[SCM] Samba Shared Repository - branch v3-4-test updated - release-4-0-0alpha7-1062-g6990781

Günther Deschner gd at samba.org
Mon May 25 12:18:47 GMT 2009


The branch, v3-4-test has been updated
       via  69907810fee3253096958bf174a052d3cb3b385c (commit)
       via  e9ed9e7f90c39d38dd40871bb915adda2e9951ff (commit)
       via  c1dca5a5f0becdd5f7041e91245cf9d9ae0dfd13 (commit)
       via  b4817feb9ec5e9ac9e610fdda31dfa64295c6822 (commit)
       via  5e726f1843cd8ecb29588f6a00196354c6bc6708 (commit)
       via  7e41fce5aa9b97eb4cf3c29bf6542b05051e1f27 (commit)
       via  e172757782d17ba1066d1cefe18e2a8d55b3ce96 (commit)
      from  31eec30c33b300d93f6d6895f6d0e6b06e0c2185 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test


- Log -----------------------------------------------------------------
commit 69907810fee3253096958bf174a052d3cb3b385c
Author: Günther Deschner <gd at samba.org>
Date:   Mon May 25 14:05:18 2009 +0200

    s3-samr: Fix Bug #6372, usermanager only displaying 1024 groups and aliases.
    
    This is now also verified with the RPC-SAMR-LARGE-DC test.
    
    Guenther
    (cherry picked from commit fca7dce1a908570e463ddcbd663955fcafd1d843)

commit e9ed9e7f90c39d38dd40871bb915adda2e9951ff
Author: Günther Deschner <gd at samba.org>
Date:   Mon May 25 14:03:16 2009 +0200

    s3-selftest: enable RPC-SAMR-LARGE-DC against Samba3.
    
    This will fail for alias creation as nss_wrapper does not yet wrap around
    libnss_winbind.
    
    Guenther
    (cherry picked from commit f0139e3b69a866a6154d0b349410fc0b3bfc30af)

commit c1dca5a5f0becdd5f7041e91245cf9d9ae0dfd13
Author: Günther Deschner <gd at samba.org>
Date:   Mon May 25 13:08:58 2009 +0200

    s4-smbtorture: add RPC-SAMR-LARGE-DC test.
    
    This rather simple test creates 4500 objects on a domain controller and checks
    the enum calls for the correct number of results.
    
    Guenther
    (cherry picked from commit eb5e8dc82efae20c95a391a15c1264f2267e5a74)

commit b4817feb9ec5e9ac9e610fdda31dfa64295c6822
Author: Günther Deschner <gd at samba.org>
Date:   Fri May 22 19:04:25 2009 +0200

    s4-smbtorture: rename test_EnumDomain{Users,Groups,Aliases} in RPC-SAMR.
    
    Guenther
    (cherry picked from commit a75698bdf3b62d43e4909e5bfded70f6675b2058)

commit 5e726f1843cd8ecb29588f6a00196354c6bc6708
Author: Günther Deschner <gd at samba.org>
Date:   Thu May 21 18:12:29 2009 +0200

    s4-smbtorture: re-work test_Create{User,Group,Alias} a little.
    
    Guenther
    (cherry picked from commit 05e6ebb7f812eed95b8407e65cf438e04d6e3789)

commit 7e41fce5aa9b97eb4cf3c29bf6542b05051e1f27
Author: Günther Deschner <gd at samba.org>
Date:   Fri May 22 17:56:37 2009 +0200

    s3-pamsmbpass: copy _pam_get_item and _pam_get_data from pam_winbind.
    
    Guenther
    (cherry picked from commit 1950e180caf707346300b83021624d586cc3776d)

commit e172757782d17ba1066d1cefe18e2a8d55b3ce96
Author: Günther Deschner <gd at samba.org>
Date:   Fri May 22 16:48:01 2009 +0200

    s3-rpcclient: use get_domain_handle() fn in enum domain users & groups.
    
    Guenther
    (cherry picked from commit 86d087fccc30a82cb1fe3a71d0353634496e72c4)

-----------------------------------------------------------------------

Summary of changes:
 source3/pam_smbpass/pam_smb_auth.c    |    4 +-
 source3/pam_smbpass/pam_smb_passwd.c  |    8 +-
 source3/pam_smbpass/support.c         |   38 +++-
 source3/pam_smbpass/support.h         |    7 +
 source3/rpc_server/srv_samr_nt.c      |   12 +
 source3/rpcclient/cmd_samr.c          |   22 +-
 source3/script/tests/test_posix_s3.sh |    2 +-
 source4/torture/rpc/rpc.c             |    1 +
 source4/torture/rpc/samr.c            |  407 ++++++++++++++++++++++++++++++--
 9 files changed, 447 insertions(+), 54 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/pam_smbpass/pam_smb_auth.c b/source3/pam_smbpass/pam_smb_auth.c
index 3dceb52..b5a6a47 100644
--- a/source3/pam_smbpass/pam_smb_auth.c
+++ b/source3/pam_smbpass/pam_smb_auth.c
@@ -179,7 +179,7 @@ int pam_sm_setcred(pam_handle_t *pamh, int flags,
 
 	retval = PAM_SUCCESS;
 
-	pam_get_data(pamh, "smb_setcred_return", (const void **) &pretval);
+	_pam_get_data(pamh, "smb_setcred_return", &pretval);
 	if(pretval) {
 		retval = *pretval;
 		SAFE_FREE(pretval);
@@ -199,7 +199,7 @@ static int _smb_add_user(pam_handle_t *pamh, unsigned int ctrl,
 	int retval;
 
 	/* Get the authtok; if we don't have one, silently fail. */
-	retval = pam_get_item( pamh, PAM_AUTHTOK, (const void **) &pass );
+	retval = _pam_get_item( pamh, PAM_AUTHTOK, &pass );
 
 	if (retval != PAM_SUCCESS) {
 		_log_err( LOG_ALERT
diff --git a/source3/pam_smbpass/pam_smb_passwd.c b/source3/pam_smbpass/pam_smb_passwd.c
index b6de43f..dce6e01 100644
--- a/source3/pam_smbpass/pam_smb_passwd.c
+++ b/source3/pam_smbpass/pam_smb_passwd.c
@@ -229,11 +229,11 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
          */
 
         if (off( SMB_NOT_SET_PASS, ctrl )) {
-            retval = pam_get_item( pamh, PAM_OLDAUTHTOK,
-                                   (const void **)&pass_old );
+            retval = _pam_get_item( pamh, PAM_OLDAUTHTOK,
+                                   &pass_old );
         } else {
-            retval = pam_get_data( pamh, _SMB_OLD_AUTHTOK,
-                                   (const void **)&pass_old );
+            retval = _pam_get_data( pamh, _SMB_OLD_AUTHTOK,
+                                   &pass_old );
             if (retval == PAM_NO_MODULE_DATA) {
 		pass_old = NULL;
                 retval = PAM_SUCCESS;
diff --git a/source3/pam_smbpass/support.c b/source3/pam_smbpass/support.c
index 8f537c4..7dcdaba 100644
--- a/source3/pam_smbpass/support.c
+++ b/source3/pam_smbpass/support.c
@@ -83,7 +83,7 @@ int converse( pam_handle_t * pamh, int ctrl, int nargs
 	int retval;
 	struct pam_conv *conv;
 
-	retval = pam_get_item(pamh, PAM_CONV, (const void **) &conv);
+	retval = _pam_get_item(pamh, PAM_CONV, &conv);
 	if (retval == PAM_SUCCESS) {
 
 		retval = conv->conv(nargs, (const struct pam_message **) message
@@ -276,7 +276,7 @@ void _cleanup_failures( pam_handle_t * pamh, void *fl, int err )
 
             /* log the number of authentication failures */
             if (failure->count != 0) {
-                pam_get_item( pamh, PAM_SERVICE, (const void **) &service );
+                _pam_get_item( pamh, PAM_SERVICE, &service );
                 _log_err( LOG_NOTICE
                           , "%d authentication %s "
                             "from %s for service %s as %s(%d)"
@@ -332,7 +332,7 @@ int _smb_verify_password( pam_handle_t * pamh, struct samu *sampass,
         } else {
             const char *service;
 
-            pam_get_item( pamh, PAM_SERVICE, (const void **)&service );
+            _pam_get_item( pamh, PAM_SERVICE, &service );
             _log_err( LOG_NOTICE, "failed auth request by %s for service %s as %s",
                       uidtoname(getuid()), service ? service : "**unknown**", name);
             return PAM_AUTH_ERR;
@@ -367,7 +367,7 @@ int _smb_verify_password( pam_handle_t * pamh, struct samu *sampass,
 
         const char *service;
 
-        pam_get_item( pamh, PAM_SERVICE, (const void **)&service );
+        _pam_get_item( pamh, PAM_SERVICE, &service );
 
         if (data_name != NULL) {
             struct _pam_failed_auth *newauth = NULL;
@@ -380,7 +380,7 @@ int _smb_verify_password( pam_handle_t * pamh, struct samu *sampass,
             if (newauth != NULL) {
 
                 /* any previous failures for this user ? */
-                pam_get_data(pamh, data_name, (const void **) &old);
+                _pam_get_data(pamh, data_name, &old);
 
                 if (old != NULL) {
                     newauth->count = old->count + 1;
@@ -485,7 +485,7 @@ int _smb_read_password( pam_handle_t * pamh, unsigned int ctrl,
     /* should we obtain the password from a PAM item ? */
 
     if (on(SMB_TRY_FIRST_PASS, ctrl) || on(SMB_USE_FIRST_PASS, ctrl)) {
-        retval = pam_get_item( pamh, authtok_flag, (const void **) &item );
+        retval = _pam_get_item( pamh, authtok_flag, &item );
         if (retval != PAM_SUCCESS) {
             /* very strange. */
             _log_err( LOG_ALERT
@@ -578,8 +578,8 @@ int _smb_read_password( pam_handle_t * pamh, unsigned int ctrl,
         retval = pam_set_item( pamh, authtok_flag, (const void *)token );
         _pam_delete( token );		/* clean it up */
         if (retval != PAM_SUCCESS
-            || (retval = pam_get_item( pamh, authtok_flag
-                            ,(const void **)&item )) != PAM_SUCCESS)
+            || (retval = _pam_get_item( pamh, authtok_flag
+                            ,&item )) != PAM_SUCCESS)
         {
             _log_err( LOG_CRIT, "error manipulating password" );
             return retval;
@@ -592,7 +592,7 @@ int _smb_read_password( pam_handle_t * pamh, unsigned int ctrl,
 
         retval = pam_set_data( pamh, data_name, (void *) token, _cleanup );
         if (retval != PAM_SUCCESS
-            || (retval = pam_get_data( pamh, data_name, (const void **)&item ))
+            || (retval = _pam_get_data( pamh, data_name, &item ))
                              != PAM_SUCCESS)
         {
             _log_err( LOG_CRIT, "error manipulating password data [%s]"
@@ -630,3 +630,23 @@ int _pam_smb_approve_pass(pam_handle_t * pamh,
 
     return PAM_SUCCESS;
 }
+
+/*
+ * Work around the pam API that has functions with void ** as parameters
+ * These lead to strict aliasing warnings with gcc.
+ */
+int _pam_get_item(const pam_handle_t *pamh,
+		  int item_type,
+		  const void *_item)
+{
+	const void **item = (const void **)_item;
+	return pam_get_item(pamh, item_type, item);
+}
+
+int _pam_get_data(const pam_handle_t *pamh,
+		  const char *module_data_name,
+		  const void *_data)
+{
+	const void **data = (const void **)_data;
+	return pam_get_data(pamh, module_data_name, data);
+}
diff --git a/source3/pam_smbpass/support.h b/source3/pam_smbpass/support.h
index 5ac48c3..87f1690 100644
--- a/source3/pam_smbpass/support.h
+++ b/source3/pam_smbpass/support.h
@@ -48,3 +48,10 @@ extern int _smb_read_password( pam_handle_t *, unsigned int, const char*,
 
 extern int _pam_smb_approve_pass(pam_handle_t *, unsigned int, const char *,
 				 const char *);
+
+int _pam_get_item(const pam_handle_t *pamh,
+		  int item_type,
+		  const void *_item);
+int _pam_get_data(const pam_handle_t *pamh,
+		  const char *module_data_name,
+		  const void *_data);
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 32a4e85..a608f16 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -1174,6 +1174,12 @@ NTSTATUS _samr_EnumDomainGroups(pipes_struct *p,
 	make_group_sam_entry_list(p->mem_ctx, &samr_entries,
 				  num_groups, groups);
 
+	if (MAX_SAM_ENTRIES <= num_groups) {
+		status = STATUS_MORE_ENTRIES;
+	} else {
+		status = NT_STATUS_OK;
+	}
+
 	samr_array->count = num_groups;
 	samr_array->entries = samr_entries;
 
@@ -1243,6 +1249,12 @@ NTSTATUS _samr_EnumDomainAliases(pipes_struct *p,
 
 	DEBUG(5,("_samr_EnumDomainAliases: %d\n", __LINE__));
 
+	if (MAX_SAM_ENTRIES <= num_aliases) {
+		status = STATUS_MORE_ENTRIES;
+	} else {
+		status = NT_STATUS_OK;
+	}
+
 	samr_array->count = num_aliases;
 	samr_array->entries = samr_entries;
 
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index 033b742..de21a40 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -812,12 +812,11 @@ static NTSTATUS cmd_samr_enum_dom_users(struct rpc_pipe_client *cli,
 
 	/* Get domain policy handle */
 
-	result = rpccli_samr_OpenDomain(cli, mem_ctx,
-					&connect_pol,
-					access_mask,
-					&domain_sid,
-					&domain_pol);
-
+	result = get_domain_handle(cli, mem_ctx, "domain",
+				   &connect_pol,
+				   access_mask,
+				   &domain_sid,
+				   &domain_pol);
 	if (!NT_STATUS_IS_OK(result))
 		goto done;
 
@@ -887,12 +886,11 @@ static NTSTATUS cmd_samr_enum_dom_groups(struct rpc_pipe_client *cli,
 
 	/* Get domain policy handle */
 
-	result = rpccli_samr_OpenDomain(cli, mem_ctx,
-					&connect_pol,
-					access_mask,
-					&domain_sid,
-					&domain_pol);
-
+	result = get_domain_handle(cli, mem_ctx, "domain",
+				   &connect_pol,
+				   access_mask,
+				   &domain_sid,
+				   &domain_pol);
 	if (!NT_STATUS_IS_OK(result))
 		goto done;
 
diff --git a/source3/script/tests/test_posix_s3.sh b/source3/script/tests/test_posix_s3.sh
index a3c8e09..0bcf369 100755
--- a/source3/script/tests/test_posix_s3.sh
+++ b/source3/script/tests/test_posix_s3.sh
@@ -42,7 +42,7 @@ rpc="$rpc RPC-SAMBA3-SPOOLSS RPC-SAMBA3-WKSSVC"
 rpc="$rpc RPC-NETLOGSAMBA3 RPC-SAMBA3SESSIONKEY RPC-SAMBA3-GETUSERNAME"
 rpc="$rpc RPC-SVCCTL RPC-SPOOLSS RPC-SPOOLSS-WIN RPC-NTSVCS"
 rpc="$rpc RPC-LSA-GETUSER RPC-LSA-LOOKUPSIDS RPC-LSA-LOOKUPNAMES"
-rpc="$rpc RPC-SAMR-USERS RPC-SAMR-USERS-PRIVILEGES RPC-SAMR-PASSWORDS RPC-SAMR-PASSWORDS-PWDLASTSET RPC-JOIN"
+rpc="$rpc RPC-SAMR-USERS RPC-SAMR-USERS-PRIVILEGES RPC-SAMR-PASSWORDS RPC-SAMR-PASSWORDS-PWDLASTSET RPC-SAMR-LARGE-DC RPC-JOIN"
 rpc="$rpc RPC-SCHANNEL RPC-SCHANNEL2 RPC-BENCH-SCHANNEL1"
 
 # NOTE: to enable the UNIX-WHOAMI test, we need to change the default share
diff --git a/source4/torture/rpc/rpc.c b/source4/torture/rpc/rpc.c
index 48a4887..19b223b 100644
--- a/source4/torture/rpc/rpc.c
+++ b/source4/torture/rpc/rpc.c
@@ -409,6 +409,7 @@ NTSTATUS torture_rpc_init(void)
 	torture_suite_add_suite(suite, torture_rpc_samr_accessmask(suite));
 	torture_suite_add_suite(suite, torture_rpc_samr_passwords_pwdlastset(suite));
 	torture_suite_add_suite(suite, torture_rpc_samr_user_privileges(suite));
+	torture_suite_add_suite(suite, torture_rpc_samr_large_dc(suite));
 	torture_suite_add_suite(suite, torture_rpc_epmapper(suite));
 	torture_suite_add_suite(suite, torture_rpc_initshutdown(suite));
 	torture_suite_add_suite(suite, torture_rpc_oxidresolve(suite));
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index 39d38f7..c8177d7 100644
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -48,7 +48,10 @@ enum torture_samr_choice {
 	TORTURE_SAMR_PASSWORDS_PWDLASTSET,
 	TORTURE_SAMR_USER_ATTRIBUTES,
 	TORTURE_SAMR_USER_PRIVILEGES,
-	TORTURE_SAMR_OTHER
+	TORTURE_SAMR_OTHER,
+	TORTURE_SAMR_MANY_ACCOUNTS,
+	TORTURE_SAMR_MANY_GROUPS,
+	TORTURE_SAMR_MANY_ALIASES
 };
 
 static bool test_QueryUserInfo(struct dcerpc_pipe *p,
@@ -3999,9 +4002,11 @@ static bool test_DeleteAlias(struct dcerpc_pipe *p,
 }
 
 static bool test_CreateAlias(struct dcerpc_pipe *p, struct torture_context *tctx,
-			    struct policy_handle *domain_handle,
+			     struct policy_handle *domain_handle,
+			     const char *alias_name,
 			     struct policy_handle *alias_handle,
-			     const struct dom_sid *domain_sid)
+			     const struct dom_sid *domain_sid,
+			     bool test_alias)
 {
 	NTSTATUS status;
 	struct samr_CreateDomAlias r;
@@ -4009,7 +4014,7 @@ static bool test_CreateAlias(struct dcerpc_pipe *p, struct torture_context *tctx
 	uint32_t rid;
 	bool ret = true;
 
-	init_lsa_String(&name, TEST_ALIASNAME);
+	init_lsa_String(&name, alias_name);
 	r.in.domain_handle = domain_handle;
 	r.in.alias_name = &name;
 	r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
@@ -4043,6 +4048,10 @@ static bool test_CreateAlias(struct dcerpc_pipe *p, struct torture_context *tctx
 		return false;
 	}
 
+	if (!test_alias) {
+		return ret;
+	}
+
 	if (!test_alias_ops(p, tctx, alias_handle, domain_sid)) {
 		ret = false;
 	}
@@ -4217,10 +4226,12 @@ static bool test_ChangePassword(struct dcerpc_pipe *p,
 
 static bool test_CreateUser(struct dcerpc_pipe *p, struct torture_context *tctx,
 			    struct policy_handle *domain_handle,
+			    const char *user_name,
 			    struct policy_handle *user_handle_out,
 			    struct dom_sid *domain_sid,
 			    enum torture_samr_choice which_ops,
-			    struct cli_credentials *machine_credentials)
+			    struct cli_credentials *machine_credentials,
+			    bool test_user)
 {
 
 	TALLOC_CTX *user_ctx;
@@ -4239,7 +4250,7 @@ static bool test_CreateUser(struct dcerpc_pipe *p, struct torture_context *tctx,
 
 	struct policy_handle user_handle;
 	user_ctx = talloc_named(tctx, 0, "test_CreateUser2 per-user context");
-	init_lsa_String(&name, TEST_ACCOUNT_NAME);
+	init_lsa_String(&name, user_name);
 
 	r.in.domain_handle = domain_handle;
 	r.in.account_name = &name;
@@ -4269,11 +4280,21 @@ static bool test_CreateUser(struct dcerpc_pipe *p, struct torture_context *tctx,
 		}
 		status = dcerpc_samr_CreateUser(p, user_ctx, &r);
 	}
+
 	if (!NT_STATUS_IS_OK(status)) {
 		talloc_free(user_ctx);
 		printf("CreateUser failed - %s\n", nt_errstr(status));
 		return false;
-	} else {
+	}
+
+	if (!test_user) {
+		if (user_handle_out) {
+			*user_handle_out = user_handle;
+		}
+		return ret;
+	}
+
+	{
 		q.in.user_handle = &user_handle;
 		q.in.level = 16;
 		q.out.info = &info;
@@ -4869,8 +4890,9 @@ static bool check_mask(struct dcerpc_pipe *p, struct torture_context *tctx,
 	return ret;
 }
 
-static bool test_EnumDomainUsers(struct dcerpc_pipe *p, struct torture_context *tctx,
-				 struct policy_handle *handle)
+static bool test_EnumDomainUsers_all(struct dcerpc_pipe *p,
+				     struct torture_context *tctx,
+				     struct policy_handle *handle)
 {
 	NTSTATUS status = STATUS_MORE_ENTRIES;
 	struct samr_EnumDomainUsers r;
@@ -4998,9 +5020,9 @@ static bool test_EnumDomainUsers_async(struct dcerpc_pipe *p, struct torture_con
 	return true;
 }
 
-static bool test_EnumDomainGroups(struct dcerpc_pipe *p,
-				  struct torture_context *tctx,
-				  struct policy_handle *handle)
+static bool test_EnumDomainGroups_all(struct dcerpc_pipe *p,
+				      struct torture_context *tctx,
+				      struct policy_handle *handle)
 {
 	NTSTATUS status;
 	struct samr_EnumDomainGroups r;
@@ -5038,9 +5060,9 @@ static bool test_EnumDomainGroups(struct dcerpc_pipe *p,
 	return ret;
 }
 
-static bool test_EnumDomainAliases(struct dcerpc_pipe *p,
-				   struct torture_context *tctx,
-				   struct policy_handle *handle)
+static bool test_EnumDomainAliases_all(struct dcerpc_pipe *p,
+				       struct torture_context *tctx,
+				       struct policy_handle *handle)
 {
 	NTSTATUS status;
 	struct samr_EnumDomainAliases r;
@@ -5931,10 +5953,12 @@ static bool test_AddGroupMember(struct dcerpc_pipe *p, struct torture_context *t
 
 
 static bool test_CreateDomainGroup(struct dcerpc_pipe *p,
-								   struct torture_context *tctx,
+				   struct torture_context *tctx,
 				   struct policy_handle *domain_handle,
+				   const char *group_name,
 				   struct policy_handle *group_handle,
-				   struct dom_sid *domain_sid)
+				   struct dom_sid *domain_sid,
+				   bool test_group)
 {
 	NTSTATUS status;
 	struct samr_CreateDomainGroup r;
@@ -5942,7 +5966,7 @@ static bool test_CreateDomainGroup(struct dcerpc_pipe *p,
 	struct lsa_String name;
 	bool ret = true;
 
-	init_lsa_String(&name, TEST_GROUPNAME);
+	init_lsa_String(&name, group_name);
 
 	r.in.domain_handle = domain_handle;
 	r.in.name = &name;
@@ -5984,6 +6008,10 @@ static bool test_CreateDomainGroup(struct dcerpc_pipe *p,
 	}
 	torture_assert_ntstatus_ok(tctx, status, "CreateDomainGroup");
 
+	if (!test_group) {
+		return ret;
+	}
+
 	if (!test_AddGroupMember(p, tctx, domain_handle, group_handle)) {
 		printf("CreateDomainGroup failed - %s\n", nt_errstr(status));
 		ret = false;
@@ -6016,7 +6044,235 @@ static bool test_RemoveMemberFromForeignDomain(struct dcerpc_pipe *p,
 	return true;
 }
 
+static bool test_EnumDomainUsers(struct dcerpc_pipe *p,
+				 struct torture_context *tctx,
+				 struct policy_handle *domain_handle,
+				 uint32_t *total_num_entries_p)
+{
+	NTSTATUS status;
+	struct samr_EnumDomainUsers r;
+	uint32_t resume_handle = 0;
+	uint32_t num_entries = 0;
+	uint32_t total_num_entries = 0;
+	struct samr_SamArray *sam;
+
+	r.in.domain_handle = domain_handle;
+	r.in.acct_flags = ACB_NORMAL;
+	r.in.max_size = (uint32_t)-1;
+	r.in.resume_handle = &resume_handle;
+
+	r.out.sam = &sam;
+	r.out.num_entries = &num_entries;
+	r.out.resume_handle = &resume_handle;
+
+	printf("Testing EnumDomainUsers\n");
+
+	do {
+		status = dcerpc_samr_EnumDomainUsers(p, tctx, &r);
+		if (NT_STATUS_IS_ERR(status)) {
+			torture_assert_ntstatus_ok(tctx, status,
+				"failed to enumerate users");
+		}
+
+		total_num_entries += num_entries;
+	} while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
+
+	if (total_num_entries_p) {
+		*total_num_entries_p = total_num_entries;
+	}
+
+	return true;
+}
+
+static bool test_EnumDomainGroups(struct dcerpc_pipe *p,
+				  struct torture_context *tctx,
+				  struct policy_handle *domain_handle,
+				  uint32_t *total_num_entries_p)
+{
+	NTSTATUS status;
+	struct samr_EnumDomainGroups r;
+	uint32_t resume_handle = 0;
+	uint32_t num_entries = 0;
+	uint32_t total_num_entries = 0;
+	struct samr_SamArray *sam;
+
+	r.in.domain_handle = domain_handle;
+	r.in.max_size = (uint32_t)-1;
+	r.in.resume_handle = &resume_handle;
+
+	r.out.sam = &sam;
+	r.out.num_entries = &num_entries;
+	r.out.resume_handle = &resume_handle;
+
+	printf("Testing EnumDomainGroups\n");
+
+	do {
+		status = dcerpc_samr_EnumDomainGroups(p, tctx, &r);
+		if (NT_STATUS_IS_ERR(status)) {
+			torture_assert_ntstatus_ok(tctx, status,
+				"failed to enumerate groups");
+		}
+
+		total_num_entries += num_entries;
+	} while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
+
+	if (total_num_entries_p) {


-- 
Samba Shared Repository


More information about the samba-cvs mailing list