From c38c2765d1059b33f044a42c6555f3d10d339911 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Thu, 21 Feb 2008 17:17:37 +0100 Subject: Remove yet more uses of global_loadparm. (This used to be commit e01c1e87c0fe9709df7eb5b863f7ce85564174cd) --- source4/torture/rpc/dssync.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source4/torture/rpc') diff --git a/source4/torture/rpc/dssync.c b/source4/torture/rpc/dssync.c index 4417285e04..b28e429a75 100644 --- a/source4/torture/rpc/dssync.c +++ b/source4/torture/rpc/dssync.c @@ -255,7 +255,7 @@ static bool test_GetInfo(struct torture_context *tctx, struct DsSyncTest *ctx) struct drsuapi_DsNameString names[1]; bool ret = true; - struct cldap_socket *cldap = cldap_socket_init(ctx, NULL); + struct cldap_socket *cldap = cldap_socket_init(ctx, NULL, lp_iconv_convenience(tctx->lp_ctx)); struct cldap_netlogon search; r.in.bind_handle = &ctx->admin.drsuapi.bind_handle; -- cgit From 5043215f219f90a899a8dc75518540a04b93301f Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 28 Feb 2008 08:50:00 +1100 Subject: Generate ACB_PW_EXPIRED correctly More correctly handle expired passwords, and do not expire machine accounts. Test that the behaviour is consistant with windows, using the RPC-SAMR test. Change NETLOGON to directly query the userAccountControl, just because we don't want to do the extra expiry processing here. Andrew Bartlett (This used to be commit acda1f69bc9b9c43e157e254d0bae54d11363661) --- source4/torture/rpc/samr.c | 45 +++++++++++++++++++++++++++++++++++++-------- 1 file changed, 37 insertions(+), 8 deletions(-) (limited to 'source4/torture/rpc') diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index 9d6c73891b..1d6ec43399 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -416,11 +416,6 @@ static bool test_SetUserInfo(struct dcerpc_pipe *p, struct torture_context *tctx TEST_USERINFO_INT(21, logon_hours.bits[3], 21, logon_hours.bits[3], 4, SAMR_FIELD_LOGON_HOURS); - if (torture_setting_bool(tctx, "samba4", false)) { - printf("skipping Set Account Flag tests against Samba4\n"); - return ret; - } - TEST_USERINFO_INT_EXP(16, acct_flags, 5, acct_flags, (base_acct_flags | ACB_DISABLED | ACB_HOMDIRREQ), (base_acct_flags | ACB_DISABLED | ACB_HOMDIRREQ | user_extra_flags), @@ -1989,9 +1984,12 @@ static bool test_user_ops(struct dcerpc_pipe *p, const char *base_acct_name, enum torture_samr_choice which_ops) { char *password = NULL; + struct samr_QueryUserInfo q; + NTSTATUS status; bool ret = true; int i; + uint32_t rid; const uint32_t password_fields[] = { SAMR_FIELD_PASSWORD, SAMR_FIELD_PASSWORD2, @@ -1999,6 +1997,11 @@ static bool test_user_ops(struct dcerpc_pipe *p, 0 }; + status = test_LookupName(p, tctx, domain_handle, base_acct_name, &rid); + if (!NT_STATUS_IS_OK(status)) { + ret = false; + } + switch (which_ops) { case TORTURE_SAMR_USER_ATTRIBUTES: if (!test_QuerySecurity(p, tctx, user_handle)) { @@ -2091,6 +2094,29 @@ static bool test_user_ops(struct dcerpc_pipe *p, ret = false; } + q.in.user_handle = user_handle; + q.in.level = 5; + + status = dcerpc_samr_QueryUserInfo(p, tctx, &q); + if (!NT_STATUS_IS_OK(status)) { + printf("QueryUserInfo level %u failed - %s\n", + q.in.level, nt_errstr(status)); + ret = false; + } else { + uint32_t expected_flags = (base_acct_flags | ACB_PWNOTREQ | ACB_DISABLED); + if ((q.out.info->info5.acct_flags) != expected_flags) { + printf("QuerUserInfo level 5 failed, it returned 0x%08x when we expected flags of 0x%08x\n", + q.out.info->info5.acct_flags, + expected_flags); + ret = false; + } + if (q.out.info->info5.rid != rid) { + printf("QuerUserInfo level 5 failed, it returned %u when we expected rid of %u\n", + q.out.info->info5.rid, rid); + + } + } + break; case TORTURE_SAMR_OTHER: /* We just need the account to exist */ @@ -2667,10 +2693,14 @@ static bool test_CreateUser2(struct dcerpc_pipe *p, struct torture_context *tctx q.in.level, nt_errstr(status)); ret = false; } else { - if ((q.out.info->info5.acct_flags & acct_flags) != acct_flags) { + uint32_t expected_flags = (acct_flags | ACB_PWNOTREQ | ACB_DISABLED); + if (acct_flags == ACB_NORMAL) { + expected_flags |= ACB_PW_EXPIRED; + } + if ((q.out.info->info5.acct_flags) != expected_flags) { printf("QuerUserInfo level 5 failed, it returned 0x%08x when we expected flags of 0x%08x\n", q.out.info->info5.acct_flags, - acct_flags); + expected_flags); ret = false; } switch (acct_flags) { @@ -3887,7 +3917,6 @@ static bool test_GroupList(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, for (j=0; j