23:58 -0600 Removed LIBNET_JOIN_TORTURE level, as it became unnecessary once libnet_Join_primary_domain() handled netbios names better. Corrected libnet_JoinDomain() and libnet_JoinADSDomain(). r9352@SERNOX: brad | 2005-08-17 07:24:49 +0200 r5440@buttercup: j0j0 | 2005-08-16 23:33:25 -0600 Fixed a typo. r9354@SERNOX: metze | 2005-08-17 10:28:25 +0200 remove object files from svn metze r9376@SERNOX: brad | 2005-08-18 05:15:48 +0200 r5476@buttercup: j0j0 | 2005-08-17 21:24:33 -0600 Proof that I shouldn't code when i'm tired (silly bugfixes). r9405@SERNOX: brad | 2005-08-19 22:50:10 +0200 r5500@buttercup: j0j0 | 2005-08-19 14:56:25 -0600 Get dssync.c compiling again after merge (ldb_dn changes from rev. 9391). r9407@SERNOX: brad | 2005-08-20 03:22:42 +0200 r5502@buttercup: j0j0 | 2005-08-19 19:28:22 -0600 libnet/libnet_join.c Some more fixes so ldb uses ldb_dn's. torture/rpc/dssync.c Some debugging printf()'s. ldb_dn fixes. torture/rpc/testjoin.c Change torture_join_domain() to use libnet_JoinDomain() rather than libnet_Join(). Some more debugging statements. I'm not sure why, but GUID_all_zero(user_handle.uuid) is returning true in torture_leave_domain() when called it from torture_destroy_context() in torture/rpc/dssync.c. That's what i'm working out now. r9427@SERNOX: brad | 2005-08-20 18:38:29 +0200 r5504@buttercup: j0j0 | 2005-08-20 10:44:52 -0600 Some bugfixes. Removed a bunch of debugging code. torture_leave_domain() works again! not 100% perfect yet though... r9428@SERNOX: brad | 2005-08-20 19:09:26 +0200 r5506@buttercup: j0j0 | 2005-08-20 11:15:54 -0600 Restructure torture_join_domain() so that it joins itself, removes itself, and joins itself to the domain again to ensure that its account information is all current and as expected. r9452@SERNOX: brad | 2005-08-21 19:33:51 +0200 r5508@buttercup: j0j0 | 2005-08-21 11:40:36 -0600 Bugfixes, trying to get things straight between contexts. r9467@SERNOX: brad | 2005-08-22 04:00:48 +0200 r5510@buttercup: j0j0 | 2005-08-21 20:06:55 -0600 Another round of bugfixing. r9521@SERNOX: brad | 2005-08-23 15:26:44 +0200 r5596@buttercup: j0j0 | 2005-08-23 07:33:06 -0600 Merging changes r9524@SERNOX: metze | 2005-08-23 16:09:42 +0200 - fix the build caused by changes in the main samba4 tree, - add an option "dssync:german=yes" to allow me to run against my german w2k3 server this should be replaces by CLDAP calls to get the Default-First-Site-Name dynamicly - remove some temporary comments, as DsAddEntry works now metze r9528@SERNOX: metze | 2005-08-23 18:22:22 +0200 the RPC-DSSYNC test is now able to fetch the whole tree, including the unicodePwd, ntPwdHistory fields metze r9559@SERNOX: brad | 2005-08-24 04:11:47 +0200 r5612@buttercup: j0j0 | 2005-08-23 20:19:12 -0600 Some fixes around using talloc in a hierarchical fashion. Still not right, but better. r9564@SERNOX: brad | 2005-08-24 05:43:11 +0200 r5614@buttercup: j0j0 | 2005-08-23 21:50:38 -0600 Gave libnet_JoinADSDomain() its own tmp_ctx rather than passing it from libnet_JoinDomain() as a parameter (yuk). As a side effect, it proves that my bug lies in libnet_JoinDomain(), not libnet_JoinADSDomain(). r9565@SERNOX: brad | 2005-08-24 06:09:46 +0200 r5616@buttercup: j0j0 | 2005-08-23 22:17:12 -0600 Small fix, if r->out.error_string and r2->samr_handle.out.error_string weren't set to NULL, torture_join_domain() would segfault on the second join. r9630@SERNOX: brad | 2005-08-26 06:42:50 +0200 Commented out the parts of the dssync test which perform the dc join and create/remove associated ldap entries. Commented out the test for the 'german' dssync option, because now we detect the Site-Name using CLDAP. If cldap_netlogon() does not return ok, the code defaults to 'Default-First-Site-Name'. r9670@SERNOX: brad | 2005-08-27 02:30:11 +0200 Added a patch from metze. To showcase what i've learned today, i've created two new parameters which can be set at runtime, drsuapi:last_usn and drsuapi:partition. drsuapi:last_usn takes an integer representing the USN of the last recieved replication update for a particular partition (uses the domain dn if drsuapi:parition isn't set). That value is passed in the DsGetNCChanges() call so that only info which has been updated since that point in time is returned. If this option is not set, 0 is used by default, and all updates for that partition are returned. drsuapi:partition takes a string dn and uses that as the name of the AD partition to replicate. Some debugging output was also added. r9723@SERNOX: brad | 2005-08-29 01:07:51 +0200 Added some copyright notices. Changed some things in net_join.c to try and figure out why 'net join <domain> bdc' segfaults. It occurs when the last talloc_free() happens, so i'm sure it's something to do with the memory fiddling i'm doing in libnet_join. Added some drsuapi attribute ids that I figured out today. I put some (many, dry) notes together while doing that, so i'll try to put them up on a blog at samba.org a little later tonight. r9740@SERNOX: metze | 2005-08-29 16:58:03 +0200 fix up the DsGetNCchanges loop, and remove misleading comments metze r9743@SERNOX: metze | 2005-08-29 17:26:45 +0200 make the logic a bit clearer metze r9815@SERNOX: brad | 2005-08-31 02:36:21 +0200 Added cldap_netlogon() AD Site-Name lookup into libnet/libnet_join.c. Bugfixing rampage in libnet_join.c to resolve misunderstanding of talloc_steal(). libnet_join now creates the CN=<netbios name>,CN=Servers,CN=<site name>,CN=Sites,CN=Configuration,<domain dn> container on a dc join. r9858@SERNOX: brad | 2005-09-01 03:17:17 +0200 Removed extraneous NDR_ALL subsystem requirement from torture/config.mk. Added lots of error checking as per metze's advice. Removed commented out code. More bug chasing. r9863@SERNOX: brad | 2005-09-01 05:53:19 +0200 Cleaned up dssync.c, removed the unneeded DsCrackNames() call, removed DC join/leave related stuff. It no longer looks like my house does! r9887@SERNOX: metze | 2005-09-01 11:34:03 +0200 - fix dssync:highest_usn parameter handling - ask for LINKED_ATTRIBUTE replication metze r9891@SERNOX: metze | 2005-09-01 14:13:18 +0200 make the code more readable, and fix a few bugs metze r9911@SERNOX: brad | 2005-09-01 20:36:27 +0200 Bugfixes in libnet_join.c. Cleaned up comments. Added domain_dn_str and account_dn_str to struct libnet_JoinDomain. Removed struct dcerpc_pipe *samr_pipe and struct policy_handle user_handle from struct libnet_Join. r9920@SERNOX: brad | 2005-09-01 23:34:13 +0200 Added disclaimer (I can't seem to get libnet_JoinDomain() to keep the samr_pipe and u_handle open past the function call, grrrr....). r9921@SERNOX: brad | 2005-09-01 23:37:54 +0200 Added copyright statement. Cleaned up unneeded variables from torture_join_domain(). r9932@SERNOX: brad | 2005-09-02 01:49:42 +0200 Really rushed project notes. r10841@SERNOX: metze | 2005-10-08 20:01:45 +0200 remove diff to main SAMBA_4_0 branch metze r10862@SERNOX: metze | 2005-10-10 10:31:52 +0200 remove the differences between SAMBA_4_0 and SOC/SAMBA_4_0 metze r10863@SERNOX: metze | 2005-10-10 10:34:26 +0200 fix the build metze r10864@SERNOX: metze | 2005-10-10 11:10:08 +0200 remove README file to reduce, diffs to main SAMBA_4_0 branch: metze README: This project was centered around adding a torture test to Samba 4, which used drsuapi_DsGetNCChanges() to retrieve the contents of an Active Directory in the same manner as an Active Directory DC replication event. As the project unfolded, I also applied some changes to the functionality of the libnet library related to joining a machine account to a domain. One of the first things that I implemented in this project was a 'neighbour_writeable' option for the RPC-DRSUAPI torture test. The command line to execute this torture test is as follows: smbtorture --option=drsuapi:neighbour_writeable=True -W <domain name> -U <admin username>%<password> ncacn_ip_tcp:<domain controller dns name> RPC-DRSUAPI This option provides us with runtime control over the DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE flag in the struct drsuapi_DsGetNCChanges.in.req.req<level>.replica_flags, allowing us to easily test for differences in the behaviour of AD replication with the switch on or off. In the course of the project, I also implemented two more flags for the RPC-DSSYNC test. dssync:last_usn takes an integer representing the USN (Universal Serial Number) of the last recieved replication update for a particular partition (uses the domain DN if drsuapi:parition isn't set). That value is passed in the DsGetNCChanges() call so that only info which has been updated since that point in time is returned. If this option is not set, 0 is used by default, and all updates for that partition are returned. dssync:partition takes a string DN and uses that as the name of the AD partition to replicate. Based initially on a patch provided to me by one of my mentors, Stephan (metze) Metzmacher, the RPC-DSSYNC test was implemented for this project. Initially functionality was included to perform a DC join prior to initiating replication, but the code was removed when it was realized that replication could indeed take place without being a member of the domain in any way. It has been recently suggested that we may need a DC join after all to get all of the information we may want from the AD replication. This is probably best added using a torture_join_domain() call once the libnet code is able to keep the user policy handle and SAMR RPC pipe open. The DC join code was taken out of the RPC-DSSYNC and implemented for the most part in the libnet libraries. To test this, the RPC-NETLOGON test was modified to perform a domain join, leave and rejoin. Currently, the test has a fault in that it is unable to leave the domain using the same SAMR RPC pipe and user_policy information as was used for the first join. This is because I was unable to get the code working properly in libnet to provide that functionality. Currently missing from the DC join in libnet is the code to create the CN=NTDS Settings,CN=<DC NETBIOS NAME>,CN=<Site-Name>,CN=Sites,CN=Configuration,<domain DN> container using the dcerpc_drsuapi_DsAddEntry() call. I did not want to implement this functionality in libnet while there were still problems with the code. I also provided the ability in libnet and the RPC-DSSYNC test to look up the proper site name using the cldap library. In my investigations, I was unable to find out any information regarding the UnicodePwd attribute, except that the same password is represented differently for two different users in the same directory. I was also able to resolve and confirm the meaning of some DRSUAPI_ATTRIBUTE ID's. DRSUAPI_OBJECTCLASS_domain (0xA0042) DRSUAPI_OBJECTCLASS_domainDNS (0xA0043) wellKnownObjects (0x9026A) fSMORoleOwner (0x90171) name or dc (0x90001) whenCreated (0x20002) instanceType (0x20001) gPLink (0x9037B) These were added to the IDL for drsuapi (source/librpc/idl/drsuapi.idl). I would like to thank everyone on the Samba team who worked with me and assisted me with this project, specifically all the work done by Stephan Metzmacher, Andrew Bartlett and Jerry Carter. Working on this project with the Samba team really has been a life changing experience, as corny as that sounds. I've realized that I was born to be a systems developer, and it has helped confirm in my mind that Open Source (specifically Samba) development is exactly what i've been missing! I would also like to take this opportunity to thank Chris Dibona and Google for the amazing opportunity. I don't know if I would have taken the leap in other circumstances. I know these notes sound a little rushed, but it is 23:55 after all! :) (This used to be commit 55552b41cbaa8c57a30373a53176e7f3ae945290)
2007-10-10r10807: Make the split-out files actually compile...Andrew Bartlett1-5/+5
Andrew Bartlett (This used to be commit a4282c14d5cf6b5eceb293d657c7cd5eaea89046)
2007-10-10r10804: Move the DRSUAPI cracknames test into a seperate file, and collapseAndrew Bartlett1-1219/+3
the file size by converting it to a table-driven system. Andrew Bartlett (This used to be commit f5499877722d6c4636036325efb75d35aa853cc4)
2007-10-10r10803: Remove a duplicate krbtgt test, and add a test looking for theAndrew Bartlett1-10/+10
'support account'. This shows that we need to be searching on displayName, and probably CN too. Andrew Bartlett (This used to be commit 28194504951af22a76cf26f3de749cb448518bbc)
2007-10-10r10345: Add more add-hock tests.Andrew Bartlett1-0/+107
Andrew Bartlett (This used to be commit e05e87b3fe1dae058e2a3588578d09ea1cfd2142)
2007-10-10r9941: Update the CrackNames test, and provide a much improved server-sideAndrew Bartlett1-41/+98
DRSUAPI CrackNames. We can't pass the full cracknames test until the initial provision is updated, the seperate DomainControllerInfo and canonical names support is added. Andrew Bartlett (This used to be commit ed24d88f0e8c6371acf6638a1c5f2112bc0bf285)
2007-10-10r9878: This is getting a bit out of control, but a few more tests.Andrew Bartlett1-0/+148
Andrew Bartlett (This used to be commit a6597181f62e5b0ec95232a2dd69b5d85de845b8)
2007-10-10r9861: I need to convert this to table-driven, but anyway...Andrew Bartlett1-1/+75
More CrackNames testing Andrew Bartlett (This used to be commit 0913dec6a98e735e5e3157a2fceec94f57dd706c)
2007-10-10r9778: Test for particular error returns, rather than just OK/not OK.Andrew Bartlett1-7/+103
Andrew Bartlett (This used to be commit fccbc15555871059e62bf720f115b2307a171667)
2007-10-10r9733: Test conversion from known sids in CrackNames.Andrew Bartlett1-0/+56
Andrew Bartlett (This used to be commit ad60d4571568d5b3edd98199462812a2f30c36cd)
2007-10-10r9727: A simplier test I can aim at passing when I get the cracknames code done.Andrew Bartlett1-0/+37
Andrew Bartlett (This used to be commit b1b0e26e537677793a92af02464ff1e83fce9610)
2007-10-10r9547: A pile more completeness testing for DsCrackNames.Andrew Bartlett1-14/+143
Andrew Bartlett (This used to be commit 01c4a970ec22b3915b8017da018bd500b4fffcbc)
2007-10-10r9516: Try a full-on matrix test of all the combinations in DRSUAPIAndrew Bartlett1-2/+123
CrackNames. Andrew Bartlett (This used to be commit a82a419579872fc78b02c29972eaf55da22088c1)
2007-10-10r6109: nicer way to handle compression in the torture testStefan Metzmacher1-5/+4
metze (This used to be commit a3cec189e1f5d137ba2f2829def03b060b59f0e2)
2007-10-10r6000: add some notes about the cases where compression (or what ever this is)Stefan Metzmacher1-1/+5
is used, in the reply. metze (This used to be commit 618dadb7ef092af0f2c13c2e67874041f54f4e98)
2007-10-10r5999: ups, remove the testvalue that I used against my w2k3 serverStefan Metzmacher1-1/+1
metze (This used to be commit 3d3e09af16c4f9a6bc8f6ae615f744a04f352ed0)
2007-10-10r5998: I was wrong with the highwater mark...Stefan Metzmacher1-13/+20
I think I now understand how it works:-) metze (This used to be commit f8add2e66a56896d9bb18991091e1b17c29910b1)
2007-10-10r5949: give things more meaning, and reuse structs where it is possibleStefan Metzmacher1-36/+36
to make things more clear metze (This used to be commit adefeeb4f362dba06cddacf6f58194ef1f967ec9)
2007-10-10r5941: Commit this patch much earlier than I would normally prefer, but ↵Andrew Bartlett1-5/+5
metze needs a working tree... The main volume of this patch was what I started working on today: - Cleans up memory handling around DCE/RPC pipes, to have a parent talloc context. - Uses sepereate inner loops for some of the DCE/RPC tests The other and more important part of this patch fixes issues surrounding the new credentials framwork: This makes the struct cli_credentials always a talloc() structure, rather than on the stack. Parts of the cli_credentials code already assumed this. There were other issues, particularly in the DCERPC over SMB handling, as well as little things that had to be tidied up before test_w2k3.sh would start to pass. Andrew Bartlett (This used to be commit 0453f9d05d2e336fba1f85dbf2718d01fa2bf778)
2007-10-10r5830: start to analyse the attribute values, depending on the attribute typeStefan Metzmacher1-3/+26
metze (This used to be commit 63229b9503950847fbecd6ec22171d8c18d7ac91)
2007-10-10r5799: more DsGetNCChanges updates, I'm starting to understand it...Stefan Metzmacher1-16/+94
also add a really simple torture test for DsGetNCChanges metze (This used to be commit bcde67a7eff9ad82919e90fd64c02a17610c6f0e)
2007-10-10r5742: - add torture test and idl for DsReplicaUpdateRefs()Stefan Metzmacher1-5/+65
(the torture test currently only tests if the idl is correct) - add start for idl for DsGetNCChanges() (if someone didn't noticed the current ethereal trunk code can successful decrypt DCERPC and LDAP gsskrb5 encrypted blobs, when you provide a keytab and have compiled against heimdal :-) - add a view bitmaps and enum's for better debugging metze (This used to be commit cf7c1352ab2857b80256e02f70ab3fbd5177d596)
2007-10-10r5308: trimmed back a lot of the old macros from smb_macros.hAndrew Tridgell1-1/+1
(This used to be commit bf43c9bdcf9e654d123f6a2b29feb9189ca9e561)
2007-10-10r5037: got rid of all of the TALLOC_DEPRECATED stuff. My apologies for theAndrew Tridgell1-1/+1
large commit. I thought this was worthwhile to get done for consistency. (This used to be commit ec32b22ed5ec224f6324f5e069d15e92e38e15c0)
2007-10-10r5034: - added a type mapping function in pidl, so the type names in our IDLAndrew Tridgell1-3/+3
files don't need to match the type names in the generated headers - with this type mapping we no longer need definitions for the deprecated "int32", "uint8" etc form of types. We can now force everyone to use the standard types int32_t, uint8_t etc. - fixed all the code that used the deprecated types - converted the IDL types "int64" and "uint64" to "dlong" and "udlong". These are the 4 byte aligned 64 bit integers that Microsoft internally define as two 32 bit integers in a structure. After discussions with Ronnie Sahlberg we decided that calling these "int64" was confusing, as it implied a true 8 byte aligned type - fixed all the cases where we incorrectly used things like "NTTIME_hyper" in our C code. The generated API now uses a NTTIME for those. The fact that it is hyper-aligned on the wire is not relevant to the API, and should remain just a IDL property (This used to be commit f86521677d7ff16bdc4815f9524e5286026f10f3)
2007-10-10r4422: make lp_set_cmdline("torture:dangerous", "Yes") a bool parameterStefan Metzmacher1-2/+2
metze (This used to be commit 19482a2245abbf9154423ca8997957b56333fba2)
2007-10-10r4180: use the same syntax as the other torture testsStefan Metzmacher1-5/+6
metze (This used to be commit 00395ffcc3cc94216619ca827ff6a09b0cc28de1)
2007-10-10r4179: - nicer code layoutStefan Metzmacher1-20/+10
- and disable DsReplicaSync by default it kill lsass.exe on my w2k box metze (This used to be commit 8373b2d4c7decd49a361637e03b24b311aed302c)
2007-10-10r4176: I just remeber that I have already implement STR_CONFORMANTStefan Metzmacher1-6/+2
so use it in DsReplicaSync() metze (This used to be commit ca610da1fc3c059d35e17238e8cac5e5b38790c3)