sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Code

s4:torture/rpc/samlogon.c - provide a function which sets and afterwards resets the minimum password age

Browse Source 
This is needed since we on s4 do now use the Windows Server standard of 1 day.
This commit is contained in:
Matthias Dieter Wallnöfer 2010-07-03 21:04:47 +02:00
parent 518232d457
commit e2e09f5c45
1 changed files with 97 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

97
source4/torture/rpc/samlogon.c
View File

@ -1533,7 +1533,98 @@ bool test_InteractiveLogon(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
return true;
}
/* This sets and resets the "minPwdAge" (in order to allow immediate user
* password changes). The behaviour is controlled by the "set" boolean. */
static bool handle_minPwdAge(struct torture_context *torture,
TALLOC_CTX *mem_ctx, bool set)
{
struct dcerpc_pipe *p;
struct policy_handle connect_handle, domain_handle;
struct samr_Connect c_r;
struct samr_LookupDomain ld_r;
struct samr_OpenDomain od_r;
struct samr_QueryDomainInfo qdi_r;
struct samr_SetDomainInfo sdi_r;
struct samr_Close cl_r;
struct lsa_String domName;
struct dom_sid *domSid = NULL;
union samr_DomainInfo *domInfo = NULL;
static int64_t old_minPwdAge = 0;
NTSTATUS status;
status = torture_rpc_connection(torture, &p, &ndr_table_samr);
if (!NT_STATUS_IS_OK(status)) {
return false;
}
c_r.in.system_name = 0;
c_r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
c_r.out.connect_handle = &connect_handle;
torture_assert_ntstatus_ok(torture,
dcerpc_samr_Connect_r(p->binding_handle, mem_ctx, &c_r),
"Connect failed");
torture_assert_ntstatus_ok(torture, c_r.out.result, "Connect failed");
ld_r.in.connect_handle = &connect_handle;
ld_r.in.domain_name = &domName;
ld_r.in.domain_name->string = lp_workgroup(torture->lp_ctx);
ld_r.out.sid = &domSid;
torture_assert_ntstatus_ok(torture,
dcerpc_samr_LookupDomain_r(p->binding_handle, mem_ctx, &ld_r),
"LookupDomain failed");
torture_assert_ntstatus_ok(torture, ld_r.out.result,
"LookupDomain failed");
od_r.in.connect_handle = &connect_handle;
od_r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
od_r.in.sid = *ld_r.out.sid;
od_r.out.domain_handle = &domain_handle;
torture_assert_ntstatus_ok(torture,
dcerpc_samr_OpenDomain_r(p->binding_handle, mem_ctx, &od_r),
"OpenDomain failed");
torture_assert_ntstatus_ok(torture, od_r.out.result,
"OpenDomain failed");
qdi_r.in.domain_handle = &domain_handle;
qdi_r.in.level = DomainPasswordInformation;
qdi_r.out.info = &domInfo;
torture_assert_ntstatus_ok(torture,
dcerpc_samr_QueryDomainInfo_r(p->binding_handle, mem_ctx, &qdi_r),
"QueryDomainInfo failed");
torture_assert_ntstatus_ok(torture, qdi_r.out.result,
"QueryDomainInfo failed");
if (set) {
old_minPwdAge = domInfo->info1.min_password_age;
domInfo->info1.min_password_age = 0;
} else {
domInfo->info1.min_password_age = old_minPwdAge;
}
sdi_r.in.domain_handle = &domain_handle;
sdi_r.in.level = DomainPasswordInformation;
sdi_r.in.info = domInfo;
torture_assert_ntstatus_ok(torture,
dcerpc_samr_SetDomainInfo_r(p->binding_handle, mem_ctx, &sdi_r),
"SetDomainInfo failed");
torture_assert_ntstatus_ok(torture, sdi_r.out.result,
"SetDomainInfo failed");
cl_r.in.handle = &connect_handle;
cl_r.out.handle = &connect_handle;
torture_assert_ntstatus_ok(torture,
dcerpc_samr_Close_r(p->binding_handle, mem_ctx, &cl_r),
"Close failed");
torture_assert_ntstatus_ok(torture, cl_r.out.result, "Close failed");
return true;
}
bool torture_rpc_samlogon(struct torture_context *torture)
{
@ -1565,6 +1656,9 @@ bool torture_rpc_samlogon(struct torture_context *torture)
struct netlogon_creds_CredentialState *creds;
struct dcerpc_pipe *tmp_p = NULL;
torture_assert(torture, handle_minPwdAge(torture, mem_ctx, true),
"handle_minPwdAge error!");
test_machine_account = talloc_asprintf(mem_ctx, "%s$", TEST_MACHINE_NAME);
/* We only need to join as a workstation here, and in future,
* if we wish to test against trusted domains, we must be a
@ -1916,6 +2010,9 @@ bool torture_rpc_samlogon(struct torture_context *torture)
}
failed:
torture_assert(torture, handle_minPwdAge(torture, mem_ctx, false),
"handle_minPwdAge error!");
talloc_free(mem_ctx);
torture_leave_domain(torture, join_ctx);