/** * Creates a Group object using SAMR interface * * @param group_name [in] Name of the group to create * @param rid [out] RID of group created. May be NULL in * which case RID is not required by caller */ bool test_group_create(struct torture_context *tctx, struct dcerpc_binding_handle *b, TALLOC_CTX *mem_ctx, struct policy_handle *handle, const char *group_name, uint32_t *rid) { uint32_t group_rid; struct lsa_String groupname; struct samr_CreateDomainGroup r; struct policy_handle group_handle; groupname.string = group_name; r.in.domain_handle = handle; r.in.name = &groupname; r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; r.out.group_handle = &group_handle; /* use local variable in case caller * don't care about the group RID */ r.out.rid = rid ? rid : &group_rid; torture_comment(tctx, "creating group account %s\n", group_name); torture_assert_ntstatus_ok(tctx, dcerpc_samr_CreateDomainGroup_r(b, mem_ctx, &r), "CreateGroup failed"); if (!NT_STATUS_IS_OK(r.out.result)) { torture_comment(tctx, "CreateGroup failed - %s\n", nt_errstr(r.out.result)); if (NT_STATUS_EQUAL(r.out.result, NT_STATUS_GROUP_EXISTS)) { torture_comment(tctx, "Group (%s) already exists - " "attempting to delete and recreate group again\n", group_name); if (!test_group_cleanup(tctx, b, mem_ctx, handle, group_name)) { return false; } torture_comment(tctx, "creating group account\n"); torture_assert_ntstatus_ok(tctx, dcerpc_samr_CreateDomainGroup_r(b, mem_ctx, &r), "CreateGroup failed"); torture_assert_ntstatus_ok(tctx, r.out.result, "CreateGroup failed"); /* be nice and close opened handles */ test_samr_close_handle(tctx, b, mem_ctx, &group_handle); return true; } return false; } /* be nice and close opened handles */ test_samr_close_handle(tctx, b, mem_ctx, &group_handle); return true; }
bool torture_groupinfo(struct torture_context *torture) { NTSTATUS status; struct dcerpc_pipe *p; TALLOC_CTX *mem_ctx; bool ret = true; struct policy_handle h; struct lsa_String name; struct dom_sid2 sid; uint32_t rid; struct dcerpc_binding_handle *b; mem_ctx = talloc_init("test_userinfo"); status = torture_rpc_connection(torture, &p, &ndr_table_samr); if (!NT_STATUS_IS_OK(status)) { return false; } b = p->binding_handle; name.string = lpcfg_workgroup(torture->lp_ctx); /* * Testing synchronous version */ if (!test_domain_open(torture, b, &name, mem_ctx, &h, &sid)) { ret = false; goto done; } if (!test_group_create(torture, b, mem_ctx, &h, TEST_GROUPNAME, &rid)) { ret = false; goto done; } if (!test_groupinfo(torture, p, mem_ctx, &h, &sid, TEST_GROUPNAME, &rid)) { ret = false; goto done; } if (!test_group_cleanup(torture, b, mem_ctx, &h, TEST_GROUPNAME)) { ret = false; goto done; } done: talloc_free(mem_ctx); return ret; }
bool test_group_create(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle, const char *name, uint32_t *rid) { NTSTATUS status; struct lsa_String groupname; struct samr_CreateDomainGroup r; struct policy_handle group_handle; groupname.string = name; r.in.domain_handle = handle; r.in.name = &groupname; r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; r.out.group_handle = &group_handle; r.out.rid = rid; printf("creating group account %s\n", name); status = dcerpc_samr_CreateDomainGroup(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("CreateGroup failed - %s\n", nt_errstr(status)); if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) { printf("Group (%s) already exists - attempting to delete and recreate account again\n", name); if (!test_group_cleanup(p, mem_ctx, handle, name)) { return false; } printf("creating group account\n"); status = dcerpc_samr_CreateDomainGroup(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("CreateGroup failed - %s\n", nt_errstr(status)); return false; } return true; } return false; } return true; }
bool torture_creategroup(struct torture_context *torture) { bool ret = true; NTSTATUS status; TALLOC_CTX *mem_ctx = NULL; struct libnet_context *ctx; struct libnet_CreateGroup req; mem_ctx = talloc_init("test_creategroup"); ctx = libnet_context_init(torture->ev, torture->lp_ctx); ctx->cred = popt_get_cmdline_credentials(); req.in.group_name = TEST_GROUPNAME; req.in.domain_name = lpcfg_workgroup(torture->lp_ctx); req.out.error_string = NULL; status = libnet_CreateGroup(ctx, mem_ctx, &req); if (!NT_STATUS_IS_OK(status)) { torture_comment(torture, "libnet_CreateGroup call failed: %s\n", nt_errstr(status)); ret = false; goto done; } if (!test_group_cleanup(torture, ctx->samr.pipe->binding_handle, mem_ctx, &ctx->samr.handle, TEST_GROUPNAME)) { torture_comment(torture, "cleanup failed\n"); ret = false; goto done; } if (!test_samr_close_handle(torture, ctx->samr.pipe->binding_handle, mem_ctx, &ctx->samr.handle)) { torture_comment(torture, "domain close failed\n"); ret = false; } done: talloc_free(ctx); talloc_free(mem_ctx); return ret; }
bool torture_groupadd(struct torture_context *torture) { NTSTATUS status; struct dcerpc_pipe *p; struct policy_handle h; struct lsa_String domain_name; struct dom_sid2 sid; const char *name = TEST_GROUPNAME; TALLOC_CTX *mem_ctx; bool ret = true; struct dcerpc_binding_handle *b; mem_ctx = talloc_init("test_groupadd"); status = torture_rpc_connection(torture, &p, &ndr_table_samr); torture_assert_ntstatus_ok(torture, status, "RPC connection"); b = p->binding_handle; domain_name.string = lpcfg_workgroup(torture->lp_ctx); if (!test_domain_open(torture, b, &domain_name, mem_ctx, &h, &sid)) { ret = false; goto done; } if (!test_groupadd(p, mem_ctx, &h, name)) { ret = false; goto done; } if (!test_group_cleanup(torture, b, mem_ctx, &h, name)) { ret = false; goto done; } done: talloc_free(mem_ctx); return ret; }
bool torture_groupinfo_api(struct torture_context *torture) { const char *name = TEST_GROUPNAME; bool ret = true; NTSTATUS status; TALLOC_CTX *mem_ctx = NULL, *prep_mem_ctx; struct libnet_context *ctx = NULL; struct dcerpc_pipe *p; struct policy_handle h; struct lsa_String domain_name; struct libnet_GroupInfo req; prep_mem_ctx = talloc_init("prepare torture group info"); status = torture_rpc_connection(torture, &p, &ndr_table_samr); if (!NT_STATUS_IS_OK(status)) { return false; } domain_name.string = lpcfg_workgroup(torture->lp_ctx); if (!test_domain_open(torture, p->binding_handle, &domain_name, prep_mem_ctx, &h, NULL)) { ret = false; goto done; } if (!test_group_create(torture, p->binding_handle, prep_mem_ctx, &h, name, NULL)) { ret = false; goto done; } mem_ctx = talloc_init("torture group info"); if (!test_libnet_context_init(torture, true, &ctx)) { return false; } ZERO_STRUCT(req); req.in.domain_name = domain_name.string; req.in.level = GROUP_INFO_BY_NAME; req.in.data.group_name = name; status = libnet_GroupInfo(ctx, mem_ctx, &req); if (!NT_STATUS_IS_OK(status)) { torture_comment(torture, "libnet_GroupInfo call failed: %s\n", nt_errstr(status)); ret = false; goto done; } if (!test_group_cleanup(torture, ctx->samr.pipe->binding_handle, mem_ctx, &ctx->samr.handle, TEST_GROUPNAME)) { torture_comment(torture, "cleanup failed\n"); ret = false; goto done; } if (!test_samr_close_handle(torture, ctx->samr.pipe->binding_handle, mem_ctx, &ctx->samr.handle)) { torture_comment(torture, "domain close failed\n"); ret = false; } done: talloc_free(ctx); talloc_free(mem_ctx); return ret; }