From 051eb0b575d715e5b7bbd03a201aa88167ccee4f Mon Sep 17 00:00:00 2001 From: Matthias Dieter Wallnöfer Date: Wed, 3 Mar 2010 12:01:40 +0100 Subject: s4:torture/rpc/samr - enhance the "EnumDomainGroups" test regarding universal groups Find the "Enterprise Admins" group which does exist on s4 and Windows directories and is always per default universal. Test this only when the target is set to s4 (s3 deployments don't contain this group). If the number of returned objects is "0" (count) then we are likely testing the builtin domain of an AD deployment.Then we ignore the inexistent "Enterprise Admins" group. I didn't enhance the test for "QueryDomainInfo" since this does itself a comparison of all returned objects with the "EnumDomainGroups" call. Therefore if the latter passes, and the "QueryDomainInfo" test passes also the "QueryDomainInfo" call is okay regarding groups. --- source4/torture/rpc/samr.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'source4') diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index 3620211bae..d3621e4a30 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -5921,6 +5921,7 @@ static bool test_EnumDomainGroups_all(struct dcerpc_pipe *p, uint32_t num_entries = 0; int i; bool ret = true; + bool universal_group_found = false; torture_comment(tctx, "Testing EnumDomainGroups\n"); @@ -5945,6 +5946,20 @@ static bool test_EnumDomainGroups_all(struct dcerpc_pipe *p, if (!test_OpenGroup(p, tctx, handle, sam->entries[i].idx)) { ret = false; } + if ((ret == true) && (strcasecmp(sam->entries[i].name.string, + "Enterprise Admins") == 0)) { + universal_group_found = true; + } + } + + /* when we are running this on s4 we should get back at least the + * "Enterprise Admins" universal group. If we don't get a group entry + * at all we probably are performing the test on the builtin domain. + * So ignore this case. */ + if (torture_setting_bool(tctx, "samba4", false)) { + if ((sam->count > 0) && (!universal_group_found)) { + ret = false; + } } return ret; -- cgit