static bool test_handles_drsuapi(struct torture_context *torture)
{
NTSTATUS status;
struct dcerpc_pipe *p1, *p2;
struct policy_handle handle;
struct policy_handle handle2;
struct GUID bind_guid;
struct drsuapi_DsBind r;
struct drsuapi_DsUnbind c;
TALLOC_CTX *mem_ctx = talloc_new(torture);
torture_comment(torture, "RPC-HANDLE-DRSUAPI\n");
status = torture_rpc_connection(mem_ctx, &p1, &dcerpc_table_drsuapi);
torture_assert_ntstatus_ok(torture, status, "opening drsuapi pipe1");
status = torture_rpc_connection(mem_ctx, &p2, &dcerpc_table_drsuapi);
torture_assert_ntstatus_ok(torture, status, "opening drsuapi pipe1");
GUID_from_string(DRSUAPI_DS_BIND_GUID, &bind_guid);
r.in.bind_guid = &bind_guid;
r.in.bind_info = NULL;
r.out.bind_handle = &handle;
status = dcerpc_drsuapi_DsBind(p1, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
torture_comment(torture, "drsuapi_DsBind not supported - skipping\n");
talloc_free(mem_ctx);
return true;
}
c.in.bind_handle = &handle;
c.out.bind_handle = &handle2;
status = dcerpc_drsuapi_DsUnbind(p2, mem_ctx, &c);
torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
"closing policy handle on p2");
torture_assert_int_equal(torture, p2->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
"closing policy handle on p2");
status = dcerpc_drsuapi_DsUnbind(p1, mem_ctx, &c);
torture_assert_ntstatus_ok(torture, status, "closing policy handle on p1");
status = dcerpc_drsuapi_DsUnbind(p1, mem_ctx, &c);
torture_assert_ntstatus_equal(torture, status, NT_STATUS_NET_WRITE_FAULT,
"closing policy handle on p1 again");
torture_assert_int_equal(torture, p1->last_fault_code, DCERPC_FAULT_CONTEXT_MISMATCH,
"closing policy handle on p1 again");
talloc_free(mem_ctx);
return true;
}
static int libnet_dssync_free_context(struct dssync_context *ctx)
{
WERROR result;
struct dcerpc_binding_handle *b;
if (!ctx) {
return 0;
}
if (is_valid_policy_hnd(&ctx->bind_handle) && ctx->cli) {
b = ctx->cli->binding_handle;
dcerpc_drsuapi_DsUnbind(b, ctx, &ctx->bind_handle, &result);
}
return 0;
}
static WERROR cmd_drsuapi_cracknames(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
NTSTATUS status;
WERROR werr;
int i;
struct GUID bind_guid;
struct policy_handle bind_handle;
struct dcerpc_binding_handle *b = cli->binding_handle;
union drsuapi_DsNameCtr ctr;
if (argc < 2) {
printf("usage: %s name\n", argv[0]);
return WERR_OK;
}
GUID_from_string(DRSUAPI_DS_BIND_GUID, &bind_guid);
status = dcerpc_drsuapi_DsBind(b, mem_ctx,
&bind_guid,
NULL,
&bind_handle,
&werr);
if (!NT_STATUS_IS_OK(status)) {
return ntstatus_to_werror(status);
}
if (!W_ERROR_IS_OK(werr)) {
return werr;
}
werr = cracknames(cli, mem_ctx,
&bind_handle,
DRSUAPI_DS_NAME_FORMAT_UNKNOWN,
DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
1,
argv+1,
&ctr);
if (!W_ERROR_IS_OK(werr)) {
goto out;
}
for (i=0; i < ctr.ctr1->count; i++) {
printf("status: %d\n",
ctr.ctr1->array[i].status);
printf("dns_domain_name: %s\n",
ctr.ctr1->array[i].dns_domain_name);
printf("result_name: %s\n",
ctr.ctr1->array[i].result_name);
}
out:
if (is_valid_policy_hnd(&bind_handle)) {
WERROR _werr;
dcerpc_drsuapi_DsUnbind(b, mem_ctx, &bind_handle, &_werr);
}
return werr;
}
static WERROR cmd_drsuapi_writeaccountspn(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
NTSTATUS status;
WERROR werr;
struct GUID bind_guid;
struct policy_handle bind_handle;
struct dcerpc_binding_handle *b = cli->binding_handle;
struct drsuapi_DsNameString *spn_names = NULL;
int i = 0;
uint32_t level_out;
union drsuapi_DsWriteAccountSpnRequest req;
union drsuapi_DsWriteAccountSpnResult result;
if (argc < 4) {
printf("usage: %s [add|replace|delete] dn [spn_names]+\n", argv[0]);
return WERR_OK;
}
req.req1.unknown1 = 0; /* Unused, must be 0 */
req.req1.object_dn = argv[2];
req.req1.count = argc - 3;
if (strcmp(argv[1], "add") == 0) {
req.req1.operation = DRSUAPI_DS_SPN_OPERATION_ADD;
} else if (strcmp(argv[1], "replace") == 0) {
req.req1.operation = DRSUAPI_DS_SPN_OPERATION_REPLACE;
} else if (strcmp(argv[1], "delete") == 0) {
req.req1.operation = DRSUAPI_DS_SPN_OPERATION_DELETE;
} else {
printf("usage: %s [add|replace|delete] dn [spn_names]+\n", argv[0]);
return WERR_OK;
}
spn_names = talloc_zero_array(mem_ctx,
struct drsuapi_DsNameString,
req.req1.count);
W_ERROR_HAVE_NO_MEMORY(spn_names);
for (i=0; i<req.req1.count; i++) {
spn_names[i].str = argv[i + 3];
}
req.req1.spn_names = spn_names;
GUID_from_string(DRSUAPI_DS_BIND_GUID, &bind_guid);
status = dcerpc_drsuapi_DsBind(b, mem_ctx,
&bind_guid,
NULL,
&bind_handle,
&werr);
if (!NT_STATUS_IS_OK(status)) {
return ntstatus_to_werror(status);
}
if (!W_ERROR_IS_OK(werr)) {
return werr;
}
status = dcerpc_drsuapi_DsWriteAccountSpn(b, mem_ctx,
&bind_handle,
1,
&req,
&level_out,
&result,
&werr);
if (!NT_STATUS_IS_OK(status)) {
werr = ntstatus_to_werror(status);
goto out;
}
if (!W_ERROR_IS_OK(werr)) {
goto out;
}
out:
if (is_valid_policy_hnd(&bind_handle)) {
WERROR _werr;
dcerpc_drsuapi_DsUnbind(b, mem_ctx, &bind_handle, &_werr);
}
return werr;
}
static WERROR cmd_drsuapi_getdcinfo(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
NTSTATUS status;
WERROR werr;
struct GUID bind_guid;
struct policy_handle bind_handle;
struct dcerpc_binding_handle *b = cli->binding_handle;
const char *domain = NULL;
int32_t level = 1;
int32_t level_out;
union drsuapi_DsGetDCInfoRequest req;
union drsuapi_DsGetDCInfoCtr ctr;
if (argc < 2) {
printf("usage: %s domain [level]\n", argv[0]);
return WERR_OK;
}
domain = argv[1];
if (argc >= 3) {
level = atoi(argv[2]);
}
GUID_from_string(DRSUAPI_DS_BIND_GUID, &bind_guid);
status = dcerpc_drsuapi_DsBind(b, mem_ctx,
&bind_guid,
NULL,
&bind_handle,
&werr);
if (!NT_STATUS_IS_OK(status)) {
return ntstatus_to_werror(status);
}
if (!W_ERROR_IS_OK(werr)) {
return werr;
}
req.req1.domain_name = domain;
req.req1.level = level;
status = dcerpc_drsuapi_DsGetDomainControllerInfo(b, mem_ctx,
&bind_handle,
1,
&req,
&level_out,
&ctr,
&werr);
if (!NT_STATUS_IS_OK(status)) {
werr = ntstatus_to_werror(status);
goto out;
}
if (!W_ERROR_IS_OK(werr)) {
goto out;
}
display_domain_controller_info(level_out, &ctr);
out:
if (is_valid_policy_hnd(&bind_handle)) {
WERROR _werr;
dcerpc_drsuapi_DsUnbind(b, mem_ctx, &bind_handle, &_werr);
}
return werr;
}
