/* [<][>][^][v][top][bottom][index][help] */
DEFINITIONS
This source file includes following definitions.
- test_DsCrackNamesMatrix
- test_DsCrackNames
1 /*
2 Unix SMB/CIFS implementation.
3
4 DRSUapi tests
5
6 Copyright (C) Andrew Tridgell 2003
7 Copyright (C) Stefan (metze) Metzmacher 2004
8 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005
9
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
14
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 */
23
24 #include "includes.h"
25 #include "torture/torture.h"
26 #include "librpc/gen_ndr/ndr_drsuapi_c.h"
27 #include "torture/rpc/rpc.h"
28 #include "ldb/include/ldb.h"
29 #include "libcli/security/security.h"
30
31 static bool test_DsCrackNamesMatrix(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
/* [<][>][^][v][top][bottom][index][help] */
32 struct DsPrivate *priv, const char *dn,
33 const char *user_principal_name, const char *service_principal_name)
34 {
35
36
37 NTSTATUS status;
38 bool ret = true;
39 struct drsuapi_DsCrackNames r;
40 union drsuapi_DsNameRequest req;
41 int32_t level_out;
42 union drsuapi_DsNameCtr ctr;
43
44 enum drsuapi_DsNameFormat formats[] = {
45 DRSUAPI_DS_NAME_FORMAT_UNKNOWN,
46 DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
47 DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
48 DRSUAPI_DS_NAME_FORMAT_DISPLAY,
49 DRSUAPI_DS_NAME_FORMAT_GUID,
50 DRSUAPI_DS_NAME_FORMAT_CANONICAL,
51 DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
52 DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX,
53 DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
54 DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
55 DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN
56 };
57 struct drsuapi_DsNameString names[ARRAY_SIZE(formats)];
58 int i, j;
59
60 const char *n_matrix[ARRAY_SIZE(formats)][ARRAY_SIZE(formats)];
61 const char *n_from[ARRAY_SIZE(formats)];
62
63 ZERO_STRUCT(r);
64 r.in.bind_handle = &priv->bind_handle;
65 r.in.level = 1;
66 r.in.req = &req;
67 r.in.req->req1.codepage = 1252; /* german */
68 r.in.req->req1.language = 0x00000407; /* german */
69 r.in.req->req1.count = 1;
70 r.in.req->req1.names = names;
71 r.in.req->req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS;
72
73 r.out.level_out = &level_out;
74 r.out.ctr = &ctr;
75
76 n_matrix[0][0] = dn;
77
78 for (i = 0; i < ARRAY_SIZE(formats); i++) {
79 r.in.req->req1.format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
80 r.in.req->req1.format_desired = formats[i];
81 names[0].str = dn;
82 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
83 if (!NT_STATUS_IS_OK(status)) {
84 const char *errstr = nt_errstr(status);
85 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
86 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
87 }
88 printf("testing DsCrackNames (matrix prep) with name '%s' from format: %d desired format:%d ",
89 names[0].str, r.in.req->req1.format_offered, r.in.req->req1.format_desired);
90
91 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
92 ret = false;
93 } else if (!W_ERROR_IS_OK(r.out.result)) {
94 printf("testing DsCrackNames (matrix prep) with name '%s' from format: %d desired format:%d ",
95 names[0].str, r.in.req->req1.format_offered, r.in.req->req1.format_desired);
96
97 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
98 ret = false;
99 }
100
101 if (!ret) {
102 return ret;
103 }
104 switch (formats[i]) {
105 case DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL:
106 if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE) {
107 printf(__location__ ": Unexpected error (%d): This name lookup should fail\n",
108 r.out.ctr->ctr1->array[0].status);
109 return false;
110 }
111 printf ("(expected) error\n");
112 break;
113 case DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL:
114 if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NO_MAPPING) {
115 printf(__location__ ": Unexpected error (%d): This name lookup should fail\n",
116 r.out.ctr->ctr1->array[0].status);
117 return false;
118 }
119 printf ("(expected) error\n");
120 break;
121 case DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN:
122 case DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY:
123 if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR) {
124 printf(__location__ ": Unexpected error (%d): This name lookup should fail\n",
125 r.out.ctr->ctr1->array[0].status);
126 return false;
127 }
128 printf ("(expected) error\n");
129 break;
130 default:
131 if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
132 printf("Error: %d\n", r.out.ctr->ctr1->array[0].status);
133 return false;
134 }
135 }
136
137 switch (formats[i]) {
138 case DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL:
139 n_from[i] = user_principal_name;
140 break;
141 case DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL:
142 n_from[i] = service_principal_name;
143 break;
144 case DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY:
145 case DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN:
146 n_from[i] = NULL;
147 break;
148 default:
149 n_from[i] = r.out.ctr->ctr1->array[0].result_name;
150 printf("%s\n", n_from[i]);
151 }
152 }
153
154 for (i = 0; i < ARRAY_SIZE(formats); i++) {
155 for (j = 0; j < ARRAY_SIZE(formats); j++) {
156 r.in.req->req1.format_offered = formats[i];
157 r.in.req->req1.format_desired = formats[j];
158 if (!n_from[i]) {
159 n_matrix[i][j] = NULL;
160 continue;
161 }
162 names[0].str = n_from[i];
163 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
164 if (!NT_STATUS_IS_OK(status)) {
165 const char *errstr = nt_errstr(status);
166 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
167 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
168 }
169 printf("testing DsCrackNames (matrix) with name '%s' from format: %d desired format:%d failed - %s",
170 names[0].str, r.in.req->req1.format_offered, r.in.req->req1.format_desired, errstr);
171 ret = false;
172 } else if (!W_ERROR_IS_OK(r.out.result)) {
173 printf("testing DsCrackNames (matrix) with name '%s' from format: %d desired format:%d failed - %s",
174 names[0].str, r.in.req->req1.format_offered, r.in.req->req1.format_desired,
175 win_errstr(r.out.result));
176 ret = false;
177 }
178
179 if (!ret) {
180 return ret;
181 }
182 if (r.out.ctr->ctr1->array[0].status == DRSUAPI_DS_NAME_STATUS_OK) {
183 n_matrix[i][j] = r.out.ctr->ctr1->array[0].result_name;
184 } else {
185 n_matrix[i][j] = NULL;
186 }
187 }
188 }
189
190 for (i = 0; i < ARRAY_SIZE(formats); i++) {
191 for (j = 0; j < ARRAY_SIZE(formats); j++) {
192 if (n_matrix[i][j] == n_from[j]) {
193
194 /* We don't have a from name for these yet (and we can't map to them to find it out) */
195 } else if (n_matrix[i][j] == NULL && n_from[i] == NULL) {
196
197 /* we can't map to these two */
198 } else if (n_matrix[i][j] == NULL && formats[j] == DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL) {
199 } else if (n_matrix[i][j] == NULL && formats[j] == DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL) {
200 } else if (n_matrix[i][j] == NULL && n_from[j] != NULL) {
201 printf("dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s\n", formats[i], formats[j], n_matrix[i][j], n_from[j]);
202 ret = false;
203 } else if (n_matrix[i][j] != NULL && n_from[j] == NULL) {
204 printf("dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s\n", formats[i], formats[j], n_matrix[i][j], n_from[j]);
205 ret = false;
206 } else if (strcmp(n_matrix[i][j], n_from[j]) != 0) {
207 printf("dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s\n", formats[i], formats[j], n_matrix[i][j], n_from[j]);
208 ret = false;
209 }
210 }
211 }
212 return ret;
213 }
214
215 bool test_DsCrackNames(struct torture_context *tctx,
/* [<][>][^][v][top][bottom][index][help] */
216 struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
217 struct DsPrivate *priv)
218 {
219 NTSTATUS status;
220 struct drsuapi_DsCrackNames r;
221 union drsuapi_DsNameRequest req;
222 int32_t level_out;
223 union drsuapi_DsNameCtr ctr;
224 struct drsuapi_DsNameString names[1];
225 bool ret = true;
226 const char *dns_domain;
227 const char *nt4_domain;
228 const char *FQDN_1779_name;
229 struct ldb_context *ldb;
230 struct ldb_dn *FQDN_1779_dn;
231 struct ldb_dn *realm_dn;
232 const char *realm_dn_str;
233 const char *realm_canonical;
234 const char *realm_canonical_ex;
235 const char *user_principal_name;
236 char *user_principal_name_short;
237 const char *service_principal_name;
238 const char *canonical_name;
239 const char *canonical_ex_name;
240 const char *dom_sid;
241 const char *test_dc = torture_join_netbios_name(priv->join);
242
243 ZERO_STRUCT(r);
244 r.in.bind_handle = &priv->bind_handle;
245 r.in.level = 1;
246 r.in.req = &req;
247 r.in.req->req1.codepage = 1252; /* german */
248 r.in.req->req1.language = 0x00000407; /* german */
249 r.in.req->req1.count = 1;
250 r.in.req->req1.names = names;
251 r.in.req->req1.format_flags = DRSUAPI_DS_NAME_FLAG_NO_FLAGS;
252
253 r.in.req->req1.format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY;
254 r.in.req->req1.format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
255
256 r.out.level_out = &level_out;
257 r.out.ctr = &ctr;
258
259 dom_sid = dom_sid_string(mem_ctx, torture_join_sid(priv->join));
260
261 names[0].str = dom_sid;
262
263 printf("testing DsCrackNames with name '%s' desired format:%d\n",
264 names[0].str, r.in.req->req1.format_desired);
265
266 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
267 if (!NT_STATUS_IS_OK(status)) {
268 const char *errstr = nt_errstr(status);
269 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
270 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
271 }
272 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
273 ret = false;
274 } else if (!W_ERROR_IS_OK(r.out.result)) {
275 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
276 ret = false;
277 } else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
278 printf("DsCrackNames failed on name - %d\n", r.out.ctr->ctr1->array[0].status);
279 ret = false;
280 }
281
282 if (!ret) {
283 return ret;
284 }
285
286 dns_domain = r.out.ctr->ctr1->array[0].dns_domain_name;
287 nt4_domain = r.out.ctr->ctr1->array[0].result_name;
288
289 r.in.req->req1.format_desired = DRSUAPI_DS_NAME_FORMAT_GUID;
290
291 printf("testing DsCrackNames with name '%s' desired format:%d\n",
292 names[0].str, r.in.req->req1.format_desired);
293
294 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
295 if (!NT_STATUS_IS_OK(status)) {
296 const char *errstr = nt_errstr(status);
297 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
298 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
299 }
300 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
301 ret = false;
302 } else if (!W_ERROR_IS_OK(r.out.result)) {
303 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
304 ret = false;
305 } else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
306 printf("DsCrackNames failed on name - %d\n", r.out.ctr->ctr1->array[0].status);
307 ret = false;
308 }
309
310 if (!ret) {
311 return ret;
312 }
313
314 priv->domain_dns_name = r.out.ctr->ctr1->array[0].dns_domain_name;
315 priv->domain_guid_str = r.out.ctr->ctr1->array[0].result_name;
316 GUID_from_string(priv->domain_guid_str, &priv->domain_guid);
317
318 r.in.req->req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
319
320 printf("testing DsCrackNames with name '%s' desired format:%d\n",
321 names[0].str, r.in.req->req1.format_desired);
322
323 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
324 if (!NT_STATUS_IS_OK(status)) {
325 const char *errstr = nt_errstr(status);
326 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
327 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
328 }
329 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
330 ret = false;
331 } else if (!W_ERROR_IS_OK(r.out.result)) {
332 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
333 ret = false;
334 } else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
335 printf("DsCrackNames failed on name - %d\n", r.out.ctr->ctr1->array[0].status);
336 ret = false;
337 }
338
339 if (!ret) {
340 return ret;
341 }
342
343 ldb = ldb_init(mem_ctx, tctx->ev);
344
345 realm_dn_str = r.out.ctr->ctr1->array[0].result_name;
346 realm_dn = ldb_dn_new(mem_ctx, ldb, realm_dn_str);
347 realm_canonical = ldb_dn_canonical_string(mem_ctx, realm_dn);
348
349 if (strcmp(realm_canonical,
350 talloc_asprintf(mem_ctx, "%s/", dns_domain))!= 0) {
351 printf("local Round trip on canonical name failed: %s != %s!\n",
352 realm_canonical,
353 talloc_asprintf(mem_ctx, "%s/", dns_domain));
354 return false;
355 };
356
357 realm_canonical_ex = ldb_dn_canonical_ex_string(mem_ctx, realm_dn);
358
359 if (strcmp(realm_canonical_ex,
360 talloc_asprintf(mem_ctx, "%s\n", dns_domain))!= 0) {
361 printf("local Round trip on canonical ex name failed: %s != %s!\n",
362 realm_canonical,
363 talloc_asprintf(mem_ctx, "%s\n", dns_domain));
364 return false;
365 };
366
367 r.in.req->req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
368 r.in.req->req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
369 names[0].str = nt4_domain;
370
371 printf("testing DsCrackNames with name '%s' desired format:%d\n",
372 names[0].str, r.in.req->req1.format_desired);
373
374 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
375 if (!NT_STATUS_IS_OK(status)) {
376 const char *errstr = nt_errstr(status);
377 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
378 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
379 }
380 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
381 ret = false;
382 } else if (!W_ERROR_IS_OK(r.out.result)) {
383 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
384 ret = false;
385 } else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
386 printf("DsCrackNames failed on name - %d\n", r.out.ctr->ctr1->array[0].status);
387 ret = false;
388 }
389
390 if (!ret) {
391 return ret;
392 }
393
394 priv->domain_obj_dn = r.out.ctr->ctr1->array[0].result_name;
395
396 r.in.req->req1.format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
397 r.in.req->req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
398 names[0].str = talloc_asprintf(mem_ctx, "%s%s$", nt4_domain, test_dc);
399
400 printf("testing DsCrackNames with name '%s' desired format:%d\n",
401 names[0].str, r.in.req->req1.format_desired);
402
403 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
404 if (!NT_STATUS_IS_OK(status)) {
405 const char *errstr = nt_errstr(status);
406 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
407 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
408 }
409 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
410 ret = false;
411 } else if (!W_ERROR_IS_OK(r.out.result)) {
412 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
413 ret = false;
414 } else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
415 printf("DsCrackNames failed on name - %d\n", r.out.ctr->ctr1->array[0].status);
416 ret = false;
417 }
418
419 if (!ret) {
420 return ret;
421 }
422
423 FQDN_1779_name = r.out.ctr->ctr1->array[0].result_name;
424
425 r.in.req->req1.format_offered = DRSUAPI_DS_NAME_FORMAT_GUID;
426 r.in.req->req1.format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
427 names[0].str = priv->domain_guid_str;
428
429 printf("testing DsCrackNames with name '%s' desired format:%d\n",
430 names[0].str, r.in.req->req1.format_desired);
431
432 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
433 if (!NT_STATUS_IS_OK(status)) {
434 const char *errstr = nt_errstr(status);
435 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
436 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
437 }
438 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
439 ret = false;
440 } else if (!W_ERROR_IS_OK(r.out.result)) {
441 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
442 ret = false;
443 } else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
444 printf("DsCrackNames failed on name - %d\n", r.out.ctr->ctr1->array[0].status);
445 ret = false;
446 }
447
448 if (!ret) {
449 return ret;
450 }
451
452 if (strcmp(priv->domain_dns_name, r.out.ctr->ctr1->array[0].dns_domain_name) != 0) {
453 printf("DsCrackNames failed to return same DNS name - expected %s got %s\n", priv->domain_dns_name, r.out.ctr->ctr1->array[0].dns_domain_name);
454 return false;
455 }
456
457 FQDN_1779_dn = ldb_dn_new(mem_ctx, ldb, FQDN_1779_name);
458
459 canonical_name = ldb_dn_canonical_string(mem_ctx, FQDN_1779_dn);
460 canonical_ex_name = ldb_dn_canonical_ex_string(mem_ctx, FQDN_1779_dn);
461
462 user_principal_name = talloc_asprintf(mem_ctx, "%s$@%s", test_dc, dns_domain);
463
464 /* form up a user@DOMAIN */
465 user_principal_name_short = talloc_asprintf(mem_ctx, "%s$@%s", test_dc, nt4_domain);
466 /* variable nt4_domain includs a trailing \ */
467 user_principal_name_short[strlen(user_principal_name_short) - 1] = '\0';
468
469 service_principal_name = talloc_asprintf(mem_ctx, "HOST/%s", test_dc);
470 {
471
472 struct {
473 enum drsuapi_DsNameFormat format_offered;
474 enum drsuapi_DsNameFormat format_desired;
475 const char *comment;
476 const char *str;
477 const char *expected_str;
478 const char *expected_dns;
479 enum drsuapi_DsNameStatus status;
480 enum drsuapi_DsNameStatus alternate_status;
481 enum drsuapi_DsNameFlags flags;
482 bool skip;
483 } crack[] = {
484 {
485 .format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
486 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
487 .str = user_principal_name,
488 .expected_str = FQDN_1779_name,
489 .status = DRSUAPI_DS_NAME_STATUS_OK
490 },
491 {
492 .format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
493 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
494 .str = user_principal_name_short,
495 .expected_str = FQDN_1779_name,
496 .status = DRSUAPI_DS_NAME_STATUS_OK
497 },
498 {
499 .format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
500 .format_desired = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
501 .str = FQDN_1779_name,
502 .status = DRSUAPI_DS_NAME_STATUS_NO_MAPPING
503 },
504 {
505 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
506 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
507 .str = service_principal_name,
508 .expected_str = FQDN_1779_name,
509 .status = DRSUAPI_DS_NAME_STATUS_OK
510 },
511 {
512 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
513 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
514 .str = talloc_asprintf(mem_ctx, "cifs/%s.%s", test_dc, dns_domain),
515 .comment = "ServicePrincipal Name",
516 .expected_str = FQDN_1779_name,
517 .status = DRSUAPI_DS_NAME_STATUS_OK
518 },
519 {
520 .format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
521 .format_desired = DRSUAPI_DS_NAME_FORMAT_CANONICAL,
522 .str = FQDN_1779_name,
523 .expected_str = canonical_name,
524 .status = DRSUAPI_DS_NAME_STATUS_OK
525 },
526 {
527 .format_offered = DRSUAPI_DS_NAME_FORMAT_CANONICAL,
528 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
529 .str = canonical_name,
530 .expected_str = FQDN_1779_name,
531 .status = DRSUAPI_DS_NAME_STATUS_OK
532 },
533 {
534 .format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
535 .format_desired = DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX,
536 .str = FQDN_1779_name,
537 .expected_str = canonical_ex_name,
538 .status = DRSUAPI_DS_NAME_STATUS_OK
539 },
540 {
541 .format_offered = DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX,
542 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
543 .str = canonical_ex_name,
544 .expected_str = FQDN_1779_name,
545 .status = DRSUAPI_DS_NAME_STATUS_OK
546 },
547 {
548 .format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
549 .format_desired = DRSUAPI_DS_NAME_FORMAT_CANONICAL,
550 .str = FQDN_1779_name,
551 .comment = "DN to cannoical syntactial only",
552 .status = DRSUAPI_DS_NAME_STATUS_OK,
553 .expected_str = canonical_name,
554 .flags = DRSUAPI_DS_NAME_FLAG_SYNTACTICAL_ONLY
555 },
556 {
557 .format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
558 .format_desired = DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX,
559 .str = FQDN_1779_name,
560 .comment = "DN to cannoical EX syntactial only",
561 .status = DRSUAPI_DS_NAME_STATUS_OK,
562 .expected_str = canonical_ex_name,
563 .flags = DRSUAPI_DS_NAME_FLAG_SYNTACTICAL_ONLY
564 },
565 {
566 .format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
567 .format_desired = DRSUAPI_DS_NAME_FORMAT_DISPLAY,
568 .str = FQDN_1779_name,
569 .status = DRSUAPI_DS_NAME_STATUS_OK
570 },
571 {
572 .format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
573 .format_desired = DRSUAPI_DS_NAME_FORMAT_GUID,
574 .str = FQDN_1779_name,
575 .status = DRSUAPI_DS_NAME_STATUS_OK
576 },
577 {
578 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
579 .format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
580 .str = priv->domain_guid_str,
581 .comment = "Domain GUID to NT4 ACCOUNT",
582 .expected_str = nt4_domain,
583 .status = DRSUAPI_DS_NAME_STATUS_OK
584 },
585 {
586 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
587 .format_desired = DRSUAPI_DS_NAME_FORMAT_CANONICAL,
588 .str = priv->domain_guid_str,
589 .comment = "Domain GUID to Canonical",
590 .expected_str = talloc_asprintf(mem_ctx, "%s/", dns_domain),
591 .status = DRSUAPI_DS_NAME_STATUS_OK
592 },
593 {
594 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
595 .format_desired = DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX,
596 .str = priv->domain_guid_str,
597 .comment = "Domain GUID to Canonical EX",
598 .expected_str = talloc_asprintf(mem_ctx, "%s\n", dns_domain),
599 .status = DRSUAPI_DS_NAME_STATUS_OK
600 },
601 {
602 .format_offered = DRSUAPI_DS_NAME_FORMAT_DISPLAY,
603 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
604 .str = "CN=Microsoft Corporation,L=Redmond,S=Washington,C=US",
605 .comment = "display name for Microsoft Support Account",
606 .status = DRSUAPI_DS_NAME_STATUS_OK,
607 .alternate_status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE,
608 .skip = torture_setting_bool(tctx, "samba4", false)
609 },
610 {
611 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
612 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
613 .str = GUID_string2(mem_ctx, torture_join_user_guid(priv->join)),
614 .comment = "Account GUID -> DN",
615 .expected_str = FQDN_1779_name,
616 .status = DRSUAPI_DS_NAME_STATUS_OK
617 },
618 {
619 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
620 .format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
621 .str = GUID_string2(mem_ctx, torture_join_user_guid(priv->join)),
622 .comment = "Account GUID -> NT4 Account",
623 .expected_str = talloc_asprintf(mem_ctx, "%s%s$", nt4_domain, test_dc),
624 .status = DRSUAPI_DS_NAME_STATUS_OK
625 },
626 {
627 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
628 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
629 .str = GUID_string2(mem_ctx, &priv->dcinfo.site_guid),
630 .comment = "Site GUID",
631 .expected_str = priv->dcinfo.site_dn,
632 .status = DRSUAPI_DS_NAME_STATUS_OK
633 },
634 {
635 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
636 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
637 .str = GUID_string2(mem_ctx, &priv->dcinfo.computer_guid),
638 .comment = "Computer GUID",
639 .expected_str = priv->dcinfo.computer_dn,
640 .status = DRSUAPI_DS_NAME_STATUS_OK
641 },
642 {
643 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
644 .format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
645 .str = GUID_string2(mem_ctx, &priv->dcinfo.computer_guid),
646 .comment = "Computer GUID -> NT4 Account",
647 .status = DRSUAPI_DS_NAME_STATUS_OK
648 },
649 {
650 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
651 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
652 .str = GUID_string2(mem_ctx, &priv->dcinfo.server_guid),
653 .comment = "Server GUID",
654 .expected_str = priv->dcinfo.server_dn,
655 .status = DRSUAPI_DS_NAME_STATUS_OK
656 },
657 {
658 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
659 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
660 .str = GUID_string2(mem_ctx, &priv->dcinfo.ntds_guid),
661 .comment = "NTDS GUID",
662 .expected_str = priv->dcinfo.ntds_dn,
663 .status = DRSUAPI_DS_NAME_STATUS_OK,
664 .skip = GUID_all_zero(&priv->dcinfo.ntds_guid)
665 },
666 {
667 .format_offered = DRSUAPI_DS_NAME_FORMAT_DISPLAY,
668 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
669 .str = test_dc,
670 .comment = "DISLPAY NAME search for DC short name",
671 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
672 },
673 {
674 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
675 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
676 .str = talloc_asprintf(mem_ctx, "krbtgt/%s", dns_domain),
677 .comment = "Looking for KRBTGT as a serivce principal",
678 .status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY,
679 .expected_dns = dns_domain
680 },
681 {
682 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
683 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
684 .str = talloc_asprintf(mem_ctx, "bogus/%s", dns_domain),
685 .comment = "Looking for bogus serivce principal",
686 .status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY,
687 .expected_dns = dns_domain
688 },
689 {
690 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
691 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
692 .str = talloc_asprintf(mem_ctx, "bogus/%s.%s", test_dc, dns_domain),
693 .comment = "Looking for bogus serivce on test DC",
694 .status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY,
695 .expected_dns = talloc_asprintf(mem_ctx, "%s.%s", test_dc, dns_domain)
696 },
697 {
698 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
699 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
700 .str = talloc_asprintf(mem_ctx, "krbtgt"),
701 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
702 },
703 {
704 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
705 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
706 .comment = "Looking for the kadmin/changepw service as a serivce principal",
707 .str = talloc_asprintf(mem_ctx, "kadmin/changepw"),
708 .status = DRSUAPI_DS_NAME_STATUS_OK,
709 .expected_str = talloc_asprintf(mem_ctx, "CN=krbtgt,CN=Users,%s", realm_dn_str),
710 .alternate_status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
711 },
712 {
713 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
714 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
715 .str = talloc_asprintf(mem_ctx, "cifs/%s.%s@%s",
716 test_dc, dns_domain,
717 dns_domain),
718 .status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY
719 },
720 {
721 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
722 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
723 .str = talloc_asprintf(mem_ctx, "cifs/%s.%s@%s",
724 test_dc, dns_domain,
725 "BOGUS"),
726 .status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY,
727 .expected_dns = "BOGUS"
728 },
729 {
730 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
731 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
732 .str = talloc_asprintf(mem_ctx, "cifs/%s.%s@%s",
733 test_dc, "REALLY",
734 "BOGUS"),
735 .status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY,
736 .expected_dns = "BOGUS"
737 },
738 {
739 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
740 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
741 .str = talloc_asprintf(mem_ctx, "cifs/%s.%s",
742 test_dc, dns_domain),
743 .status = DRSUAPI_DS_NAME_STATUS_OK
744 },
745 {
746 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
747 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
748 .str = talloc_asprintf(mem_ctx, "cifs/%s",
749 test_dc),
750 .status = DRSUAPI_DS_NAME_STATUS_OK
751 },
752 {
753 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
754 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
755 .str = "NOT A GUID",
756 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
757 },
758 {
759 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
760 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
761 .str = "NOT A SID",
762 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
763 },
764 {
765 .format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
766 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
767 .str = "NOT AN NT4 NAME",
768 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
769 },
770 {
771 .format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
772 .format_desired = DRSUAPI_DS_NAME_FORMAT_GUID,
773 .comment = "Unparsable DN",
774 .str = "NOT A DN",
775 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
776 },
777 {
778 .format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
779 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
780 .comment = "Unparsable user principal",
781 .str = "NOT A PRINCIPAL",
782 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
783 },
784 {
785 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
786 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
787 .comment = "Unparsable service principal",
788 .str = "NOT A SERVICE PRINCIPAL",
789 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
790 },
791 {
792 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
793 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
794 .comment = "BIND GUID (ie, not in the directory)",
795 .str = GUID_string2(mem_ctx, &priv->bind_guid),
796 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
797 },
798 {
799 .format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
800 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
801 .comment = "Unqualified Machine account as user principal",
802 .str = talloc_asprintf(mem_ctx, "%s$", test_dc),
803 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
804 },
805 {
806 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
807 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
808 .comment = "Machine account as service principal",
809 .str = talloc_asprintf(mem_ctx, "%s$", test_dc),
810 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
811 },
812 {
813 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
814 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
815 .comment = "Full Machine account as service principal",
816 .str = user_principal_name,
817 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
818 },
819 {
820 .format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
821 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
822 .comment = "Realm as an NT4 domain lookup",
823 .str = talloc_asprintf(mem_ctx, "%s\\", dns_domain),
824 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
825 },
826 {
827 .format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
828 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
829 .comment = "BUILTIN\\ -> DN",
830 .str = "BUILTIN\\",
831 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
832 },
833 {
834 .format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
835 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
836 .comment = "NT AUTHORITY\\ -> DN",
837 .str = "NT AUTHORITY\\",
838 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
839 },
840 {
841 .format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
842 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
843 .comment = "NT AUTHORITY\\ANONYMOUS LOGON -> DN",
844 .str = "NT AUTHORITY\\ANONYMOUS LOGON",
845 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
846 },
847 {
848 .format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
849 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
850 .comment = "NT AUTHORITY\\SYSTEM -> DN",
851 .str = "NT AUTHORITY\\SYSTEM",
852 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
853 },
854 {
855 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
856 .format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
857 .comment = "BUITIN SID -> NT4 account",
858 .str = SID_BUILTIN,
859 .status = DRSUAPI_DS_NAME_STATUS_NO_MAPPING,
860 .alternate_status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
861 },
862 {
863 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
864 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
865 .str = SID_BUILTIN,
866 .comment = "Builtin Domain SID -> DN",
867 .status = DRSUAPI_DS_NAME_STATUS_OK,
868 .expected_str = talloc_asprintf(mem_ctx, "CN=Builtin,%s", realm_dn_str),
869 .alternate_status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
870 },
871 {
872 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
873 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
874 .str = SID_BUILTIN_ADMINISTRATORS,
875 .comment = "Builtin Administrors SID -> DN",
876 .status = DRSUAPI_DS_NAME_STATUS_OK,
877 .alternate_status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
878 },
879 {
880 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
881 .format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
882 .str = SID_BUILTIN_ADMINISTRATORS,
883 .comment = "Builtin Administrors SID -> NT4 Account",
884 .status = DRSUAPI_DS_NAME_STATUS_OK,
885 .alternate_status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
886 },
887 {
888 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
889 .format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
890 .str = SID_NT_ANONYMOUS,
891 .comment = "NT Anonymous SID -> NT4 Account",
892 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
893 },
894 {
895 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
896 .format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
897 .str = SID_NT_SYSTEM,
898 .comment = "NT SYSTEM SID -> NT4 Account",
899 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
900 },
901 {
902 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
903 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
904 .comment = "Domain SID -> DN",
905 .str = dom_sid,
906 .expected_str = realm_dn_str,
907 .status = DRSUAPI_DS_NAME_STATUS_OK
908 },
909 {
910 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
911 .format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
912 .comment = "Domain SID -> NT4 account",
913 .str = dom_sid,
914 .expected_str = nt4_domain,
915 .status = DRSUAPI_DS_NAME_STATUS_OK
916 },
917 {
918 .format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
919 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
920 .comment = "invalid user principal name",
921 .str = "foo@bar",
922 .status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY,
923 .expected_dns = "bar"
924 },
925 {
926 .format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
927 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
928 .comment = "invalid user principal name in valid domain",
929 .str = talloc_asprintf(mem_ctx, "invalidusername@%s", dns_domain),
930 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
931 }
932 };
933 int i;
934
935 for (i=0; i < ARRAY_SIZE(crack); i++) {
936 const char *comment;
937 r.in.req->req1.format_flags = crack[i].flags;
938 r.in.req->req1.format_offered = crack[i].format_offered;
939 r.in.req->req1.format_desired = crack[i].format_desired;
940 names[0].str = crack[i].str;
941
942 if (crack[i].comment) {
943 comment = talloc_asprintf(mem_ctx, "'%s' with name '%s' desired format:%d\n",
944 crack[i].comment, names[0].str, r.in.req->req1.format_desired);
945 } else {
946 comment = talloc_asprintf(mem_ctx, "'%s' desired format:%d\n",
947 names[0].str, r.in.req->req1.format_desired);
948 }
949 if (crack[i].skip) {
950 printf("skipping: %s", comment);
951 continue;
952 }
953 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
954 if (!NT_STATUS_IS_OK(status)) {
955 const char *errstr = nt_errstr(status);
956 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
957 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
958 }
959 printf("dcerpc_drsuapi_DsCrackNames failed on %s - %s\n", comment, errstr);
960 ret = false;
961 } else if (!W_ERROR_IS_OK(r.out.result)) {
962 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
963 ret = false;
964 } else if (r.out.ctr->ctr1->array[0].status != crack[i].status) {
965 if (crack[i].alternate_status) {
966 if (r.out.ctr->ctr1->array[0].status != crack[i].alternate_status) {
967 printf("DsCrackNames unexpected status %d, wanted %d or %d on: %s\n",
968 r.out.ctr->ctr1->array[0].status,
969 crack[i].status,
970 crack[i].alternate_status,
971 comment);
972 ret = false;
973 }
974 } else {
975 printf("DsCrackNames unexpected status %d, wanted %d on: %s\n",
976 r.out.ctr->ctr1->array[0].status,
977 crack[i].status,
978 comment);
979 ret = false;
980 }
981 } else if (crack[i].expected_str
982 && (strcmp(r.out.ctr->ctr1->array[0].result_name,
983 crack[i].expected_str) != 0)) {
984 if (strcasecmp(r.out.ctr->ctr1->array[0].result_name,
985 crack[i].expected_str) != 0) {
986 printf("DsCrackNames failed - got %s, expected %s on %s\n",
987 r.out.ctr->ctr1->array[0].result_name,
988 crack[i].expected_str, comment);
989 ret = false;
990 } else {
991 printf("(warning) DsCrackNames returned different case - got %s, expected %s on %s\n",
992 r.out.ctr->ctr1->array[0].result_name,
993 crack[i].expected_str, comment);
994 }
995 } else if (crack[i].expected_dns
996 && (strcmp(r.out.ctr->ctr1->array[0].dns_domain_name,
997 crack[i].expected_dns) != 0)) {
998 printf("DsCrackNames failed - got DNS name %s, expected %s on %s\n",
999 r.out.ctr->ctr1->array[0].result_name,
1000 crack[i].expected_str, comment);
1001 ret = false;
1002 }
1003 }
1004 }
1005
1006 if (!test_DsCrackNamesMatrix(p, mem_ctx, priv, FQDN_1779_name,
1007 user_principal_name, service_principal_name)) {
1008 ret = false;
1009 }
1010
1011 return ret;
1012 }