From 835d231cee5761e159bf7f4bb65eeddba04290f3 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 31 Dec 2004 07:26:26 +0000 Subject: r4437: added IDL and test code for lsa_LookupSids3() and lsa_LookupNames3(). For some reason I am getting ACCESS_DENIED from w2k3 on lsa_LookupSids3(). I will investigate. (This used to be commit c759fa0000e37c3e93a7529a7701998af6727612) --- source4/librpc/idl/lsa.idl | 37 +++++++++++++++++-- source4/torture/rpc/lsa.c | 88 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 123 insertions(+), 2 deletions(-) (limited to 'source4') diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl index e4ef17b712..66a7593566 100644 --- a/source4/librpc/idl/lsa.idl +++ b/source4/librpc/idl/lsa.idl @@ -792,8 +792,31 @@ /* Function 0x43 */ NTSTATUS lsa_CREDRPROFILELOADED(); + /**********************/ /* Function 0x44 */ - NTSTATUS lsa_LSARLOOKUPNAMES3(); + typedef struct { + uint16 sid_type; + dom_sid *sid; + uint32 sid_index; + uint32 unknown; + } lsa_TranslatedSid3; + + typedef struct { + [range(0,1000)] uint32 count; + [size_is(count)] lsa_TranslatedSid3 *sids; + } lsa_TransSidArray3; + + NTSTATUS lsa_LookupNames3 ( + [in,ref] policy_handle *handle, + [in,range(0,1000)] uint32 num_names, + [in,ref,size_is(num_names)] lsa_String *names, + [out] lsa_RefDomainList *domains, + [in,out,ref] lsa_TransSidArray3 *sids, + [in] uint16 level, + [in,out,ref] uint32 *count, + [in] uint32 unknown1, + [in] uint32 unknown2 + ); /* Function 0x45 */ NTSTATUS lsa_CREDRGETSESSIONTYPES(); @@ -816,8 +839,18 @@ /* Function 0x4b */ NTSTATUS lsa_CREDRRENAME(); + /*****************/ /* Function 0x4c */ - NTSTATUS lsa_LSARLOOKUPSIDS3(); + + NTSTATUS lsa_LookupSids3( + [in,ref] lsa_SidArray *sids, + [out] lsa_RefDomainList *domains, + [in,out,ref] lsa_TransNameArray2 *names, + [in] uint16 level, + [in,out,ref] uint32 *count, + [in] uint32 unknown1, + [in] uint32 unknown2 + ); /* Function 0x4d */ NTSTATUS lsa_LSARLOOKUPNAMES4(); diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c index 7d1ba5fdae..3fba1bf4b0 100644 --- a/source4/torture/rpc/lsa.c +++ b/source4/torture/rpc/lsa.c @@ -188,6 +188,51 @@ static BOOL test_LookupNames2(struct dcerpc_pipe *p, } +static BOOL test_LookupNames3(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + struct policy_handle *handle, + struct lsa_TransNameArray2 *tnames) +{ + struct lsa_LookupNames3 r; + struct lsa_TransSidArray3 sids; + struct lsa_String *names; + uint32_t count = 0; + NTSTATUS status; + int i; + + printf("\nTesting LookupNames3 with %d names\n", tnames->count); + + sids.count = 0; + sids.sids = NULL; + + names = talloc_array_p(mem_ctx, struct lsa_String, tnames->count); + for (i=0;icount;i++) { + init_lsa_String(&names[i], tnames->names[i].name.string); + } + + r.in.handle = handle; + r.in.num_names = tnames->count; + r.in.names = names; + r.in.sids = &sids; + r.in.level = 1; + r.in.count = &count; + r.in.unknown1 = 0; + r.in.unknown2 = 0; + r.out.count = &count; + r.out.sids = &sids; + + status = dcerpc_lsa_LookupNames3(p, mem_ctx, &r); + if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) { + printf("LookupNames3 failed - %s\n", nt_errstr(status)); + return False; + } + + printf("\n"); + + return True; +} + + static BOOL test_LookupSids(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle, @@ -267,6 +312,45 @@ static BOOL test_LookupSids2(struct dcerpc_pipe *p, return True; } +static BOOL test_LookupSids3(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + struct policy_handle *handle, + struct lsa_SidArray *sids) +{ + struct lsa_LookupSids3 r; + struct lsa_TransNameArray2 names; + uint32_t count = sids->num_sids; + NTSTATUS status; + + printf("\nTesting LookupSids3\n"); + + names.count = 0; + names.names = NULL; + + r.in.sids = sids; + r.in.names = &names; + r.in.level = 1; + r.in.count = &count; + r.in.unknown1 = 0; + r.in.unknown2 = 0; + r.out.count = &count; + r.out.names = &names; + + status = dcerpc_lsa_LookupSids3(p, mem_ctx, &r); + if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) { + printf("LookupSids3 failed - %s\n", nt_errstr(status)); + return False; + } + + printf("\n"); + + if (!test_LookupNames3(p, mem_ctx, handle, &names)) { + return False; + } + + return True; +} + static BOOL test_many_LookupSids(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle) @@ -789,6 +873,10 @@ static BOOL test_EnumAccounts(struct dcerpc_pipe *p, return False; } + if (!test_LookupSids3(p, mem_ctx, handle, &sids1)) { + return False; + } + printf("testing all accounts\n"); for (i=0;i