summaryrefslogtreecommitdiff
path: root/source4/torture/rpc
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r11205: Another test for cracknames.Andrew Bartlett1-1/+10
Andrew Bartlett (This used to be commit 3810282a24b8aea36627f43321e76f34057e3135)
2007-10-10r11187: in case the msDS-KeyVersionNumber is replicated (I didn't assume ↵Stefan Metzmacher1-0/+3
this...) show the string in the debug output, and show it with --option="dssync:print_pwd_blobs=yes" metze (This used to be commit 98c1e8e3df90c05691a12bb25357fd75da419c5c)
2007-10-10r11185: - resolve attid for "supplementalCredentials" into a nameStefan Metzmacher1-0/+3
- print "supplementalCredentials" also when --option="dssync:print_pwd_blobs=yes" is used abartlet: this field may contain the krb5 keys... metze (This used to be commit 26c69348ca3ae10128df9832f8b4d9c1024631e2)
2007-10-10r10991: - create always a valid bind_info28 blocks, so that we don't need to ↵Stefan Metzmacher1-45/+100
work with unions in the main code - loop also in level 1,2 replies metze (This used to be commit c3276bd169961d04f2bd541e6b73ee40df016c3d)
2007-10-10r10988: print out the password blobs, withStefan Metzmacher1-0/+57
--option="dssync:print_pwd_blobs=yes" metze (This used to be commit b06de6d39cd21d5096e4041e218370263d8096b0)
2007-10-10r10986: loop also when we use mszip compressionStefan Metzmacher1-4/+17
metze (This used to be commit e32488667c59c30d66528e8fa31c55037f36cd01)
2007-10-10r10953: Add a new function to form a canonicalName out of a DN to ldb_dn.cAndrew Bartlett1-62/+34
Use this new function in the client and server for the CrackNames case, where we particularly need it. Andrew Bartlett (This used to be commit 380037ee09ef8293bdb288d6c015e7c80f180a30)
2007-10-10r10950: More cracknames variations (including expected values) than you canAndrew Bartlett1-16/+76
poke a stick at... Andrew Bartlett (This used to be commit e4b21300304f8c66c81fa0d15198c640d87db68e)
2007-10-10r10871: make xpress compression choosable, by --option="dssync:xpress=yes",Stefan Metzmacher1-1/+29
default is to not use it, as it's currently not supported metze (This used to be commit 2fb79e24228a47edcb7e1e12fb73def523b0400b)
2007-10-10r10865: merge branches/SOC/SAMBA_4_0 into main the main SAMBA_4_0 treeStefan Metzmacher2-4/+418
metze r8017@SERNOX: metze | 2005-06-30 13:44:23 +0200 create the SAMBA_4_0 branch for the Summer Of Code Project metze r8730@SERNOX: brad | 2005-07-24 03:09:48 +0200 Branching Samba 4 r8731@SERNOX: brad | 2005-07-24 06:39:00 +0200 added 'make installmisc' to howto.txt added existing 'compression' option to level8 drsuapi torture test added new 'neighbour_writeable' option to level8 drsuapi torture test r8732@SERNOX: brad | 2005-07-24 06:42:38 +0200 added metze's dssync patch as source/torture/rpc/dssync.c r8739@SERNOX: brad | 2005-07-25 00:24:46 +0200 added a test called RPC-DSSYNC to config.mk hacking at dssync.c in an attempt to make it compile r8754@SERNOX: brad | 2005-07-25 15:19:21 +0200 Changing dssync.c to use ldb routines for accessing ldap rather than raw ldap calls. r8765@SERNOX: brad | 2005-07-26 03:35:38 +0200 more ldb changes to test_CompleteJoin(), it mostly kind of almost works now! r8766@SERNOX: brad | 2005-07-26 03:56:00 +0200 Trying to fix the crazy nesting in the branch r8769@SERNOX: brad | 2005-07-26 04:48:29 +0200 merging latest changes r8770@SERNOX: brad | 2005-07-26 04:53:43 +0200 removing nested branch r8793@SERNOX: jerry | 2005-07-27 05:04:57 +0200 merging on of Brad missing changes from the nested 4.0 branch debacle r8794@SERNOX: jerry | 2005-07-27 05:14:42 +0200 syncing up with the main 4_0 branch for Brad r8842@SERNOX: brad | 2005-07-29 00:26:30 +0200 merging changes from branches/SAMBA_4_0 r8850@SERNOX: brad | 2005-07-29 21:07:57 +0200 Bringing my tree up to date r8851@SERNOX: brad | 2005-07-30 00:48:04 +0200 making dssync.c more ldb-centric, reverted samlogon.c from rev. 8845 to get my branch to compile again. r8856@SERNOX: brad | 2005-07-30 03:20:33 +0200 I think I have the ldb code down in test_CompleteJoin (not complete yet though) r8860@SERNOX: brad | 2005-07-30 07:08:13 +0200 Changed comments to C style /**/ (thanks Richard), some more changes to test_CompleteJoin(). r8862@SERNOX: brad | 2005-07-31 04:45:32 +0200 Bringing the SOC/SAMBA_4_0 branch up to date. r8863@SERNOX: brad | 2005-07-31 20:00:41 +0200 Updated some missing files from the branch r8864@SERNOX: brad | 2005-07-31 20:25:50 +0200 Removing autogenerated files from branch r8865@SERNOX: brad | 2005-07-31 20:43:58 +0200 last of the unneeded files in SOC/SAMBA_4_0 r9004@SERNOX: brad | 2005-08-03 18:51:23 +0200 r5214@buttercup: j0j0 | 2005-08-03 10:44:30 -0600 r@buttercup: j0j0 | 2005-08-02 22:54:13 -0600 creating a local branch of branches/SAMBA_4_0 r9013@SERNOX: brad | 2005-08-03 20:57:48 +0200 r5228@buttercup: j0j0 | 2005-08-03 13:00:11 -0600 Fixing differences between this branch and /branches/SAMBA_4_0 r9014@SERNOX: brad | 2005-08-03 21:18:05 +0200 r5231@buttercup: j0j0 | 2005-08-03 13:23:12 -0600 Updating config.mk so that smbtorture builds again r9061@SERNOX: brad | 2005-08-04 18:17:36 +0200 r5249@buttercup: j0j0 | 2005-08-03 21:01:02 -0600 Start using libnet_Join() for DC join. r9062@SERNOX: brad | 2005-08-04 18:17:47 +0200 r5250@buttercup: j0j0 | 2005-08-04 10:21:34 -0600 Some more work towards performing a dc join. r9064@SERNOX: brad | 2005-08-04 18:53:51 +0200 r5253@buttercup: j0j0 | 2005-08-04 10:53:00 -0600 Fixed a bug (passing a TALLOC_CTX to libnet_context_init() ) r9069@SERNOX: brad | 2005-08-04 21:59:55 +0200 r5279@buttercup: j0j0 | 2005-08-04 14:04:55 -0600 Some more work on the domain join r9117@SERNOX: brad | 2005-08-05 16:50:26 +0200 r5281@buttercup: j0j0 | 2005-08-05 08:55:58 -0600 Committing minor changes before merge r9180@SERNOX: brad | 2005-08-07 17:25:25 +0200 r5314@buttercup: j0j0 | 2005-08-07 09:30:12 -0600 Reworked libnet_join to use two join levels, AUTOMATIC and SPECIFIED. r9181@SERNOX: brad | 2005-08-07 17:25:36 +0200 r5315@buttercup: j0j0 | 2005-08-07 09:31:22 -0600 Working with libnet_Join(), code cleanup needed in the near future. r9192@SERNOX: brad | 2005-08-07 21:40:22 +0200 r5373@buttercup: j0j0 | 2005-08-07 13:46:09 -0600 Some code cleanup to make things a little more readable. r9249@SERNOX: brad | 2005-08-12 01:31:48 +0200 r5375@buttercup: j0j0 | 2005-08-11 17:38:44 -0600 Split libnet_JoinDomain() into libnet_JoinDomain() and libnet_JoinADSDomain(). r9256@SERNOX: brad | 2005-08-12 04:55:11 +0200 r5413@buttercup: j0j0 | 2005-08-11 21:02:27 -0600 Clean up libnet_JoinADSDomain() a little, added a comment to the test_join struct. r9314@SERNOX: brad | 2005-08-16 03:53:20 +0200 r5436@buttercup: j0j0 | 2005-08-15 20:01:21 -0600 libnet_JoinDomain() should honour LIBNET_JOIN_TORTURE now. torture_join_domain() should properly use libnet_JoinDomain(). dssync.c uses torture_join_domain() again. r9351@SERNOX: brad | 2005-08-17 07:15:31 +0200 r5438@buttercup: j0j0 | 2005-08-16 23:23:58 -0600 Removed LIBNET_JOIN_TORTURE level, as it became unnecessary once libnet_Join_primary_domain() handled netbios names better. Corrected libnet_JoinDomain() and libnet_JoinADSDomain(). r9352@SERNOX: brad | 2005-08-17 07:24:49 +0200 r5440@buttercup: j0j0 | 2005-08-16 23:33:25 -0600 Fixed a typo. r9354@SERNOX: metze | 2005-08-17 10:28:25 +0200 remove object files from svn metze r9376@SERNOX: brad | 2005-08-18 05:15:48 +0200 r5476@buttercup: j0j0 | 2005-08-17 21:24:33 -0600 Proof that I shouldn't code when i'm tired (silly bugfixes). r9405@SERNOX: brad | 2005-08-19 22:50:10 +0200 r5500@buttercup: j0j0 | 2005-08-19 14:56:25 -0600 Get dssync.c compiling again after merge (ldb_dn changes from rev. 9391). r9407@SERNOX: brad | 2005-08-20 03:22:42 +0200 r5502@buttercup: j0j0 | 2005-08-19 19:28:22 -0600 libnet/libnet_join.c Some more fixes so ldb uses ldb_dn's. torture/rpc/dssync.c Some debugging printf()'s. ldb_dn fixes. torture/rpc/testjoin.c Change torture_join_domain() to use libnet_JoinDomain() rather than libnet_Join(). Some more debugging statements. I'm not sure why, but GUID_all_zero(user_handle.uuid) is returning true in torture_leave_domain() when called it from torture_destroy_context() in torture/rpc/dssync.c. That's what i'm working out now. r9427@SERNOX: brad | 2005-08-20 18:38:29 +0200 r5504@buttercup: j0j0 | 2005-08-20 10:44:52 -0600 Some bugfixes. Removed a bunch of debugging code. torture_leave_domain() works again! not 100% perfect yet though... r9428@SERNOX: brad | 2005-08-20 19:09:26 +0200 r5506@buttercup: j0j0 | 2005-08-20 11:15:54 -0600 Restructure torture_join_domain() so that it joins itself, removes itself, and joins itself to the domain again to ensure that its account information is all current and as expected. r9452@SERNOX: brad | 2005-08-21 19:33:51 +0200 r5508@buttercup: j0j0 | 2005-08-21 11:40:36 -0600 Bugfixes, trying to get things straight between contexts. r9467@SERNOX: brad | 2005-08-22 04:00:48 +0200 r5510@buttercup: j0j0 | 2005-08-21 20:06:55 -0600 Another round of bugfixing. r9521@SERNOX: brad | 2005-08-23 15:26:44 +0200 r5596@buttercup: j0j0 | 2005-08-23 07:33:06 -0600 Merging changes r9524@SERNOX: metze | 2005-08-23 16:09:42 +0200 - fix the build caused by changes in the main samba4 tree, - add an option "dssync:german=yes" to allow me to run against my german w2k3 server this should be replaces by CLDAP calls to get the Default-First-Site-Name dynamicly - remove some temporary comments, as DsAddEntry works now metze r9528@SERNOX: metze | 2005-08-23 18:22:22 +0200 the RPC-DSSYNC test is now able to fetch the whole tree, including the unicodePwd, ntPwdHistory fields metze r9559@SERNOX: brad | 2005-08-24 04:11:47 +0200 r5612@buttercup: j0j0 | 2005-08-23 20:19:12 -0600 Some fixes around using talloc in a hierarchical fashion. Still not right, but better. r9564@SERNOX: brad | 2005-08-24 05:43:11 +0200 r5614@buttercup: j0j0 | 2005-08-23 21:50:38 -0600 Gave libnet_JoinADSDomain() its own tmp_ctx rather than passing it from libnet_JoinDomain() as a parameter (yuk). As a side effect, it proves that my bug lies in libnet_JoinDomain(), not libnet_JoinADSDomain(). r9565@SERNOX: brad | 2005-08-24 06:09:46 +0200 r5616@buttercup: j0j0 | 2005-08-23 22:17:12 -0600 Small fix, if r->out.error_string and r2->samr_handle.out.error_string weren't set to NULL, torture_join_domain() would segfault on the second join. r9630@SERNOX: brad | 2005-08-26 06:42:50 +0200 Commented out the parts of the dssync test which perform the dc join and create/remove associated ldap entries. Commented out the test for the 'german' dssync option, because now we detect the Site-Name using CLDAP. If cldap_netlogon() does not return ok, the code defaults to 'Default-First-Site-Name'. r9670@SERNOX: brad | 2005-08-27 02:30:11 +0200 Added a patch from metze. To showcase what i've learned today, i've created two new parameters which can be set at runtime, drsuapi:last_usn and drsuapi:partition. drsuapi:last_usn takes an integer representing the USN of the last recieved replication update for a particular partition (uses the domain dn if drsuapi:parition isn't set). That value is passed in the DsGetNCChanges() call so that only info which has been updated since that point in time is returned. If this option is not set, 0 is used by default, and all updates for that partition are returned. drsuapi:partition takes a string dn and uses that as the name of the AD partition to replicate. Some debugging output was also added. r9723@SERNOX: brad | 2005-08-29 01:07:51 +0200 Added some copyright notices. Changed some things in net_join.c to try and figure out why 'net join <domain> bdc' segfaults. It occurs when the last talloc_free() happens, so i'm sure it's something to do with the memory fiddling i'm doing in libnet_join. Added some drsuapi attribute ids that I figured out today. I put some (many, dry) notes together while doing that, so i'll try to put them up on a blog at samba.org a little later tonight. r9740@SERNOX: metze | 2005-08-29 16:58:03 +0200 fix up the DsGetNCchanges loop, and remove misleading comments metze r9743@SERNOX: metze | 2005-08-29 17:26:45 +0200 make the logic a bit clearer metze r9815@SERNOX: brad | 2005-08-31 02:36:21 +0200 Added cldap_netlogon() AD Site-Name lookup into libnet/libnet_join.c. Bugfixing rampage in libnet_join.c to resolve misunderstanding of talloc_steal(). libnet_join now creates the CN=<netbios name>,CN=Servers,CN=<site name>,CN=Sites,CN=Configuration,<domain dn> container on a dc join. r9858@SERNOX: brad | 2005-09-01 03:17:17 +0200 Removed extraneous NDR_ALL subsystem requirement from torture/config.mk. Added lots of error checking as per metze's advice. Removed commented out code. More bug chasing. r9863@SERNOX: brad | 2005-09-01 05:53:19 +0200 Cleaned up dssync.c, removed the unneeded DsCrackNames() call, removed DC join/leave related stuff. It no longer looks like my house does! r9887@SERNOX: metze | 2005-09-01 11:34:03 +0200 - fix dssync:highest_usn parameter handling - ask for LINKED_ATTRIBUTE replication metze r9891@SERNOX: metze | 2005-09-01 14:13:18 +0200 make the code more readable, and fix a few bugs metze r9911@SERNOX: brad | 2005-09-01 20:36:27 +0200 Bugfixes in libnet_join.c. Cleaned up comments. Added domain_dn_str and account_dn_str to struct libnet_JoinDomain. Removed struct dcerpc_pipe *samr_pipe and struct policy_handle user_handle from struct libnet_Join. r9920@SERNOX: brad | 2005-09-01 23:34:13 +0200 Added disclaimer (I can't seem to get libnet_JoinDomain() to keep the samr_pipe and u_handle open past the function call, grrrr....). r9921@SERNOX: brad | 2005-09-01 23:37:54 +0200 Added copyright statement. Cleaned up unneeded variables from torture_join_domain(). r9932@SERNOX: brad | 2005-09-02 01:49:42 +0200 Really rushed project notes. r10841@SERNOX: metze | 2005-10-08 20:01:45 +0200 remove diff to main SAMBA_4_0 branch metze r10862@SERNOX: metze | 2005-10-10 10:31:52 +0200 remove the differences between SAMBA_4_0 and SOC/SAMBA_4_0 metze r10863@SERNOX: metze | 2005-10-10 10:34:26 +0200 fix the build metze r10864@SERNOX: metze | 2005-10-10 11:10:08 +0200 remove README file to reduce, diffs to main SAMBA_4_0 branch: metze README: This project was centered around adding a torture test to Samba 4, which used drsuapi_DsGetNCChanges() to retrieve the contents of an Active Directory in the same manner as an Active Directory DC replication event. As the project unfolded, I also applied some changes to the functionality of the libnet library related to joining a machine account to a domain. One of the first things that I implemented in this project was a 'neighbour_writeable' option for the RPC-DRSUAPI torture test. The command line to execute this torture test is as follows: smbtorture --option=drsuapi:neighbour_writeable=True -W <domain name> -U <admin username>%<password> ncacn_ip_tcp:<domain controller dns name> RPC-DRSUAPI This option provides us with runtime control over the DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE flag in the struct drsuapi_DsGetNCChanges.in.req.req<level>.replica_flags, allowing us to easily test for differences in the behaviour of AD replication with the switch on or off. In the course of the project, I also implemented two more flags for the RPC-DSSYNC test. dssync:last_usn takes an integer representing the USN (Universal Serial Number) of the last recieved replication update for a particular partition (uses the domain DN if drsuapi:parition isn't set). That value is passed in the DsGetNCChanges() call so that only info which has been updated since that point in time is returned. If this option is not set, 0 is used by default, and all updates for that partition are returned. dssync:partition takes a string DN and uses that as the name of the AD partition to replicate. Based initially on a patch provided to me by one of my mentors, Stephan (metze) Metzmacher, the RPC-DSSYNC test was implemented for this project. Initially functionality was included to perform a DC join prior to initiating replication, but the code was removed when it was realized that replication could indeed take place without being a member of the domain in any way. It has been recently suggested that we may need a DC join after all to get all of the information we may want from the AD replication. This is probably best added using a torture_join_domain() call once the libnet code is able to keep the user policy handle and SAMR RPC pipe open. The DC join code was taken out of the RPC-DSSYNC and implemented for the most part in the libnet libraries. To test this, the RPC-NETLOGON test was modified to perform a domain join, leave and rejoin. Currently, the test has a fault in that it is unable to leave the domain using the same SAMR RPC pipe and user_policy information as was used for the first join. This is because I was unable to get the code working properly in libnet to provide that functionality. Currently missing from the DC join in libnet is the code to create the CN=NTDS Settings,CN=<DC NETBIOS NAME>,CN=<Site-Name>,CN=Sites,CN=Configuration,<domain DN> container using the dcerpc_drsuapi_DsAddEntry() call. I did not want to implement this functionality in libnet while there were still problems with the code. I also provided the ability in libnet and the RPC-DSSYNC test to look up the proper site name using the cldap library. In my investigations, I was unable to find out any information regarding the UnicodePwd attribute, except that the same password is represented differently for two different users in the same directory. I was also able to resolve and confirm the meaning of some DRSUAPI_ATTRIBUTE ID's. DRSUAPI_OBJECTCLASS_domain (0xA0042) DRSUAPI_OBJECTCLASS_domainDNS (0xA0043) wellKnownObjects (0x9026A) fSMORoleOwner (0x90171) name or dc (0x90001) whenCreated (0x20002) instanceType (0x20001) gPLink (0x9037B) These were added to the IDL for drsuapi (source/librpc/idl/drsuapi.idl). I would like to thank everyone on the Samba team who worked with me and assisted me with this project, specifically all the work done by Stephan Metzmacher, Andrew Bartlett and Jerry Carter. Working on this project with the Samba team really has been a life changing experience, as corny as that sounds. I've realized that I was born to be a systems developer, and it has helped confirm in my mind that Open Source (specifically Samba) development is exactly what i've been missing! I would also like to take this opportunity to thank Chris Dibona and Google for the amazing opportunity. I don't know if I would have taken the leap in other circumstances. I know these notes sound a little rushed, but it is 23:55 after all! :) (This used to be commit 55552b41cbaa8c57a30373a53176e7f3ae945290)
2007-10-10r10847: Fix up new 'decrypt samlogon reply' routine to be more robust, and useAndrew Bartlett1-57/+19
it in the RPC-SAMLOGON test. Andrew Bartlett (This used to be commit 675b7df2eedbcb7ea89c0411f76429d8e2357222)
2007-10-10r10807: Make the split-out files actually compile...Andrew Bartlett2-7/+7
Andrew Bartlett (This used to be commit a4282c14d5cf6b5eceb293d657c7cd5eaea89046)
2007-10-10r10806: Add missing file.Andrew Bartlett1-0/+35
(This used to be commit 9becd2c0d6ed8fe6de4b8bca0f2290f81fea28f7)
2007-10-10r10805: Move RPC-SAMLOGON to C99 initialisationAndrew Bartlett1-97/+97
Andrew Bartlett (This used to be commit 0f994275ce5d84bdb746524c5da7d9661fbadb63)
2007-10-10r10804: Move the DRSUAPI cracknames test into a seperate file, and collapseAndrew Bartlett2-1219/+718
the file size by converting it to a table-driven system. Andrew Bartlett (This used to be commit f5499877722d6c4636036325efb75d35aa853cc4)
2007-10-10r10803: Remove a duplicate krbtgt test, and add a test looking for theAndrew Bartlett1-10/+10
'support account'. This shows that we need to be searching on displayName, and probably CN too. Andrew Bartlett (This used to be commit 28194504951af22a76cf26f3de749cb448518bbc)
2007-10-10r10800: IndentAndrew Bartlett1-2/+2
(This used to be commit 057cede8b44e1b53f5d94a7270e9b6a90d50de4c)
2007-10-10r10764: To match Win2k3 SP1, we need to set an anonymous user token forAndrew Bartlett1-2/+2
schannel connections. Test for Win2k3 SP1 behaviour in RPC-SCHANNEL. Andrew Bartlett (This used to be commit 1c3911374ec65e4770c2fe9109d7b7d3ecd99f6a)
2007-10-10r10763: PROOF of the single, easily understood cause of all of our schannel ↵Andrew Bartlett1-4/+87
PAIN! This test currently passes against Win2k3 SP0, but not SP1. The problem was not a convoluted series of changes in policy handles, but a simple rule that schannel logins would be regarded as ANONYMOUS not SYSTEM. Andrew Bartlett (This used to be commit e843a7fcba496b91b014ec1bff2f2dfb2a2fcdb1)
2007-10-10r10703: Add a new user account, change the password and test it in the ↵Andrew Bartlett2-44/+135
SAMLOGON test. The semantics for the user account are very odd, the old password is still valid, but the session keys appear to be blanked out. Andrew Bartlett (This used to be commit bbfaf4821d81116efa91313655acb75d6f577953)
2007-10-10r10702: Fix a silly error that caused a rejoin/delete in the torture code to ↵Andrew Bartlett1-2/+2
fault... Andrew Bartlett (This used to be commit 0fa6d040f287dbf6b0588e3507d53037a04f85d4)
2007-10-10r10697: Change the torture join code to return a credentials structure, asAndrew Bartlett5-57/+69
that is what most of the callers want anyway. Remove and re-add the account for the torture case, rather than just modify it. Test with a user account (needs work to change the password). Andrew Bartlett (This used to be commit 38bebef02454164cbe882347d80e03abee656205)
2007-10-10r10564: Make the RPC-SCHANNEL test use the libnet_join code via ↵Andrew Bartlett2-4/+32
torture_join_domain Handle error cases in torture_create_testuser, where we can't connect to the target server (we were segfaulting due to an untested error path). Andrew Bartlett (This used to be commit 7afe14becbcfa8742740431884f9de92b72ed3e1)
2007-10-10r10563: a null 'join' is a no-op.Andrew Bartlett1-0/+3
Andrew Bartlett (This used to be commit cd70e8baf5bccfd11ade342f6692ea7f7bf2eef4)
2007-10-10r10528: Add credentials.h back into includes.h as some compilers don'tJelmer Vernooij3-3/+0
seem to be able to handle incomplete enum types. (This used to be commit 540155fad3c8e3d79fb631bb3f14273f82130a73)
2007-10-10r10510: Decrease the amount of data included by includes.h a bitJelmer Vernooij3-0/+3
(This used to be commit 03647e1321cf6c9bd6ced3945265f635e9468973)
2007-10-10r10488: (Missing file from previous commit, adding a new RPC-JOIN test)Andrew Bartlett1-0/+43
This is a merge of Brad Henry's 'net join' rework, to better perform an ADS join, particularly as a DC. This represents the bulk of his Google SOC work, and I'm very pleased to intergrate it into the tree. (Metze will intergrate the DRSUAPI work later). Both metze and myself have also put a lot of time into this patch, and in mentoring Brad in general. In return, Brad has been a very good student, and has taken the comments well. Since it's last appearance on samba-technical@, I have made correctness and valgrind fixups, as well as adding a new 'BINDING' mode to the libnet_rpc routines. This allows the exact binding string to be passed down from the torture code, including options and exact target host. (This used to be commit ab20533e7db9e64c8fb5e7f971ab5d3a040e00ab)
2007-10-10r10486: This is a merge of Brad Henry's 'net join' rework, to better performAndrew Bartlett2-15/+136
an ADS join, particularly as a DC. This represents the bulk of his Google SOC work, and I'm very pleased to intergrate it into the tree. (Metze will intergrate the DRSUAPI work later). Both metze and myself have also put a lot of time into this patch, and in mentoring Brad in general. In return, Brad has been a very good student, and has taken the comments well. Since it's last appearance on samba-technical@, I have made correctness and valgrind fixups, as well as adding a new 'BINDING' mode to the libnet_rpc routines. This allows the exact binding string to be passed down from the torture code, including options and exact target host. Andrew Bartlett (This used to be commit d6fa105fdabbeb83a9b0e50dad49d1649afdb2a4)
2007-10-10r10440: Start passing against Win2k3 SP1 again, with the NTLMv2 changesAndrew Bartlett1-1/+1
described on the list. I probably need to write more specific NTLMv2 sucess and failure mode tests. Andrew Bartlett (This used to be commit c4d608734a98277b1f761142eb3f89086b539847)
2007-10-10r10402: Make the RPC-SAMLOGON test pass against Win2k3 SP0 again.Andrew Bartlett3-133/+235
I still have issues with Win2k3 SP1, and Samba4 doesn't pass it's own test for the moment, but I'm working on these issues :-) This required a change to the credentials API, so that the special case for NTLM logins using a principal was indeed handled as a special, not general case. Also don't set the realm from a ccache, as then it overrides --option=realm=. Andrew Bartlett (This used to be commit 194e8f07c0cb4685797c5a7a074577c62dfdebe3)
2007-10-10r10345: Add more add-hock tests.Andrew Bartlett1-0/+107
Andrew Bartlett (This used to be commit e05e87b3fe1dae058e2a3588578d09ea1cfd2142)
2007-10-10r10255: Fix some more 64-bit warnings.Tim Potter1-2/+2
(This used to be commit f4f9337619f7793f5ad23fcb59a8e8751941fec6)
2007-10-10r9941: Update the CrackNames test, and provide a much improved server-sideAndrew Bartlett1-41/+98
DRSUAPI CrackNames. We can't pass the full cracknames test until the initial provision is updated, the seperate DomainControllerInfo and canonical names support is added. Andrew Bartlett (This used to be commit ed24d88f0e8c6371acf6638a1c5f2112bc0bf285)
2007-10-10r9888: add IDL for lsa_QueryDomainInformationPolicy to query Kerberos Settings.Günther Deschner1-0/+33
Guenther (This used to be commit d717e878bdc05b06adcc50c3527c339be8164145)
2007-10-10r9878: This is getting a bit out of control, but a few more tests.Andrew Bartlett1-0/+148
Andrew Bartlett (This used to be commit a6597181f62e5b0ec95232a2dd69b5d85de845b8)
2007-10-10r9861: I need to convert this to table-driven, but anyway...Andrew Bartlett1-1/+75
More CrackNames testing Andrew Bartlett (This used to be commit 0913dec6a98e735e5e3157a2fceec94f57dd706c)
2007-10-10r9792: Rename StrCaseCmp -> strcasecmp_m. All these years I was thinkingJelmer Vernooij1-4/+4
StrCaseCmp was sys_strcasecmp, while it is in fact strcasecmp_m! (This used to be commit 200a8f6652cb2de7a8037a7a4c2a204b50aee2b1)
2007-10-10r9778: Test for particular error returns, rather than just OK/not OK.Andrew Bartlett1-7/+103
Andrew Bartlett (This used to be commit fccbc15555871059e62bf720f115b2307a171667)
2007-10-10r9733: Test conversion from known sids in CrackNames.Andrew Bartlett1-0/+56
Andrew Bartlett (This used to be commit ad60d4571568d5b3edd98199462812a2f30c36cd)
2007-10-10r9728: A *major* update to the credentials system, to incorporate theAndrew Bartlett3-8/+8
Kerberos CCACHE into the system. This again allows the use of the system ccache when no username is specified, and brings more code in common between gensec_krb5 and gensec_gssapi. It also has a side-effect that may (or may not) be expected: If there is a ccache, even if it is not used (perhaps the remote server didn't want kerberos), it will change the default username. Andrew Bartlett (This used to be commit 6202267f6ec1446d6bd11d1d37d05a977bc8d315)
2007-10-10r9727: A simplier test I can aim at passing when I get the cracknames code done.Andrew Bartlett1-0/+37
Andrew Bartlett (This used to be commit b1b0e26e537677793a92af02464ff1e83fce9610)
2007-10-10r9578: fixed an endless loop and memory leak in the QueryMultipleValues testAndrew Tridgell1-3/+5
(This used to be commit ba909a64e92e9b2d2c8fd02fc9e9e0e7aa49dd0a)
2007-10-10r9575: more automatic cleanup code in winreg testAndrew Tridgell1-2/+7
(This used to be commit 0e30c80a53af45ee9112513c02a6a231e8b1a133)
2007-10-10r9574: - made the sec_info fields in lsa and samr use a IDL bitmapAndrew Tridgell1-125/+130
- fixed winreg_GetKeySecurity() to use a sec_info field correctly - simplied the winreg torture code, removing the separate opens for each hive - added torture cleanup code in winreg test - added 'create with security descriptor' in the winreg torture test (This used to be commit f20695decd587f7b6bbdbd4861441bd19ab85078)
2007-10-10r9567: fixed the winreg IDL for CreateKey, including a securityAndrew Tridgell1-7/+22
descriptor. To keep it simple I just use normal IDL buffers for now, avoiding the complex methods metze used in spoolss. We might change that later Also added decoding of the security_descriptor in winreg_GetKeySecurity() in smbtorture (This used to be commit 439f34a9621e2e96329c30cfed8d78b8fdfbd8a2)
2007-10-10r9547: A pile more completeness testing for DsCrackNames.Andrew Bartlett1-14/+143
Andrew Bartlett (This used to be commit 01c4a970ec22b3915b8017da018bd500b4fffcbc)
2007-10-10r9516: Try a full-on matrix test of all the combinations in DRSUAPIAndrew Bartlett1-2/+123
CrackNames. Andrew Bartlett (This used to be commit a82a419579872fc78b02c29972eaf55da22088c1)
2007-10-10r9422: Include crypto.h header.Andrew Bartlett1-0/+1
Andrew Bartlett (This used to be commit 340955220443533cc70dcb0ef9bae4815f30e6c5)
2007-10-10r9391: Convert all the code to use struct ldb_dn to ohandle ldap like ↵Simo Sorce1-2/+2
distinguished names Provide more functions to handle DNs in this form (This used to be commit 692e35b7797e39533dd2a1c4b63d9da30f1eb5ba)
2007-10-10r9338: fixed the winreg IDL to be correct for the EnumKey and EnumValueAndrew Tridgell1-21/+26
calls. The previous IDL was just a workaround for the limitations of our older rpc infrastructure. Now that Jelmer has added much improved string support using the charset keyword we can correctly implemenent the unusual winreg string buffers. Jelmer, note the little comment I put on winreg_StringBuf() about why I couldn't use [value()] for the length field. This also fixes EnumKey() and EnumValue() to use NTTIME fields for the last_changed_time. I don't know why we were using a pair of uint32's, as it is just a NTTIME. (This used to be commit 8354b016122cc4f3cff042b3ada1de07e1614eb7)