From 2f39a9fe621a0c80688fe06712bd5b0495ca7e65 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 23 Nov 2004 08:57:42 +0000
Subject: r3920: - it seem that we need to send a magic bind_guid in DsBind()  
 to make DsWriteAccountSpn() work

- add idl and torture test for DsWriteAccountSpn()

metze
(This used to be commit 625826ad9050c68407ae5e8abfee13699986303c)
---
 source4/torture/rpc/drsuapi.c | 90 ++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 89 insertions(+), 1 deletion(-)

(limited to 'source4/torture')

diff --git a/source4/torture/rpc/drsuapi.c b/source4/torture/rpc/drsuapi.c
index 6696d12136..b6b1ddf6dc 100644
--- a/source4/torture/rpc/drsuapi.c
+++ b/source4/torture/rpc/drsuapi.c
@@ -26,6 +26,7 @@
 
 struct DsPrivate {
 	struct policy_handle bind_handle;
+	struct GUID bind_guid;
 	const char *domain_guid_str;
 	struct drsuapi_DsGetDCInfo2 dcinfo;
 };
@@ -37,7 +38,9 @@ static BOOL test_DsBind(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 	struct drsuapi_DsBind r;
 	BOOL ret = True;
 
-	r.in.server_guid = NULL;
+	GUID_from_string(DRSUAPI_DS_BIND_GUID, &priv->bind_guid);
+
+	r.in.bind_guid = &priv->bind_guid;
 	r.in.bind_info = NULL;
 	r.out.bind_handle = &priv->bind_handle;
 
@@ -366,6 +369,8 @@ static BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 		return ret;
 	}
 
+	r.in.req.req1.format_offered	= DRSUAPI_DS_NAME_FORMAT_GUID;
+	r.in.req.req1.format_desired	= DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
 	names[0].str = GUID_string2(mem_ctx, &priv->dcinfo.server_guid);
 
 	printf("testing DsCrackNames with Server GUID '%s' desired format:%d\n",
@@ -388,6 +393,8 @@ static BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 		return ret;
 	}
 
+	r.in.req.req1.format_offered	= DRSUAPI_DS_NAME_FORMAT_GUID;
+	r.in.req.req1.format_desired	= DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
 	names[0].str = GUID_string2(mem_ctx, &priv->dcinfo.ntds_guid);
 
 	printf("testing DsCrackNames with NTDS GUID '%s' desired format:%d\n",
@@ -410,6 +417,30 @@ static BOOL test_DsCrackNames(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 		return ret;
 	}
 
+	r.in.req.req1.format_offered	= DRSUAPI_DS_NAME_FORMAT_GUID;
+	r.in.req.req1.format_desired	= DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
+	names[0].str = GUID_string2(mem_ctx, &priv->bind_guid);
+
+	printf("testing DsCrackNames with NTDS GUID '%s' desired format:%d\n",
+			names[0].str, r.in.req.req1.format_desired);
+
+	status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
+	if (!NT_STATUS_IS_OK(status)) {
+		const char *errstr = nt_errstr(status);
+		if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
+			errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
+		}
+		printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
+		ret = False;
+	} else if (!W_ERROR_IS_OK(r.out.result)) {
+		printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
+		ret = False;
+	}
+
+	if (!ret) {
+		return ret;
+	}
+
 	return ret;
 }
 
@@ -543,6 +574,59 @@ static BOOL test_DsGetDCInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 	return ret;
 }
 
+static BOOL test_DsWriteAccountSpn(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, 
+			struct DsPrivate *priv)
+{
+	NTSTATUS status;
+	struct drsuapi_DsWriteAccountSpn r;
+	struct drsuapi_DsNameString names[2];
+	BOOL ret = True;
+
+	r.in.bind_handle		= &priv->bind_handle;
+	r.in.level			= 1;
+
+	printf("testing DsWriteAccountSpn\n");
+
+	r.in.req.req1.operation	= DRSUAPI_DS_SPN_OPERATION_ADD;
+	r.in.req.req1.unknown1	= 0;
+	r.in.req.req1.object_dn	= priv->dcinfo.computer_dn;
+	r.in.req.req1.count	= 2;
+	r.in.req.req1.spn_names	= names;
+	names[0].str = talloc_asprintf(mem_ctx, "smbtortureSPN/%s",priv->dcinfo.netbios_name);
+	names[1].str = talloc_asprintf(mem_ctx, "smbtortureSPN/%s",priv->dcinfo.dns_name);
+
+	status = dcerpc_drsuapi_DsWriteAccountSpn(p, mem_ctx, &r);
+	if (!NT_STATUS_IS_OK(status)) {
+		const char *errstr = nt_errstr(status);
+		if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
+			errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
+		}
+		printf("dcerpc_drsuapi_DsWriteAccountSpn failed - %s\n", errstr);
+		ret = False;
+	} else if (!W_ERROR_IS_OK(r.out.result)) {
+		printf("DsWriteAccountSpn failed - %s\n", win_errstr(r.out.result));
+		ret = False;
+	}
+
+	r.in.req.req1.operation	= DRSUAPI_DS_SPN_OPERATION_DELETE;
+	r.in.req.req1.unknown1	= 0;
+
+	status = dcerpc_drsuapi_DsWriteAccountSpn(p, mem_ctx, &r);
+	if (!NT_STATUS_IS_OK(status)) {
+		const char *errstr = nt_errstr(status);
+		if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
+			errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
+		}
+		printf("dcerpc_drsuapi_DsWriteAccountSpn failed - %s\n", errstr);
+		ret = False;
+	} else if (!W_ERROR_IS_OK(r.out.result)) {
+		printf("DsWriteAccountSpn failed - %s\n", win_errstr(r.out.result));
+		ret = False;
+	}
+
+	return ret;
+}
+
 static BOOL test_DsUnbind(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, 
 			struct DsPrivate *priv)
 {
@@ -605,6 +689,10 @@ BOOL torture_rpc_drsuapi(void)
 		ret = False;
 	}
 
+	if (!test_DsWriteAccountSpn(p, mem_ctx, &priv)) {
+		ret = False;
+	}
+
 	if (!test_DsUnbind(p, mem_ctx, &priv)) {
 		ret = False;
 	}
-- 
cgit