root/source4/torture/rpc/drsuapi_cracknames.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. test_DsCrackNamesMatrix
  2. test_DsCrackNames

   1 /* 
   2    Unix SMB/CIFS implementation.
   3 
   4    DRSUapi tests
   5 
   6    Copyright (C) Andrew Tridgell 2003
   7    Copyright (C) Stefan (metze) Metzmacher 2004
   8    Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005
   9 
  10    This program is free software; you can redistribute it and/or modify
  11    it under the terms of the GNU General Public License as published by
  12    the Free Software Foundation; either version 3 of the License, or
  13    (at your option) any later version.
  14    
  15    This program is distributed in the hope that it will be useful,
  16    but WITHOUT ANY WARRANTY; without even the implied warranty of
  17    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  18    GNU General Public License for more details.
  19    
  20    You should have received a copy of the GNU General Public License
  21    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  22 */
  23 
  24 #include "includes.h"
  25 #include "torture/torture.h"
  26 #include "librpc/gen_ndr/ndr_drsuapi_c.h"
  27 #include "torture/rpc/rpc.h"
  28 #include "ldb/include/ldb.h"
  29 #include "libcli/security/security.h"
  30 
  31 static bool test_DsCrackNamesMatrix(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, 
     /* [<][>][^][v][top][bottom][index][help] */
  32                                     struct DsPrivate *priv, const char *dn,
  33                                     const char *user_principal_name, const char *service_principal_name)
  34 {
  35         
  36 
  37         NTSTATUS status;
  38         bool ret = true;
  39         struct drsuapi_DsCrackNames r;
  40         union drsuapi_DsNameRequest req;
  41         int32_t level_out;
  42         union drsuapi_DsNameCtr ctr;
  43 
  44         enum drsuapi_DsNameFormat formats[] = {
  45                 DRSUAPI_DS_NAME_FORMAT_UNKNOWN,
  46                 DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
  47                 DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
  48                 DRSUAPI_DS_NAME_FORMAT_DISPLAY,
  49                 DRSUAPI_DS_NAME_FORMAT_GUID,
  50                 DRSUAPI_DS_NAME_FORMAT_CANONICAL,
  51                 DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
  52                 DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX,
  53                 DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
  54                 DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
  55                 DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN
  56         };
  57         struct drsuapi_DsNameString names[ARRAY_SIZE(formats)];
  58         int i, j;
  59 
  60         const char *n_matrix[ARRAY_SIZE(formats)][ARRAY_SIZE(formats)];
  61         const char *n_from[ARRAY_SIZE(formats)];
  62 
  63         ZERO_STRUCT(r);
  64         r.in.bind_handle                = &priv->bind_handle;
  65         r.in.level                      = 1;
  66         r.in.req                        = &req;
  67         r.in.req->req1.codepage         = 1252; /* german */
  68         r.in.req->req1.language         = 0x00000407; /* german */
  69         r.in.req->req1.count            = 1;
  70         r.in.req->req1.names            = names;
  71         r.in.req->req1.format_flags     = DRSUAPI_DS_NAME_FLAG_NO_FLAGS;
  72 
  73         r.out.level_out                 = &level_out;
  74         r.out.ctr                       = &ctr;
  75 
  76         n_matrix[0][0] = dn;
  77 
  78         for (i = 0; i < ARRAY_SIZE(formats); i++) {
  79                 r.in.req->req1.format_offered   = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
  80                 r.in.req->req1.format_desired   = formats[i];
  81                 names[0].str = dn;
  82                 status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
  83                 if (!NT_STATUS_IS_OK(status)) {
  84                         const char *errstr = nt_errstr(status);
  85                         if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
  86                                 errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
  87                         }
  88                         printf("testing DsCrackNames (matrix prep) with name '%s' from format: %d desired format:%d ",
  89                                names[0].str, r.in.req->req1.format_offered, r.in.req->req1.format_desired);
  90                 
  91                         printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
  92                         ret = false;
  93                 } else if (!W_ERROR_IS_OK(r.out.result)) {
  94                         printf("testing DsCrackNames (matrix prep) with name '%s' from format: %d desired format:%d ",
  95                                names[0].str, r.in.req->req1.format_offered, r.in.req->req1.format_desired);
  96                 
  97                         printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
  98                         ret = false;
  99                 }
 100                         
 101                 if (!ret) {
 102                         return ret;
 103                 }
 104                 switch (formats[i]) {
 105                 case DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL:  
 106                         if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE) {
 107                                 printf(__location__ ": Unexpected error (%d): This name lookup should fail\n", 
 108                                        r.out.ctr->ctr1->array[0].status);
 109                                 return false;
 110                         }
 111                         printf ("(expected) error\n");
 112                         break;
 113                 case DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL:
 114                         if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_NO_MAPPING) {
 115                                 printf(__location__ ": Unexpected error (%d): This name lookup should fail\n", 
 116                                        r.out.ctr->ctr1->array[0].status);
 117                                 return false;
 118                         }
 119                         printf ("(expected) error\n");
 120                         break;
 121                 case DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN: 
 122                 case DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY: 
 123                         if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_RESOLVE_ERROR) {
 124                                 printf(__location__ ": Unexpected error (%d): This name lookup should fail\n", 
 125                                        r.out.ctr->ctr1->array[0].status);
 126                                 return false;
 127                         }
 128                         printf ("(expected) error\n");
 129                         break;
 130                 default:
 131                         if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
 132                                 printf("Error: %d\n", r.out.ctr->ctr1->array[0].status);
 133                                 return false;
 134                         }
 135                 }
 136 
 137                 switch (formats[i]) {
 138                 case DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL:
 139                         n_from[i] = user_principal_name;
 140                         break;
 141                 case DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL:  
 142                         n_from[i] = service_principal_name;
 143                         break;
 144                 case DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY: 
 145                 case DRSUAPI_DS_NAME_FORMAT_DNS_DOMAIN: 
 146                         n_from[i] = NULL;
 147                         break;
 148                 default:
 149                         n_from[i] = r.out.ctr->ctr1->array[0].result_name;
 150                         printf("%s\n", n_from[i]);
 151                 }
 152         }
 153 
 154         for (i = 0; i < ARRAY_SIZE(formats); i++) {
 155                 for (j = 0; j < ARRAY_SIZE(formats); j++) {
 156                         r.in.req->req1.format_offered   = formats[i];
 157                         r.in.req->req1.format_desired   = formats[j];
 158                         if (!n_from[i]) {
 159                                 n_matrix[i][j] = NULL;
 160                                 continue;
 161                         }
 162                         names[0].str = n_from[i];
 163                         status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
 164                         if (!NT_STATUS_IS_OK(status)) {
 165                                 const char *errstr = nt_errstr(status);
 166                                 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
 167                                         errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
 168                                 }
 169                                 printf("testing DsCrackNames (matrix) with name '%s' from format: %d desired format:%d failed - %s",
 170                                        names[0].str, r.in.req->req1.format_offered, r.in.req->req1.format_desired, errstr);
 171                                 ret = false;
 172                         } else if (!W_ERROR_IS_OK(r.out.result)) {
 173                                 printf("testing DsCrackNames (matrix) with name '%s' from format: %d desired format:%d failed - %s",
 174                                        names[0].str, r.in.req->req1.format_offered, r.in.req->req1.format_desired,
 175                                        win_errstr(r.out.result));
 176                                 ret = false;
 177                         }
 178                         
 179                         if (!ret) {
 180                                 return ret;
 181                         }
 182                         if (r.out.ctr->ctr1->array[0].status == DRSUAPI_DS_NAME_STATUS_OK) {
 183                                 n_matrix[i][j] = r.out.ctr->ctr1->array[0].result_name;
 184                         } else {
 185                                 n_matrix[i][j] = NULL;
 186                         }
 187                 }
 188         }
 189 
 190         for (i = 0; i < ARRAY_SIZE(formats); i++) {
 191                 for (j = 0; j < ARRAY_SIZE(formats); j++) {
 192                         if (n_matrix[i][j] == n_from[j]) {
 193                                 
 194                         /* We don't have a from name for these yet (and we can't map to them to find it out) */
 195                         } else if (n_matrix[i][j] == NULL && n_from[i] == NULL) {
 196                                 
 197                         /* we can't map to these two */
 198                         } else if (n_matrix[i][j] == NULL && formats[j] == DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL) {
 199                         } else if (n_matrix[i][j] == NULL && formats[j] == DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL) {
 200                         } else if (n_matrix[i][j] == NULL && n_from[j] != NULL) {
 201                                 printf("dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s\n", formats[i], formats[j], n_matrix[i][j], n_from[j]);
 202                                 ret = false;
 203                         } else if (n_matrix[i][j] != NULL && n_from[j] == NULL) {
 204                                 printf("dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s\n", formats[i], formats[j], n_matrix[i][j], n_from[j]);
 205                                 ret = false;
 206                         } else if (strcmp(n_matrix[i][j], n_from[j]) != 0) {
 207                                 printf("dcerpc_drsuapi_DsCrackNames mismatch - from %d to %d: %s should be %s\n", formats[i], formats[j], n_matrix[i][j], n_from[j]);
 208                                 ret = false;
 209                         }
 210                 }
 211         }
 212         return ret;
 213 }
 214 
 215 bool test_DsCrackNames(struct torture_context *tctx,
     /* [<][>][^][v][top][bottom][index][help] */
 216                        struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, 
 217                        struct DsPrivate *priv)
 218 {
 219         NTSTATUS status;
 220         struct drsuapi_DsCrackNames r;
 221         union drsuapi_DsNameRequest req;
 222         int32_t level_out;
 223         union drsuapi_DsNameCtr ctr;
 224         struct drsuapi_DsNameString names[1];
 225         bool ret = true;
 226         const char *dns_domain;
 227         const char *nt4_domain;
 228         const char *FQDN_1779_name;
 229         struct ldb_context *ldb;
 230         struct ldb_dn *FQDN_1779_dn;
 231         struct ldb_dn *realm_dn;
 232         const char *realm_dn_str;
 233         const char *realm_canonical;
 234         const char *realm_canonical_ex;
 235         const char *user_principal_name;
 236         char *user_principal_name_short;
 237         const char *service_principal_name;
 238         const char *canonical_name;
 239         const char *canonical_ex_name;
 240         const char *dom_sid;
 241         const char *test_dc = torture_join_netbios_name(priv->join);
 242 
 243         ZERO_STRUCT(r);
 244         r.in.bind_handle                = &priv->bind_handle;
 245         r.in.level                      = 1;
 246         r.in.req                        = &req;
 247         r.in.req->req1.codepage         = 1252; /* german */
 248         r.in.req->req1.language         = 0x00000407; /* german */
 249         r.in.req->req1.count            = 1;
 250         r.in.req->req1.names            = names;
 251         r.in.req->req1.format_flags     = DRSUAPI_DS_NAME_FLAG_NO_FLAGS;
 252 
 253         r.in.req->req1.format_offered   = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY;
 254         r.in.req->req1.format_desired   = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
 255 
 256         r.out.level_out                 = &level_out;
 257         r.out.ctr                       = &ctr;
 258 
 259         dom_sid = dom_sid_string(mem_ctx, torture_join_sid(priv->join));
 260         
 261         names[0].str = dom_sid;
 262 
 263         printf("testing DsCrackNames with name '%s' desired format:%d\n",
 264                         names[0].str, r.in.req->req1.format_desired);
 265 
 266         status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
 267         if (!NT_STATUS_IS_OK(status)) {
 268                 const char *errstr = nt_errstr(status);
 269                 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
 270                         errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
 271                 }
 272                 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
 273                 ret = false;
 274         } else if (!W_ERROR_IS_OK(r.out.result)) {
 275                 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
 276                 ret = false;
 277         } else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
 278                 printf("DsCrackNames failed on name - %d\n", r.out.ctr->ctr1->array[0].status);
 279                 ret = false;
 280         }
 281 
 282         if (!ret) {
 283                 return ret;
 284         }
 285 
 286         dns_domain = r.out.ctr->ctr1->array[0].dns_domain_name;
 287         nt4_domain = r.out.ctr->ctr1->array[0].result_name;
 288 
 289         r.in.req->req1.format_desired   = DRSUAPI_DS_NAME_FORMAT_GUID;
 290 
 291         printf("testing DsCrackNames with name '%s' desired format:%d\n",
 292                         names[0].str, r.in.req->req1.format_desired);
 293 
 294         status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
 295         if (!NT_STATUS_IS_OK(status)) {
 296                 const char *errstr = nt_errstr(status);
 297                 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
 298                         errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
 299                 }
 300                 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
 301                 ret = false;
 302         } else if (!W_ERROR_IS_OK(r.out.result)) {
 303                 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
 304                 ret = false;
 305         } else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
 306                 printf("DsCrackNames failed on name - %d\n", r.out.ctr->ctr1->array[0].status);
 307                 ret = false;
 308         }
 309 
 310         if (!ret) {
 311                 return ret;
 312         }
 313 
 314         priv->domain_dns_name = r.out.ctr->ctr1->array[0].dns_domain_name;
 315         priv->domain_guid_str = r.out.ctr->ctr1->array[0].result_name;
 316         GUID_from_string(priv->domain_guid_str, &priv->domain_guid);
 317 
 318         r.in.req->req1.format_desired   = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
 319 
 320         printf("testing DsCrackNames with name '%s' desired format:%d\n",
 321                         names[0].str, r.in.req->req1.format_desired);
 322 
 323         status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
 324         if (!NT_STATUS_IS_OK(status)) {
 325                 const char *errstr = nt_errstr(status);
 326                 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
 327                         errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
 328                 }
 329                 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
 330                 ret = false;
 331         } else if (!W_ERROR_IS_OK(r.out.result)) {
 332                 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
 333                 ret = false;
 334         } else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
 335                 printf("DsCrackNames failed on name - %d\n", r.out.ctr->ctr1->array[0].status);
 336                 ret = false;
 337         }
 338 
 339         if (!ret) {
 340                 return ret;
 341         }
 342 
 343         ldb = ldb_init(mem_ctx, tctx->ev);
 344         
 345         realm_dn_str = r.out.ctr->ctr1->array[0].result_name;
 346         realm_dn =  ldb_dn_new(mem_ctx, ldb, realm_dn_str);
 347         realm_canonical = ldb_dn_canonical_string(mem_ctx, realm_dn);
 348 
 349         if (strcmp(realm_canonical, 
 350                    talloc_asprintf(mem_ctx, "%s/", dns_domain))!= 0) {
 351                 printf("local Round trip on canonical name failed: %s != %s!\n",
 352                        realm_canonical, 
 353                        talloc_asprintf(mem_ctx, "%s/", dns_domain));
 354                     return false;
 355         };
 356 
 357         realm_canonical_ex = ldb_dn_canonical_ex_string(mem_ctx, realm_dn);
 358 
 359         if (strcmp(realm_canonical_ex, 
 360                    talloc_asprintf(mem_ctx, "%s\n", dns_domain))!= 0) {
 361                 printf("local Round trip on canonical ex name failed: %s != %s!\n",
 362                        realm_canonical, 
 363                        talloc_asprintf(mem_ctx, "%s\n", dns_domain));
 364                     return false;
 365         };
 366 
 367         r.in.req->req1.format_offered   = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
 368         r.in.req->req1.format_desired   = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
 369         names[0].str = nt4_domain;
 370 
 371         printf("testing DsCrackNames with name '%s' desired format:%d\n",
 372                         names[0].str, r.in.req->req1.format_desired);
 373 
 374         status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
 375         if (!NT_STATUS_IS_OK(status)) {
 376                 const char *errstr = nt_errstr(status);
 377                 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
 378                         errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
 379                 }
 380                 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
 381                 ret = false;
 382         } else if (!W_ERROR_IS_OK(r.out.result)) {
 383                 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
 384                 ret = false;
 385         } else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
 386                 printf("DsCrackNames failed on name - %d\n", r.out.ctr->ctr1->array[0].status);
 387                 ret = false;
 388         }
 389 
 390         if (!ret) {
 391                 return ret;
 392         }
 393 
 394         priv->domain_obj_dn = r.out.ctr->ctr1->array[0].result_name;
 395 
 396         r.in.req->req1.format_offered   = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT;
 397         r.in.req->req1.format_desired   = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
 398         names[0].str = talloc_asprintf(mem_ctx, "%s%s$", nt4_domain, test_dc);
 399 
 400         printf("testing DsCrackNames with name '%s' desired format:%d\n",
 401                names[0].str, r.in.req->req1.format_desired);
 402 
 403         status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
 404         if (!NT_STATUS_IS_OK(status)) {
 405                 const char *errstr = nt_errstr(status);
 406                 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
 407                         errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
 408                 }
 409                 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
 410                 ret = false;
 411         } else if (!W_ERROR_IS_OK(r.out.result)) {
 412                 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
 413                 ret = false;
 414         } else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
 415                 printf("DsCrackNames failed on name - %d\n", r.out.ctr->ctr1->array[0].status);
 416                 ret = false;
 417         }
 418 
 419         if (!ret) {
 420                 return ret;
 421         }
 422 
 423         FQDN_1779_name = r.out.ctr->ctr1->array[0].result_name;
 424 
 425         r.in.req->req1.format_offered   = DRSUAPI_DS_NAME_FORMAT_GUID;
 426         r.in.req->req1.format_desired   = DRSUAPI_DS_NAME_FORMAT_FQDN_1779;
 427         names[0].str = priv->domain_guid_str;
 428 
 429         printf("testing DsCrackNames with name '%s' desired format:%d\n",
 430                names[0].str, r.in.req->req1.format_desired);
 431 
 432         status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
 433         if (!NT_STATUS_IS_OK(status)) {
 434                 const char *errstr = nt_errstr(status);
 435                 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
 436                         errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
 437                 }
 438                 printf("dcerpc_drsuapi_DsCrackNames failed - %s\n", errstr);
 439                 ret = false;
 440         } else if (!W_ERROR_IS_OK(r.out.result)) {
 441                 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
 442                 ret = false;
 443         } else if (r.out.ctr->ctr1->array[0].status != DRSUAPI_DS_NAME_STATUS_OK) {
 444                 printf("DsCrackNames failed on name - %d\n", r.out.ctr->ctr1->array[0].status);
 445                 ret = false;
 446         }
 447 
 448         if (!ret) {
 449                 return ret;
 450         }
 451 
 452         if (strcmp(priv->domain_dns_name, r.out.ctr->ctr1->array[0].dns_domain_name) != 0) {
 453                 printf("DsCrackNames failed to return same DNS name - expected %s got %s\n", priv->domain_dns_name, r.out.ctr->ctr1->array[0].dns_domain_name);
 454                 return false;
 455         }
 456 
 457         FQDN_1779_dn = ldb_dn_new(mem_ctx, ldb, FQDN_1779_name);
 458 
 459         canonical_name = ldb_dn_canonical_string(mem_ctx, FQDN_1779_dn);
 460         canonical_ex_name = ldb_dn_canonical_ex_string(mem_ctx, FQDN_1779_dn);
 461 
 462         user_principal_name = talloc_asprintf(mem_ctx, "%s$@%s", test_dc, dns_domain);
 463 
 464         /* form up a user@DOMAIN */
 465         user_principal_name_short = talloc_asprintf(mem_ctx, "%s$@%s", test_dc, nt4_domain);
 466         /* variable nt4_domain includs a trailing \ */
 467         user_principal_name_short[strlen(user_principal_name_short) - 1] = '\0';
 468         
 469         service_principal_name = talloc_asprintf(mem_ctx, "HOST/%s", test_dc);
 470         {
 471                 
 472                 struct {
 473                         enum drsuapi_DsNameFormat format_offered;
 474                         enum drsuapi_DsNameFormat format_desired;
 475                         const char *comment;
 476                         const char *str;
 477                         const char *expected_str;
 478                         const char *expected_dns;
 479                         enum drsuapi_DsNameStatus status;
 480                         enum drsuapi_DsNameStatus alternate_status;
 481                         enum drsuapi_DsNameFlags flags;
 482                         bool skip;
 483                 } crack[] = {
 484                         {
 485                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
 486                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 487                                 .str = user_principal_name,
 488                                 .expected_str = FQDN_1779_name,
 489                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 490                         },
 491                         {
 492                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
 493                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 494                                 .str = user_principal_name_short,
 495                                 .expected_str = FQDN_1779_name,
 496                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 497                         },
 498                         {
 499                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 500                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
 501                                 .str = FQDN_1779_name,
 502                                 .status = DRSUAPI_DS_NAME_STATUS_NO_MAPPING
 503                         },
 504                         {
 505                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
 506                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 507                                 .str = service_principal_name,
 508                                 .expected_str = FQDN_1779_name,
 509                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 510                         },
 511                         {
 512                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
 513                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 514                                 .str = talloc_asprintf(mem_ctx, "cifs/%s.%s", test_dc, dns_domain),
 515                                 .comment = "ServicePrincipal Name",
 516                                 .expected_str = FQDN_1779_name,
 517                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 518                         },
 519                         {
 520                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 521                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_CANONICAL,
 522                                 .str = FQDN_1779_name,
 523                                 .expected_str = canonical_name,
 524                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 525                         },
 526                         {
 527                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_CANONICAL, 
 528                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 529                                 .str = canonical_name,
 530                                 .expected_str = FQDN_1779_name,
 531                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 532                         },
 533                         {
 534                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 535                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX,
 536                                 .str = FQDN_1779_name,
 537                                 .expected_str = canonical_ex_name,
 538                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 539                         },
 540                         {
 541                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX, 
 542                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 543                                 .str = canonical_ex_name,
 544                                 .expected_str = FQDN_1779_name,
 545                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 546                         },
 547                         {
 548                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 549                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_CANONICAL,
 550                                 .str = FQDN_1779_name,
 551                                 .comment = "DN to cannoical syntactial only",
 552                                 .status = DRSUAPI_DS_NAME_STATUS_OK,
 553                                 .expected_str = canonical_name,
 554                                 .flags = DRSUAPI_DS_NAME_FLAG_SYNTACTICAL_ONLY
 555                         },
 556                         {
 557                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 558                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX,
 559                                 .str = FQDN_1779_name,
 560                                 .comment = "DN to cannoical EX syntactial only",
 561                                 .status = DRSUAPI_DS_NAME_STATUS_OK,
 562                                 .expected_str = canonical_ex_name,
 563                                 .flags = DRSUAPI_DS_NAME_FLAG_SYNTACTICAL_ONLY
 564                         },
 565                         {
 566                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 567                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_DISPLAY,
 568                                 .str = FQDN_1779_name,
 569                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 570                         },
 571                         {
 572                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 573                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_GUID,
 574                                 .str = FQDN_1779_name,
 575                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 576                         },
 577                         {
 578                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
 579                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
 580                                 .str = priv->domain_guid_str,
 581                                 .comment = "Domain GUID to NT4 ACCOUNT",
 582                                 .expected_str = nt4_domain,
 583                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 584                         },
 585                         {
 586                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
 587                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_CANONICAL,
 588                                 .str = priv->domain_guid_str,
 589                                 .comment = "Domain GUID to Canonical",
 590                                 .expected_str = talloc_asprintf(mem_ctx, "%s/", dns_domain),
 591                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 592                         },
 593                         {
 594                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
 595                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_CANONICAL_EX,
 596                                 .str = priv->domain_guid_str,
 597                                 .comment = "Domain GUID to Canonical EX",
 598                                 .expected_str = talloc_asprintf(mem_ctx, "%s\n", dns_domain),
 599                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 600                         },
 601                         {
 602                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_DISPLAY,
 603                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 604                                 .str = "CN=Microsoft Corporation,L=Redmond,S=Washington,C=US",
 605                                 .comment = "display name for Microsoft Support Account",
 606                                 .status = DRSUAPI_DS_NAME_STATUS_OK,
 607                                 .alternate_status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE,
 608                                 .skip = torture_setting_bool(tctx, "samba4", false)
 609                         },
 610                         {
 611                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
 612                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 613                                 .str = GUID_string2(mem_ctx, torture_join_user_guid(priv->join)),
 614                                 .comment = "Account GUID -> DN",
 615                                 .expected_str = FQDN_1779_name,
 616                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 617                         },
 618                         {
 619                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
 620                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
 621                                 .str = GUID_string2(mem_ctx, torture_join_user_guid(priv->join)),
 622                                 .comment = "Account GUID -> NT4 Account",
 623                                 .expected_str = talloc_asprintf(mem_ctx, "%s%s$", nt4_domain, test_dc),
 624                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 625                         },
 626                         {               
 627                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
 628                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 629                                 .str = GUID_string2(mem_ctx, &priv->dcinfo.site_guid),
 630                                 .comment = "Site GUID",
 631                                 .expected_str = priv->dcinfo.site_dn,
 632                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 633                         },
 634                         {
 635                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
 636                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 637                                 .str = GUID_string2(mem_ctx, &priv->dcinfo.computer_guid),
 638                                 .comment = "Computer GUID",
 639                                 .expected_str = priv->dcinfo.computer_dn,
 640                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 641                         },
 642                         {
 643                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
 644                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
 645                                 .str = GUID_string2(mem_ctx, &priv->dcinfo.computer_guid),
 646                                 .comment = "Computer GUID -> NT4 Account",
 647                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 648                         },
 649                         {
 650                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
 651                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 652                                 .str = GUID_string2(mem_ctx, &priv->dcinfo.server_guid),
 653                                 .comment = "Server GUID",
 654                                 .expected_str = priv->dcinfo.server_dn,
 655                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 656                         },
 657                         {
 658                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
 659                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 660                                 .str = GUID_string2(mem_ctx, &priv->dcinfo.ntds_guid),
 661                                 .comment = "NTDS GUID",
 662                                 .expected_str = priv->dcinfo.ntds_dn,
 663                                 .status = DRSUAPI_DS_NAME_STATUS_OK,
 664                                 .skip = GUID_all_zero(&priv->dcinfo.ntds_guid)
 665                         },
 666                         {
 667                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_DISPLAY,
 668                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 669                                 .str = test_dc,
 670                                 .comment = "DISLPAY NAME search for DC short name",
 671                                 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
 672                         },
 673                         {
 674                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
 675                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 676                                 .str = talloc_asprintf(mem_ctx, "krbtgt/%s", dns_domain),
 677                                 .comment = "Looking for KRBTGT as a serivce principal",
 678                                 .status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY,
 679                                 .expected_dns = dns_domain
 680                         },
 681                         {
 682                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
 683                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 684                                 .str = talloc_asprintf(mem_ctx, "bogus/%s", dns_domain),
 685                                 .comment = "Looking for bogus serivce principal",
 686                                 .status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY,
 687                                 .expected_dns = dns_domain
 688                         },
 689                         {
 690                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
 691                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 692                                 .str = talloc_asprintf(mem_ctx, "bogus/%s.%s", test_dc, dns_domain),
 693                                 .comment = "Looking for bogus serivce on test DC",
 694                                 .status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY,
 695                                 .expected_dns = talloc_asprintf(mem_ctx, "%s.%s", test_dc, dns_domain)
 696                         },
 697                         { 
 698                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
 699                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 700                                 .str = talloc_asprintf(mem_ctx, "krbtgt"),
 701                                 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
 702                         },
 703                         { 
 704                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
 705                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 706                                 .comment = "Looking for the kadmin/changepw service as a serivce principal",
 707                                 .str = talloc_asprintf(mem_ctx, "kadmin/changepw"),
 708                                 .status = DRSUAPI_DS_NAME_STATUS_OK,
 709                                 .expected_str = talloc_asprintf(mem_ctx, "CN=krbtgt,CN=Users,%s", realm_dn_str),
 710                                 .alternate_status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
 711                         },
 712                         {
 713                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
 714                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 715                                 .str = talloc_asprintf(mem_ctx, "cifs/%s.%s@%s", 
 716                                                        test_dc, dns_domain,
 717                                                        dns_domain),
 718                                 .status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY
 719                         },
 720                         {
 721                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
 722                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 723                                 .str = talloc_asprintf(mem_ctx, "cifs/%s.%s@%s", 
 724                                                        test_dc, dns_domain,
 725                                                        "BOGUS"),
 726                                 .status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY,
 727                                 .expected_dns = "BOGUS"
 728                         },
 729                         {
 730                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
 731                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 732                                 .str = talloc_asprintf(mem_ctx, "cifs/%s.%s@%s", 
 733                                                        test_dc, "REALLY",
 734                                                        "BOGUS"),
 735                                 .status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY,
 736                                 .expected_dns = "BOGUS"
 737                         },
 738                         {
 739                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
 740                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 741                                 .str = talloc_asprintf(mem_ctx, "cifs/%s.%s", 
 742                                                        test_dc, dns_domain),
 743                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 744                         },
 745                         {
 746                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
 747                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 748                                 .str = talloc_asprintf(mem_ctx, "cifs/%s", 
 749                                                        test_dc),
 750                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 751                         },
 752                         {
 753                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
 754                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 755                                 .str = "NOT A GUID",
 756                                 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
 757                         },
 758                         {
 759                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
 760                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 761                                 .str = "NOT A SID",
 762                                 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
 763                         },
 764                         {
 765                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
 766                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 767                                 .str = "NOT AN NT4 NAME",
 768                                 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
 769                         },
 770                         {
 771                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 772                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_GUID,
 773                                 .comment = "Unparsable DN",
 774                                 .str = "NOT A DN",
 775                                 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
 776                         },
 777                         {
 778                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
 779                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 780                                 .comment = "Unparsable user principal",
 781                                 .str = "NOT A PRINCIPAL",
 782                                 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
 783                         },
 784                         {
 785                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
 786                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 787                                 .comment = "Unparsable service principal",
 788                                 .str = "NOT A SERVICE PRINCIPAL",
 789                                 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
 790                         },
 791                         {
 792                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_GUID,
 793                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 794                                 .comment = "BIND GUID (ie, not in the directory)",
 795                                 .str = GUID_string2(mem_ctx, &priv->bind_guid),
 796                                 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
 797                         },
 798                         {
 799                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
 800                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 801                                 .comment = "Unqualified Machine account as user principal",
 802                                 .str = talloc_asprintf(mem_ctx, "%s$", test_dc),
 803                                 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
 804                         },
 805                         {
 806                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
 807                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 808                                 .comment = "Machine account as service principal",
 809                                 .str = talloc_asprintf(mem_ctx, "%s$", test_dc),
 810                                 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
 811                         },
 812                         {
 813                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SERVICE_PRINCIPAL,
 814                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 815                                 .comment = "Full Machine account as service principal",
 816                                 .str = user_principal_name,
 817                                 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
 818                         },
 819                         {
 820                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
 821                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 822                                 .comment = "Realm as an NT4 domain lookup",
 823                                 .str = talloc_asprintf(mem_ctx, "%s\\", dns_domain),
 824                                 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
 825                         }, 
 826                         {
 827                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
 828                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 829                                 .comment = "BUILTIN\\ -> DN",
 830                                 .str = "BUILTIN\\",
 831                                 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
 832                         }, 
 833                         {
 834                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
 835                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 836                                 .comment = "NT AUTHORITY\\ -> DN",
 837                                 .str = "NT AUTHORITY\\",
 838                                 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
 839                         }, 
 840                         {
 841                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
 842                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 843                                 .comment = "NT AUTHORITY\\ANONYMOUS LOGON -> DN",
 844                                 .str = "NT AUTHORITY\\ANONYMOUS LOGON",
 845                                 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
 846                         }, 
 847                         {
 848                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
 849                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 850                                 .comment = "NT AUTHORITY\\SYSTEM -> DN",
 851                                 .str = "NT AUTHORITY\\SYSTEM",
 852                                 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
 853                         }, 
 854                         {
 855                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
 856                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
 857                                 .comment = "BUITIN SID -> NT4 account",
 858                                 .str = SID_BUILTIN,
 859                                 .status = DRSUAPI_DS_NAME_STATUS_NO_MAPPING,
 860                                 .alternate_status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
 861                         }, 
 862                         {
 863                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
 864                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 865                                 .str = SID_BUILTIN,
 866                                 .comment = "Builtin Domain SID -> DN",
 867                                 .status = DRSUAPI_DS_NAME_STATUS_OK,
 868                                 .expected_str = talloc_asprintf(mem_ctx, "CN=Builtin,%s", realm_dn_str),
 869                                 .alternate_status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
 870                         },
 871                         {
 872                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
 873                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 874                                 .str = SID_BUILTIN_ADMINISTRATORS,
 875                                 .comment = "Builtin Administrors SID -> DN",
 876                                 .status = DRSUAPI_DS_NAME_STATUS_OK,
 877                                 .alternate_status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
 878                         },
 879                         {
 880                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
 881                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
 882                                 .str = SID_BUILTIN_ADMINISTRATORS,
 883                                 .comment = "Builtin Administrors SID -> NT4 Account",
 884                                 .status = DRSUAPI_DS_NAME_STATUS_OK,
 885                                 .alternate_status = DRSUAPI_DS_NAME_STATUS_NOT_UNIQUE
 886                         },
 887                         {
 888                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
 889                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
 890                                 .str = SID_NT_ANONYMOUS,
 891                                 .comment = "NT Anonymous SID -> NT4 Account",
 892                                 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
 893                         },
 894                         {
 895                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
 896                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
 897                                 .str = SID_NT_SYSTEM,
 898                                 .comment = "NT SYSTEM SID -> NT4 Account",
 899                                 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
 900                         },
 901                         {
 902                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
 903                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 904                                 .comment = "Domain SID -> DN",
 905                                 .str = dom_sid,
 906                                 .expected_str = realm_dn_str,
 907                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 908                         },
 909                         {
 910                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY,
 911                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT,
 912                                 .comment = "Domain SID -> NT4 account",
 913                                 .str = dom_sid,
 914                                 .expected_str = nt4_domain,
 915                                 .status = DRSUAPI_DS_NAME_STATUS_OK
 916                         },
 917                         {
 918                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
 919                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 920                                 .comment = "invalid user principal name",
 921                                 .str = "foo@bar",
 922                                 .status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY,
 923                                 .expected_dns = "bar"
 924                         },
 925                         {
 926                                 .format_offered = DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL,
 927                                 .format_desired = DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
 928                                 .comment = "invalid user principal name in valid domain",
 929                                 .str = talloc_asprintf(mem_ctx, "invalidusername@%s", dns_domain),
 930                                 .status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND
 931                         }
 932                 };
 933                 int i;
 934                 
 935                 for (i=0; i < ARRAY_SIZE(crack); i++) {
 936                         const char *comment;
 937                         r.in.req->req1.format_flags   = crack[i].flags;
 938                         r.in.req->req1.format_offered = crack[i].format_offered;
 939                         r.in.req->req1.format_desired = crack[i].format_desired;
 940                         names[0].str = crack[i].str;
 941                         
 942                         if (crack[i].comment) {
 943                                 comment = talloc_asprintf(mem_ctx, "'%s' with name '%s' desired format:%d\n",
 944                                                           crack[i].comment, names[0].str, r.in.req->req1.format_desired);
 945                         } else {
 946                                 comment = talloc_asprintf(mem_ctx, "'%s' desired format:%d\n",
 947                                        names[0].str, r.in.req->req1.format_desired);
 948                         }
 949                         if (crack[i].skip) {
 950                                 printf("skipping: %s", comment);
 951                                 continue;
 952                         }
 953                         status = dcerpc_drsuapi_DsCrackNames(p, mem_ctx, &r);
 954                         if (!NT_STATUS_IS_OK(status)) {
 955                                 const char *errstr = nt_errstr(status);
 956                                 if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
 957                                         errstr = dcerpc_errstr(mem_ctx, p->last_fault_code);
 958                                 }
 959                                 printf("dcerpc_drsuapi_DsCrackNames failed on %s - %s\n", comment, errstr);
 960                                 ret = false;
 961                         } else if (!W_ERROR_IS_OK(r.out.result)) {
 962                                 printf("DsCrackNames failed - %s\n", win_errstr(r.out.result));
 963                                 ret = false;
 964                         } else if (r.out.ctr->ctr1->array[0].status != crack[i].status) {
 965                                 if (crack[i].alternate_status) {
 966                                         if (r.out.ctr->ctr1->array[0].status != crack[i].alternate_status) {
 967                                                 printf("DsCrackNames unexpected status %d, wanted %d or %d on: %s\n", 
 968                                                        r.out.ctr->ctr1->array[0].status,
 969                                                        crack[i].status,
 970                                                        crack[i].alternate_status,
 971                                                        comment);
 972                                                 ret = false;
 973                                         }
 974                                 } else {
 975                                         printf("DsCrackNames unexpected status %d, wanted %d on: %s\n", 
 976                                                r.out.ctr->ctr1->array[0].status,
 977                                                crack[i].status,
 978                                                comment);
 979                                         ret = false;
 980                                 }
 981                         } else if (crack[i].expected_str
 982                                    && (strcmp(r.out.ctr->ctr1->array[0].result_name,
 983                                               crack[i].expected_str) != 0)) {
 984                                 if (strcasecmp(r.out.ctr->ctr1->array[0].result_name,
 985                                                crack[i].expected_str) != 0) {
 986                                         printf("DsCrackNames failed - got %s, expected %s on %s\n", 
 987                                                r.out.ctr->ctr1->array[0].result_name,
 988                                                crack[i].expected_str, comment);
 989                                         ret = false;
 990                                 } else {
 991                                         printf("(warning) DsCrackNames returned different case - got %s, expected %s on %s\n", 
 992                                                r.out.ctr->ctr1->array[0].result_name,
 993                                                crack[i].expected_str, comment);
 994                                 }
 995                         } else if (crack[i].expected_dns
 996                                    && (strcmp(r.out.ctr->ctr1->array[0].dns_domain_name,
 997                                               crack[i].expected_dns) != 0)) {
 998                                 printf("DsCrackNames failed - got DNS name %s, expected %s on %s\n", 
 999                                        r.out.ctr->ctr1->array[0].result_name,
1000                                        crack[i].expected_str, comment);
1001                                 ret = false;
1002                         }
1003                 }
1004         }
1005 
1006         if (!test_DsCrackNamesMatrix(p, mem_ctx, priv, FQDN_1779_name, 
1007                                      user_principal_name, service_principal_name)) {
1008                 ret = false;
1009         }
1010 
1011         return ret;
1012 }

/* [<][>][^][v][top][bottom][index][help] */