test: ttokend.c Source File

00001 /*++ 00002 00003 Copyright (c) 1990 Microsoft Corporation 00004 00005 Module Name: 00006 00007 tmachine.c 00008 00009 Abstract: 00010 00011 This module tests token duplication. 00012 00013 Author: 00014 00015 Jim Kelly (JimK) 8-Feb-1994 00016 00017 Environment: 00018 00019 User Mode - Win32 00020 00021 Revision History: 00022 00023 00024 --*/ 00025 00026 00027 00028 00029 00030 00031 00033 // // 00034 // Includes // 00035 // // 00037 00038 #include <stdio.h> 00039 #include <nt.h> 00040 #include <ntsam.h> 00041 #include <ntsamp.h> 00042 #include <ntlsa.h> 00043 #include <ntrpcp.h> // prototypes for MIDL user functions 00044 #include <seopaque.h> 00045 #include <string.h> 00046 00047 00048 00049 #ifdef NOT_PART_OF_PROGRAM 00050 00051 00053 // // 00054 // Definitions // 00055 // // 00057 00058 00059 00060 00061 00062 #define TMPP_USER_NAME_ADMIN "Administrator" 00063 #define TMPP_USER_NAME_GUEST "Guest" 00064 #define TMPP_GROUP_NAME_ADMINS "Domain Admins" 00065 #define TMPP_GROUP_NAME_USERS "Domain Users" 00066 #define TMPP_GROUP_NAME_NONE "None" 00067 #define TMPP_ALIAS_NAME_ADMINS "Administrators" 00068 #define TMPP_ALIAS_NAME_SYSTEM_OPS "System Operators" 00069 #define TMPP_ALIAS_NAME_POWER_USERS "Power Users" 00070 #define TMPP_ALIAS_NAME_USERS "Users" 00071 #define TMPP_ALIAS_NAME_GUESTS "Guests" 00072 #define TMPP_ALIAS_NAME_ACCOUNT_OPS "Account Operators" 00073 #define TMPP_ALIAS_NAME_PRINT_OPS "Print Operators" 00074 #define TMPP_ALIAS_NAME_BACKUP_OPS "Backup Operators" 00075 00076 00077 00078 #define GROUP_NAME1 "GROUP1" 00079 #define ALIAS_NAME1 "ALIAS1" 00080 #define ALIAS_NAME2 "ALIAS2" 00081 #define USER_NAME1 "USER1" 00082 #define USER_NAME2 "USER2" 00083 #define USER_NAME3 "USER3" 00084 00085 // Keep these names not longer than 8 char's until long registry names supported 00086 #define DUMMY_NAME1 "DName1" 00087 #define DUMMY_NAME2 "2emaNuD" 00088 00089 #define DUMMY_STRING1 "This is test string 1" 00090 #define DUMMY_STRING2 "Test String2 - test string 2 - tEST sTRING 2" 00091 00092 #define ALL_NAMES_COUNT (3) 00093 #define SOME_NAMES_COUNT (7) 00094 #define NO_NAMES_COUNT (2) 00095 00096 #define LOOKUP_KNOWN_NAME0 TMPP_USER_NAME_ADMIN 00097 #define LOOKUP_KNOWN_NAME1_A TMPP_GROUP_NAME_NONE 00098 #define LOOKUP_KNOWN_NAME2_A TMPP_GROUP_NAME_NONE 00099 #define LOOKUP_KNOWN_NAME1_P TMPP_GROUP_NAME_USERS 00100 #define LOOKUP_KNOWN_NAME2_P TMPP_GROUP_NAME_USERS 00101 00102 #define LOOKUP_KNOWN_NAME0_RID DOMAIN_USER_RID_ADMIN 00103 #define LOOKUP_KNOWN_NAME1_RID DOMAIN_GROUP_RID_USERS 00104 #define LOOKUP_KNOWN_NAME2_RID DOMAIN_GROUP_RID_USERS 00105 00106 #define LOOKUP_UNKNOWN_NAME0 "JoeJoe" 00107 #define LOOKUP_UNKNOWN_NAME1 "Tanya" 00108 #define LOOKUP_UNKNOWN_NAME2 "Fred" 00109 #define LOOKUP_UNKNOWN_NAME3 "Anyone" 00110 00111 #define LOOKUP_KNOWN_NAME0_USE (SidTypeUser) 00112 #define LOOKUP_KNOWN_NAME1_USE (SidTypeGroup) 00113 #define LOOKUP_KNOWN_NAME2_USE (SidTypeGroup) 00114 00115 00116 // 00117 // This byte is expected to be different in the DummyLogonHours and 00118 // NoRestrictionLogonHours. 00119 // 00120 00121 #define LOGON_HOURS_DIFFERENT_OFFSET (5) 00122 00123 00124 00126 // // 00127 // Global variables // 00128 // // 00130 00131 LARGE_INTEGER LargeInteger1, 00132 LargeInteger2; 00133 00134 UNICODE_STRING DummyName1, 00135 DummyName2, 00136 DummyString1, 00137 DummyString2; 00138 00139 STRING DummyAnsiString1, 00140 DummyAnsiString2; 00141 00142 LOGON_HOURS NoLogonRestriction, 00143 DummyLogonHours; 00144 00145 CHAR NoLogonRestrictionBitMask[21], 00146 DummyLogonHoursBitMask[21]; 00147 00148 00149 UNICODE_STRING AllNames[ALL_NAMES_COUNT], 00150 SomeNames[SOME_NAMES_COUNT], 00151 NoNames[NO_NAMES_COUNT]; 00152 00153 00154 SID_NAME_USE AllUses[ALL_NAMES_COUNT], 00155 SomeUses[SOME_NAMES_COUNT], 00156 NoUses[NO_NAMES_COUNT]; 00157 00158 ULONG AllRids[ALL_NAMES_COUNT], 00159 SomeRids[SOME_NAMES_COUNT], 00160 NoRids[NO_NAMES_COUNT]; 00161 00162 00163 PSID BuiltinDomainSid, 00164 AccountDomainSid, 00165 PrimaryDomainSid, 00166 WorldSid, 00167 AdminsAliasSid, 00168 AccountAliasSid; 00169 00170 00171 UNICODE_STRING BuiltinDomainName, 00172 AccountDomainName, 00173 PrimaryDomainName; 00174 00175 BOOLEAN AccountDomainIsNotPrimaryDomain; 00176 00177 00178 // 00179 // These are NOT mutually exclusive 00180 // 00181 00182 BOOLEAN BuiltinDomainTest, // Test the builting domain 00183 SecurityOperatorTest, // Test auditing accessibility 00184 AccountOpAliasTest, // Test account operator functions 00185 AdminsAliasTest; // Test domain admin functions 00186 00187 00188 00190 // // 00191 // private macros // 00192 // // 00194 00195 00196 // 00197 // VOID 00198 // TST_SUCCESS_ASSERT( IN NTSTATUS S ); 00199 // 00200 00201 #define TST_SUCCESS_ASSERT( S ) \ 00202 { \ 00203 if ( !NT_SUCCESS((S)) ) { \ 00204 printf("\n** SUCCESS STATUS ASSERTION FAILURE **\n"); \ 00205 printf(" Status is: 0x%lx\n", (S) ); \ 00206 ASSERT(NT_SUCCESS((S))); \ 00207 } \ 00208 } 00209 00210 00211 00213 // // 00214 // private service prototypes // 00215 // // 00217 00218 00219 00220 00221 BOOLEAN 00222 TInitialize( VOID ); 00223 00224 BOOLEAN 00225 EnableSecurityPrivilege( VOID ); 00226 00227 VOID 00228 DetermineTestsToRun( VOID ); 00229 00230 VOID 00231 SeeIfSidIsSpecial( 00232 IN PSID Sid 00233 ); 00234 00235 BOOLEAN 00236 ServerTestSuite( 00237 PHANDLE ServerHandle, 00238 PHANDLE DomainHandle, 00239 PHANDLE BuiltinDomainHandle, 00240 PSID *DomainSid 00241 ); 00242 00243 BOOLEAN 00244 SecurityTestSuite( 00245 HANDLE ServerHandle, 00246 HANDLE DomainHandle, 00247 ULONG Pass 00248 ); 00249 00250 BOOLEAN 00251 CheckReturnedSD( 00252 IN SECURITY_INFORMATION SI, 00253 IN PSECURITY_DESCRIPTOR SD, 00254 IN BOOLEAN PrintTestSuccess 00255 ); 00256 00257 00258 BOOLEAN 00259 DomainTestSuite( 00260 HANDLE DomainHandle 00261 ); 00262 00263 BOOLEAN 00264 GroupTestSuite( 00265 HANDLE DomainHandle, 00266 ULONG Pass 00267 ); 00268 00269 BOOLEAN 00270 AliasTestSuite( 00271 HANDLE DomainHandle, 00272 HANDLE BuiltinDomainHandle, 00273 PSID DomainSid, 00274 ULONG Pass 00275 ); 00276 00277 BOOLEAN 00278 UserTestSuite( 00279 HANDLE DomainHandle, 00280 ULONG Pass 00281 ); 00282 00283 00284 NTSTATUS 00285 SampSetDomainPolicy( VOID ); 00286 00287 00288 NTSTATUS 00289 SampGetLsaDomainInfo( 00290 PPOLICY_ACCOUNT_DOMAIN_INFO *PolicyAccountDomainInfo, 00291 PPOLICY_PRIMARY_DOMAIN_INFO *PolicyPrimaryDomainInfo 00292 ); 00293 00294 00295 // 00296 // The following are in WRAPPERS.C, but are prototyped here since this 00297 // test is the only thing that should ever call them. 00298 // 00299 00300 NTSTATUS 00301 SamTestPrivateFunctionsDomain( 00302 IN HANDLE DomainHandle 00303 ); 00304 00305 NTSTATUS 00306 SamTestPrivateFunctionsUser( 00307 IN HANDLE UserHandle 00308 ); 00309 00310 00311 #endif // NOT_PART_OF_PROGRAM 00312 00314 // // 00315 // Routines // 00316 // // 00318 00319 00320 00321 VOID 00322 main (argc, argv) 00323 int argc; 00324 char **argv; 00325 00326 /*++ 00327 00328 Routine Description: 00329 00330 This is the main entry routine for this test. 00331 00332 Arguments: 00333 00334 NONE 00335 00336 00337 Return Value: 00338 00339 00340 00341 00342 --*/ 00343 { 00344 NTSTATUS 00345 NtStatus; 00346 00347 HANDLE 00348 h1, h2, h3; 00349 00350 OBJECT_ATTRIBUTES 00351 ObjectAttributes; 00352 00353 SECURITY_QUALITY_OF_SERVICE 00354 Qos; 00355 00356 // 00357 // Duplicate our primary token to get an impersonation token. 00358 // (no security QOS causes duplicate to have Anonymous level) 00359 // 00360 00361 NtStatus = NtOpenProcessToken( NtCurrentProcess(), 00362 TOKEN_DUPLICATE, 00363 &h1); 00364 printf("Test: Open Process Token: 0x%lx\n", NtStatus); 00365 00366 InitializeObjectAttributes( &ObjectAttributes, NULL, 0, 0, NULL ); 00367 NtStatus = NtDuplicateToken( h1, 00368 TOKEN_DUPLICATE, 00369 &ObjectAttributes, 00370 FALSE, // EffectiveOnly 00371 TokenImpersonation, 00372 &h2); 00373 printf("Test: Duplicate Primary to anonymous Impersonation: 0x%lx\n", NtStatus); 00374 00375 00376 // 00377 // Now duplicate that to get a primary 00378 // 00379 NtStatus = NtDuplicateToken( h2, 00380 TOKEN_DUPLICATE, 00381 &ObjectAttributes, 00382 FALSE, // EffectiveOnly 00383 TokenPrimary, 00384 &h3); 00385 printf("Test: Duplicate anonymous Impersonation to Primary: 0x%lx\n", NtStatus); 00386 00387 // 00388 // Now try it again with Impersonate level. 00389 // 00390 00391 Qos.Length = sizeof(Qos); 00392 Qos.ImpersonationLevel = SecurityImpersonation; 00393 Qos.ContextTrackingMode = SECURITY_STATIC_TRACKING; 00394 Qos.EffectiveOnly = FALSE; 00395 00396 InitializeObjectAttributes( &ObjectAttributes, NULL, 0, 0, NULL ); 00397 ObjectAttributes.SecurityQualityOfService = &Qos; 00398 00399 NtStatus = NtDuplicateToken( h1, 00400 TOKEN_DUPLICATE, 00401 &ObjectAttributes, 00402 FALSE, // EffectiveOnly 00403 TokenImpersonation, 00404 &h2); 00405 printf("Test: Duplicate Primary to IMPERSONATE Impersonation: 0x%lx\n", NtStatus); 00406 00407 00408 // 00409 // Now duplicate that to get a primary 00410 // 00411 NtStatus = NtDuplicateToken( h2, 00412 TOKEN_DUPLICATE, 00413 &ObjectAttributes, 00414 FALSE, // EffectiveOnly 00415 TokenPrimary, 00416 &h3); 00417 printf("Test: Duplicate IMPERSONATE Impersonation to Primary: 0x%lx\n", NtStatus); 00418 00419 return; 00420 } 00421 00422 #ifdef NOT_PART_OF_PROGRAM 00423 00424 BOOLEAN 00425 TInitialize ( 00426 VOID 00427 ) 00428 00429 /*++ 00430 00431 Routine Description: 00432 00433 Initialize test variables, et cetera. 00434 00435 Arguments: 00436 00437 None. 00438 00439 Return Value: 00440 00441 00442 Note: 00443 00444 00445 --*/ 00446 { 00447 NTSTATUS NtStatus; 00448 STRING Name; 00449 ULONG i; 00450 00451 SID_IDENTIFIER_AUTHORITY WorldSidAuthority = SECURITY_WORLD_SID_AUTHORITY; 00452 SID_IDENTIFIER_AUTHORITY DomainSidAuthority = {0,0,0,0,0,0}; 00453 SID_IDENTIFIER_AUTHORITY BuiltinAuthority = SECURITY_NT_AUTHORITY; 00454 00455 00456 // 00457 // Get the domain SIDs from the policy database... 00458 // 00459 00460 NtStatus = SampSetDomainPolicy(); 00461 ASSERT(NT_SUCCESS(NtStatus)); 00462 00463 00464 // 00465 // A random large integer value.. 00466 // 00467 00468 LargeInteger1.LowPart = 1234; 00469 LargeInteger1.HighPart = 0; 00470 00471 LargeInteger2.LowPart = 4321; 00472 LargeInteger2.HighPart = 0; 00473 00474 00475 RtlInitString( &Name, DUMMY_NAME1 ); 00476 NtStatus = RtlAnsiStringToUnicodeString( &DummyName1, &Name, TRUE ); 00477 TST_SUCCESS_ASSERT(NtStatus); 00478 00479 RtlInitString( &Name, DUMMY_NAME2 ); 00480 NtStatus = RtlAnsiStringToUnicodeString( &DummyName2, &Name, TRUE ); 00481 TST_SUCCESS_ASSERT(NtStatus); 00482 00483 00484 RtlInitString( &DummyAnsiString1, DUMMY_STRING1 ); 00485 NtStatus = RtlAnsiStringToUnicodeString( &DummyString1, &DummyAnsiString1, TRUE ); 00486 TST_SUCCESS_ASSERT(NtStatus); 00487 00488 RtlInitString( &DummyAnsiString2, DUMMY_STRING2 ); 00489 NtStatus = RtlAnsiStringToUnicodeString( &DummyString2, &DummyAnsiString2, TRUE ); 00490 TST_SUCCESS_ASSERT(NtStatus); 00491 00492 00493 DummyLogonHours.UnitsPerWeek = SAM_HOURS_PER_WEEK; 00494 DummyLogonHours.LogonHours = &DummyLogonHoursBitMask[0]; 00495 DummyLogonHoursBitMask[LOGON_HOURS_DIFFERENT_OFFSET] = 103; // Any non-zero value 00496 00497 NoLogonRestriction.UnitsPerWeek = SAM_HOURS_PER_WEEK; 00498 NoLogonRestriction.LogonHours = &NoLogonRestrictionBitMask[0]; 00499 for ( i=0; i<(ULONG)((NoLogonRestriction.UnitsPerWeek+7)/8); i++) { 00500 NoLogonRestrictionBitMask[0] = 0; 00501 } 00502 00503 00504 00505 // 00506 // Initialize some SIDs 00507 // 00508 00509 00510 WorldSid = RtlAllocateHeap( RtlProcessHeap(), 0, RtlLengthRequiredSid(1) ); 00511 ASSERT(WorldSid != NULL); 00512 RtlInitializeSid( WorldSid, &WorldSidAuthority, 1 ); 00513 *(RtlSubAuthoritySid( WorldSid, 0 )) = SECURITY_WORLD_RID; 00514 00515 AdminsAliasSid = RtlAllocateHeap(RtlProcessHeap(), 0,RtlLengthRequiredSid( 2 )); 00516 ASSERT(AdminsAliasSid != NULL); 00517 RtlInitializeSid( AdminsAliasSid, &BuiltinAuthority, 2 ); 00518 *(RtlSubAuthoritySid( AdminsAliasSid, 0 )) = SECURITY_BUILTIN_DOMAIN_RID; 00519 *(RtlSubAuthoritySid( AdminsAliasSid, 1 )) = DOMAIN_ALIAS_RID_ADMINS; 00520 00521 AccountAliasSid = RtlAllocateHeap(RtlProcessHeap(), 0,RtlLengthRequiredSid( 2 )); 00522 ASSERT(AccountAliasSid != NULL); 00523 RtlInitializeSid( AccountAliasSid, &BuiltinAuthority, 2 ); 00524 *(RtlSubAuthoritySid( AccountAliasSid, 0 )) = SECURITY_BUILTIN_DOMAIN_RID; 00525 *(RtlSubAuthoritySid( AccountAliasSid, 1 )) = DOMAIN_ALIAS_RID_ACCOUNT_OPS; 00526 00527 00528 00529 00530 // 00531 // Initialize some stuff for SID and NAME lookup operations 00532 // 00533 00534 RtlInitString( &Name, LOOKUP_KNOWN_NAME0 ); 00535 00536 AllUses[0] = LOOKUP_KNOWN_NAME0_USE; AllRids[0] = LOOKUP_KNOWN_NAME0_RID; 00537 NtStatus = RtlAnsiStringToUnicodeString( &AllNames[0], &Name, TRUE ); TST_SUCCESS_ASSERT(NtStatus); 00538 SomeUses[0] = LOOKUP_KNOWN_NAME0_USE; SomeRids[0] = LOOKUP_KNOWN_NAME0_RID; 00539 NtStatus = RtlAnsiStringToUnicodeString( &SomeNames[0], &Name, TRUE ); TST_SUCCESS_ASSERT(NtStatus); 00540 00541 00542 if (AccountDomainIsNotPrimaryDomain == TRUE) { 00543 RtlInitString( &Name, LOOKUP_KNOWN_NAME1_A ); 00544 } else { 00545 RtlInitString( &Name, LOOKUP_KNOWN_NAME1_P ); 00546 } 00547 AllUses[1] = LOOKUP_KNOWN_NAME1_USE; AllRids[1] = LOOKUP_KNOWN_NAME1_RID; 00548 NtStatus = RtlAnsiStringToUnicodeString( &AllNames[1], &Name, TRUE ); TST_SUCCESS_ASSERT(NtStatus); 00549 SomeUses[1] = LOOKUP_KNOWN_NAME1_USE; SomeRids[1] = LOOKUP_KNOWN_NAME1_RID; 00550 NtStatus = RtlAnsiStringToUnicodeString( &SomeNames[1], &Name, TRUE ); TST_SUCCESS_ASSERT(NtStatus); 00551 00552 RtlInitString( &Name, LOOKUP_UNKNOWN_NAME0 ); 00553 00554 SomeUses[2] = SidTypeUnknown; 00555 NtStatus = RtlAnsiStringToUnicodeString( &SomeNames[2], &Name, TRUE ); TST_SUCCESS_ASSERT(NtStatus); 00556 NoUses[0] = SidTypeUnknown; 00557 NtStatus = RtlAnsiStringToUnicodeString( &NoNames[0], &Name, TRUE ); TST_SUCCESS_ASSERT(NtStatus); 00558 00559 00560 RtlInitString( &Name, LOOKUP_UNKNOWN_NAME1 ); 00561 00562 SomeUses[3] = SidTypeUnknown; 00563 NtStatus = RtlAnsiStringToUnicodeString( &SomeNames[3], &Name, TRUE ); TST_SUCCESS_ASSERT(NtStatus); 00564 NoUses[1] = SidTypeUnknown; 00565 NtStatus = RtlAnsiStringToUnicodeString( &NoNames[1], &Name, TRUE ); TST_SUCCESS_ASSERT(NtStatus); 00566 00567 00568 00569 RtlInitString( &Name, LOOKUP_UNKNOWN_NAME2 ); 00570 00571 SomeUses[4] = SidTypeUnknown; 00572 NtStatus = RtlAnsiStringToUnicodeString( &SomeNames[4], &Name, TRUE ); TST_SUCCESS_ASSERT(NtStatus); 00573 00574 00575 if (AccountDomainIsNotPrimaryDomain == TRUE) { 00576 RtlInitString( &Name, LOOKUP_KNOWN_NAME2_A ); 00577 } else { 00578 RtlInitString( &Name, LOOKUP_KNOWN_NAME2_P ); 00579 } 00580 AllUses[2] = LOOKUP_KNOWN_NAME2_USE; AllRids[2] = LOOKUP_KNOWN_NAME2_RID; 00581 NtStatus = RtlAnsiStringToUnicodeString( &AllNames[2], &Name, TRUE ); TST_SUCCESS_ASSERT(NtStatus); 00582 SomeUses[5] = LOOKUP_KNOWN_NAME2_USE; SomeRids[5] = LOOKUP_KNOWN_NAME2_RID; 00583 NtStatus = RtlAnsiStringToUnicodeString( &SomeNames[5], &Name, TRUE ); TST_SUCCESS_ASSERT(NtStatus); 00584 00585 00586 00587 RtlInitString( &Name, LOOKUP_UNKNOWN_NAME3 ); 00588 00589 SomeUses[6] = SidTypeUnknown; 00590 NtStatus = RtlAnsiStringToUnicodeString( &SomeNames[6], &Name, TRUE ); TST_SUCCESS_ASSERT(NtStatus); 00591 00592 00593 DetermineTestsToRun(); 00594 00595 return(TRUE); 00596 } 00597 00598 00599 NTSTATUS 00600 SampSetDomainPolicy( 00601 ) 00602 /*++ 00603 00604 00605 Routine Description: 00606 00607 This routine sets the names and SIDs for the builtin and account domains. 00608 The builtin account domain has a well known name and SID. 00609 The account domain has these stored in the Policy database. 00610 00611 00612 It places the information for these domains in: 00613 00614 BuiltinDomainSid 00615 BuiltinDomainName 00616 AccountDomainSid 00617 AccountDomainName 00618 PrimaryDomainSid 00619 PrimaryDomainName 00620 00621 It also sets the boolean: 00622 00623 AccountDomainIsNotPrimaryDomain 00624 00625 to TRUE if the account domain is found to be different from the 00626 Primary Domain. 00627 00628 Arguments: 00629 00630 None. 00631 00632 Return Value: 00633 00634 --*/ 00635 00636 { 00637 NTSTATUS NtStatus; 00638 PPOLICY_ACCOUNT_DOMAIN_INFO PolicyAccountDomainInfo; 00639 PPOLICY_PRIMARY_DOMAIN_INFO PolicyPrimaryDomainInfo; 00640 SID_IDENTIFIER_AUTHORITY BuiltinAuthority = SECURITY_NT_AUTHORITY; 00641 00642 // 00643 // Builtin domain - well-known name and SID 00644 // 00645 00646 RtlInitUnicodeString( &BuiltinDomainName, L"Builtin"); 00647 00648 BuiltinDomainSid = RtlAllocateHeap(RtlProcessHeap(), 0,RtlLengthRequiredSid( 1 )); 00649 ASSERT( BuiltinDomainSid != NULL ); 00650 RtlInitializeSid( BuiltinDomainSid, &BuiltinAuthority, 1 ); 00651 *(RtlSubAuthoritySid( BuiltinDomainSid, 0 )) = SECURITY_BUILTIN_DOMAIN_RID; 00652 00653 // 00654 // Account domain 00655 // 00656 00657 NtStatus = SampGetLsaDomainInfo( 00658 &PolicyAccountDomainInfo, 00659 &PolicyPrimaryDomainInfo 00660 ); 00661 00662 if (!NT_SUCCESS(NtStatus)) { 00663 00664 return(NtStatus); 00665 } 00666 00667 AccountDomainSid = PolicyAccountDomainInfo->DomainSid; 00668 AccountDomainName = PolicyAccountDomainInfo->DomainName; 00669 00670 PrimaryDomainSid = PolicyPrimaryDomainInfo->Sid; 00671 PrimaryDomainName = PolicyPrimaryDomainInfo->Name; 00672 00673 // 00674 // Determine whether the account domain is a primary domain. 00675 // 00676 00677 AccountDomainIsNotPrimaryDomain = 00678 !RtlEqualUnicodeString( &PrimaryDomainName, &AccountDomainName, TRUE); 00679 00680 return(NtStatus);; 00681 } 00682 00683 00684 00685 NTSTATUS 00686 SampGetLsaDomainInfo( 00687 PPOLICY_ACCOUNT_DOMAIN_INFO *PolicyAccountDomainInfo, 00688 PPOLICY_PRIMARY_DOMAIN_INFO *PolicyPrimaryDomainInfo 00689 ) 00690 00691 /*++ 00692 00693 Routine Description: 00694 00695 This routine retrieves ACCOUNT domain information from the LSA 00696 policy database. 00697 00698 00699 Arguments: 00700 00701 PolicyAccountDomainInfo - Receives a pointer to a 00702 POLICY_ACCOUNT_DOMAIN_INFO structure containing the account 00703 domain info. 00704 00705 PolicyPrimaryDomainInfo - Receives a pointer to a 00706 POLICY_PRIMARY_DOMAIN_INFO structure containing the Primary 00707 domain info. 00708 00709 00710 Return Value: 00711 00712 STATUS_SUCCESS - Succeeded. 00713 00714 Other status values that may be returned from: 00715 00716 LsaOpenPolicy() 00717 LsaQueryInformationPolicy() 00718 --*/ 00719 00720 { 00721 NTSTATUS Status, IgnoreStatus; 00722 00723 LSA_HANDLE PolicyHandle; 00724 OBJECT_ATTRIBUTES PolicyObjectAttributes; 00725 00726 // 00727 // Open the policy database 00728 // 00729 00730 InitializeObjectAttributes( &PolicyObjectAttributes, 00731 NULL, // Name 00732 0, // Attributes 00733 NULL, // Root 00734 NULL ); // Security Descriptor 00735 00736 Status = LsaOpenPolicy( NULL, 00737 &PolicyObjectAttributes, 00738 POLICY_VIEW_LOCAL_INFORMATION, 00739 &PolicyHandle ); 00740 if ( NT_SUCCESS(Status) ) { 00741 00742 // 00743 // Query the account domain information 00744 // 00745 00746 Status = LsaQueryInformationPolicy( PolicyHandle, 00747 PolicyAccountDomainInformation, 00748 (PVOID *)PolicyAccountDomainInfo ); 00749 #if DBG 00750 if ( NT_SUCCESS(Status) ) { 00751 ASSERT( (*PolicyAccountDomainInfo) != NULL ); 00752 ASSERT( (*PolicyAccountDomainInfo)->DomainSid != NULL ); 00753 ASSERT( (*PolicyAccountDomainInfo)->DomainName.Buffer != NULL ); 00754 } 00755 #endif \\DBG 00756 00757 // 00758 // Query the Primary domain information 00759 // 00760 00761 Status = LsaQueryInformationPolicy( PolicyHandle, 00762 PolicyPrimaryDomainInformation, 00763 (PVOID *)PolicyPrimaryDomainInfo ); 00764 #if DBG 00765 if ( NT_SUCCESS(Status) ) { 00766 ASSERT( (*PolicyPrimaryDomainInfo) != NULL ); 00767 ASSERT( (*PolicyPrimaryDomainInfo)->Sid != NULL ); 00768 ASSERT( (*PolicyPrimaryDomainInfo)->Name.Buffer != NULL ); 00769 } 00770 #endif \\DBG 00771 00772 IgnoreStatus = LsaClose( PolicyHandle ); 00773 ASSERT(NT_SUCCESS(IgnoreStatus)); 00774 } 00775 00776 return(Status); 00777 } 00778 00779 00780 00781 00782 PSID 00783 CreateUserSid( 00784 PSID DomainSid, 00785 ULONG Rid 00786 ) 00787 00788 /*++ 00789 00790 Routine Description: 00791 00792 This function creates a domain account sid given a domain sid and 00793 the relative id of the account within the domain. 00794 00795 Arguments: 00796 00797 None. 00798 00799 Return Value: 00800 00801 Pointer to Sid, or NULL on failure. 00802 The returned Sid must be freed with DeleteUserSid 00803 00804 --*/ 00805 { 00806 00807 NTSTATUS IgnoreStatus; 00808 PSID AccountSid; 00809 UCHAR AccountSubAuthorityCount = *RtlSubAuthorityCountSid(DomainSid) + (UCHAR)1; 00810 ULONG AccountSidLength = RtlLengthRequiredSid(AccountSubAuthorityCount); 00811 PULONG RidLocation; 00812 00813 // Temp sanity check 00814 ASSERT(AccountSidLength == SeLengthSid(DomainSid) + sizeof(ULONG)); 00815 00816 // 00817 // Allocate space for the account sid 00818 // 00819 00820 AccountSid = MIDL_user_allocate(AccountSidLength); 00821 00822 if (AccountSid != NULL) { 00823 00824 // 00825 // Copy the domain sid into the first part of the account sid 00826 // 00827 00828 IgnoreStatus = RtlCopySid(AccountSidLength, AccountSid, DomainSid); 00829 ASSERT(NT_SUCCESS(IgnoreStatus)); 00830 00831 // 00832 // Increment the account sid sub-authority count 00833 // 00834 00835 *RtlSubAuthorityCountSid(AccountSid) = AccountSubAuthorityCount; 00836 00837 // 00838 // Add the rid as the final sub-authority 00839 // 00840 00841 RidLocation = RtlSubAuthoritySid(AccountSid, AccountSubAuthorityCount - 1); 00842 *RidLocation = Rid; 00843 } 00844 00845 return(AccountSid); 00846 } 00847 00848 00849 00850 VOID 00851 DeleteUserSid( 00852 PSID UserSid 00853 ) 00854 00855 /*++ 00856 00857 Routine Description: 00858 00859 Frees a sid returned by CreateUserSid. 00860 00861 Arguments: 00862 00863 None. 00864 00865 Return Value: 00866 00867 None. 00868 00869 --*/ 00870 { 00871 MIDL_user_free(UserSid); 00872 } 00873 00874 00875 00876 BOOLEAN 00877 EnableSecurityPrivilege( 00878 VOID 00879 ) 00880 00881 /*++ 00882 00883 Routine Description: 00884 00885 This function enabled the SeSecurityPrivilege privilege. 00886 00887 Arguments: 00888 00889 None. 00890 00891 Return Value: 00892 00893 TRUE if privilege successfully enabled. 00894 FALSE if not successfully enabled. 00895 00896 --*/ 00897 { 00898 00899 NTSTATUS Status; 00900 HANDLE Token; 00901 LUID SecurityPrivilege; 00902 PTOKEN_PRIVILEGES NewState; 00903 ULONG ReturnLength; 00904 00905 00906 // 00907 // Open our own token 00908 // 00909 00910 Status = NtOpenProcessToken( 00911 NtCurrentProcess(), 00912 TOKEN_ADJUST_PRIVILEGES, 00913 &Token 00914 ); 00915 if (!NT_SUCCESS(Status)) { 00916 printf(" \n\n\n"); 00917 printf("Tsamobj: Can't open process token to enable Security Privilege.\n"); 00918 printf(" Completion status of NtOpenProcessToken() is: 0x%lx\n", Status); 00919 printf("\n"); 00920 return(FALSE); 00921 } 00922 00923 00924 // 00925 // Initialize the adjustment structure 00926 // 00927 00928 SecurityPrivilege = 00929 RtlConvertLongToLargeInteger(SE_SECURITY_PRIVILEGE); 00930 00931 ASSERT( (sizeof(TOKEN_PRIVILEGES) + sizeof(LUID_AND_ATTRIBUTES)) < 100); 00932 NewState = RtlAllocateHeap( RtlProcessHeap(), 0, 100 ); 00933 00934 NewState->PrivilegeCount = 1; 00935 NewState->Privileges[0].Luid = SecurityPrivilege; 00936 NewState->Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; 00937 00938 00939 // 00940 // Set the state of the privilege to ENABLED. 00941 // 00942 00943 Status = NtAdjustPrivilegesToken( 00944 Token, // TokenHandle 00945 FALSE, // DisableAllPrivileges 00946 NewState, // NewState 00947 0, // BufferLength 00948 NULL, // PreviousState (OPTIONAL) 00949 &ReturnLength // ReturnLength 00950 ); 00951 // don't use NT_SUCCESS here because STATUS_NOT_ALL_ASSIGNED is a success status 00952 if (Status != STATUS_SUCCESS) { 00953 return(FALSE); 00954 } 00955 00956 00957 // 00958 // Clean up some stuff before returning 00959 // 00960 00961 RtlFreeHeap( RtlProcessHeap(), 0, NewState ); 00962 Status = NtClose( Token ); 00963 ASSERT(NT_SUCCESS(Status)); 00964 00965 00966 return TRUE; 00967 00968 } 00969 00970 00971 00972 VOID 00973 printfSid( 00974 PSID Sid 00975 ) 00976 00977 /*++ 00978 00979 Routine Description: 00980 00981 Prints a sid 00982 00983 Arguments: 00984 00985 None. 00986 00987 Return Value: 00988 00989 None. 00990 00991 --*/ 00992 { 00993 UCHAR Buffer[128]; 00994 UCHAR String[128]; 00995 UCHAR i; 00996 ULONG Tmp; 00997 PISID iSid = (PISID)Sid; // pointer to opaque structure 00998 PSID NextSid = (PSID)Buffer; 00999 01000 ASSERT(sizeof(Buffer) >= RtlLengthRequiredSid(1)); 01001 01002 { 01003 SID_IDENTIFIER_AUTHORITY SidAuthority = SECURITY_WORLD_SID_AUTHORITY; 01004 RtlInitializeSid(NextSid, &SidAuthority, 1 ); 01005 *(RtlSubAuthoritySid(NextSid, 0)) = SECURITY_WORLD_RID; 01006 if (RtlEqualSid(Sid, NextSid)) { 01007 printf("World"); 01008 return; 01009 } 01010 } 01011 01012 { 01013 SID_IDENTIFIER_AUTHORITY SidAuthority = SECURITY_LOCAL_SID_AUTHORITY; 01014 RtlInitializeSid(NextSid, &SidAuthority, 1 ); 01015 *(RtlSubAuthoritySid(NextSid, 0)) = SECURITY_LOCAL_RID; 01016 if (RtlEqualSid(Sid, NextSid)) { 01017 printf("Local"); 01018 return; 01019 } 01020 } 01021 01022 { 01023 SID_IDENTIFIER_AUTHORITY SidAuthority = SECURITY_CREATOR_SID_AUTHORITY; 01024 RtlInitializeSid(NextSid, &SidAuthority, 1 ); 01025 *(RtlSubAuthoritySid(NextSid, 0)) = SECURITY_CREATOR_OWNER_RID; 01026 if (RtlEqualSid(Sid, NextSid)) { 01027 printf("Creator"); 01028 return; 01029 } 01030 } 01031 01032 { 01033 SID_IDENTIFIER_AUTHORITY SidAuthority = SECURITY_NT_AUTHORITY; 01034 RtlInitializeSid(NextSid, &SidAuthority, 1 ); 01035 *(RtlSubAuthoritySid(NextSid, 0)) = SECURITY_DIALUP_RID; 01036 if (RtlEqualSid(Sid, NextSid)) { 01037 printf("Dialup"); 01038 return; 01039 } 01040 } 01041 01042 { 01043 SID_IDENTIFIER_AUTHORITY SidAuthority = SECURITY_NT_AUTHORITY; 01044 RtlInitializeSid(NextSid, &SidAuthority, 1 ); 01045 *(RtlSubAuthoritySid(NextSid, 0)) = SECURITY_NETWORK_RID; 01046 if (RtlEqualSid(Sid, NextSid)) { 01047 printf("Network"); 01048 return; 01049 } 01050 } 01051 01052 { 01053 SID_IDENTIFIER_AUTHORITY SidAuthority = SECURITY_NT_AUTHORITY; 01054 RtlInitializeSid(NextSid, &SidAuthority, 1 ); 01055 *(RtlSubAuthoritySid(NextSid, 0)) = SECURITY_BATCH_RID; 01056 if (RtlEqualSid(Sid, NextSid)) { 01057 printf("Batch"); 01058 return; 01059 } 01060 } 01061 01062 { 01063 SID_IDENTIFIER_AUTHORITY SidAuthority = SECURITY_NT_AUTHORITY; 01064 RtlInitializeSid(NextSid, &SidAuthority, 1 ); 01065 *(RtlSubAuthoritySid(NextSid, 0)) = SECURITY_INTERACTIVE_RID; 01066 if (RtlEqualSid(Sid, NextSid)) { 01067 printf("Interactive"); 01068 return; 01069 } 01070 } 01071 01072 01073 { 01074 SID_IDENTIFIER_AUTHORITY SidAuthority = SECURITY_NT_AUTHORITY; 01075 RtlInitializeSid(NextSid, &SidAuthority, 1 ); 01076 *(RtlSubAuthoritySid(NextSid, 0)) = SECURITY_LOCAL_SYSTEM_RID; 01077 if (RtlEqualSid(Sid, NextSid)) { 01078 printf("Local System"); 01079 return; 01080 } 01081 } 01082 01083 01084 01085 sprintf(Buffer, "S-%u-", (USHORT)iSid->Revision ); 01086 strcpy(String, Buffer); 01087 01088 if ( (iSid->IdentifierAuthority.Value[0] != 0) || 01089 (iSid->IdentifierAuthority.Value[1] != 0) ){ 01090 sprintf(Buffer, "0x%02hx%02hx%02hx%02hx%02hx%02hx", 01091 (USHORT)iSid->IdentifierAuthority.Value[0], 01092 (USHORT)iSid->IdentifierAuthority.Value[1], 01093 (USHORT)iSid->IdentifierAuthority.Value[2], 01094 (USHORT)iSid->IdentifierAuthority.Value[3], 01095 (USHORT)iSid->IdentifierAuthority.Value[4], 01096 (USHORT)iSid->IdentifierAuthority.Value[5] ); 01097 strcat(String, Buffer); 01098 } else { 01099 Tmp = (ULONG)iSid->IdentifierAuthority.Value[5] + 01100 (ULONG)(iSid->IdentifierAuthority.Value[4] << 8) + 01101 (ULONG)(iSid->IdentifierAuthority.Value[3] << 16) + 01102 (ULONG)(iSid->IdentifierAuthority.Value[2] << 24); 01103 sprintf(Buffer, "%lu", Tmp); 01104 strcat(String, Buffer); 01105 } 01106 01107 01108 for (i=0;i<iSid->SubAuthorityCount ;i++ ) { 01109 sprintf(Buffer, "-%lu", iSid->SubAuthority[i]); 01110 strcat(String, Buffer); 01111 } 01112 01113 printf(Buffer); 01114 01115 return; 01116 } 01117 01118 01119 VOID 01120 DetermineTestsToRun( 01121 VOID 01122 ) 01123 01124 /*++ 01125 01126 Routine Description: 01127 01128 This function determines which tests are to be run. 01129 01130 01131 Arguments: 01132 01133 None. 01134 01135 Return Value: 01136 01137 None. 01138 01139 01140 --*/ 01141 { 01142 01143 NTSTATUS Status; 01144 HANDLE Token; 01145 01146 PTOKEN_USER User; 01147 PTOKEN_GROUPS Groups; 01148 01149 ULONG ReturnLength, 01150 i; 01151 01152 01153 01154 // 01155 // See if we can play with auditing information 01156 // 01157 01158 SecurityOperatorTest = EnableSecurityPrivilege(); 01159 01160 01161 // 01162 // Open our own token 01163 // 01164 01165 Status = NtOpenProcessToken( 01166 NtCurrentProcess(), 01167 TOKEN_QUERY, 01168 &Token 01169 ); 01170 if (!NT_SUCCESS(Status)) { 01171 printf(" \n\n\n"); 01172 printf("Tsamobj: Can't open process token to query owner.\n"); 01173 printf(" Completion status of NtOpenProcessToken() is: 0x%lx\n", Status); 01174 printf("\n"); 01175 return; 01176 } 01177 01178 01179 // 01180 // Query the user id 01181 // 01182 01183 User = RtlAllocateHeap( RtlProcessHeap(), 0, 1000 ); // should be plenty big 01184 Status = NtQueryInformationToken( Token, TokenUser, User, 1000, &ReturnLength ); 01185 ASSERT(NT_SUCCESS(Status)); 01186 01187 // 01188 // See if the ID is one of the special IDs (e.g., local admin, 01189 // domain account operator, or domain admin) 01190 // 01191 01192 SeeIfSidIsSpecial( User->User.Sid ); 01193 01194 01195 01196 // 01197 // Query the group ids 01198 // 01199 01200 Groups = RtlAllocateHeap( RtlProcessHeap(), 0, 1000 ); // should be plenty big 01201 Status = NtQueryInformationToken( Token, TokenGroups, Groups, 1000, &ReturnLength ); 01202 ASSERT(NT_SUCCESS(Status)); 01203 01204 // 01205 // See if any of these IDs are special IDs 01206 // 01207 01208 for (i=0; i<Groups->GroupCount; i++) { 01209 SeeIfSidIsSpecial( Groups->Groups[i].Sid ); 01210 } 01211 01212 01213 01214 01215 01216 // 01217 // Clean up some stuff before returning 01218 // 01219 01220 RtlFreeHeap( RtlProcessHeap(), 0, User ); 01221 RtlFreeHeap( RtlProcessHeap(), 0, Groups ); 01222 Status = NtClose( Token ); 01223 ASSERT(NT_SUCCESS(Status)); 01224 01225 01226 01227 printf("\n\n\n\nPerforming:\n\n"); 01228 01229 printf(" Administrator Alias Test. . . . . "); 01230 if (AdminsAliasTest) { 01231 printf("Yes\n\n"); 01232 } else { 01233 printf("No\n\n"); 01234 } 01235 01236 printf(" Account Operator Alias Test . . "); 01237 if (AccountOpAliasTest) { 01238 printf("Yes\n\n"); 01239 } else { 01240 printf("No\n\n"); 01241 } 01242 01243 printf(" Security Operator Test . . . . . "); 01244 if (SecurityOperatorTest) { 01245 printf("Yes\n\n"); 01246 } else { 01247 printf("No\n\n"); 01248 } 01249 01250 printf("\n\n\n"); 01251 01252 01253 01254 return; 01255 01256 } 01257 01258 01259 VOID 01260 SeeIfSidIsSpecial( 01261 IN PSID Sid 01262 ) 01263 01264 /*++ 01265 01266 Routine Description: 01267 01268 This function determines whether the passed SID is one of the special 01269 SIDs, such as ADMINISTRATORS alias, or DomainAccountOperator, and 01270 sets test flags accordingly. 01271 01272 01273 Arguments: 01274 01275 Sid - Pointer to the SID to check. 01276 01277 Return Value: 01278 01279 None. 01280 01281 01282 --*/ 01283 { 01284 01285 01286 01287 01288 if (RtlEqualSid( Sid, AdminsAliasSid )){ 01289 AdminsAliasTest = TRUE; 01290 } 01291 01292 if (RtlEqualSid( Sid, AccountAliasSid )){ 01293 AccountOpAliasTest = TRUE; 01294 } 01295 01296 return; 01297 01298 } 01299 01300 01302 // // 01303 // Server Object Test Suite // 01304 // // 01306 01307 01308 BOOLEAN 01309 ServerTestSuite( 01310 PHANDLE ServerHandle, 01311 PHANDLE DomainHandle, 01312 PHANDLE BuiltinDomainHandle, 01313 PSID *DomainSid 01314 ) 01315 01316 { 01317 NTSTATUS NtStatus; 01318 OBJECT_ATTRIBUTES ObjectAttributes; 01319 BOOLEAN TestStatus = TRUE; 01320 ULONG CountReturned; 01321 SAM_ENUMERATE_HANDLE EnumerationContext; 01322 PSAM_RID_ENUMERATION EnumerationBuffer; 01323 PSID BuiltinDomainSid; 01324 ACCESS_MASK ServerAccessMask, DomainAccessMask; 01325 01326 01327 01328 01329 01330 printf("\n"); 01331 printf("\n"); 01332 printf(" Server Object Test\n"); 01333 01335 // // 01336 // Connect To Server // 01337 // // 01339 01340 printf("\n"); 01341 printf(" Connect / Disconnect. . . . . . . . . . . . . . . . . Suite\n"); 01342 01343 printf(" Connect . . . . . . . . . . . . . . . . . . . . . . "); 01344 01345 01346 ServerAccessMask = SAM_SERVER_READ | SAM_SERVER_EXECUTE; 01347 if (AdminsAliasTest) { 01348 ServerAccessMask |= SAM_SERVER_ALL_ACCESS; 01349 } 01350 if (SecurityOperatorTest) { 01351 ServerAccessMask |= ACCESS_SYSTEM_SECURITY; 01352 } 01353 01354 InitializeObjectAttributes( &ObjectAttributes, NULL, 0, 0, NULL ); 01355 01356 01357 NtStatus = SamConnect( 01358 NULL, // ServerName (Local machine) 01359 ServerHandle, 01360 ServerAccessMask, 01361 &ObjectAttributes 01362 ); 01363 01364 01365 if (!NT_SUCCESS(NtStatus)) { 01366 printf("Failed\n"); 01367 printf(" Completion status is 0x%lx\n", NtStatus); 01368 TestStatus = FALSE; 01369 } else { 01370 printf("Succeeded\n"); 01371 } 01372 01373 01374 if (NT_SUCCESS(NtStatus)) { 01375 01376 printf(" Disconnect . . . . . . . . . . . . . . . . . . . . "); 01377 01378 NtStatus = SamCloseHandle( (*ServerHandle) ); 01379 01380 if (!NT_SUCCESS(NtStatus)) { 01381 printf("Failed\n"); 01382 printf(" Completion status is 0x%lx\n", NtStatus); 01383 TestStatus = FALSE; 01384 } else { 01385 printf("Succeeded\n"); 01386 } 01387 } 01388 01389 01390 01391 printf(" Re-Connect . . . . . . . . . . . . . . . . . . . . "); 01392 01393 01394 NtStatus = SamConnect( 01395 NULL, // ServerName (Local machine) 01396 ServerHandle, 01397 ServerAccessMask, 01398 &ObjectAttributes 01399 ); 01400 01401 01402 if (!NT_SUCCESS(NtStatus)) { 01403 printf("Failed\n"); 01404 printf(" Completion status is 0x%lx\n", NtStatus); 01405 TestStatus = FALSE; 01406 } else { 01407 printf("Succeeded\n"); 01408 } 01409 01410 01412 // // 01413 // Lookup/Enumerate Domains Suite // 01414 // // 01416 01417 01418 printf("\n"); 01419 printf(" Domain Lookup/Enumerate/Open . . . . . . . . . . . . Suite\n"); 01420 01421 01422 01423 if (NT_SUCCESS(NtStatus)) { 01424 01425 printf(" Lookup Account Domain . . . . . . . . . . . . . . . "); 01426 01427 01428 NtStatus = SamLookupDomainInSamServer( 01429 (*ServerHandle), 01430 &AccountDomainName, 01431 DomainSid 01432 ); 01433 01434 if (!NT_SUCCESS(NtStatus)) { 01435 printf("Failed\n"); 01436 printf(" Completion status is 0x%lx\n", NtStatus); 01437 TestStatus = FALSE; 01438 } else { 01439 if ( TRUE != RtlEqualSid((*DomainSid), AccountDomainSid)) { 01440 printf("Failed\n"); 01441 printf(" The SID retrieved from the policy database did not\n"); 01442 printf(" match the SID retrieved from SAM for the account\n"); 01443 printf(" domain.\n"); 01444 printf(" Sid from Policy Database is: "); 01445 printfSid( AccountDomainSid ); printf("\n"); 01446 printf(" Sid from SAM is: "); 01447 printfSid( (*DomainSid) ); printf("\n"); 01448 TestStatus = FALSE; 01449 } else { 01450 printf("Succeeded\n"); 01451 } 01452 } 01453 01454 } 01455 01456 01457 01458 01459 01460 01461 if (NT_SUCCESS(NtStatus)) { 01462 01463 printf(" Enumerate Domain . . . . . . . . . . . . . . . . . "); 01464 01465 01466 EnumerationContext = 0; 01467 EnumerationBuffer = NULL; 01468 NtStatus = SamEnumerateDomainsInSamServer( 01469 (*ServerHandle), 01470 &EnumerationContext, 01471 (PVOID *)&EnumerationBuffer, 01472 1024, // PreferedMaximumLength 01473 &CountReturned 01474 ); 01475 01476 if (!NT_SUCCESS(NtStatus)) { 01477 printf("Failed\n"); 01478 printf(" Completion status is 0x%lx\n", NtStatus); 01479 TestStatus = FALSE; 01480 } else { 01481 01482 if (CountReturned == 0) { 01483 printf("Failed\n"); 01484 printf(" Completion status is 0x%lx\n", NtStatus); 01485 printf(" CountReturned is: 0x%lx\n", CountReturned); 01486 printf(" EnumerationContext is: 0x%lx\n", EnumerationContext); 01487 printf(" EnumerationBuffer Address is: 0x%lx\n", (ULONG)EnumerationBuffer); 01488 TestStatus = FALSE; 01489 01490 } else { 01491 printf("Succeeded\n"); 01492 } 01493 01494 SamFreeMemory( EnumerationBuffer ); 01495 } 01496 01497 } 01498 01499 01500 01501 01502 01503 01504 if (NT_SUCCESS(NtStatus)) { 01505 01506 printf(" Open Account Domain . . . . . . . . . . . . . . . . "); 01507 01508 if (NT_SUCCESS(NtStatus)) { 01509 01510 DomainAccessMask = DOMAIN_READ | DOMAIN_EXECUTE; 01511 if (AccountOpAliasTest) { 01512 DomainAccessMask |= DOMAIN_READ | DOMAIN_WRITE | DOMAIN_EXECUTE; 01513 } 01514 if (AdminsAliasTest) { 01515 DomainAccessMask |= DOMAIN_ALL_ACCESS; 01516 } 01517 if (SecurityOperatorTest) { 01518 DomainAccessMask |= ACCESS_SYSTEM_SECURITY; 01519 } 01520 NtStatus = SamOpenDomain( 01521 (*ServerHandle), 01522 DomainAccessMask, 01523 *DomainSid, 01524 DomainHandle 01525 ); 01526 01527 if (!NT_SUCCESS(NtStatus)) { 01528 printf("Failed\n"); 01529 printf(" Completion status is 0x%lx\n", NtStatus); 01530 TestStatus = FALSE; 01531 } else { 01532 printf("Succeeded\n"); 01533 } 01534 } 01535 01536 } 01537 01538 if (NT_SUCCESS(NtStatus)) { 01539 01540 printf(" Open Builtin Domain . . . . . . . . . . . . . . . . "); 01541 01542 NtStatus = SamLookupDomainInSamServer( 01543 (*ServerHandle), 01544 &BuiltinDomainName, 01545 &BuiltinDomainSid 01546 ); 01547 01548 if (NT_SUCCESS(NtStatus)) { 01549 01550 DomainAccessMask = DOMAIN_READ | DOMAIN_EXECUTE; 01551 if (AccountOpAliasTest) { 01552 DomainAccessMask |= DOMAIN_READ | DOMAIN_WRITE | DOMAIN_EXECUTE; 01553 } 01554 if (AdminsAliasTest) { 01555 DomainAccessMask |= (DOMAIN_EXECUTE | DOMAIN_READ | 01556 DOMAIN_READ_OTHER_PARAMETERS | 01557 DOMAIN_ADMINISTER_SERVER | 01558 DOMAIN_CREATE_ALIAS); 01559 } 01560 // if (SecurityOperatorTest) { 01561 // DomainAccessMask |= ACCESS_SYSTEM_SECURITY; 01562 // } 01563 NtStatus = SamOpenDomain( 01564 (*ServerHandle), 01565 DomainAccessMask, 01566 BuiltinDomainSid, 01567 BuiltinDomainHandle 01568 ); 01569 01570 if (!NT_SUCCESS(NtStatus)) { 01571 printf("Failed\n"); 01572 printf(" Completion status is 0x%lx\n", NtStatus); 01573 TestStatus = FALSE; 01574 } else { 01575 printf("Succeeded\n"); 01576 } 01577 } 01578 01579 } 01580 01581 return(TestStatus); 01582 01583 01584 } 01585 01586 01588 // // 01589 // Security Manipulation Test Suite // 01590 // // 01592 01593 01594 BOOLEAN 01595 SecurityTestSuite( 01596 HANDLE ServerHandle, 01597 HANDLE DomainHandle, 01598 ULONG Pass 01599 ) 01600 { 01601 01602 BOOLEAN TestStatus = TRUE; 01603 NTSTATUS NtStatus; 01604 01605 PSECURITY_DESCRIPTOR OriginalServerSD, 01606 OriginalDomainSD, 01607 OriginalUserSD, 01608 OriginalGroupSD, 01609 SD1; 01610 01611 SECURITY_INFORMATION SI1; 01612 PVOID TmpPointer1; 01613 01614 SECURITY_DESCRIPTOR SD1_Body; 01615 01616 HANDLE GroupHandle, 01617 UserHandle; 01618 01619 01620 01621 01622 printf("\n"); 01623 printf("\n"); 01624 printf("\n"); 01625 01626 if (Pass == 1) { 01627 01628 printf(" Security Manipulation (Pass #1) Test\n"); 01629 01631 // // 01632 // Query Suite // 01633 // // 01635 01636 printf("\n"); 01637 printf(" Query Security . . . . . . . . . . . . . . . . . . . Suite\n"); 01638 01639 01640 // 01641 // Get Server's original SD 01642 // 01643 01644 01645 SI1 = 0; 01646 if (AdminsAliasTest) { 01647 SI1 |= OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | 01648 DACL_SECURITY_INFORMATION; 01649 } 01650 if (SecurityOperatorTest) { 01651 SI1 |= SACL_SECURITY_INFORMATION; 01652 } 01653 if (SI1 != 0) { 01654 printf(" Query Server Security Descriptor . . . . . . . . . . "); 01655 SD1 = NULL; 01656 NtStatus = SamQuerySecurityObject( 01657 ServerHandle, 01658 SI1, 01659 &SD1 01660 ); 01661 if (NT_SUCCESS(NtStatus)) { 01662 01663 TestStatus = CheckReturnedSD( SI1, SD1, TRUE ); 01664 01665 // 01666 // Normally we would do a "SamFreeMemory( SD1 )" here. 01667 // However, we want to save this SD for future reference 01668 // and use. 01669 // 01670 01671 OriginalServerSD = SD1; 01672 01673 } else { 01674 printf("Failed\n"); 01675 printf(" Completion status is 0x%lx\n", NtStatus); 01676 TestStatus = FALSE; 01677 } 01678 } 01679 01680 01681 01682 01683 01684 // 01685 // Get domain's original SD 01686 // 01687 01688 01689 SI1 = 0; 01690 if (AdminsAliasTest) { 01691 SI1 |= OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | 01692 DACL_SECURITY_INFORMATION; 01693 } 01694 if (SecurityOperatorTest) { 01695 SI1 |= SACL_SECURITY_INFORMATION; 01696 } 01697 if (SI1 != 0) { 01698 printf(" Query Domain Security Descriptor . . . . . . . . . . "); 01699 SD1 = NULL; 01700 NtStatus = SamQuerySecurityObject( 01701 DomainHandle, 01702 SI1, 01703 &SD1 01704 ); 01705 if (NT_SUCCESS(NtStatus)) { 01706 01707 TestStatus = CheckReturnedSD( SI1, SD1, TRUE ); 01708 01709 // 01710 // Normally we would do a "SamFreeMemory( SD1 )" here. 01711 // However, we want to save this SD for future reference 01712 // and use. 01713 // 01714 01715 OriginalDomainSD = SD1; 01716 01717 } else { 01718 printf("Failed\n"); 01719 printf(" Completion status is 0x%lx\n", NtStatus); 01720 TestStatus = FALSE; 01721 } 01722 } 01723 01724 01725 01726 01727 01728 01729 // 01730 // Make sure the wrapper doesn't choke on a non-null pointer being passed 01731 // (assuming we have allocated memory). 01732 // 01733 01734 01735 SI1 = 0; 01736 if (AdminsAliasTest) { 01737 SI1 |= OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | 01738 DACL_SECURITY_INFORMATION; 01739 } 01740 if (SecurityOperatorTest) { 01741 SI1 |= SACL_SECURITY_INFORMATION; 01742 } 01743 if (SI1 != 0) { 01744 printf(" Query Passing Non-null return buffer . . . . . . . . "); 01745 SD1 = RtlAllocateHeap( RtlProcessHeap(), 0, 1000 ); ASSERT(SD1 != NULL); 01746 TmpPointer1 = SD1; 01747 NtStatus = SamQuerySecurityObject( 01748 DomainHandle, 01749 SI1, 01750 &SD1 01751 ); 01752 if (NT_SUCCESS(NtStatus)) { 01753 if (SD1 != TmpPointer1) { 01754 01755 TestStatus = CheckReturnedSD( SI1, SD1, TRUE ); 01756 if (TestStatus) { 01757 SamFreeMemory( SD1 ); 01758 } 01759 01760 01761 } else { 01762 printf("Failed\n"); 01763 printf(" Passed buffer address used on return.\n"); 01764 printf(" RPC should have allocated another buffer.\n"); 01765 TestStatus = FALSE; 01766 } 01767 } else { 01768 printf("Failed\n"); 01769 printf(" Completion status is 0x%lx\n", NtStatus); 01770 TestStatus = FALSE; 01771 } 01772 01773 01774 RtlFreeHeap( RtlProcessHeap(), 0, TmpPointer1 ); 01775 01776 } 01777 01778 01779 01780 01781 01782 01783 // 01784 // Make sure we can query nothing 01785 // 01786 01787 printf(" Query Nothing . . . . . . . . . . . . . . . . . . . . "); 01788 01789 SI1 = 0; 01790 SD1 = NULL; 01791 NtStatus = SamQuerySecurityObject( 01792 DomainHandle, 01793 SI1, 01794 &SD1 01795 ); 01796 if (NT_SUCCESS(NtStatus)) { 01797 01798 TestStatus = CheckReturnedSD( SI1, SD1, TRUE ); 01799 if (TestStatus) { 01800 SamFreeMemory( SD1 ); 01801 } 01802 01803 } else { 01804 printf("Failed\n"); 01805 printf(" Completion status is 0x%lx\n", NtStatus); 01806 TestStatus = FALSE; 01807 } 01808 01809 01810 01811 01812 01813 // 01814 // Query owner 01815 // 01816 01817 01818 if (AdminsAliasTest) { 01819 printf(" Query Owner (Server Object) . . . . . . . . . . . . . "); 01820 SI1 = OWNER_SECURITY_INFORMATION; 01821 SD1 = NULL; 01822 NtStatus = SamQuerySecurityObject( 01823 ServerHandle, 01824 SI1, 01825 &SD1 01826 ); 01827 if (NT_SUCCESS(NtStatus)) { 01828 01829 TestStatus = CheckReturnedSD( SI1, SD1, TRUE ); 01830 if (TestStatus) { 01831 SamFreeMemory( SD1 ); 01832 } 01833 01834 } else { 01835 printf("Failed\n"); 01836 printf(" Completion status is 0x%lx\n", NtStatus); 01837 TestStatus = FALSE; 01838 } 01839 } 01840 01841 01842 01843 01844 if (AdminsAliasTest) { 01845 printf(" Query Owner (Domain Object) . . . . . . . . . . . . . "); 01846 SI1 = OWNER_SECURITY_INFORMATION; 01847 SD1 = NULL; 01848 NtStatus = SamQuerySecurityObject( 01849 DomainHandle, 01850 SI1, 01851 &SD1 01852 ); 01853 if (NT_SUCCESS(NtStatus)) { 01854 01855 TestStatus = CheckReturnedSD( SI1, SD1, TRUE ); 01856 if (TestStatus) { 01857 SamFreeMemory( SD1 ); 01858 } 01859 01860 } else { 01861 printf("Failed\n"); 01862 printf(" Completion status is 0x%lx\n", NtStatus); 01863 TestStatus = FALSE; 01864 } 01865 } 01866 01867 01868 01869 01870 01871 if (AdminsAliasTest) { 01872 01873 // 01874 // Query Group 01875 // 01876 01877 printf(" Query Group . . . . . . . . . . . . . . . . . . . . . "); 01878 01879 SI1 = GROUP_SECURITY_INFORMATION; 01880 SD1 = NULL; 01881 NtStatus = SamQuerySecurityObject( 01882 DomainHandle, 01883 SI1, 01884 &SD1 01885 ); 01886 if (NT_SUCCESS(NtStatus)) { 01887 01888 TestStatus = CheckReturnedSD( SI1, SD1, TRUE ); 01889 if (TestStatus) { 01890 SamFreeMemory( SD1 ); 01891 } 01892 01893 } else { 01894 printf("Failed\n"); 01895 printf(" Completion status is 0x%lx\n", NtStatus); 01896 TestStatus = FALSE; 01897 } 01898 01899 01900 01901 01902 01903 // 01904 // Query Dacl 01905 // 01906 01907 printf(" Query DACL . . . . . . . . . . . . . . . . . . . . . "); 01908 01909 SI1 = DACL_SECURITY_INFORMATION; 01910 SD1 = NULL; 01911 NtStatus = SamQuerySecurityObject( 01912 DomainHandle, 01913 SI1, 01914 &SD1 01915 ); 01916 if (NT_SUCCESS(NtStatus)) { 01917 01918 TestStatus = CheckReturnedSD( SI1, SD1, TRUE ); 01919 if (TestStatus) { 01920 SamFreeMemory( SD1 ); 01921 } 01922 01923 } else { 01924 printf("Failed\n"); 01925 printf(" Completion status is 0x%lx\n", NtStatus); 01926 TestStatus = FALSE; 01927 } 01928 01929 01930 01931 01932 01933 // 01934 // Query Sacl 01935 // 01936 01937 printf(" Query SACL . . . . . . . . . . . . . . . . . . . . . "); 01938 01939 SI1 = SACL_SECURITY_INFORMATION; 01940 SD1 = NULL; 01941 NtStatus = SamQuerySecurityObject( 01942 DomainHandle, 01943 SI1, 01944 &SD1 01945 ); 01946 if (NT_SUCCESS(NtStatus)) { 01947 01948 TestStatus = CheckReturnedSD( SI1, SD1, TRUE ); 01949 if (TestStatus) { 01950 SamFreeMemory( SD1 ); 01951 } 01952 01953 } else { 01954 printf("Failed\n"); 01955 printf(" Completion status is 0x%lx\n", NtStatus); 01956 TestStatus = FALSE; 01957 } 01958 01959 } // end_if (AdminsAliasTest) 01960 01961 01962 01963 01964 01966 // // 01967 // Set Suite // 01968 // // 01970 01971 printf("\n"); 01972 printf(" Set Security . . . . . . . . . . . . . . . . . . . . Suite\n"); 01973 01974 01975 // 01976 // Make sure we can set nothing 01977 // 01978 01979 printf(" Set Nothing . . . . . . . . . . . . . . . . . . . . . "); 01980 01981 SI1 = 0; 01982 SD1 = &SD1_Body; 01983 NtStatus = RtlCreateSecurityDescriptor( SD1, SECURITY_DESCRIPTOR_REVISION1 ); 01984 ASSERT( NT_SUCCESS(NtStatus) ); 01985 NtStatus = SamSetSecurityObject( 01986 DomainHandle, 01987 SI1, // <------ This is invalid 01988 SD1 01989 ); 01990 if (NtStatus == STATUS_INVALID_PARAMETER) { 01991 01992 printf("Succeeded\n"); 01993 01994 } else { 01995 printf("Failed\n"); 01996 printf(" Completion status is 0x%lx\n", NtStatus); 01997 TestStatus = FALSE; 01998 } 01999 02000 02001 02002 02003 02004 02005 // 02006 // set something not passed 02007 // 02008 02009 printf(" Set something not passed. . . . . . . . . . . . . . . "); 02010 02011 SI1 = GROUP_SECURITY_INFORMATION; 02012 SD1 = &SD1_Body; 02013 NtStatus = RtlCreateSecurityDescriptor( SD1, SECURITY_DESCRIPTOR_REVISION1 ); 02014 ASSERT( NT_SUCCESS(NtStatus) ); 02015 NtStatus = SamSetSecurityObject( 02016 DomainHandle, 02017 SI1, 02018 SD1 02019 ); 02020 if (NtStatus == STATUS_BAD_DESCRIPTOR_FORMAT) { 02021 02022 printf("Succeeded\n"); 02023 02024 } else { 02025 printf("Failed\n"); 02026 printf(" Completion status is 0x%lx\n", NtStatus); 02027 TestStatus = FALSE; 02028 } 02029 02030 02031 02032 02033 02034 02035 // 02036 // set a non-existant DACL 02037 // 02038 02039 if (AdminsAliasTest) { 02040 printf(" Set non-existant DACL (Server object) . . . . . . . . "); 02041 02042 SI1 = DACL_SECURITY_INFORMATION; 02043 SD1 = &SD1_Body; 02044 NtStatus = RtlCreateSecurityDescriptor( SD1, SECURITY_DESCRIPTOR_REVISION1 ); 02045 SD1_Body.Control = SE_DACL_PRESENT; 02046 ASSERT( NT_SUCCESS(NtStatus) ); 02047 NtStatus = SamSetSecurityObject( 02048 ServerHandle, 02049 SI1, 02050 SD1 02051 ); 02052 if (NT_SUCCESS(NtStatus)) { 02053 02054 printf("Succeeded\n"); 02055 02056 } else { 02057 printf("Failed\n"); 02058 printf(" Completion status is 0x%lx\n", NtStatus); 02059 TestStatus = FALSE; 02060 } 02061 } 02062 02063 02064 02065 if (AdminsAliasTest) { 02066 printf(" Set non-existant DACL (Domain Object) . . . . . . . . "); 02067 02068 SI1 = DACL_SECURITY_INFORMATION; 02069 SD1 = &SD1_Body; 02070 NtStatus = RtlCreateSecurityDescriptor( SD1, SECURITY_DESCRIPTOR_REVISION1 ); 02071 SD1_Body.Control = SE_DACL_PRESENT; 02072 ASSERT( NT_SUCCESS(NtStatus) ); 02073 NtStatus = SamSetSecurityObject( 02074 DomainHandle, 02075 SI1, 02076 SD1 02077 ); 02078 if (NT_SUCCESS(NtStatus)) { 02079 02080 printf("Succeeded\n"); 02081 02082 } else { 02083 printf("Failed\n"); 02084 printf(" Completion status is 0x%lx\n", NtStatus); 02085 TestStatus = FALSE; 02086 } 02087 } 02088 02089 02090 02091 02092 02093 // 02094 // set original DACL (From original SD) 02095 // 02096 02097 if (AdminsAliasTest) { 02098 02099 printf(" Set original DACL (Server Object) . . . . . . . . . . "); 02100 02101 SI1 = DACL_SECURITY_INFORMATION; 02102 SD1 = OriginalServerSD; 02103 NtStatus = SamSetSecurityObject( 02104 ServerHandle, 02105 SI1, 02106 SD1 02107 ); 02108 if (NT_SUCCESS(NtStatus)) { 02109 02110 printf("Succeeded\n"); 02111 02112 } else { 02113 printf("Failed\n"); 02114 printf(" Completion status is 0x%lx\n", NtStatus); 02115 TestStatus = FALSE; 02116 } 02117 } 02118 02119 02120 02121 if (AdminsAliasTest) { 02122 02123 printf(" Set original DACL (Domain Object) . . . . . . . . . . "); 02124 02125 SI1 = DACL_SECURITY_INFORMATION; 02126 SD1 = OriginalDomainSD; 02127 NtStatus = SamSetSecurityObject( 02128 DomainHandle, 02129 SI1, 02130 SD1 02131 ); 02132 if (NT_SUCCESS(NtStatus)) { 02133 02134 printf("Succeeded\n"); 02135 02136 } else { 02137 printf("Failed\n"); 02138 printf(" Completion status is 0x%lx\n", NtStatus); 02139 TestStatus = FALSE; 02140 } 02141 } 02142 02143 02144 02145 02146 02147 if (AdminsAliasTest) { 02148 02149 // 02150 // set a non-existant SACL 02151 // 02152 02153 printf(" Set non-existant SACL . . . . . . . . . . . . . . . . "); 02154 02155 SI1 = SACL_SECURITY_INFORMATION; 02156 SD1 = &SD1_Body; 02157 NtStatus = RtlCreateSecurityDescriptor( SD1, SECURITY_DESCRIPTOR_REVISION1 ); 02158 SD1_Body.Control = SE_SACL_PRESENT; 02159 ASSERT( NT_SUCCESS(NtStatus) ); 02160 NtStatus = SamSetSecurityObject( 02161 DomainHandle, 02162 SI1, 02163 SD1 02164 ); 02165 if (NT_SUCCESS(NtStatus)) { 02166 02167 printf("Succeeded\n"); 02168 02169 } else { 02170 printf("Failed\n"); 02171 printf(" Completion status is 0x%lx\n", NtStatus); 02172 TestStatus = FALSE; 02173 } 02174 02175 02176 02177 02178 02179 02180 // 02181 // set original SACL (From original SD) 02182 // 02183 02184 printf(" Set original SACL . . . . . . . . . . . . . . . . . . "); 02185 02186 SI1 = SACL_SECURITY_INFORMATION; 02187 SD1 = OriginalDomainSD; 02188 NtStatus = SamSetSecurityObject( 02189 DomainHandle, 02190 SI1, 02191 SD1 02192 ); 02193 if (NT_SUCCESS(NtStatus)) { 02194 02195 printf("Succeeded\n"); 02196 02197 } else { 02198 printf("Failed\n"); 02199 printf(" Completion status is 0x%lx\n", NtStatus); 02200 TestStatus = FALSE; 02201 } 02202 02203 02204 02205 02206 02207 // 02208 // set a owner to null 02209 // 02210 02211 printf(" Set null Owner . . . . . . . . . . . . . . . . . . . "); 02212 02213 SI1 = OWNER_SECURITY_INFORMATION; 02214 SD1 = &SD1_Body; 02215 NtStatus = RtlCreateSecurityDescriptor( SD1, SECURITY_DESCRIPTOR_REVISION1 ); 02216 SD1_Body.Owner = NULL; 02217 ASSERT( NT_SUCCESS(NtStatus) ); 02218 NtStatus = SamSetSecurityObject( 02219 DomainHandle, 02220 SI1, 02221 SD1 02222 ); 02223 if (NtStatus = STATUS_BAD_DESCRIPTOR_FORMAT) { 02224 02225 printf("Succeeded\n"); 02226 02227 } else { 02228 printf("Failed\n"); 02229 printf(" Completion status is 0x%lx\n", NtStatus); 02230 TestStatus = FALSE; 02231 } 02232 02233 02234 02235 02236 02237 // 02238 // set owner to invalid value 02239 // 02240 02241 printf(" Set owner to invalid value . . . . . . . . . . . . . "); 02242 02243 SI1 = OWNER_SECURITY_INFORMATION; 02244 SD1 = &SD1_Body; 02245 NtStatus = RtlCreateSecurityDescriptor( SD1, SECURITY_DESCRIPTOR_REVISION1 ); 02246 SD1_Body.Owner = WorldSid; 02247 ASSERT( NT_SUCCESS(NtStatus) ); 02248 NtStatus = SamSetSecurityObject( 02249 DomainHandle, 02250 SI1, 02251 SD1 02252 ); 02253 if (NtStatus = STATUS_INVALID_OWNER) { 02254 02255 printf("Succeeded\n"); 02256 02257 } else { 02258 printf("Failed\n"); 02259 printf(" Completion status is 0x%lx\n", NtStatus); 02260 TestStatus = FALSE; 02261 } 02262 02263 02264 02265 02266 // 02267 // set a owner to valid value 02268 // 02269 02270 printf(" Set owner to valid value . . . . . . . . . . . . . . "); 02271 02272 printf("Untested\n"); 02273 02274 02275 02276 02277 02278 // 02279 // set group to null 02280 // 02281 02282 printf(" Set null Group . . . . . . . . . . . . . . . . . . . "); 02283 02284 SI1 = GROUP_SECURITY_INFORMATION; 02285 SD1 = &SD1_Body; 02286 NtStatus = RtlCreateSecurityDescriptor( SD1, SECURITY_DESCRIPTOR_REVISION1 ); 02287 SD1_Body.Group = NULL; 02288 ASSERT( NT_SUCCESS(NtStatus) ); 02289 NtStatus = SamSetSecurityObject( 02290 DomainHandle, 02291 SI1, 02292 SD1 02293 ); 02294 if (NtStatus = STATUS_BAD_DESCRIPTOR_FORMAT) { 02295 02296 printf("Succeeded\n"); 02297 02298 } else { 02299 printf("Failed\n"); 02300 printf(" Completion status is 0x%lx\n", NtStatus); 02301 TestStatus = FALSE; 02302 } 02303 02304 02305 02306 02307 02308 02309 // 02310 // set Group to valid value 02311 // 02312 02313 printf(" Set Group to valid value . . . . . . . . . . . . . . "); 02314 02315 SI1 = GROUP_SECURITY_INFORMATION; 02316 SD1 = &SD1_Body; 02317 NtStatus = RtlCreateSecurityDescriptor( SD1, SECURITY_DESCRIPTOR_REVISION1 ); 02318 SD1_Body.Group = WorldSid; 02319 ASSERT( NT_SUCCESS(NtStatus) ); 02320 NtStatus = SamSetSecurityObject( 02321 DomainHandle, 02322 SI1, 02323 SD1 02324 ); 02325 if (NT_SUCCESS(NtStatus)) { 02326 02327 printf("Succeeded\n"); 02328 02329 } else { 02330 printf("Failed\n"); 02331 printf(" Completion status is 0x%lx\n", NtStatus); 02332 TestStatus = FALSE; 02333 } 02334 02335 02336 02337 02338 02339 // 02340 // set Group back to original value 02341 // 02342 02343 printf(" Set Group to original value . . . . . . . . . . . . . "); 02344 02345 SI1 = GROUP_SECURITY_INFORMATION; 02346 SD1 = OriginalDomainSD; 02347 NtStatus = SamSetSecurityObject( 02348 DomainHandle, 02349 SI1, 02350 SD1 02351 ); 02352 if (NT_SUCCESS(NtStatus)) { 02353 02354 printf("Succeeded\n"); 02355 02356 } else { 02357 printf("Failed\n"); 02358 printf(" Completion status is 0x%lx\n", NtStatus); 02359 TestStatus = FALSE; 02360 } 02361 } 02362 02363 02364 02365 02366 } // end Pass1 02367 02368 02369 if (Pass == 2) { 02370 02371 ACCESS_MASK AccessMask; 02372 PSID_NAME_USE LookedUpUses; 02373 PULONG LookedUpRids; 02374 UNICODE_STRING AccountNames[10]; 02375 STRING AccountNameAnsi; 02376 02377 02378 // 02379 // This pass depends upon user and group accounts established in pass #1 02380 // 02381 02382 02383 02384 02385 02386 if (AdminsAliasTest) { 02387 02388 02389 printf(" Security Manipulation (Pass #2) Test\n"); 02390 02392 // // 02393 // Query Suite // 02394 // // 02396 02397 printf("\n"); 02398 printf(" Query Security (User Object). . . . . . . . . . . . . Suite\n"); 02399 02400 02401 AccessMask = READ_CONTROL; 02402 if (SecurityOperatorTest) { 02403 AccessMask |= ACCESS_SYSTEM_SECURITY; 02404 } 02405 02406 // 02407 // Open the user created in pass #1 02408 // 02409 02410 RtlInitString( &AccountNameAnsi, USER_NAME1 ); 02411 NtStatus = RtlAnsiStringToUnicodeString( &AccountNames[0], &AccountNameAnsi, TRUE ); 02412 TST_SUCCESS_ASSERT(NtStatus); 02413 02414 NtStatus = SamLookupNamesInDomain( 02415 DomainHandle, 02416 1, 02417 &AccountNames[0], 02418 &LookedUpRids, 02419 &LookedUpUses 02420 ); 02421 RtlFreeUnicodeString( &AccountNames[0] ); 02422 TST_SUCCESS_ASSERT(NtStatus); 02423 ASSERT(LookedUpUses[0] == SidTypeUser); 02424 NtStatus = SamOpenUser( 02425 DomainHandle, 02426 AccessMask, 02427 LookedUpRids[0], 02428 &UserHandle); 02429 SamFreeMemory( LookedUpUses ); SamFreeMemory( LookedUpRids ); 02430 if (!NT_SUCCESS(NtStatus)) { 02431 printf("Failed to open user account created in pass #1\n"); 02432 } 02433 TST_SUCCESS_ASSERT(NT_SUCCESS(NtStatus)); 02434 02435 02436 02437 // 02438 // Get user's original SD 02439 // 02440 02441 SI1 |= OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | 02442 DACL_SECURITY_INFORMATION; 02443 if (SecurityOperatorTest) { 02444 SI1 |= SACL_SECURITY_INFORMATION; 02445 } 02446 02447 printf(" Query User Security Descriptor . . . . . . . . . . . "); 02448 SD1 = NULL; 02449 NtStatus = SamQuerySecurityObject( 02450 UserHandle, 02451 SI1, 02452 &SD1 02453 ); 02454 if (NT_SUCCESS(NtStatus)) { 02455 02456 TestStatus = CheckReturnedSD( SI1, SD1, TRUE ); 02457 02458 // 02459 // Normally we would do a "SamFreeMemory( SD1 )" here. 02460 // However, we want to save this SD for future reference 02461 // and use. 02462 // 02463 02464 OriginalUserSD = SD1; 02465 02466 } else { 02467 printf("Failed\n"); 02468 printf(" Completion status is 0x%lx\n", NtStatus); 02469 TestStatus = FALSE; 02470 } 02471 02472 02473 02474 02475 02476 NtStatus = SamCloseHandle( UserHandle ); 02477 TST_SUCCESS_ASSERT( UserHandle ); 02478 02479 02480 02482 // // 02483 // Set Suite // 02484 // // 02486 02487 printf("\n"); 02488 printf(" Set Security (User Object) . . . . . . . . . . . . . Suite\n"); 02489 02490 AccessMask = WRITE_DAC | WRITE_OWNER; 02491 if (SecurityOperatorTest) { 02492 AccessMask |= ACCESS_SYSTEM_SECURITY; 02493 } 02494 02495 // 02496 // Open the user created in pass #1 02497 // 02498 02499 RtlInitString( &AccountNameAnsi, USER_NAME1 ); 02500 NtStatus = RtlAnsiStringToUnicodeString( &AccountNames[0], &AccountNameAnsi, TRUE ); 02501 TST_SUCCESS_ASSERT(NtStatus); 02502 02503 NtStatus = SamLookupNamesInDomain( 02504 DomainHandle, 02505 1, 02506 &AccountNames[0], 02507 &LookedUpRids, 02508 &LookedUpUses 02509 ); 02510 RtlFreeUnicodeString( &AccountNames[0] ); 02511 TST_SUCCESS_ASSERT(NtStatus); 02512 ASSERT(LookedUpUses[0] == SidTypeUser); 02513 NtStatus = SamOpenUser( 02514 DomainHandle, 02515 AccessMask, 02516 LookedUpRids[0], 02517 &UserHandle); 02518 SamFreeMemory( LookedUpUses ); SamFreeMemory( LookedUpRids ); 02519 if (!NT_SUCCESS(NtStatus)) { 02520 printf("Failed to open user account created in pass #1\n"); 02521 } 02522 TST_SUCCESS_ASSERT(NT_SUCCESS(NtStatus)); 02523 02524 02525 // 02526 // Make sure we can set nothing 02527 // 02528 02529 printf(" Set Nothing . . . . . . . . . . . . . . . . . . . . . "); 02530 02531 SI1 = 0; 02532 SD1 = &SD1_Body; 02533 NtStatus = RtlCreateSecurityDescriptor( SD1, SECURITY_DESCRIPTOR_REVISION1 ); 02534 ASSERT( NT_SUCCESS(NtStatus) ); 02535 NtStatus = SamSetSecurityObject( 02536 UserHandle, 02537 SI1, // <------ This is invalid 02538 SD1 02539 ); 02540 if (NtStatus == STATUS_INVALID_PARAMETER) { 02541 02542 printf("Succeeded\n"); 02543 02544 } else { 02545 printf("Failed\n"); 02546 printf(" Completion status is 0x%lx\n", NtStatus); 02547 TestStatus = FALSE; 02548 } 02549 02550 02551 02552 02553 02554 02555 // 02556 // set something not passed 02557 // 02558 02559 printf(" Set something not passed. . . . . . . . . . . . . . . "); 02560 02561 SI1 = GROUP_SECURITY_INFORMATION; 02562 SD1 = &SD1_Body; 02563 NtStatus = RtlCreateSecurityDescriptor( SD1, SECURITY_DESCRIPTOR_REVISION1 ); 02564 ASSERT( NT_SUCCESS(NtStatus) ); 02565 NtStatus = SamSetSecurityObject( 02566 UserHandle, 02567 SI1, 02568 SD1 02569 ); 02570 if (NtStatus == STATUS_BAD_DESCRIPTOR_FORMAT) { 02571 02572 printf("Succeeded\n"); 02573 02574 } else { 02575 printf("Failed\n"); 02576 printf(" Completion status is 0x%lx\n", NtStatus); 02577 TestStatus = FALSE; 02578 } 02579 02580 02581 02582 02583 02584 02585 02586 02587 printf(" Set non-existant DACL . . . . . . . . . . . . . . . . "); 02588 02589 SI1 = DACL_SECURITY_INFORMATION; 02590 SD1 = &SD1_Body; 02591 NtStatus = RtlCreateSecurityDescriptor( SD1, SECURITY_DESCRIPTOR_REVISION1 ); 02592 SD1_Body.Control = SE_DACL_PRESENT; 02593 ASSERT( NT_SUCCESS(NtStatus) ); 02594 NtStatus = SamSetSecurityObject( 02595 UserHandle, 02596 SI1, 02597 SD1 02598 ); 02599 if (NT_SUCCESS(NtStatus)) { 02600 02601 printf("Succeeded\n"); 02602 02603 } else { 02604 printf("Failed\n"); 02605 printf(" Completion status is 0x%lx\n", NtStatus); 02606 TestStatus = FALSE; 02607 } 02608 02609 02610 02611 02612 02613 02614 // 02615 // set original DACL (From original SD) 02616 // 02617 02618 02619 printf(" Set original DACL . . . . . . . . . . . . . . . . . . "); 02620 02621 SI1 = DACL_SECURITY_INFORMATION; 02622 SD1 = OriginalUserSD; 02623 NtStatus = SamSetSecurityObject( 02624 UserHandle, 02625 SI1, 02626 SD1 02627 ); 02628 if (NT_SUCCESS(NtStatus)) { 02629 02630 printf("Succeeded\n"); 02631 02632 } else { 02633 printf("Failed\n"); 02634 printf(" Completion status is 0x%lx\n", NtStatus); 02635 TestStatus = FALSE; 02636 } 02637 02638 02639 02640 02641 02642 02643 02644 NtStatus = SamCloseHandle( UserHandle ); 02645 TST_SUCCESS_ASSERT( UserHandle ); 02646 02647 02648 02649 } 02650 02651 DBG_UNREFERENCED_LOCAL_VARIABLE( GroupHandle ); 02652 DBG_UNREFERENCED_LOCAL_VARIABLE( OriginalGroupSD ); 02653 } 02654 02655 02656 02657 02658 02659 return TestStatus; 02660 } 02661 02662 02663 BOOLEAN 02664 CheckReturnedSD( 02665 IN SECURITY_INFORMATION SI, 02666 IN PSECURITY_DESCRIPTOR SD, 02667 IN BOOLEAN PrintTestSuccess 02668 ) 02669 02670 02671 { 02672 NTSTATUS NtStatus; 02673 02674 BOOLEAN Failed = FALSE, 02675 IgnoreBoolean, 02676 AclPresent, 02677 TestStatus = TRUE; 02678 02679 PSID SID; 02680 PACL ACL; 02681 02682 02683 02684 // 02685 // Check a returned security descriptor agains the information requested. 02686 // 02687 02688 if (SD == NULL) { 02689 TestStatus = FALSE; 02690 if (PrintTestSuccess) { 02691 printf("Failed\n"); 02692 Failed = TRUE; 02693 printf(" The SecurityDescriptor return address was not properly\n"); 02694 printf(" set.\n"); 02695 } 02696 } 02697 02698 02699 if (TestStatus) { 02700 02701 // 02702 // Check owner 02703 // 02704 02705 NtStatus = RtlGetOwnerSecurityDescriptor ( SD, &SID, &IgnoreBoolean); 02706 ASSERT(NT_SUCCESS(NtStatus)); 02707 if (SI & OWNER_SECURITY_INFORMATION) { 02708 if (SID == NULL) { 02709 if (PrintTestSuccess) { 02710 if (!Failed) { 02711 printf("Failed\n"); 02712 printf(" Security descriptor address is 0x%lx\n", SD ); 02713 Failed = TRUE; 02714 } 02715 printf(" An owner was requested but the owner field of the\n"); 02716 printf(" security descriptor is not set.\n"); 02717 TestStatus = FALSE; 02718 02719 } 02720 } 02721 } else { // Owner not specified 02722 if (SID != NULL) { 02723 if (PrintTestSuccess) { 02724 if (!Failed) { 02725 printf("Failed\n"); 02726 printf(" Security descriptor address is 0x%lx\n", SD ); 02727 Failed = TRUE; 02728 } 02729 printf(" An owner was not requested but the owner field of the\n"); 02730 printf(" security descriptor is set.\n"); 02731 TestStatus = FALSE; 02732 } 02733 } 02734 } 02735 02736 02737 02738 02739 // 02740 // Check group 02741 // 02742 02743 NtStatus = RtlGetGroupSecurityDescriptor ( SD, &SID, &IgnoreBoolean); 02744 ASSERT(NT_SUCCESS(NtStatus)); 02745 if (SI & GROUP_SECURITY_INFORMATION) { 02746 if (SID == NULL) { 02747 if (PrintTestSuccess) { 02748 if (!Failed) { 02749 printf("Failed\n"); 02750 printf(" Security descriptor address is 0x%lx\n", SD ); 02751 Failed = TRUE; 02752 } 02753 printf(" A group was requested but the group field of the\n"); 02754 printf(" security descriptor is not set.\n"); 02755 TestStatus = FALSE; 02756 02757 } 02758 } 02759 } else { // Group not specified 02760 if (SID != NULL) { 02761 if (PrintTestSuccess) { 02762 if (!Failed) { 02763 printf("Failed\n"); 02764 printf(" Security descriptor address is 0x%lx\n", SD ); 02765 Failed = TRUE; 02766 } 02767 printf(" A group was not requested but the group field of the\n"); 02768 printf(" security descriptor is set.\n"); 02769 TestStatus = FALSE; 02770 } 02771 } 02772 } 02773 02774 02775 02776 02777 // 02778 // Check sacl 02779 // 02780 02781 NtStatus = RtlGetSaclSecurityDescriptor ( SD, &AclPresent, &ACL, &IgnoreBoolean); 02782 ASSERT(NT_SUCCESS(NtStatus)); 02783 if (SI & SACL_SECURITY_INFORMATION) { 02784 if (!AclPresent) { 02785 if (PrintTestSuccess) { 02786 if (!Failed) { 02787 printf("Failed\n"); 02788 printf(" Security descriptor address is 0x%lx\n", SD ); 02789 Failed = TRUE; 02790 } 02791 printf(" An SACL was requested but the SaclPresent flag\n"); 02792 printf(" of the security descriptor is not set.\n"); 02793 TestStatus = FALSE; 02794 02795 } 02796 } 02797 } else { // sacl not specified 02798 if (AclPresent) { 02799 if (PrintTestSuccess) { 02800 if (!Failed) { 02801 printf("Failed\n"); 02802 printf(" Security descriptor address is 0x%lx\n", SD ); 02803 Failed = TRUE; 02804 } 02805 printf(" An SACL was not requested but the SaclPresent flag\n"); 02806 printf(" of the security descriptor is set.\n"); 02807 TestStatus = FALSE; 02808 } 02809 } 02810 } 02811 02812 02813 02814 02815 02816 // 02817 // Check Dacl 02818 // 02819 02820 NtStatus = RtlGetDaclSecurityDescriptor ( SD, &AclPresent, &ACL, &IgnoreBoolean); 02821 ASSERT(NT_SUCCESS(NtStatus)); 02822 if (SI & DACL_SECURITY_INFORMATION) { 02823 if (!AclPresent) { 02824 if (PrintTestSuccess) { 02825 if (!Failed) { 02826 printf("Failed\n"); 02827 printf(" Security descriptor address is 0x%lx\n", SD ); 02828 Failed = TRUE; 02829 } 02830 printf(" A DACL was requested but the DaclPresent flag\n"); 02831 printf(" of the security descriptor is not set.\n"); 02832 TestStatus = FALSE; 02833 02834 } 02835 } 02836 } else { // Dacl not specified 02837 if (AclPresent) { 02838 if (PrintTestSuccess) { 02839 if (!Failed) { 02840 printf("Failed\n"); 02841 printf(" Security descriptor address is 0x%lx\n", SD ); 02842 Failed = TRUE; 02843 } 02844 printf(" A DACL was not requested but the DaclPresent flag\n"); 02845 printf(" of the security descriptor is set.\n"); 02846 TestStatus = FALSE; 02847 } 02848 } 02849 } 02850 02851 02852 02853 02854 02855 } 02856 02857 02858 02859 02860 if (PrintTestSuccess) { 02861 if (TestStatus) { 02862 printf("Succeeded\n"); 02863 } 02864 } 02865 02866 02867 02868 return(TestStatus); 02869 } 02870 02871 02873 // // 02874 // Domain Object Test Suite // 02875 // // 02877 02878 02879 BOOLEAN 02880 DomainTestSuite( 02881 HANDLE DomainHandle 02882 ) 02883 { 02884 02885 BOOLEAN TestStatus = TRUE; 02886 NTSTATUS NtStatus, IgnoreStatus; 02887 PVOID Buffer, Buffer1, Buffer2; 02888 CHAR UnusedBuffer[20]; 02889 UNICODE_STRING AccountName; 02890 STRING AccountNameAnsi; 02891 HANDLE GroupHandle = NULL; 02892 HANDLE AliasHandle = NULL; 02893 HANDLE UserHandle = NULL; 02894 HANDLE ValidUserHandle = NULL; 02895 ULONG GroupRid, AliasRid, UserRid, SavedGroupRid, SavedAliasRid, AccountCount, i; 02896 SAM_ENUMERATE_HANDLE EnumerationContext; 02897 ULONG CountReturned; 02898 USHORT NameLength; 02899 PUNICODE_STRING LookedUpNames; 02900 PSID_NAME_USE LookedUpUses; 02901 PULONG LookedUpRids; 02902 02903 02904 printf("\n"); 02905 printf("\n"); 02906 printf("\n"); 02907 printf(" Domain Test\n"); 02908 02910 // // 02911 // Query Suite // 02912 // // 02914 02915 printf("\n"); 02916 printf(" Query Information . . . . . . . . . . . . . . . . . . Suite\n"); 02917 02918 02919 // 02920 // Make sure the wrapper doesn't choke on a non-null pointer being passed 02921 // (assuming we have allocated memory). 02922 // 02923 02924 printf(" Query Buffer Allocation Test . . . . . . . . . . . . "); 02925 02926 Buffer = &UnusedBuffer[0]; 02927 NtStatus = SamQueryInformationDomain( 02928 DomainHandle, 02929 DomainStateInformation, 02930 &Buffer 02931 ); 02932 if (NT_SUCCESS(NtStatus)) { 02933 if (Buffer != &UnusedBuffer[0]) { 02934 if (Buffer != NULL) { 02935 printf("Succeeded\n"); 02936 SamFreeMemory( Buffer ); 02937 } else { 02938 printf("Failed\n"); 02939 printf(" Buffer address not set on return.\n"); 02940 printf(" RPC should have allocated a buffer.\n"); 02941 TestStatus = FALSE; 02942 } 02943 } else { 02944 printf("Failed\n"); 02945 printf(" Passed buffer address used on return.\n"); 02946 printf(" RPC should have allocated another buffer.\n"); 02947 TestStatus = FALSE; 02948 } 02949 } else { 02950 printf("Failed\n"); 02951 printf(" Completion status is 0x%lx\n", NtStatus); 02952 TestStatus = FALSE; 02953 } 02954 02955 02956 // 02957 // Query all the fixed length info levels 02958 // Query - Password, Logoff, ServerRole, DomainState, ModifiedCount, LockoutInfo 02959 // 02960 02961 printf(" Query DomainState . . . . . . . . . . . . . . . . . . "); 02962 02963 NtStatus = SamQueryInformationDomain( 02964 DomainHandle, 02965 DomainStateInformation, 02966 &Buffer 02967 ); 02968 if (NT_SUCCESS(NtStatus)) { 02969 if (Buffer != NULL) { 02970 printf("Succeeded\n"); 02971 SamFreeMemory( Buffer ); 02972 } else { 02973 printf("Failed\n"); 02974 printf(" Buffer address not set on return.\n"); 02975 printf(" RPC should have allocated a buffer.\n"); 02976 TestStatus = FALSE; 02977 } 02978 } else { 02979 printf("Failed\n"); 02980 printf(" Completion status is 0x%lx\n", NtStatus); 02981 TestStatus = FALSE; 02982 02983 } 02984 02985 02986 printf(" Query ServerRole . . . . . . . . . . . . . . . . . . "); 02987 NtStatus = SamQueryInformationDomain( 02988 DomainHandle, 02989 DomainServerRoleInformation, 02990 &Buffer 02991 ); 02992 if (NT_SUCCESS(NtStatus)) { 02993 if (Buffer != NULL) { 02994 printf("Succeeded\n"); 02995 SamFreeMemory( Buffer ); 02996 } else { 02997 printf("Failed\n"); 02998 printf(" Buffer address not set on return.\n"); 02999 printf(" RPC should have allocated a buffer.\n"); 03000 TestStatus = FALSE; 03001 } 03002 } else { 03003 printf("Failed\n"); 03004 printf(" Completion status is 0x%lx\n", NtStatus); 03005 TestStatus = FALSE; 03006 03007 } 03008 03009 03010 printf(" Query Password Information . . . . . . . . . . . . . "); 03011 NtStatus = SamQueryInformationDomain( 03012 DomainHandle, 03013 DomainPasswordInformation, 03014 &Buffer 03015 ); 03016 if (NT_SUCCESS(NtStatus)) { 03017 if (Buffer != NULL) { 03018 printf("Succeeded\n"); 03019 SamFreeMemory( Buffer ); 03020 } else { 03021 printf("Failed\n"); 03022 printf(" Buffer address not set on return.\n"); 03023 printf(" RPC should have allocated a buffer.\n"); 03024 TestStatus = FALSE; 03025 } 03026 } else { 03027 printf("Failed\n"); 03028 printf(" Completion status is 0x%lx\n", NtStatus); 03029 TestStatus = FALSE; 03030 03031 } 03032 03033 03034 printf(" Query Logoff Information . . . . . . . . . . . . . . "); 03035 NtStatus = SamQueryInformationDomain( 03036 DomainHandle, 03037 DomainLogoffInformation, 03038 &Buffer 03039 ); 03040 if (NT_SUCCESS(NtStatus)) { 03041 if (Buffer != NULL) { 03042 printf("Succeeded\n"); 03043 SamFreeMemory( Buffer ); 03044 } else { 03045 printf("Failed\n"); 03046 printf(" Buffer address not set on return.\n"); 03047 printf(" RPC should have allocated a buffer.\n"); 03048 TestStatus = FALSE; 03049 } 03050 } else { 03051 printf("Failed\n"); 03052 printf(" Completion status is 0x%lx\n", NtStatus); 03053 TestStatus = FALSE; 03054 03055 } 03056 03057 03058 printf(" Query Modified . . . . . . . . . . . . . . . . . . . "); 03059 NtStatus = SamQueryInformationDomain( 03060 DomainHandle, 03061 DomainModifiedInformation, 03062 &Buffer 03063 ); 03064 if (NT_SUCCESS(NtStatus)) { 03065 if (Buffer != NULL) { 03066 printf("Succeeded\n"); 03067 SamFreeMemory( Buffer ); 03068 } else { 03069 printf("Failed\n"); 03070 printf(" Buffer address not set on return.\n"); 03071 printf(" RPC should have allocated a buffer.\n"); 03072 TestStatus = FALSE; 03073 } 03074 } else { 03075 printf("Failed\n"); 03076 printf(" Completion status is 0x%lx\n", NtStatus); 03077 TestStatus = FALSE; 03078 03079 } 03080 03081 03082 printf(" Query Lockout . . . . . . . . . . . . . . . . . . . . "); 03083 NtStatus = SamQueryInformationDomain( 03084 DomainHandle, 03085 DomainLockoutInformation, 03086 &Buffer 03087 ); 03088 if (NT_SUCCESS(NtStatus)) { 03089 if (Buffer != NULL) { 03090 printf("Succeeded\n"); 03091 SamFreeMemory( Buffer ); 03092 } else { 03093 printf("Failed\n"); 03094 printf(" Buffer address not set on return.\n"); 03095 printf(" RPC should have allocated a buffer.\n"); 03096 TestStatus = FALSE; 03097 } 03098 } else { 03099 printf("Failed\n"); 03100 printf(" Completion status is 0x%lx\n", NtStatus); 03101 TestStatus = FALSE; 03102 03103 } 03104 03105 03106 03107 03108 03109 // 03110 // Query the name of the domain ... 03111 // 03112 03113 printf(" Query Domain Name . . . . . . . . . . . . . . . . . . "); 03114 03115 Buffer = NULL; 03116 NtStatus = SamQueryInformationDomain( 03117 DomainHandle, 03118 DomainNameInformation, 03119 &Buffer 03120 ); 03121 if (NT_SUCCESS(NtStatus)) { 03122 if (Buffer != NULL) { 03123 if ( (((DOMAIN_NAME_INFORMATION *)Buffer)->DomainName.MaximumLength > 0) && 03124 (((DOMAIN_NAME_INFORMATION *)Buffer)->DomainName.Buffer != NULL) ) { 03125 03126 printf("Succeeded\n"); 03127 03128 } else { 03129 printf("Failed\n"); 03130 printf(" String body returned and allocated,\n"); 03131 printf(" but character buffer pointer is NULL.\n"); 03132 TestStatus = FALSE; 03133 } 03134 SamFreeMemory( Buffer ); 03135 } else { 03136 printf("Failed\n"); 03137 printf(" Buffer address not set on return.\n"); 03138 printf(" RPC should have allocated a buffer.\n"); 03139 TestStatus = FALSE; 03140 } 03141 } else { 03142 printf("Failed\n"); 03143 printf(" Completion status is 0x%lx\n", NtStatus); 03144 TestStatus = FALSE; 03145 } 03146 03147 03148 03149 // 03150 // Query whatever is in the OEM Information field ... 03151 // 03152 03153 printf(" Query OEM Information . . . . . . . . . . . . . . . . "); 03154 03155 Buffer = NULL; 03156 NtStatus = SamQueryInformationDomain( 03157 DomainHandle, 03158 DomainOemInformation, 03159 &Buffer 03160 ); 03161 if (NT_SUCCESS(NtStatus)) { 03162 if (Buffer != NULL) { 03163 if ( (((DOMAIN_OEM_INFORMATION *)Buffer)->OemInformation.MaximumLength >= 0) && 03164 (((DOMAIN_OEM_INFORMATION *)Buffer)->OemInformation.Buffer != NULL) ) { 03165 03166 printf("Succeeded\n"); 03167 03168 } else { 03169 printf("Failed\n"); 03170 printf(" String body returned and allocated,\n"); 03171 printf(" but character buffer pointer is NULL.\n"); 03172 TestStatus = FALSE; 03173 } 03174 SamFreeMemory( Buffer ); 03175 } else { 03176 printf("Failed\n"); 03177 printf(" Buffer address not set on return.\n"); 03178 printf(" RPC should have allocated a buffer.\n"); 03179 TestStatus = FALSE; 03180 } 03181 } else { 03182 printf("Failed\n"); 03183 printf(" Completion status is 0x%lx\n", NtStatus); 03184 TestStatus = FALSE; 03185 } 03186 03187 03188 03189 // 03190 // Query whatever is in the Replication Information field ... 03191 // 03192 03193 printf(" Query Replication Information . . . . . . . . . . . . "); 03194 03195 Buffer = NULL; 03196 NtStatus = SamQueryInformationDomain( 03197 DomainHandle, 03198 DomainReplicationInformation, 03199 &Buffer 03200 ); 03201 if (NT_SUCCESS(NtStatus)) { 03202 if (Buffer != NULL) { 03203 if ( (((DOMAIN_REPLICATION_INFORMATION *)Buffer)->ReplicaSourceNodeName.MaximumLength >= 0) && 03204 (((DOMAIN_REPLICATION_INFORMATION *)Buffer)->ReplicaSourceNodeName.Buffer != NULL) ) { 03205 03206 printf("Succeeded\n"); 03207 03208 } else { 03209 printf("Failed\n"); 03210 printf(" String body returned and allocated,\n"); 03211 printf(" but character buffer pointer is NULL.\n"); 03212 TestStatus = FALSE; 03213 } 03214 SamFreeMemory( Buffer ); 03215 } else { 03216 printf("Failed\n"); 03217 printf(" Buffer address not set on return.\n"); 03218 printf(" RPC should have allocated a buffer.\n"); 03219 TestStatus = FALSE; 03220 } 03221 } else { 03222 printf("Failed\n"); 03223 printf(" Completion status is 0x%lx\n", NtStatus); 03224 TestStatus = FALSE; 03225 } 03226 03227 03228 03229 // 03230 // Query domain general Information... 03231 // 03232 03233 printf(" Query General Information . . . . . . . . . . . . . . "); 03234 03235 Buffer = NULL; 03236 NtStatus = SamQueryInformationDomain( 03237 DomainHandle, 03238 DomainGeneralInformation, 03239 &Buffer 03240 ); 03241 if (NT_SUCCESS(NtStatus)) { 03242 if (Buffer != NULL) { 03243 03244 printf("Succeeded\n"); 03245 printf(" Number of Users is: 0x%lx\n", 03246 ((DOMAIN_GENERAL_INFORMATION *)Buffer)->UserCount ); 03247 printf(" Number of groups is: 0x%lx\n", 03248 ((DOMAIN_GENERAL_INFORMATION *)Buffer)->GroupCount); 03249 printf(" Number of aliases is: 0x%lx\n", 03250 ((DOMAIN_GENERAL_INFORMATION *)Buffer)->AliasCount); 03251 03252 03253 SamFreeMemory( Buffer ); 03254 03255 } else { 03256 printf("Failed\n"); 03257 printf(" Buffer address not set on return.\n"); 03258 printf(" RPC should have allocated a buffer.\n"); 03259 TestStatus = FALSE; 03260 } 03261 } else { 03262 printf("Failed\n"); 03263 printf(" Completion status is 0x%lx\n", NtStatus); 03264 TestStatus = FALSE; 03265 } 03266 03267 03268 03269 // 03270 // Query domain general Information... 03271 // 03272 03273 printf(" Query General Information 2 . . . . . . . . . . . . . "); 03274 03275 Buffer = NULL; 03276 NtStatus = SamQueryInformationDomain( 03277 DomainHandle, 03278 DomainGeneralInformation2, 03279 &Buffer 03280 ); 03281 if (NT_SUCCESS(NtStatus)) { 03282 if (Buffer != NULL) { 03283 03284 printf("Succeeded\n"); 03285 printf(" Number of Users is: 0x%lx\n", 03286 ((DOMAIN_GENERAL_INFORMATION2 *)Buffer)->I1.UserCount ); 03287 printf(" Number of groups is: 0x%lx\n", 03288 ((DOMAIN_GENERAL_INFORMATION2 *)Buffer)->I1.GroupCount); 03289 printf(" Number of aliases is: 0x%lx\n", 03290 ((DOMAIN_GENERAL_INFORMATION2 *)Buffer)->I1.AliasCount); 03291 03292 03293 SamFreeMemory( Buffer ); 03294 03295 } else { 03296 printf("Failed\n"); 03297 printf(" Buffer address not set on return.\n"); 03298 printf(" RPC should have allocated a buffer.\n"); 03299 TestStatus = FALSE; 03300 } 03301 } else { 03302 printf("Failed\n"); 03303 printf(" Completion status is 0x%lx\n", NtStatus); 03304 TestStatus = FALSE; 03305 } 03306 03307 03308 03309 03310 03311 03312 03313 03315 // // 03316 // Set Suite // 03317 // // 03319 03320 printf(" Set Information . . . . . . . . . . . . . . . . . . . Suite\n"); 03321 03322 // 03323 // Set all the fixed length info levels 03324 // - Password, Logoff, ServerRole, DomainState, ModifiedCount 03325 // 03326 03327 /* 03328 * CANT TEST SERVER STATE SETTING WITHOUT BREAKING THE REST OF THE TEST. 03329 * THE REASON IS, ONCE THE STATE IS CHANGED, NOTHING ELSE CAN BE DONE. 03330 * 03331 * printf(" Set DomainState . . . . . . . . . . . . . . . . . . . "); 03332 * 03333 * // 03334 * // Get the current value... 03335 * // 03336 * 03337 * NtStatus = SamQueryInformationDomain( 03338 * DomainHandle, 03339 * DomainStateInformation, 03340 * &Buffer1 03341 * ); 03342 * ASSERT( NT_SUCCESS(NtStatus) ); 03343 * 03344 * // 03345 * // Change the field to a new value and write it out. 03346 * // 03347 * 03348 * if ( ((DOMAIN_STATE_INFORMATION *)Buffer1)->DomainServerState == 03349 * DomainServerEnabled ) { 03350 * ((DOMAIN_STATE_INFORMATION *)Buffer1)->DomainServerState = 03351 * DomainServerDisabled; 03352 * } else { 03353 * ((DOMAIN_STATE_INFORMATION *)Buffer1)->DomainServerState = 03354 * DomainServerEnabled; 03355 * } 03356 * 03357 * NtStatus = SamSetInformationDomain( 03358 * DomainHandle, 03359 * DomainStateInformation, 03360 * Buffer1 03361 * ); 03362 * if ( NT_SUCCESS(NtStatus) ) { 03363 * 03364 * // 03365 * // Now check that the change was really made... 03366 * // 03367 * 03368 * NtStatus = SamQueryInformationDomain( 03369 * DomainHandle, 03370 * DomainStateInformation, 03371 * &Buffer2 03372 * ); 03373 * ASSERT(NT_SUCCESS( NtStatus ) ); 03374 * if (((DOMAIN_STATE_INFORMATION *)Buffer1)->DomainServerState == 03375 * ((DOMAIN_STATE_INFORMATION *)Buffer2)->DomainServerState ) { 03376 * 03377 * printf("Succeeded\n"); 03378 * 03379 * } else { 03380 * 03381 * printf("Failed\n"); 03382 * printf(" Value queried doesn't match value written\n"); 03383 * printf(" Value Written is 0x%lx\n", 03384 * (ULONG)((DOMAIN_STATE_INFORMATION *)Buffer1)->DomainServerState); 03385 * printf(" Value Retrieved is 0x%lx\n", 03386 * (ULONG)((DOMAIN_STATE_INFORMATION *)Buffer2)->DomainServerState); 03387 * 03388 * TestStatus = FALSE; 03389 * 03390 * } 03391 * 03392 * SamFreeMemory( Buffer1 ); 03393 * SamFreeMemory( Buffer2 ); 03394 * 03395 * } else { 03396 * printf("Failed\n"); 03397 * printf(" Completion status is 0x%lx\n", NtStatus); 03398 * TestStatus = FALSE; 03399 * SamFreeMemory( Buffer1 ); 03400 * 03401 * } 03402 */ 03403 03404 03405 03406 /* 03407 * CANT TEST SERVER ROLE SETTING WITHOUT BREAKING THE REST OF THE TEST. 03408 * THE REASON IS, ONCE THE ROLE IS SET TO BACKUP, NOTHING ELSE CAN BE 03409 * SET. 03410 * 03411 * printf(" Set ServerRole . . . . . . . . . . . . . . . . . . . "); 03412 * 03413 * // 03414 * // Get the current value... 03415 * // 03416 * 03417 * NtStatus = SamQueryInformationDomain( 03418 * DomainHandle, 03419 * DomainServerRoleInformation, 03420 * &Buffer1 03421 * ); 03422 * ASSERT( NT_SUCCESS(NtStatus) ); 03423 * 03424 * // 03425 * // Change the field to a new value and write it out. 03426 * // 03427 * 03428 * if ( ((DOMAIN_SERVER_ROLE_INFORMATION *)Buffer1)->DomainServerRole == 03429 * DomainServerRolePrimary ) { 03430 * ((DOMAIN_SERVER_ROLE_INFORMATION *)Buffer1)->DomainServerRole = 03431 * DomainServerRoleBackup; 03432 * } else { 03433 * ((DOMAIN_SERVER_ROLE_INFORMATION *)Buffer1)->DomainServerRole = 03434 * DomainServerRolePrimary; 03435 * } 03436 * 03437 * NtStatus = SamSetInformationDomain( 03438 * DomainHandle, 03439 * DomainServerRoleInformation, 03440 * Buffer1 03441 * ); 03442 * if ( NT_SUCCESS(NtStatus) ) { 03443 * 03444 * // 03445 * // Now check that the change was really made... 03446 * // 03447 * 03448 * NtStatus = SamQueryInformationDomain( 03449 * DomainHandle, 03450 * DomainServerRoleInformation, 03451 * &Buffer2 03452 * ); 03453 * ASSERT(NT_SUCCESS( NtStatus ) ); 03454 * if (((DOMAIN_SERVER_ROLE_INFORMATION *)Buffer1)->DomainServerRole == 03455 * ((DOMAIN_SERVER_ROLE_INFORMATION *)Buffer2)->DomainServerRole ) { 03456 * 03457 * printf("Succeeded\n"); 03458 * 03459 * } else { 03460 * 03461 * printf("Failed\n"); 03462 * printf(" Value queried doesn't match value written\n"); 03463 * printf(" Value Written is 0x%lx\n", 03464 * (ULONG)((DOMAIN_SERVER_ROLE_INFORMATION *)Buffer1)->DomainServerRole); 03465 * printf(" Value Retrieved is 0x%lx\n", 03466 * (ULONG)((DOMAIN_SERVER_ROLE_INFORMATION *)Buffer2)->DomainServerRole); 03467 * 03468 * TestStatus = FALSE; 03469 * 03470 * } 03471 * 03472 * SamFreeMemory( Buffer1 ); 03473 * SamFreeMemory( Buffer2 ); 03474 * 03475 * } else { 03476 * printf("Failed\n"); 03477 * printf(" Completion status is 0x%lx\n", NtStatus); 03478 * TestStatus = FALSE; 03479 * SamFreeMemory( Buffer1 ); 03480 * 03481 * } 03482 */ 03483 03484 03485 03486 printf(" Set Password Information . . . . . . . . . . . . . . "); 03487 03488 03489 // 03490 // Get the current value... 03491 // 03492 03493 NtStatus = SamQueryInformationDomain( 03494 DomainHandle, 03495 DomainPasswordInformation, 03496 &Buffer1 03497 ); 03498 ASSERT( NT_SUCCESS(NtStatus) ); 03499 03500 // 03501 // Change a field to a new value and write it out. 03502 // 03503 03504 if ( ((DOMAIN_PASSWORD_INFORMATION *)Buffer1)->MinPasswordLength == 0 ) { 03505 ((DOMAIN_PASSWORD_INFORMATION *)Buffer1)->MinPasswordLength = 6; 03506 } else { 03507 ((DOMAIN_PASSWORD_INFORMATION *)Buffer1)->MinPasswordLength = 0; 03508 } 03509 03510 // 03511 // Set PasswordProperties to COMPLEX so that tests run after this one 03512 // are a little more interesting. 03513 // 03514 03515 ((DOMAIN_PASSWORD_INFORMATION *)Buffer1)->PasswordProperties |= DOMAIN_PASSWORD_COMPLEX; 03516 03517 NtStatus = SamSetInformationDomain( 03518 DomainHandle, 03519 DomainPasswordInformation, 03520 Buffer1 03521 ); 03522 if ( NT_SUCCESS(NtStatus) ) { 03523 03524 // 03525 // Now check that the change was really made... 03526 // 03527 03528 NtStatus = SamQueryInformationDomain( 03529 DomainHandle, 03530 DomainPasswordInformation, 03531 &Buffer2 03532 ); 03533 ASSERT(NT_SUCCESS( NtStatus ) ); 03534 if (((DOMAIN_PASSWORD_INFORMATION *)Buffer1)->MinPasswordLength == 03535 ((DOMAIN_PASSWORD_INFORMATION *)Buffer2)->MinPasswordLength ) { 03536 03537 printf("Succeeded\n"); 03538 03539 } else { 03540 03541 printf("Failed\n"); 03542 printf(" Value queried doesn't match value written\n"); 03543 printf(" Value Written is 0x%lx\n", 03544 (ULONG)((DOMAIN_PASSWORD_INFORMATION *)Buffer1)->MinPasswordLength); 03545 printf(" Value Retrieved is 0x%lx\n", 03546 (ULONG)((DOMAIN_PASSWORD_INFORMATION *)Buffer2)->MinPasswordLength); 03547 03548 TestStatus = FALSE; 03549 03550 } 03551 03552 SamFreeMemory( Buffer1 ); 03553 SamFreeMemory( Buffer2 ); 03554 03555 } else { 03556 printf("Failed\n"); 03557 printf(" Completion status is 0x%lx\n", NtStatus); 03558 TestStatus = FALSE; 03559 SamFreeMemory( Buffer1 ); 03560 03561 } 03562 03563 03564 03565 printf(" Set Logoff Information . . . . . . . . . . . . . . . "); 03566 03567 // 03568 // Get the current value... 03569 // 03570 03571 NtStatus = SamQueryInformationDomain( 03572 DomainHandle, 03573 DomainLogoffInformation, 03574 &Buffer1 03575 ); 03576 ASSERT( NT_SUCCESS(NtStatus) ); 03577 03578 // 03579 // Change the field to a new value and write it out. 03580 // 03581 03582 if ( ((DOMAIN_LOGOFF_INFORMATION *)Buffer1)->ForceLogoff.LowPart == 0 ) { 03583 ((DOMAIN_LOGOFF_INFORMATION *)Buffer1)->ForceLogoff.LowPart = 1000; 03584 } else { 03585 ((DOMAIN_LOGOFF_INFORMATION *)Buffer1)->ForceLogoff.LowPart = 0; 03586 } 03587 03588 NtStatus = SamSetInformationDomain( 03589 DomainHandle, 03590 DomainLogoffInformation, 03591 Buffer1 03592 ); 03593 if ( NT_SUCCESS(NtStatus) ) { 03594 03595 // 03596 // Now check that the change was really made... 03597 // 03598 03599 NtStatus = SamQueryInformationDomain( 03600 DomainHandle, 03601 DomainLogoffInformation, 03602 &Buffer2 03603 ); 03604 ASSERT(NT_SUCCESS( NtStatus ) ); 03605 if (((DOMAIN_LOGOFF_INFORMATION *)Buffer1)->ForceLogoff.LowPart == 03606 ((DOMAIN_LOGOFF_INFORMATION *)Buffer2)->ForceLogoff.LowPart ) { 03607 03608 printf("Succeeded\n"); 03609 03610 } else { 03611 03612 printf("Failed\n"); 03613 printf(" Value queried doesn't match value written\n"); 03614 printf(" Value Written is 0x%lx\n", 03615 (ULONG)((DOMAIN_LOGOFF_INFORMATION *)Buffer1)->ForceLogoff.LowPart); 03616 printf(" Value Retrieved is 0x%lx\n", 03617 (ULONG)((DOMAIN_LOGOFF_INFORMATION *)Buffer2)->ForceLogoff.LowPart); 03618 03619 TestStatus = FALSE; 03620 03621 } 03622 03623 SamFreeMemory( Buffer1 ); 03624 SamFreeMemory( Buffer2 ); 03625 03626 } else { 03627 printf("Failed\n"); 03628 printf(" Completion status is 0x%lx\n", NtStatus); 03629 TestStatus = FALSE; 03630 SamFreeMemory( Buffer1 ); 03631 03632 } 03633 03634 03635 03636 printf(" Set Modified . . . . . . . . . . . . . . . . . . . . "); 03637 03638 03639 NtStatus = SamSetInformationDomain( 03640 DomainHandle, 03641 DomainModifiedInformation, 03642 &LargeInteger1 03643 ); 03644 03645 if (NtStatus != STATUS_INVALID_INFO_CLASS) { 03646 03647 printf("Failed\n"); 03648 printf(" Completion status is 0x%lx\n", NtStatus); 03649 TestStatus = FALSE; 03650 } else { 03651 printf("Succeeded\n"); 03652 } 03653 03654 03655 printf(" Set Lockout Information . . . . . . . . . . . . . . . "); 03656 03657 // 03658 // Get the current value... 03659 // 03660 03661 NtStatus = SamQueryInformationDomain( 03662 DomainHandle, 03663 DomainLockoutInformation, 03664 &Buffer1 03665 ); 03666 ASSERT( NT_SUCCESS(NtStatus) ); 03667 03668 // 03669 // Change the field to a new value and write it out. 03670 // 03671 03672 if ( ((DOMAIN_LOCKOUT_INFORMATION *)Buffer1)->LockoutDuration.LowPart == 0 ) { 03673 ((DOMAIN_LOCKOUT_INFORMATION *)Buffer1)->LockoutDuration.LowPart = 9000000; 03674 } else { 03675 ((DOMAIN_LOCKOUT_INFORMATION *)Buffer1)->LockoutDuration.LowPart = 0; 03676 } 03677 if ( ((DOMAIN_LOCKOUT_INFORMATION *)Buffer1)->LockoutObservationWindow.LowPart == 0 ) { 03678 ((DOMAIN_LOCKOUT_INFORMATION *)Buffer1)->LockoutObservationWindow.LowPart = 8000000; 03679 } else { 03680 ((DOMAIN_LOCKOUT_INFORMATION *)Buffer1)->LockoutObservationWindow.LowPart = 0; 03681 } 03682 if ( ((DOMAIN_LOCKOUT_INFORMATION *)Buffer1)->LockoutThreshold == 0 ) { 03683 ((DOMAIN_LOCKOUT_INFORMATION *)Buffer1)->LockoutThreshold = 2; 03684 } else { 03685 ((DOMAIN_LOCKOUT_INFORMATION *)Buffer1)->LockoutThreshold = 0; 03686 } 03687 03688 NtStatus = SamSetInformationDomain( 03689 DomainHandle, 03690 DomainLockoutInformation, 03691 Buffer1 03692 ); 03693 if ( NT_SUCCESS(NtStatus) ) { 03694 03695 // 03696 // Now check that the change was really made... 03697 // 03698 03699 NtStatus = SamQueryInformationDomain( 03700 DomainHandle, 03701 DomainLockoutInformation, 03702 &Buffer2 03703 ); 03704 ASSERT(NT_SUCCESS( NtStatus ) ); 03705 if ( (((DOMAIN_LOCKOUT_INFORMATION *)Buffer1)->LockoutDuration.LowPart == 03706 ((DOMAIN_LOCKOUT_INFORMATION *)Buffer2)->LockoutDuration.LowPart ) && 03707 (((DOMAIN_LOCKOUT_INFORMATION *)Buffer1)->LockoutObservationWindow.LowPart == 03708 ((DOMAIN_LOCKOUT_INFORMATION *)Buffer2)->LockoutObservationWindow.LowPart ) && 03709 (((DOMAIN_LOCKOUT_INFORMATION *)Buffer1)->LockoutThreshold == 03710 ((DOMAIN_LOCKOUT_INFORMATION *)Buffer2)->LockoutThreshold ) ) { 03711 03712 printf("Succeeded\n"); 03713 03714 } else { 03715 03716 printf("Failed\n"); 03717 printf(" Value queried doesn't match value written\n"); 03718 printf(" Duration Written is 0x%lx\n", 03719 (ULONG)((DOMAIN_LOCKOUT_INFORMATION *)Buffer1)->LockoutDuration.LowPart); 03720 printf(" Duration Retrieved is 0x%lx\n", 03721 (ULONG)((DOMAIN_LOCKOUT_INFORMATION *)Buffer2)->LockoutDuration.LowPart); 03722 printf(" Window Written is 0x%lx\n", 03723 (ULONG)((DOMAIN_LOCKOUT_INFORMATION *)Buffer1)->LockoutObservationWindow.LowPart); 03724 printf(" Window Retrieved is 0x%lx\n", 03725 (ULONG)((DOMAIN_LOCKOUT_INFORMATION *)Buffer2)->LockoutObservationWindow.LowPart); 03726 printf(" Duration Written is 0x%lx\n", 03727 (ULONG)((DOMAIN_LOCKOUT_INFORMATION *)Buffer1)->LockoutThreshold); 03728 printf(" Duration Retrieved is 0x%lx\n", 03729 (ULONG)((DOMAIN_LOCKOUT_INFORMATION *)Buffer2)->LockoutThreshold); 03730 03731 TestStatus = FALSE; 03732 03733 } 03734 03735 SamFreeMemory( Buffer1 ); 03736 SamFreeMemory( Buffer2 ); 03737 03738 } else { 03739 printf("Failed\n"); 03740 printf(" Completion status is 0x%lx\n", NtStatus); 03741 TestStatus = FALSE; 03742 SamFreeMemory( Buffer1 ); 03743 03744 } 03745 03746 03747 03748 03749 printf(" Set Domain Name . . . . . . . . . . . . . . . . . . . "); 03750 03751 03752 NtStatus = SamSetInformationDomain( 03753 DomainHandle, 03754 DomainNameInformation, 03755 &DummyName1 03756 ); 03757 03758 if (NtStatus != STATUS_INVALID_INFO_CLASS) { 03759 03760 printf("Failed\n"); 03761 printf(" Completion status is 0x%lx\n", NtStatus); 03762 TestStatus = FALSE; 03763 } else { 03764 printf("Succeeded\n"); 03765 } 03766 03767 03768 printf(" Set OEM Information . . . . . . . . . . . . . . . . . "); 03769 03770 // 03771 // Get the current value... 03772 // 03773 03774 NtStatus = SamQueryInformationDomain( 03775 DomainHandle, 03776 DomainOemInformation, 03777 &Buffer1 03778 ); 03779 ASSERT( NT_SUCCESS(NtStatus) ); 03780 03781 // 03782 // Change the field to a new value and write it out. 03783 // 03784 03785 NameLength = ((DOMAIN_OEM_INFORMATION *)Buffer1)->OemInformation.Length; 03786 if ( NameLength == DummyName1.Length ) { 03787 ((DOMAIN_OEM_INFORMATION *)Buffer1)->OemInformation = DummyName2; 03788 } else { 03789 ((DOMAIN_OEM_INFORMATION *)Buffer1)->OemInformation = DummyName1; 03790 } 03791 03792 NtStatus = SamSetInformationDomain( 03793 DomainHandle, 03794 DomainOemInformation, 03795 Buffer1 03796 ); 03797 if ( NT_SUCCESS(NtStatus) ) { 03798 03799 // 03800 // Now check that the change was really made... 03801 // 03802 03803 NtStatus = SamQueryInformationDomain( 03804 DomainHandle, 03805 DomainOemInformation, 03806 &Buffer2 03807 ); 03808 ASSERT(NT_SUCCESS( NtStatus ) ); 03809 if (((DOMAIN_OEM_INFORMATION *)Buffer1)->OemInformation.Length == 03810 ((DOMAIN_OEM_INFORMATION *)Buffer2)->OemInformation.Length ) { 03811 03812 printf("Succeeded\n"); 03813 03814 } else { 03815 03816 printf("Failed\n"); 03817 printf(" Value queried doesn't match value written\n"); 03818 printf(" Value Written is 0x%lx\n", 03819 (ULONG)((DOMAIN_OEM_INFORMATION *)Buffer1)->OemInformation.Length); 03820 printf(" Value Retrieved is 0x%lx\n", 03821 (ULONG)((DOMAIN_OEM_INFORMATION *)Buffer2)->OemInformation.Length); 03822 03823 TestStatus = FALSE; 03824 03825 } 03826 03827 SamFreeMemory( Buffer1 ); 03828 SamFreeMemory( Buffer2 ); 03829 03830 } else { 03831 printf("Failed\n"); 03832 printf(" Completion status is 0x%lx\n", NtStatus); 03833 TestStatus = FALSE; 03834 SamFreeMemory( Buffer1 ); 03835 03836 } 03837 03838 03839 03840 03841 printf(" Set Replication Information . . . . . . . . . . . . . "); 03842 03843 // 03844 // Get the current value... 03845 // 03846 03847 NtStatus = SamQueryInformationDomain( 03848 DomainHandle, 03849 DomainReplicationInformation, 03850 &Buffer1 03851 ); 03852 ASSERT( NT_SUCCESS(NtStatus) ); 03853 03854 // 03855 // Change the field to a new value and write it out. 03856 // 03857 03858 NameLength = ((DOMAIN_REPLICATION_INFORMATION *)Buffer1)->ReplicaSourceNodeName.Length; 03859 if ( NameLength == DummyName1.Length ) { 03860 ((DOMAIN_REPLICATION_INFORMATION *)Buffer1)->ReplicaSourceNodeName = DummyName2; 03861 } else { 03862 ((DOMAIN_REPLICATION_INFORMATION *)Buffer1)->ReplicaSourceNodeName = DummyName1; 03863 } 03864 03865 NtStatus = SamSetInformationDomain( 03866 DomainHandle, 03867 DomainReplicationInformation, 03868 Buffer1 03869 ); 03870 if ( NT_SUCCESS(NtStatus) ) { 03871 03872 // 03873 // Now check that the change was really made... 03874 // 03875 03876 NtStatus = SamQueryInformationDomain( 03877 DomainHandle, 03878 DomainReplicationInformation, 03879 &Buffer2 03880 ); 03881 ASSERT(NT_SUCCESS( NtStatus ) ); 03882 if (((DOMAIN_REPLICATION_INFORMATION *)Buffer1)->ReplicaSourceNodeName.Length == 03883 ((DOMAIN_REPLICATION_INFORMATION *)Buffer2)->ReplicaSourceNodeName.Length ) { 03884 03885 printf("Succeeded\n"); 03886 03887 } else { 03888 03889 printf("Failed\n"); 03890 printf(" Value queried doesn't match value written\n"); 03891 printf(" Value Written is 0x%lx\n", 03892 (ULONG)((DOMAIN_REPLICATION_INFORMATION *)Buffer1)->ReplicaSourceNodeName.Length); 03893 printf(" Value Retrieved is 0x%lx\n", 03894 (ULONG)((DOMAIN_REPLICATION_INFORMATION *)Buffer2)->ReplicaSourceNodeName.Length); 03895 03896 TestStatus = FALSE; 03897 03898 } 03899 03900 SamFreeMemory( Buffer1 ); 03901 SamFreeMemory( Buffer2 ); 03902 03903 } else { 03904 printf("Failed\n"); 03905 printf(" Completion status is 0x%lx\n", NtStatus); 03906 TestStatus = FALSE; 03907 SamFreeMemory( Buffer1 ); 03908 03909 } 03910 03911 03912 03913 03915 // // 03916 // Create User/Group/Alias Suite // 03917 // // 03919 03920 printf(" Create User/Group/Alias . . . . . . . . . . . . . . . . Suite\n"); 03921 03922 03923 printf(" Create Group . . . . . . . . . . . . . . . . . . . . "); 03924 03925 RtlInitString( &AccountNameAnsi, GROUP_NAME1 ); 03926 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 03927 TST_SUCCESS_ASSERT(NtStatus); 03928 03929 03930 //InitializeObjectAttributes( &ObjectAttributes, &AccountName, 0, 0, NULL ); 03931 03932 GroupRid = 0; 03933 GroupHandle = NULL; 03934 NtStatus = SamCreateGroupInDomain( 03935 DomainHandle, 03936 &AccountName, 03937 GROUP_ALL_ACCESS, 03938 &GroupHandle, 03939 &GroupRid 03940 ); 03941 RtlFreeUnicodeString( &AccountName ); 03942 03943 if (NT_SUCCESS(NtStatus)) { 03944 if ( (GroupHandle == NULL) || (GroupRid == 0) ) { 03945 03946 printf("Failed\n"); 03947 printf(" Invalid GroupHandle or GroupRid returned.\n"); 03948 printf(" Completion status is 0x%lx\n", NtStatus); 03949 printf(" GroupHandle value is: 0x%lx\n", (ULONG)GroupHandle); 03950 printf(" GroupRid value is: 0x%lx\n", GroupRid); 03951 TestStatus = FALSE; 03952 } else { 03953 03954 printf("Succeeded\n"); 03955 SavedGroupRid = GroupRid; 03956 NtStatus = SamCloseHandle( GroupHandle ); 03957 if (!NT_SUCCESS(NtStatus)) { 03958 printf(" SamCloseHandle() completion status is: 0x%lx\n", NtStatus); 03959 } 03960 ASSERT( NT_SUCCESS(NtStatus) ); 03961 03962 } 03963 03964 } else { 03965 printf("Failed\n"); 03966 printf(" Completion status is 0x%lx\n", NtStatus); 03967 TestStatus = FALSE; 03968 } 03969 03970 03971 03972 03973 printf(" Create Duplicate Group . . . . . . . . . . . . . . . "); 03974 RtlInitString( &AccountNameAnsi, GROUP_NAME1 ); 03975 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 03976 TST_SUCCESS_ASSERT(NtStatus); 03977 03978 //InitializeObjectAttributes( &ObjectAttributes, &AccountName, 0, 0, NULL ); 03979 03980 03981 GroupRid = 0; 03982 GroupHandle = NULL; 03983 NtStatus = SamCreateGroupInDomain( 03984 DomainHandle, 03985 &AccountName, 03986 GROUP_ALL_ACCESS, 03987 &GroupHandle, 03988 &GroupRid 03989 ); 03990 RtlFreeUnicodeString( &AccountName ); 03991 03992 if (NtStatus != STATUS_GROUP_EXISTS) { 03993 03994 printf("Failed\n"); 03995 printf(" Completion status should be STATUS_GROUP_EXISTS\n"); 03996 printf(" Completion status is 0x%lx\n", NtStatus); 03997 TestStatus = FALSE; 03998 03999 } else { 04000 04001 printf("Succeeded\n"); 04002 04003 } 04004 04005 04006 04007 printf(" Create Alias . . . . . . . . . . . . . . . . . . . . "); 04008 04009 RtlInitString( &AccountNameAnsi, ALIAS_NAME1 ); 04010 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 04011 TST_SUCCESS_ASSERT(NtStatus); 04012 04013 04014 AliasRid = 0; 04015 AliasHandle = NULL; 04016 NtStatus = SamCreateAliasInDomain( 04017 DomainHandle, 04018 &AccountName, 04019 ALIAS_ALL_ACCESS, 04020 &AliasHandle, 04021 &AliasRid 04022 ); 04023 RtlFreeUnicodeString( &AccountName ); 04024 04025 if (NT_SUCCESS(NtStatus)) { 04026 if ( (AliasHandle == NULL) || (AliasRid == 0) ) { 04027 04028 printf("Failed\n"); 04029 printf(" Invalid AliasHandle or AliasRid returned.\n"); 04030 printf(" Completion status is 0x%lx\n", NtStatus); 04031 printf(" AliasHandle value is: 0x%lx\n", (ULONG)AliasHandle); 04032 printf(" AliasRid value is: 0x%lx\n", AliasRid); 04033 TestStatus = FALSE; 04034 } else { 04035 04036 printf("Succeeded\n"); 04037 SavedAliasRid = AliasRid; 04038 NtStatus = SamCloseHandle( AliasHandle ); 04039 if (!NT_SUCCESS(NtStatus)) { 04040 printf(" SamCloseHandle() completion status is: 0x%lx\n", NtStatus); 04041 } 04042 ASSERT( NT_SUCCESS(NtStatus) ); 04043 04044 04045 if (AliasRid == SavedGroupRid) { 04046 printf(" Create Group/Alias Comparison. . . . . . . . . . . . . Failed\n"); 04047 04048 printf(" Same RID assigned to new alias and group.\n"); 04049 TestStatus = FALSE; 04050 } 04051 } 04052 04053 } else { 04054 printf("Failed\n"); 04055 printf(" Completion status is 0x%lx\n", NtStatus); 04056 TestStatus = FALSE; 04057 } 04058 04059 04060 04061 04062 printf(" Create another Alias . . . . . . . . . . . . . . . . "); 04063 04064 RtlInitString( &AccountNameAnsi, ALIAS_NAME2 ); 04065 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 04066 TST_SUCCESS_ASSERT(NtStatus); 04067 04068 04069 AliasRid = 0; 04070 AliasHandle = NULL; 04071 NtStatus = SamCreateAliasInDomain( 04072 DomainHandle, 04073 &AccountName, 04074 ALIAS_ALL_ACCESS, 04075 &AliasHandle, 04076 &AliasRid 04077 ); 04078 RtlFreeUnicodeString( &AccountName ); 04079 04080 if (NT_SUCCESS(NtStatus)) { 04081 if ( (AliasHandle == NULL) || (AliasRid == 0) ) { 04082 04083 printf("Failed\n"); 04084 printf(" Invalid AliasHandle or AliasRid returned.\n"); 04085 printf(" Completion status is 0x%lx\n", NtStatus); 04086 printf(" AliasHandle value is: 0x%lx\n", (ULONG)AliasHandle); 04087 printf(" AliasRid value is: 0x%lx\n", AliasRid); 04088 TestStatus = FALSE; 04089 } else { 04090 04091 printf("Succeeded\n"); 04092 SavedAliasRid = AliasRid; 04093 NtStatus = SamCloseHandle( AliasHandle ); 04094 if (!NT_SUCCESS(NtStatus)) { 04095 printf(" SamCloseHandle() completion status is: 0x%lx\n", NtStatus); 04096 } 04097 ASSERT( NT_SUCCESS(NtStatus) ); 04098 04099 04100 if (AliasRid == SavedGroupRid) { 04101 printf(" Create Group/Alias Comparison. . . . . . . . . . . . . Failed\n"); 04102 04103 printf(" Same RID assigned to new alias and group.\n"); 04104 TestStatus = FALSE; 04105 } 04106 } 04107 04108 } else { 04109 printf("Failed\n"); 04110 printf(" Completion status is 0x%lx\n", NtStatus); 04111 TestStatus = FALSE; 04112 } 04113 04114 04115 04116 04117 printf(" Create Duplicate Alias . . . . . . . . . . . . . . . "); 04118 RtlInitString( &AccountNameAnsi, ALIAS_NAME1 ); 04119 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 04120 TST_SUCCESS_ASSERT(NtStatus); 04121 04122 04123 AliasRid = 0; 04124 AliasHandle = NULL; 04125 NtStatus = SamCreateAliasInDomain( 04126 DomainHandle, 04127 &AccountName, 04128 ALIAS_ALL_ACCESS, 04129 &AliasHandle, 04130 &AliasRid 04131 ); 04132 RtlFreeUnicodeString( &AccountName ); 04133 04134 if (NtStatus != STATUS_ALIAS_EXISTS) { 04135 04136 printf("Failed\n"); 04137 printf(" Completion status should be STATUS_ALIAS_EXISTS\n"); 04138 printf(" Completion status is 0x%lx\n", NtStatus); 04139 TestStatus = FALSE; 04140 04141 } else { 04142 04143 printf("Succeeded\n"); 04144 04145 } 04146 04147 04148 04149 04150 04151 printf(" Create User . . . . . . . . . . . . . . . . . . . . . "); 04152 04153 RtlInitString( &AccountNameAnsi, USER_NAME1 ); 04154 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 04155 TST_SUCCESS_ASSERT(NtStatus); 04156 04157 04158 UserRid = 0; 04159 UserHandle = NULL; 04160 NtStatus = SamCreateUserInDomain( 04161 DomainHandle, 04162 &AccountName, 04163 USER_ALL_ACCESS, 04164 &UserHandle, 04165 &UserRid 04166 ); 04167 RtlFreeUnicodeString( &AccountName ); 04168 04169 if (NT_SUCCESS(NtStatus)) { 04170 if ( (UserHandle == NULL) || (UserRid == 0) ) { 04171 04172 printf("Failed\n"); 04173 printf(" Invalid UserHandle or UserRid returned.\n"); 04174 printf(" Completion status is 0x%lx\n", NtStatus); 04175 printf(" UserHandle value is: 0x%lx\n", (ULONG)UserHandle); 04176 printf(" UserRid value is: 0x%lx\n", UserRid); 04177 TestStatus = FALSE; 04178 } else { 04179 04180 printf("Succeeded\n"); 04181 ValidUserHandle = UserHandle; 04182 04183 04184 if (UserRid == SavedGroupRid) { 04185 printf(" Create Group/User Comparison. . . . . . . . . . . . . Failed\n"); 04186 04187 printf(" Same RID assigned to new user and group.\n"); 04188 TestStatus = FALSE; 04189 } 04190 04191 if (UserRid == SavedAliasRid) { 04192 printf(" Create Alias/User Comparison. . . . . . . . . . . . . Failed\n"); 04193 04194 printf(" Same RID assigned to new user and alias.\n"); 04195 TestStatus = FALSE; 04196 } 04197 } 04198 04199 } else { 04200 printf("Failed\n"); 04201 printf(" Completion status is 0x%lx\n", NtStatus); 04202 TestStatus = FALSE; 04203 } 04204 04205 04206 04207 04208 04209 04210 04211 printf(" Create Duplicate User . . . . . . . . . . . . . . . . "); 04212 04213 RtlInitString( &AccountNameAnsi, USER_NAME1 ); 04214 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 04215 TST_SUCCESS_ASSERT(NtStatus); 04216 04217 04218 UserRid = 0; 04219 UserHandle = NULL; 04220 NtStatus = SamCreateUserInDomain( 04221 DomainHandle, 04222 &AccountName, 04223 USER_ALL_ACCESS, 04224 &UserHandle, 04225 &UserRid 04226 ); 04227 RtlFreeUnicodeString( &AccountName ); 04228 04229 if (NtStatus != STATUS_USER_EXISTS) { 04230 04231 printf("Failed\n"); 04232 printf(" Completion status should be STATUS_USER_EXISTS\n"); 04233 printf(" Completion status is 0x%lx\n", NtStatus); 04234 TestStatus = FALSE; 04235 04236 } else { 04237 04238 printf("Succeeded\n"); 04239 04240 } 04241 04242 04243 04244 04245 printf(" Create Group With Same Name As User . . . . . . . . . "); 04246 04247 RtlInitString( &AccountNameAnsi, USER_NAME1 ); 04248 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 04249 TST_SUCCESS_ASSERT(NtStatus); 04250 04251 04252 GroupRid = 0; 04253 GroupHandle = NULL; 04254 NtStatus = SamCreateGroupInDomain( 04255 DomainHandle, 04256 &AccountName, 04257 GROUP_ALL_ACCESS, 04258 &GroupHandle, 04259 &GroupRid 04260 ); 04261 RtlFreeUnicodeString( &AccountName ); 04262 04263 if (NtStatus != STATUS_USER_EXISTS) { 04264 04265 printf("Failed\n"); 04266 printf(" Completion status should be STATUS_USER_EXISTS\n"); 04267 printf(" Completion status is 0x%lx\n", NtStatus); 04268 TestStatus = FALSE; 04269 04270 } else { 04271 04272 printf("Succeeded\n"); 04273 04274 } 04275 04276 04277 04278 04279 printf(" Create Group With Same Name As Alias. . . . . . . . . "); 04280 04281 RtlInitString( &AccountNameAnsi, ALIAS_NAME1 ); 04282 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 04283 TST_SUCCESS_ASSERT(NtStatus); 04284 04285 04286 GroupRid = 0; 04287 GroupHandle = NULL; 04288 NtStatus = SamCreateGroupInDomain( 04289 DomainHandle, 04290 &AccountName, 04291 GROUP_ALL_ACCESS, 04292 &GroupHandle, 04293 &GroupRid 04294 ); 04295 RtlFreeUnicodeString( &AccountName ); 04296 04297 if (NtStatus != STATUS_ALIAS_EXISTS) { 04298 04299 printf("Failed\n"); 04300 printf(" Completion status should be STATUS_ALIAS_EXISTS\n"); 04301 printf(" Completion status is 0x%lx\n", NtStatus); 04302 TestStatus = FALSE; 04303 04304 } else { 04305 04306 printf("Succeeded\n"); 04307 04308 } 04309 04310 04311 04312 printf(" Create Alias With Same Name As Group. . . . . . . . . "); 04313 04314 RtlInitString( &AccountNameAnsi, GROUP_NAME1 ); 04315 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 04316 TST_SUCCESS_ASSERT(NtStatus); 04317 04318 04319 AliasRid = 0; 04320 AliasHandle = NULL; 04321 NtStatus = SamCreateAliasInDomain( 04322 DomainHandle, 04323 &AccountName, 04324 GROUP_ALL_ACCESS, 04325 &AliasHandle, 04326 &AliasRid 04327 ); 04328 RtlFreeUnicodeString( &AccountName ); 04329 04330 if (NtStatus != STATUS_GROUP_EXISTS) { 04331 04332 printf("Failed\n"); 04333 printf(" Completion status should be STATUS_GROUP_EXISTS\n"); 04334 printf(" Completion status is 0x%lx\n", NtStatus); 04335 TestStatus = FALSE; 04336 04337 } else { 04338 04339 printf("Succeeded\n"); 04340 04341 } 04342 04343 04344 04345 printf(" Create User With Same Name As Group . . . . . . . . . "); 04346 04347 RtlInitString( &AccountNameAnsi, GROUP_NAME1 ); 04348 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 04349 TST_SUCCESS_ASSERT(NtStatus); 04350 04351 //InitializeObjectAttributes( &ObjectAttributes, &AccountName, 0, 0, NULL ); 04352 04353 04354 UserRid = 0; 04355 UserHandle = NULL; 04356 NtStatus = SamCreateUserInDomain( 04357 DomainHandle, 04358 &AccountName, 04359 USER_ALL_ACCESS, 04360 &UserHandle, 04361 &UserRid 04362 ); 04363 RtlFreeUnicodeString( &AccountName ); 04364 04365 if (NtStatus != STATUS_GROUP_EXISTS) { 04366 04367 printf("Failed\n"); 04368 printf(" Completion status should be STATUS_GROUP_EXISTS\n"); 04369 printf(" Completion status is 0x%lx\n", NtStatus); 04370 TestStatus = FALSE; 04371 04372 } else { 04373 04374 printf("Succeeded\n"); 04375 04376 } 04377 04378 04379 04380 printf(" Create User With Same Name As Alias . . . . . . . . . "); 04381 04382 RtlInitString( &AccountNameAnsi, ALIAS_NAME1 ); 04383 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 04384 TST_SUCCESS_ASSERT(NtStatus); 04385 04386 04387 UserRid = 0; 04388 UserHandle = NULL; 04389 NtStatus = SamCreateUserInDomain( 04390 DomainHandle, 04391 &AccountName, 04392 USER_ALL_ACCESS, 04393 &UserHandle, 04394 &UserRid 04395 ); 04396 RtlFreeUnicodeString( &AccountName ); 04397 04398 if (NtStatus != STATUS_ALIAS_EXISTS) { 04399 04400 printf("Failed\n"); 04401 printf(" Completion status should be STATUS_ALIAS_EXISTS\n"); 04402 printf(" Completion status is 0x%lx\n", NtStatus); 04403 TestStatus = FALSE; 04404 04405 } else { 04406 04407 printf("Succeeded\n"); 04408 04409 } 04410 04411 04412 04414 // // 04415 // Call server to test internal functions // 04416 // // 04418 04419 printf("\n"); 04420 printf(" Test internal functions . . . . . . . . . . . . . . . Suite\n"); 04421 printf(" Test internal domain functions . . . . . . . . . . "); 04422 04423 NtStatus = SamTestPrivateFunctionsDomain( DomainHandle ); 04424 04425 if ( NT_SUCCESS( NtStatus ) ) { 04426 04427 printf("Succeeded.\n"); 04428 04429 } else { 04430 04431 if ( NtStatus == STATUS_NOT_IMPLEMENTED ) { 04432 04433 printf("Not Implemented\n"); 04434 04435 } else { 04436 04437 printf("Failed.\n"); 04438 printf(" Status = %lx\n", NtStatus ); 04439 TestStatus = FALSE; 04440 } 04441 } 04442 04443 printf(" Test internal user functions . . . . . . . . . . . "); 04444 04445 if (ValidUserHandle == NULL) { 04446 04447 printf("Test omitted - Valid User handle not available\n"); 04448 TestStatus = FALSE; 04449 04450 } else { 04451 04452 NtStatus = SamTestPrivateFunctionsUser( ValidUserHandle ); 04453 IgnoreStatus = SamCloseHandle( ValidUserHandle ); 04454 ASSERT( NT_SUCCESS(IgnoreStatus) ); 04455 04456 if ( NT_SUCCESS( NtStatus ) ) { 04457 04458 printf("Succeeded.\n"); 04459 04460 } else { 04461 04462 if ( NtStatus == STATUS_NOT_IMPLEMENTED ) { 04463 04464 printf("Not Implemented\n"); 04465 04466 } else { 04467 04468 printf("Failed.\n"); 04469 printf(" Status = %lx\n", NtStatus ); 04470 TestStatus = FALSE; 04471 } 04472 } 04473 } 04474 04475 04477 // // 04478 // Enumerate Users/Groups Suite // 04479 // // 04481 04482 04483 printf(" Enumerate Users/Groups/Aliases. . . . . . . . . . . . Suite\n"); 04484 04485 printf(" Enumerate Groups - large prefered length . . . . . . "); 04486 04487 04488 EnumerationContext = 0; 04489 NtStatus = SamEnumerateGroupsInDomain( 04490 DomainHandle, 04491 &EnumerationContext, 04492 &Buffer, 04493 12000, // PreferedMaximumLength 04494 &CountReturned 04495 ); 04496 AccountCount = CountReturned; // Save for future test 04497 04498 if (NT_SUCCESS(NtStatus)) { 04499 if (Buffer != NULL) { 04500 if (NtStatus == STATUS_SUCCESS) { 04501 04502 if (CountReturned > 1) { 04503 printf("Succeeded\n"); 04504 for (i=0; i<CountReturned; i++) { 04505 printf(" Rid/Name(%ld): 0x%lx / %wZ\n",i, 04506 ((PSAM_RID_ENUMERATION)(Buffer))[i].RelativeId, 04507 &((PSAM_RID_ENUMERATION)(Buffer))[i].Name 04508 ); 04509 } 04510 04511 } else { 04512 printf("Failed\n"); 04513 printf(" Completion status is 0x%lx\n", NtStatus); 04514 printf(" Expected several entries to be returned.\n"); 04515 printf(" Received 0x%lx entries instead.\n", CountReturned); 04516 TestStatus = FALSE; 04517 } 04518 04519 } else { 04520 04521 printf("Failed\n"); 04522 printf(" Expected STATUS_MORE_ENTRIES to be returned.\n"); 04523 printf(" Received 0x%lx instead.\n", NtStatus); 04524 printf(" Buffer = 0x%lx\n", (ULONG)Buffer); 04525 printf(" CountReturned = 0x%lx\n", CountReturned); 04526 TestStatus = FALSE; 04527 } 04528 04529 SamFreeMemory( Buffer ); 04530 04531 } else { 04532 printf("Failed\n"); 04533 printf(" Buffer address not set on return.\n"); 04534 printf(" RPC should have allocated a buffer.\n"); 04535 printf(" Completion status is 0x%lx\n", NtStatus); 04536 TestStatus = FALSE; 04537 } 04538 04539 } else { 04540 printf("Failed\n"); 04541 printf(" Completion status is 0x%lx\n", NtStatus); 04542 TestStatus = FALSE; 04543 04544 } 04545 04546 04547 04548 04549 printf(" Enumerate Groups - small prefered length . . . . . . "); 04550 04551 04552 for ( i=0; i<AccountCount; i++) { 04553 EnumerationContext = i; 04554 NtStatus = SamEnumerateGroupsInDomain( 04555 DomainHandle, 04556 &EnumerationContext, 04557 &Buffer, 04558 0, // PreferedMaximumLength 04559 &CountReturned 04560 ); 04561 04562 if (NT_SUCCESS(NtStatus)) { 04563 if (Buffer != NULL) { 04564 if ( ((i >= AccountCount -1) && (NtStatus == STATUS_SUCCESS)) || 04565 ((i <= AccountCount -1) && (NtStatus == STATUS_MORE_ENTRIES)) ) { 04566 04567 if (CountReturned != 1) { 04568 printf("Failed\n"); 04569 printf(" Completion status is 0x%lx\n", NtStatus); 04570 printf(" Expected one entry to be returned.\n"); 04571 printf(" Received 0x%lx entries instead.\n", CountReturned); 04572 TestStatus = FALSE; 04573 i = AccountCount + 100; 04574 } 04575 04576 } else { 04577 04578 printf("Failed\n"); 04579 if (i < AccountCount -1 ) { 04580 printf(" Expected STATUS_MORE_ENTRIES to be returned.\n"); 04581 } else { 04582 printf(" Expected STATUS_SUCCESS to be returned.\n"); 04583 } 04584 printf(" Received 0x%lx instead.\n", NtStatus); 04585 printf(" Buffer = 0x%lx\n", (ULONG)Buffer); 04586 printf(" CountReturned = 0x%lx\n", CountReturned); 04587 TestStatus = FALSE; 04588 i = AccountCount + 100; 04589 } 04590 04591 SamFreeMemory( Buffer ); 04592 04593 } else { 04594 printf("Failed\n"); 04595 printf(" Buffer address not set on return.\n"); 04596 printf(" RPC should have allocated a buffer.\n"); 04597 printf(" Completion status is 0x%lx\n", NtStatus); 04598 TestStatus = FALSE; 04599 i = AccountCount + 100; 04600 } 04601 04602 } else { 04603 printf("Failed\n"); 04604 printf(" Completion status is 0x%lx\n", NtStatus); 04605 TestStatus = FALSE; 04606 i = AccountCount + 100; 04607 04608 } 04609 } 04610 04611 if ( i == AccountCount) { 04612 printf("Succeeded\n"); 04613 } 04614 04615 04616 04617 04618 printf(" Enumerate Aliases - large prefered length . . . . . . "); 04619 04620 04621 EnumerationContext = 0; 04622 NtStatus = SamEnumerateAliasesInDomain( 04623 DomainHandle, 04624 &EnumerationContext, 04625 &Buffer, 04626 12000, // PreferedMaximumLength 04627 &CountReturned 04628 ); 04629 AccountCount = CountReturned; // Save for future test 04630 04631 if (NT_SUCCESS(NtStatus)) { 04632 if (Buffer != NULL) { 04633 if (NtStatus == STATUS_SUCCESS) { 04634 04635 if (CountReturned > 1) { 04636 printf("Succeeded\n"); 04637 for (i=0; i<CountReturned; i++) { 04638 printf(" Rid/Name(%ld): 0x%lx / %wZ\n",i, 04639 ((PSAM_RID_ENUMERATION)(Buffer))[i].RelativeId, 04640 &((PSAM_RID_ENUMERATION)(Buffer))[i].Name 04641 ); 04642 } 04643 04644 } else { 04645 printf("Failed\n"); 04646 printf(" Completion status is 0x%lx\n", NtStatus); 04647 printf(" Expected several entries to be returned.\n"); 04648 printf(" Received 0x%lx entries instead.\n", CountReturned); 04649 TestStatus = FALSE; 04650 } 04651 04652 } else { 04653 04654 printf("Failed\n"); 04655 printf(" Expected STATUS_MORE_ENTRIES to be returned.\n"); 04656 printf(" Received 0x%lx instead.\n", NtStatus); 04657 printf(" Buffer = 0x%lx\n", (ULONG)Buffer); 04658 printf(" CountReturned = 0x%lx\n", CountReturned); 04659 TestStatus = FALSE; 04660 } 04661 04662 SamFreeMemory( Buffer ); 04663 04664 } else { 04665 printf("Failed\n"); 04666 printf(" Buffer address not set on return.\n"); 04667 printf(" RPC should have allocated a buffer.\n"); 04668 printf(" Completion status is 0x%lx\n", NtStatus); 04669 TestStatus = FALSE; 04670 } 04671 04672 } else { 04673 printf("Failed\n"); 04674 printf(" Completion status is 0x%lx\n", NtStatus); 04675 TestStatus = FALSE; 04676 04677 } 04678 04679 04680 04681 04682 printf(" Enumerate Aliases - small prefered length . . . . . . "); 04683 04684 04685 for ( i=0; i<AccountCount; i++) { 04686 EnumerationContext = i; 04687 NtStatus = SamEnumerateAliasesInDomain( 04688 DomainHandle, 04689 &EnumerationContext, 04690 &Buffer, 04691 0, // PreferedMaximumLength 04692 &CountReturned 04693 ); 04694 04695 if (NT_SUCCESS(NtStatus)) { 04696 if (Buffer != NULL) { 04697 if ( ((i >= AccountCount -1) && (NtStatus == STATUS_SUCCESS)) || 04698 ((i <= AccountCount -1) && (NtStatus == STATUS_MORE_ENTRIES)) ) { 04699 04700 if (CountReturned != 1) { 04701 printf("Failed\n"); 04702 printf(" Completion status is 0x%lx\n", NtStatus); 04703 printf(" Expected one entry to be returned.\n"); 04704 printf(" Received 0x%lx entries instead.\n", CountReturned); 04705 TestStatus = FALSE; 04706 i = AccountCount + 100; 04707 } 04708 04709 } else { 04710 04711 printf("Failed\n"); 04712 if (i < AccountCount -1 ) { 04713 printf(" Expected STATUS_MORE_ENTRIES to be returned.\n"); 04714 } else { 04715 printf(" Expected STATUS_SUCCESS to be returned.\n"); 04716 } 04717 printf(" Received 0x%lx instead.\n", NtStatus); 04718 printf(" Buffer = 0x%lx\n", (ULONG)Buffer); 04719 printf(" CountReturned = 0x%lx\n", CountReturned); 04720 TestStatus = FALSE; 04721 i = AccountCount + 100; 04722 } 04723 04724 SamFreeMemory( Buffer ); 04725 04726 } else { 04727 printf("Failed\n"); 04728 printf(" Buffer address not set on return.\n"); 04729 printf(" RPC should have allocated a buffer.\n"); 04730 printf(" Completion status is 0x%lx\n", NtStatus); 04731 TestStatus = FALSE; 04732 i = AccountCount + 100; 04733 } 04734 04735 } else { 04736 printf("Failed\n"); 04737 printf(" Completion status is 0x%lx\n", NtStatus); 04738 TestStatus = FALSE; 04739 i = AccountCount + 100; 04740 04741 } 04742 } 04743 04744 if ( i == AccountCount) { 04745 printf("Succeeded\n"); 04746 } 04747 04748 04749 04750 04751 04752 printf(" Enumerate Users - large prefered length . . . . . . "); 04753 04754 04755 EnumerationContext = 0; 04756 NtStatus = SamEnumerateUsersInDomain( 04757 DomainHandle, 04758 &EnumerationContext, 04759 0, 04760 &Buffer, 04761 12000, // PreferedMaximumLength 04762 &CountReturned 04763 ); 04764 AccountCount = CountReturned; // Save for future test 04765 04766 if (NT_SUCCESS(NtStatus)) { 04767 if (Buffer != NULL) { 04768 if (NtStatus == STATUS_SUCCESS) { 04769 04770 if (CountReturned > 1) { 04771 printf("Succeeded\n"); 04772 for (i=0; i<CountReturned; i++) { 04773 printf(" Rid/Name(%ld): 0x%lx / %wZ\n",i, 04774 ((PSAM_RID_ENUMERATION)(Buffer))[i].RelativeId, 04775 &((PSAM_RID_ENUMERATION)(Buffer))[i].Name 04776 ); 04777 } 04778 04779 } else { 04780 printf("Failed\n"); 04781 printf(" Completion status is 0x%lx\n", NtStatus); 04782 printf(" Expected several entries to be returned.\n"); 04783 printf(" Received 0x%lx entries instead.\n", CountReturned); 04784 TestStatus = FALSE; 04785 } 04786 04787 } else { 04788 04789 printf("Failed\n"); 04790 printf(" Expected STATUS_MORE_ENTRIES to be returned.\n"); 04791 printf(" Received 0x%lx instead.\n", NtStatus); 04792 printf(" Buffer = 0x%lx\n", (ULONG)Buffer); 04793 printf(" CountReturned = 0x%lx\n", CountReturned); 04794 TestStatus = FALSE; 04795 } 04796 04797 SamFreeMemory( Buffer ); 04798 04799 } else { 04800 printf("Failed\n"); 04801 printf(" Buffer address not set on return.\n"); 04802 printf(" RPC should have allocated a buffer.\n"); 04803 printf(" Completion status is 0x%lx\n", NtStatus); 04804 TestStatus = FALSE; 04805 } 04806 04807 } else { 04808 printf("Failed\n"); 04809 printf(" Completion status is 0x%lx\n", NtStatus); 04810 TestStatus = FALSE; 04811 04812 } 04813 04814 04815 04816 04817 printf(" Enumerate Users - small prefered length . . . . . . "); 04818 04819 04820 for ( i=0; i<AccountCount; i++) { 04821 EnumerationContext = i; 04822 NtStatus = SamEnumerateUsersInDomain( 04823 DomainHandle, 04824 &EnumerationContext, 04825 0, 04826 &Buffer, 04827 0, // PreferedMaximumLength 04828 &CountReturned 04829 ); 04830 04831 if (NT_SUCCESS(NtStatus)) { 04832 if (Buffer != NULL) { 04833 if ( ((i >= AccountCount -1) && (NtStatus == STATUS_SUCCESS)) || 04834 ((i <= AccountCount -1) && (NtStatus == STATUS_MORE_ENTRIES)) ) { 04835 04836 if (CountReturned != 1) { 04837 printf("Failed\n"); 04838 printf(" Completion status is 0x%lx\n", NtStatus); 04839 printf(" Expected one entry to be returned.\n"); 04840 printf(" Received 0x%lx entries instead.\n", CountReturned); 04841 TestStatus = FALSE; 04842 i = AccountCount + 100; 04843 } 04844 04845 } else { 04846 04847 printf("Failed\n"); 04848 if (i < AccountCount -1 ) { 04849 printf(" Expected STATUS_MORE_ENTRIES to be returned.\n"); 04850 } else { 04851 printf(" Expected STATUS_SUCCESS to be returned.\n"); 04852 } 04853 printf(" Received 0x%lx instead.\n", NtStatus); 04854 printf(" Buffer = 0x%lx\n", (ULONG)Buffer); 04855 printf(" CountReturned = 0x%lx\n", CountReturned); 04856 TestStatus = FALSE; 04857 i = AccountCount + 100; 04858 } 04859 04860 SamFreeMemory( Buffer ); 04861 04862 } else { 04863 printf("Failed\n"); 04864 printf(" Buffer address not set on return.\n"); 04865 printf(" RPC should have allocated a buffer.\n"); 04866 printf(" Completion status is 0x%lx\n", NtStatus); 04867 TestStatus = FALSE; 04868 i = AccountCount + 100; 04869 } 04870 04871 } else { 04872 printf("Failed\n"); 04873 printf(" Completion status is 0x%lx\n", NtStatus); 04874 TestStatus = FALSE; 04875 i = AccountCount + 100; 04876 04877 } 04878 } 04879 04880 if ( i == AccountCount) { 04881 printf("Succeeded\n"); 04882 } 04883 04884 04885 04886 04887 04888 04889 04890 04891 04892 04894 // // 04895 // Lookup Names/IDs Suite // 04896 // // 04898 04899 04900 // LATER add alias search to lookup name suite..... 04901 04902 04903 printf("\n"); 04904 printf(" Lookup Names/IDs . . . . . . . . . . . . . . . . . . Suite\n"); 04905 04906 04907 printf(" Lookup Names (all existing) . . . . . . . . . . . . . "); 04908 04909 NtStatus = SamLookupNamesInDomain( 04910 DomainHandle, 04911 ALL_NAMES_COUNT, 04912 &AllNames[0], 04913 &LookedUpRids, 04914 &LookedUpUses 04915 ); 04916 04917 04918 if (NT_SUCCESS(NtStatus)) { 04919 ASSERT( LookedUpRids != NULL ); 04920 ASSERT( LookedUpUses != NULL ); 04921 04922 if ( 04923 (LookedUpRids[0] == AllRids[0]) && (LookedUpUses[0] == AllUses[0]) 04924 && 04925 (LookedUpRids[1] == AllRids[1]) && (LookedUpUses[1] == AllUses[1]) 04926 && 04927 (LookedUpRids[2] == AllRids[2]) && (LookedUpUses[2] == AllUses[2]) 04928 ) { 04929 04930 04931 printf("Succeeded\n"); 04932 04933 04934 } else { 04935 printf("Failed\n"); 04936 printf(" Rids or Uses dont match expected values.\n"); 04937 printf(" Expected Rids: 0x%lx, 0x%lx, 0x%lx\n", 04938 AllRids[0], AllRids[1], AllRids[2]); 04939 printf(" Received Rids: 0x%lx, 0x%lx, 0x%lx\n", 04940 LookedUpRids[0], LookedUpRids[1], LookedUpRids[2]); 04941 printf(" Expected Uses: 0x%lx, 0x%lx, 0x%lx\n", 04942 AllUses[0], AllUses[1], AllUses[2]); 04943 printf(" Received Uses: 0x%lx, 0x%lx, 0x%lx\n", 04944 LookedUpUses[0], LookedUpUses[1], LookedUpUses[2]); 04945 TestStatus = FALSE; 04946 } 04947 04948 04949 SamFreeMemory( LookedUpRids ); 04950 SamFreeMemory( LookedUpUses ); 04951 04952 } else { 04953 printf("Failed\n"); 04954 printf(" Completion status is 0x%lx\n", NtStatus); 04955 TestStatus = FALSE; 04956 } 04957 04958 04959 04960 04961 printf(" Lookup Names (Some existing) . . . . . . . . . . . . "); 04962 04963 NtStatus = SamLookupNamesInDomain( 04964 DomainHandle, 04965 SOME_NAMES_COUNT, 04966 &SomeNames[0], 04967 &LookedUpRids, 04968 &LookedUpUses 04969 ); 04970 04971 04972 if (NtStatus == STATUS_SOME_NOT_MAPPED) { 04973 ASSERT( LookedUpRids != NULL ); 04974 ASSERT( LookedUpUses != NULL ); 04975 04976 if ( 04977 (LookedUpRids[0] == SomeRids[0]) && (LookedUpUses[0] == SomeUses[0]) 04978 && 04979 (LookedUpRids[1] == SomeRids[1]) && (LookedUpUses[1] == SomeUses[1]) 04980 && 04981 (LookedUpRids[2] == SomeRids[2]) && (LookedUpUses[2] == SomeUses[2]) 04982 && 04983 (LookedUpRids[3] == SomeRids[3]) && (LookedUpUses[3] == SomeUses[3]) 04984 && 04985 (LookedUpRids[4] == SomeRids[4]) && (LookedUpUses[4] == SomeUses[4]) 04986 && 04987 (LookedUpRids[5] == SomeRids[5]) && (LookedUpUses[5] == SomeUses[5]) 04988 && 04989 (LookedUpRids[6] == SomeRids[6]) && (LookedUpUses[6] == SomeUses[6]) 04990 ) { 04991 04992 04993 printf("Succeeded\n"); 04994 04995 } else { 04996 printf("Failed\n"); 04997 printf(" Rids or Uses dont match expected values.\n"); 04998 printf(" Expected Rids: 0x%lx, 0x%lx, 0x%lx, 0x%lx, 0x%lx, 0x%lx, 0x%lx\n", 04999 SomeRids[0], SomeRids[1], SomeRids[2], SomeRids[3], SomeRids[4], SomeRids[5], SomeRids[6]); 05000 printf(" Received Rids: 0x%lx, 0x%lx, 0x%lx, 0x%lx, 0x%lx, 0x%lx, 0x%lx\n", 05001 LookedUpRids[0], LookedUpRids[1], LookedUpRids[2], LookedUpRids[3], LookedUpRids[4], LookedUpRids[5], LookedUpRids[6]); 05002 printf(" Expected Uses: 0x%lx, 0x%lx, 0x%lx, 0x%lx, 0x%lx, 0x%lx, 0x%lx\n", 05003 SomeUses[0], SomeUses[1], SomeUses[2], SomeUses[3], SomeUses[4], SomeUses[5], SomeUses[6]); 05004 printf(" Received Uses: 0x%lx, 0x%lx, 0x%lx, 0x%lx, 0x%lx, 0x%lx, 0x%lx\n", 05005 LookedUpUses[0], LookedUpUses[1], LookedUpUses[2], LookedUpUses[3], LookedUpUses[4], LookedUpUses[5], LookedUpUses[2]); 05006 TestStatus = FALSE; 05007 } 05008 05009 05010 SamFreeMemory( LookedUpRids ); 05011 SamFreeMemory( LookedUpUses ); 05012 05013 } else { 05014 printf("Failed\n"); 05015 printf(" Completion status is 0x%lx\n", NtStatus); 05016 TestStatus = FALSE; 05017 } 05018 05019 05020 05021 printf(" Lookup Names (None existing) . . . . . . . . . . . . "); 05022 05023 NtStatus = SamLookupNamesInDomain( 05024 DomainHandle, 05025 NO_NAMES_COUNT, 05026 &NoNames[0], 05027 &LookedUpRids, 05028 &LookedUpUses 05029 ); 05030 05031 05032 if (NtStatus == STATUS_NONE_MAPPED) { 05033 ASSERT( LookedUpRids == NULL ); 05034 ASSERT( LookedUpUses == NULL ); 05035 05036 printf("Succeeded\n"); 05037 05038 } else { 05039 printf("Failed\n"); 05040 printf(" Completion status is 0x%lx\n", NtStatus); 05041 TestStatus = FALSE; 05042 } 05043 05044 05045 05046 printf(" Lookup SIDs (all existing) . . . . . . . . . . . . . "); 05047 05048 NtStatus = SamLookupIdsInDomain( 05049 DomainHandle, 05050 ALL_NAMES_COUNT, 05051 &AllRids[0], 05052 &LookedUpNames, 05053 &LookedUpUses 05054 ); 05055 05056 05057 if (NT_SUCCESS(NtStatus)) { 05058 ASSERT( LookedUpUses != NULL ); 05059 ASSERT( LookedUpNames != NULL ); 05060 ASSERT( LookedUpNames[0].Buffer != NULL ); 05061 ASSERT( LookedUpNames[1].Buffer != NULL ); 05062 ASSERT( LookedUpNames[2].Buffer != NULL ); 05063 05064 if ( 05065 (LookedUpUses[0] == AllUses[0]) && 05066 (LookedUpUses[1] == AllUses[1]) && 05067 (LookedUpUses[2] == AllUses[2]) && 05068 !RtlCompareString( (PSTRING)&LookedUpNames[0], (PSTRING)&AllNames[0], TRUE ) && 05069 !RtlCompareString( (PSTRING)&LookedUpNames[1], (PSTRING)&AllNames[1], TRUE ) && 05070 !RtlCompareString( (PSTRING)&LookedUpNames[2], (PSTRING)&AllNames[2], TRUE ) 05071 ) { 05072 05073 05074 printf("Succeeded\n"); 05075 05076 } else { 05077 printf("Failed\n"); 05078 printf(" Names or Uses dont match expected values.\n"); 05079 printf(" Expected Name[0]: %wZ\n", &AllNames[0] ); 05080 printf(" Received Name[0]: %wZ\n", &LookedUpNames[0] ); 05081 printf(" Expected Name[1]: %wZ\n", &AllNames[1] ); 05082 printf(" Received Name[1]: %wZ\n", &LookedUpNames[1] ); 05083 printf(" Expected Name[2]: %wZ\n", &AllNames[2] ); 05084 printf(" Received Name[2]: %wZ\n", &LookedUpNames[2] ); 05085 05086 printf(" Expected Uses: 0x%lx, 0x%lx, 0x%lx\n", 05087 AllUses[0], AllUses[1], AllUses[2]); 05088 printf(" Received Uses: 0x%lx, 0x%lx, 0x%lx\n", 05089 LookedUpUses[0], LookedUpUses[1], LookedUpUses[2]); 05090 TestStatus = FALSE; 05091 } 05092 05093 05094 SamFreeMemory( LookedUpUses ); 05095 SamFreeMemory( LookedUpNames ); 05096 05097 } else { 05098 printf("Failed\n"); 05099 printf(" Completion status is 0x%lx\n", NtStatus); 05100 TestStatus = FALSE; 05101 } 05102 05103 05104 05105 05106 printf(" Lookup SIDs (Some existing) . . . . . . . . . . . . . "); 05107 05108 NtStatus = SamLookupIdsInDomain( 05109 DomainHandle, 05110 SOME_NAMES_COUNT, 05111 &SomeRids[0], 05112 &LookedUpNames, 05113 &LookedUpUses 05114 ); 05115 05116 05117 if (NtStatus == STATUS_SOME_NOT_MAPPED) { 05118 ASSERT( LookedUpUses != NULL ); 05119 ASSERT( LookedUpNames != NULL ); 05120 ASSERT( LookedUpNames[0].Buffer != NULL ); 05121 ASSERT( LookedUpNames[1].Buffer != NULL ); 05122 ASSERT( LookedUpNames[2].Buffer == NULL ); // Unknown 05123 ASSERT( LookedUpNames[3].Buffer == NULL ); // Unknown 05124 ASSERT( LookedUpNames[4].Buffer == NULL ); // Unknown 05125 ASSERT( LookedUpNames[5].Buffer != NULL ); 05126 ASSERT( LookedUpNames[6].Buffer == NULL ); // Unknown 05127 05128 if ( 05129 (LookedUpUses[0] == SomeUses[0]) && 05130 (LookedUpUses[1] == SomeUses[1]) && 05131 (LookedUpUses[2] == SomeUses[2]) && 05132 !RtlCompareString( (PSTRING)&LookedUpNames[0], (PSTRING)&SomeNames[0], TRUE ) && 05133 !RtlCompareString( (PSTRING)&LookedUpNames[1], (PSTRING)&SomeNames[1], TRUE ) && 05134 !RtlCompareString( (PSTRING)&LookedUpNames[5], (PSTRING)&SomeNames[5], TRUE ) 05135 ) { 05136 05137 05138 printf("Succeeded\n"); 05139 05140 } else { 05141 printf("Failed\n"); 05142 printf(" Names or Uses dont match expected values.\n"); 05143 printf(" Expected Name[0]: %wZ\n", &SomeNames[0] ); 05144 printf(" Received Name[0]: %wZ\n", &LookedUpNames[0] ); 05145 printf(" Expected Name[1]: %wZ\n", &SomeNames[1] ); 05146 printf(" Received Name[1]: %wZ\n", &LookedUpNames[1] ); 05147 printf(" Name[2]: (Unknown)\n"); 05148 printf(" Name[3]: (Unknown)\n"); 05149 printf(" Name[4]: (Unknown)\n"); 05150 printf(" Expected Name[5]: %wZ\n", &SomeNames[5] ); 05151 printf(" Received Name[5]: %wZ\n", &LookedUpNames[5] ); 05152 printf(" Name[6]: (Unknown)\n"); 05153 05154 printf(" Expected Uses: 0x%lx, 0x%lx, 0x%lx, 0x%lx, 0x%lx, 0x%lx, 0x%lx\n", 05155 SomeUses[0], SomeUses[1], SomeUses[2], SomeUses[3], SomeUses[4], SomeUses[5], SomeUses[6]); 05156 printf(" Received Uses: 0x%lx, 0x%lx, 0x%lx, 0x%lx, 0x%lx, 0x%lx, 0x%lx\n", 05157 LookedUpUses[0], LookedUpUses[1], LookedUpUses[2], LookedUpUses[3], LookedUpUses[4], LookedUpUses[5], LookedUpUses[2]); 05158 TestStatus = FALSE; 05159 } 05160 05161 05162 SamFreeMemory( LookedUpUses ); 05163 SamFreeMemory( LookedUpNames ); 05164 05165 } else { 05166 printf("Failed\n"); 05167 printf(" Completion status is 0x%lx\n", NtStatus); 05168 TestStatus = FALSE; 05169 } 05170 05171 05172 05173 05174 printf(" Lookup SIDs (None existing) . . . . . . . . . . . . . "); 05175 05176 NtStatus = SamLookupIdsInDomain( 05177 DomainHandle, 05178 NO_NAMES_COUNT, 05179 &NoRids[0], 05180 &LookedUpNames, 05181 &LookedUpUses 05182 ); 05183 05184 05185 if (NtStatus == STATUS_NONE_MAPPED) { 05186 ASSERT( LookedUpUses == NULL ); 05187 ASSERT( LookedUpNames == NULL ); 05188 05189 printf("Succeeded\n"); 05190 05191 } else { 05192 printf("Failed\n"); 05193 printf(" Completion status is 0x%lx\n", NtStatus); 05194 TestStatus = FALSE; 05195 } 05196 05197 05198 05199 05200 05201 05202 05203 return TestStatus; 05204 } 05205 05206 05208 // // 05209 // Group Object Test Suite // 05210 // // 05212 05213 05214 BOOLEAN 05215 GroupTestSuite( 05216 HANDLE DomainHandle, 05217 ULONG Pass 05218 ) 05219 05220 { 05221 NTSTATUS NtStatus, IgnoreStatus; 05222 HANDLE GroupHandle1, GroupHandle2, UserHandle1; 05223 ULONG CountReturned, NameLength, i, MemberCount; 05224 ULONG UserRid, GroupRid; 05225 PVOID Buffer, Buffer1, Buffer2; 05226 SAM_ENUMERATE_HANDLE EnumerationContext; 05227 PULONG Members, Attributes; 05228 PSID_NAME_USE LookedUpUses; 05229 PULONG LookedUpRids; 05230 UNICODE_STRING AccountNames[10], AccountName; 05231 STRING AccountNameAnsi; 05232 05233 BOOLEAN IndividualTestSucceeded, DeleteUser; 05234 BOOLEAN TestStatus = TRUE; 05235 05236 05237 if (Pass == 1) { 05238 // 05239 // This test suite assumes that lookup and enumeration API funciton 05240 // properly. 05241 // 05242 05243 printf("\n"); 05244 printf("\n"); 05245 printf(" Group (Pass #1) . . . . . . . . . . . . . . . . . . . Test\n"); 05246 05248 // // 05249 // Open Group Suite // 05250 // // 05252 05253 printf(" Open Group . . . . . . . . . . . . . . . . . . . . . Suite\n"); 05254 printf(" Open Groups . . . . . . . . . . . . . . . . . . . . . "); 05255 IndividualTestSucceeded = TRUE; 05256 EnumerationContext = 0; 05257 NtStatus = SamEnumerateGroupsInDomain( 05258 DomainHandle, 05259 &EnumerationContext, 05260 &Buffer, 05261 12000, // PreferedMaximumLength 05262 &CountReturned 05263 ); 05264 05265 TST_SUCCESS_ASSERT(NtStatus); 05266 ASSERT(Buffer != NULL); 05267 ASSERT(CountReturned > 0); 05268 05269 for (i=0; i<CountReturned; i++) { 05270 05271 NtStatus = SamOpenGroup( 05272 DomainHandle, 05273 GROUP_ALL_ACCESS, 05274 ((PSAM_RID_ENUMERATION)(Buffer))[i].RelativeId, 05275 &GroupHandle1 05276 ); 05277 05278 if (NT_SUCCESS(NtStatus)) { 05279 05280 NtStatus = SamOpenGroup( 05281 DomainHandle, 05282 GENERIC_READ, 05283 ((PSAM_RID_ENUMERATION)(Buffer))[i].RelativeId, 05284 &GroupHandle2 05285 ); 05286 05287 if (NT_SUCCESS(NtStatus)) { 05288 IgnoreStatus = SamCloseHandle( GroupHandle2 ); 05289 ASSERT( NT_SUCCESS(IgnoreStatus) ); 05290 } else { 05291 printf("Failed\n"); 05292 printf(" Completion status is 0x%lx\n", NtStatus); 05293 printf(" Failed opening group second time.\n"); 05294 printf(" Rid of account is: 0x%lx\n", 05295 ((PSAM_RID_ENUMERATION)(Buffer))[i].RelativeId); 05296 printf(" Name of account is: %wZ\n", 05297 &((PSAM_RID_ENUMERATION)(Buffer))[i].Name ); 05298 TestStatus = FALSE; 05299 IndividualTestSucceeded = FALSE; 05300 } 05301 05302 IgnoreStatus = SamCloseHandle( GroupHandle1 ); 05303 ASSERT( NT_SUCCESS(IgnoreStatus) ); 05304 05305 } else { 05306 05307 printf("Failed\n"); 05308 printf(" Completion status is 0x%lx\n", NtStatus); 05309 printf(" Failed opening group for first time.\n"); 05310 printf(" Rid of account is: 0x%lx\n", 05311 ((PSAM_RID_ENUMERATION)(Buffer))[i].RelativeId); 05312 printf(" Name of account is: %wZ\n", 05313 &((PSAM_RID_ENUMERATION)(Buffer))[i].Name ); 05314 TestStatus = FALSE; 05315 IndividualTestSucceeded = FALSE; 05316 } 05317 05318 if (!IndividualTestSucceeded) { 05319 printf(" "); 05320 } 05321 } 05322 05323 05324 SamFreeMemory( Buffer ); 05325 if (IndividualTestSucceeded) { 05326 printf("Succeeded\n"); 05327 } 05328 05329 05330 05332 // // 05333 // Query Group Suite // 05334 // // 05336 05337 printf("\n"); 05338 printf(" Query Group . . . . . . . . . . . . . . . . . . . . . Suite\n"); 05339 05340 printf(" Query Group General Information . . . . . . . . . . . "); 05341 05342 05343 NtStatus = SamOpenGroup( 05344 DomainHandle, 05345 GROUP_READ_INFORMATION, 05346 DOMAIN_GROUP_RID_USERS, 05347 &GroupHandle1 05348 ); 05349 ASSERT(NT_SUCCESS(NtStatus) ); 05350 05351 Buffer = NULL; 05352 NtStatus = SamQueryInformationGroup( 05353 GroupHandle1, 05354 GroupGeneralInformation, 05355 &Buffer 05356 ); 05357 if (NT_SUCCESS(NtStatus)) { 05358 if (Buffer != NULL) { 05359 05360 if ( (((GROUP_GENERAL_INFORMATION *)Buffer)->Name.MaximumLength > 0) && 05361 (((GROUP_GENERAL_INFORMATION *)Buffer)->Name.Buffer != NULL) ) { 05362 05363 printf("Succeeded\n"); 05364 05365 printf(" Member Count is: 0x%lx\n", 05366 (((GROUP_GENERAL_INFORMATION *)Buffer)->MemberCount) ); 05367 printf(" Attributes are: 0x%lx\n", 05368 (((GROUP_GENERAL_INFORMATION *)Buffer)->Attributes) ); 05369 printf(" Group Name is: %wZ\n", 05370 &(((GROUP_GENERAL_INFORMATION *)Buffer)->Name) ); 05371 05372 05373 05374 } else { 05375 printf("Failed\n"); 05376 printf(" Group Name not returned.\n"); 05377 TestStatus = FALSE; 05378 } 05379 SamFreeMemory( Buffer ); 05380 } else { 05381 printf("Failed\n"); 05382 printf(" Buffer address not set on return.\n"); 05383 printf(" RPC should have allocated a buffer.\n"); 05384 TestStatus = FALSE; 05385 } 05386 } else { 05387 printf("Failed\n"); 05388 printf(" Completion status is 0x%lx\n", NtStatus); 05389 TestStatus = FALSE; 05390 } 05391 IgnoreStatus = SamCloseHandle( GroupHandle1 ); 05392 ASSERT( NT_SUCCESS(IgnoreStatus) ); 05393 05394 05395 05396 05397 printf(" Query Group Name Information . . . . . . . . . . . . "); 05398 05399 05400 NtStatus = SamOpenGroup( 05401 DomainHandle, 05402 GROUP_READ_INFORMATION, 05403 DOMAIN_GROUP_RID_USERS, 05404 &GroupHandle1 05405 ); 05406 ASSERT(NT_SUCCESS(NtStatus) ); 05407 05408 Buffer = NULL; 05409 NtStatus = SamQueryInformationGroup( 05410 GroupHandle1, 05411 GroupNameInformation, 05412 &Buffer 05413 ); 05414 if (NT_SUCCESS(NtStatus)) { 05415 if (Buffer != NULL) { 05416 05417 if ( (((GROUP_NAME_INFORMATION *)Buffer)->Name.MaximumLength > 0) && 05418 (((GROUP_NAME_INFORMATION *)Buffer)->Name.Buffer != NULL) ) { 05419 05420 printf("Succeeded\n"); 05421 05422 printf(" Group Name is: %wZ\n", 05423 &(((GROUP_NAME_INFORMATION *)Buffer)->Name) ); 05424 05425 05426 05427 } else { 05428 printf("Failed\n"); 05429 printf(" Group Name not returned.\n"); 05430 TestStatus = FALSE; 05431 } 05432 SamFreeMemory( Buffer ); 05433 } else { 05434 printf("Failed\n"); 05435 printf(" Buffer address not set on return.\n"); 05436 printf(" RPC should have allocated a buffer.\n"); 05437 TestStatus = FALSE; 05438 } 05439 } else { 05440 printf("Failed\n"); 05441 printf(" Completion status is 0x%lx\n", NtStatus); 05442 TestStatus = FALSE; 05443 } 05444 IgnoreStatus = SamCloseHandle( GroupHandle1 ); 05445 ASSERT( NT_SUCCESS(IgnoreStatus) ); 05446 05447 05448 05449 05450 printf(" Query Group Admin Comment Information . . . . . . . . "); 05451 05452 05453 NtStatus = SamOpenGroup( 05454 DomainHandle, 05455 GROUP_READ_INFORMATION, 05456 DOMAIN_GROUP_RID_USERS, 05457 &GroupHandle1 05458 ); 05459 ASSERT(NT_SUCCESS(NtStatus) ); 05460 05461 Buffer = NULL; 05462 NtStatus = SamQueryInformationGroup( 05463 GroupHandle1, 05464 GroupAdminCommentInformation, 05465 &Buffer 05466 ); 05467 if (NT_SUCCESS(NtStatus)) { 05468 if (Buffer != NULL) { 05469 05470 if ( (((GROUP_ADM_COMMENT_INFORMATION *)Buffer)->AdminComment.MaximumLength >= 0) ) { 05471 05472 printf("Succeeded\n"); 05473 05474 printf(" Group Admin Comment is: %wZ\n", 05475 &(((GROUP_ADM_COMMENT_INFORMATION *)Buffer)->AdminComment) ); 05476 05477 05478 05479 } else { 05480 printf("Failed\n"); 05481 printf(" Group Admin Comment not returned.\n"); 05482 TestStatus = FALSE; 05483 } 05484 SamFreeMemory( Buffer ); 05485 } else { 05486 printf("Failed\n"); 05487 printf(" Buffer address not set on return.\n"); 05488 printf(" RPC should have allocated a buffer.\n"); 05489 TestStatus = FALSE; 05490 } 05491 } else { 05492 printf("Failed\n"); 05493 printf(" Completion status is 0x%lx\n", NtStatus); 05494 TestStatus = FALSE; 05495 } 05496 IgnoreStatus = SamCloseHandle( GroupHandle1 ); 05497 ASSERT( NT_SUCCESS(IgnoreStatus) ); 05498 05499 05500 05501 05502 printf(" Query Group Attribute Information . . . . . . . . . . "); 05503 05504 05505 NtStatus = SamOpenGroup( 05506 DomainHandle, 05507 GROUP_READ_INFORMATION, 05508 DOMAIN_GROUP_RID_USERS, 05509 &GroupHandle1 05510 ); 05511 ASSERT(NT_SUCCESS(NtStatus) ); 05512 05513 Buffer = NULL; 05514 NtStatus = SamQueryInformationGroup( 05515 GroupHandle1, 05516 GroupAttributeInformation, 05517 &Buffer 05518 ); 05519 if (NT_SUCCESS(NtStatus)) { 05520 if (Buffer != NULL) { 05521 05522 05523 printf("Succeeded\n"); 05524 05525 printf(" Attributes are: 0x%lx\n", 05526 (((GROUP_ATTRIBUTE_INFORMATION *)Buffer)->Attributes) ); 05527 05528 05529 SamFreeMemory( Buffer ); 05530 05531 } else { 05532 printf("Failed\n"); 05533 printf(" Buffer address not set on return.\n"); 05534 printf(" RPC should have allocated a buffer.\n"); 05535 TestStatus = FALSE; 05536 } 05537 } else { 05538 printf("Failed\n"); 05539 printf(" Completion status is 0x%lx\n", NtStatus); 05540 TestStatus = FALSE; 05541 } 05542 IgnoreStatus = SamCloseHandle( GroupHandle1 ); 05543 ASSERT( NT_SUCCESS(IgnoreStatus) ); 05544 05545 05546 05547 05549 // // 05550 // Get Members Of Group Suite // 05551 // // 05553 05554 printf("\n"); 05555 printf(" Get Members . . . . . . . . . . . . . . . . . . . . . Suite\n"); 05556 05557 printf(" Get Members of Well-Known Account . . . . . . . . . . "); 05558 05559 NtStatus = SamOpenGroup( 05560 DomainHandle, 05561 GROUP_LIST_MEMBERS, 05562 DOMAIN_GROUP_RID_USERS, 05563 &GroupHandle1 05564 ); 05565 ASSERT(NT_SUCCESS(NtStatus) ); 05566 05567 Buffer = NULL; 05568 NtStatus = SamGetMembersInGroup( 05569 GroupHandle1, 05570 &Members, 05571 &Attributes, 05572 &MemberCount 05573 ); 05574 if (NT_SUCCESS(NtStatus)) { 05575 if (Members != NULL || Attributes != NULL) { 05576 05577 printf("Succeeded\n"); 05578 05579 05580 printf(" Member Count: %d Users\n", MemberCount); 05581 for ( i=0; i<MemberCount; i++) { 05582 05583 printf(" User[%d] Rid/Attributes: 0x%lx/0x%lx\n", 05584 i, Members[i], Attributes[i]); 05585 05586 05587 } 05588 05589 SamFreeMemory( Members ); 05590 SamFreeMemory( Attributes ); 05591 05592 05593 } else { 05594 printf("Failed\n"); 05595 printf(" Buffer address not set on return.\n"); 05596 printf(" RPC should have allocated a buffer.\n"); 05597 TestStatus = FALSE; 05598 } 05599 } else { 05600 printf("Failed\n"); 05601 printf(" Completion status is 0x%lx\n", NtStatus); 05602 TestStatus = FALSE; 05603 } 05604 IgnoreStatus = SamCloseHandle( GroupHandle1 ); 05605 ASSERT( NT_SUCCESS(IgnoreStatus) ); 05606 05607 05608 05609 printf(" Get Members of Empty Group. . . . . . . . . . . . . . "); 05610 05611 // 05612 // This group was created earlier in the test 05613 // 05614 05615 RtlInitString( &AccountNameAnsi, GROUP_NAME1 ); 05616 NtStatus = RtlAnsiStringToUnicodeString( &AccountNames[0], &AccountNameAnsi, TRUE ); 05617 TST_SUCCESS_ASSERT(NtStatus); 05618 05619 NtStatus = SamLookupNamesInDomain( 05620 DomainHandle, 05621 1, 05622 &AccountNames[0], 05623 &LookedUpRids, 05624 &LookedUpUses 05625 ); 05626 TST_SUCCESS_ASSERT(NtStatus); 05627 ASSERT(LookedUpUses[0] == SidTypeGroup); 05628 RtlFreeUnicodeString( &AccountNames[0] ); 05629 05630 05631 05632 GroupHandle1 = NULL; 05633 05634 NtStatus = SamOpenGroup( DomainHandle, GROUP_LIST_MEMBERS, LookedUpRids[0], &GroupHandle1 ); 05635 TST_SUCCESS_ASSERT(NtStatus); 05636 SamFreeMemory( LookedUpUses ); SamFreeMemory( LookedUpRids ); 05637 05638 NtStatus = SamGetMembersInGroup( 05639 GroupHandle1, 05640 &Members, 05641 &Attributes, 05642 &MemberCount 05643 ); 05644 if (NT_SUCCESS(NtStatus)) { 05645 if (MemberCount == 0) { 05646 05647 printf("Succeeded\n"); 05648 05649 05650 05651 05652 } else { 05653 printf("Failed\n"); 05654 printf(" Buffer addresses set on return.\n"); 05655 printf(" RPC should have allocated a buffer.\n"); 05656 printf(" Member Count: %d\n", MemberCount); 05657 for ( i=0; i<MemberCount; i++) { 05658 05659 printf(" User[%d] Rid/Attributes: 0x%lx/0x%lx\n", 05660 i, Members[i], Attributes[i]); 05661 } 05662 05663 SamFreeMemory( Members ); 05664 SamFreeMemory( Attributes ); 05665 TestStatus = FALSE; 05666 } 05667 } else { 05668 printf("Failed\n"); 05669 printf(" Completion status is 0x%lx\n", NtStatus); 05670 TestStatus = FALSE; 05671 } 05672 IgnoreStatus = SamCloseHandle( GroupHandle1 ); 05673 ASSERT( NT_SUCCESS(IgnoreStatus) ); 05674 05675 05677 // // 05678 // Set Group Suite (pass 1) // 05679 // // 05681 05682 printf("\n"); 05683 printf(" Set Group . . . . . . . . . . . . . . . . . . . . . . Suite\n"); 05684 05685 05686 printf(" Set Attribute . . . . . . . . . . . . . . . . . . . . "); 05687 NtStatus = SamOpenGroup( 05688 DomainHandle, 05689 GROUP_WRITE_ACCOUNT | GROUP_READ_INFORMATION, 05690 DOMAIN_GROUP_RID_USERS, 05691 &GroupHandle1 05692 ); 05693 ASSERT(NT_SUCCESS(NtStatus) ); 05694 05695 Buffer1 = NULL; 05696 NtStatus = SamQueryInformationGroup( 05697 GroupHandle1, 05698 GroupAttributeInformation, 05699 &Buffer1 05700 ); 05701 TST_SUCCESS_ASSERT(NtStatus); 05702 ASSERT(Buffer1 != NULL); 05703 05704 // 05705 // Change the value and write it back 05706 // 05707 05708 ((GROUP_ATTRIBUTE_INFORMATION *)Buffer1)->Attributes ^= 05709 SE_GROUP_ENABLED_BY_DEFAULT; 05710 05711 05712 NtStatus = SamSetInformationGroup( 05713 GroupHandle1, 05714 GroupAttributeInformation, 05715 Buffer1 05716 ); 05717 if (NT_SUCCESS(NtStatus)) { 05718 05719 // 05720 // Check the written value to make sure it stuck 05721 // 05722 05723 Buffer2 = NULL; 05724 NtStatus = SamQueryInformationGroup( 05725 GroupHandle1, 05726 GroupAttributeInformation, 05727 &Buffer2 05728 ); 05729 TST_SUCCESS_ASSERT(NtStatus); 05730 ASSERT(Buffer2 != NULL); 05731 05732 if (((GROUP_ATTRIBUTE_INFORMATION *)Buffer1)->Attributes == 05733 ((GROUP_ATTRIBUTE_INFORMATION *)Buffer2)->Attributes ) { 05734 05735 printf("Succeeded\n"); 05736 05737 SamFreeMemory( Buffer2 ); 05738 05739 } else { 05740 printf("Failed\n"); 05741 printf(" Returned Value Doesn't Match Set Value.\n"); 05742 TestStatus = FALSE; 05743 } 05744 } else { 05745 printf("Failed\n"); 05746 printf(" Completion status is 0x%lx\n", NtStatus); 05747 TestStatus = FALSE; 05748 } 05749 SamFreeMemory( Buffer1 ); 05750 IgnoreStatus = SamCloseHandle( GroupHandle1 ); 05751 ASSERT( NT_SUCCESS(IgnoreStatus) ); 05752 05753 05754 05755 05756 05757 printf(" Set Admin Comment . . . . . . . . . . . . . . . . . . "); 05758 05759 NtStatus = SamOpenGroup( 05760 DomainHandle, 05761 GROUP_WRITE_ACCOUNT | GROUP_READ_INFORMATION, 05762 DOMAIN_GROUP_RID_USERS, 05763 &GroupHandle1 05764 ); 05765 ASSERT(NT_SUCCESS(NtStatus) ); 05766 05767 // 05768 // Get the current value... 05769 // 05770 05771 Buffer1 = NULL; 05772 NtStatus = SamQueryInformationGroup( 05773 GroupHandle1, 05774 GroupAdminCommentInformation, 05775 &Buffer1 05776 ); 05777 TST_SUCCESS_ASSERT(NtStatus); 05778 ASSERT(Buffer1 != NULL); 05779 05780 05781 // 05782 // Change the field to a new value and write it out. 05783 // 05784 05785 NameLength = ((GROUP_ADM_COMMENT_INFORMATION *)Buffer1)->AdminComment.Length; 05786 if ( NameLength == DummyString1.Length ) { 05787 ((GROUP_ADM_COMMENT_INFORMATION *)Buffer1)->AdminComment = DummyString2; 05788 } else { 05789 ((GROUP_ADM_COMMENT_INFORMATION *)Buffer1)->AdminComment = DummyString1; 05790 } 05791 05792 NtStatus = SamSetInformationGroup( 05793 GroupHandle1, 05794 GroupAdminCommentInformation, 05795 Buffer1 05796 ); 05797 if ( NT_SUCCESS(NtStatus) ) { 05798 05799 // 05800 // Now check that the change was really made... 05801 // 05802 05803 Buffer2 = NULL; 05804 NtStatus = SamQueryInformationGroup( 05805 GroupHandle1, 05806 GroupAdminCommentInformation, 05807 &Buffer2 05808 ); 05809 ASSERT(NT_SUCCESS( NtStatus ) ); 05810 if ( 05811 !RtlCompareString( 05812 (PSTRING)&((GROUP_ADM_COMMENT_INFORMATION *)Buffer1)->AdminComment, 05813 (PSTRING)&((GROUP_ADM_COMMENT_INFORMATION *)Buffer2)->AdminComment, 05814 TRUE) 05815 ) { 05816 05817 printf("Succeeded\n"); 05818 05819 } else { 05820 05821 printf("Failed\n"); 05822 printf(" Value queried doesn't match value written\n"); 05823 printf(" Value Written is %wZ\n", 05824 (PUNICODE_STRING)&((GROUP_ADM_COMMENT_INFORMATION *)Buffer1)->AdminComment); 05825 printf(" Value Retrieved is %wZ\n", 05826 (PUNICODE_STRING)&((GROUP_ADM_COMMENT_INFORMATION *)Buffer2)->AdminComment); 05827 05828 TestStatus = FALSE; 05829 05830 } 05831 05832 SamFreeMemory( Buffer1 ); 05833 SamFreeMemory( Buffer2 ); 05834 05835 } else { 05836 printf("Failed\n"); 05837 printf(" Completion status is 0x%lx\n", NtStatus); 05838 TestStatus = FALSE; 05839 SamFreeMemory( Buffer1 ); 05840 05841 } 05842 05843 05844 05845 05846 05847 05848 } // END PASS #1 05849 if (Pass == 2) { 05850 05851 printf("\n"); 05852 printf("\n"); 05853 printf(" Group (Pass #2) . . . . . . . . . . . . . . . . . . . Test\n"); 05854 05856 // // 05857 // Delete Group Suite // 05858 // // 05860 05861 printf("\n"); 05862 printf(" Delete Group . . . . . . . . . . . . . . . . . . . . Suite\n"); 05863 05864 printf(" Delete Normal Group . . . . . . . . . . . . . . . . . "); 05865 05866 // 05867 // This group was created in pass #1 05868 // 05869 05870 RtlInitString( &AccountNameAnsi, GROUP_NAME1 ); 05871 NtStatus = RtlAnsiStringToUnicodeString( &AccountNames[0], &AccountNameAnsi, TRUE ); 05872 TST_SUCCESS_ASSERT(NtStatus); 05873 05874 NtStatus = SamLookupNamesInDomain( 05875 DomainHandle, 05876 1, 05877 &AccountNames[0], 05878 &LookedUpRids, 05879 &LookedUpUses 05880 ); 05881 TST_SUCCESS_ASSERT(NtStatus); 05882 ASSERT(LookedUpUses[0] == SidTypeGroup); 05883 RtlFreeUnicodeString( &AccountNames[0] ); 05884 05885 05886 05887 GroupHandle1 = NULL; 05888 05889 NtStatus = SamOpenGroup( DomainHandle, DELETE, LookedUpRids[0], &GroupHandle1 ); 05890 TST_SUCCESS_ASSERT(NtStatus); 05891 SamFreeMemory( LookedUpUses ); SamFreeMemory( LookedUpRids ); 05892 05893 NtStatus = SamDeleteGroup( GroupHandle1 ); 05894 if (NT_SUCCESS(NtStatus)) { 05895 printf("Succeeded\n"); 05896 05897 } else { 05898 printf("Failed\n"); 05899 printf(" Completion status is 0x%lx\n", NtStatus); 05900 TestStatus = FALSE; 05901 } 05902 05903 05904 05905 05906 printf(" Delete Well Known Group . . . . . . . . . . . . . . . "); 05907 05908 GroupHandle1 = NULL; 05909 05910 NtStatus = SamOpenGroup( DomainHandle, DELETE, DOMAIN_GROUP_RID_USERS, &GroupHandle1 ); 05911 TST_SUCCESS_ASSERT(NtStatus); 05912 05913 NtStatus = SamDeleteGroup( GroupHandle1 ); 05914 if (NtStatus == STATUS_SPECIAL_ACCOUNT) { 05915 05916 printf("Succeeded\n"); 05917 05918 } else { 05919 printf("Failed\n"); 05920 printf(" Completion status is 0x%lx\n", NtStatus); 05921 TestStatus = FALSE; 05922 } 05923 05924 NtStatus = SamCloseHandle( GroupHandle1 ); 05925 ASSERT(NT_SUCCESS(NtStatus)); 05926 05927 05928 05929 05930 05931 05932 05933 05934 printf(" Delete Primary Group Of A User. . . . . . . . . . . . "); 05935 05936 // 05937 // Make a user (might already exist) 05938 // Make a group 05939 // Make the group the user's primary group 05940 // Attempt to delete the group 05941 // Change the user so the group isn't the primary group 05942 // delete the group 05943 // If we created the user, delete it. 05944 05945 // 05946 // The following user might already exist (from earlier in the test) 05947 // 05948 05949 RtlInitString( &AccountNameAnsi, USER_NAME1 ); 05950 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 05951 TST_SUCCESS_ASSERT(NtStatus); 05952 05953 //InitializeObjectAttributes( &ObjectAttributes, &AccountName, 0, 0, NULL ); 05954 05955 05956 UserRid = 0; 05957 UserHandle1 = NULL; 05958 NtStatus = SamCreateUserInDomain( 05959 DomainHandle, 05960 &AccountName, 05961 USER_ALL_ACCESS, 05962 &UserHandle1, 05963 &UserRid 05964 ); 05965 RtlFreeUnicodeString( &AccountName ); 05966 DeleteUser = TRUE; 05967 if (NtStatus == STATUS_USER_EXISTS) { 05968 DeleteUser = FALSE; 05969 RtlInitString( &AccountNameAnsi, USER_NAME1 ); 05970 NtStatus = RtlAnsiStringToUnicodeString( &AccountNames[0], &AccountNameAnsi, TRUE ); 05971 TST_SUCCESS_ASSERT(NtStatus); 05972 05973 NtStatus = SamLookupNamesInDomain( 05974 DomainHandle, 05975 1, 05976 &AccountNames[0], 05977 &LookedUpRids, 05978 &LookedUpUses 05979 ); 05980 RtlFreeUnicodeString( &AccountNames[0] ); 05981 TST_SUCCESS_ASSERT(NtStatus); 05982 ASSERT(LookedUpUses[0] == SidTypeUser); 05983 UserRid = LookedUpRids[0]; 05984 NtStatus = SamOpenUser( 05985 DomainHandle, 05986 USER_ALL_ACCESS, 05987 UserRid, 05988 &UserHandle1); 05989 SamFreeMemory( LookedUpUses ); SamFreeMemory( LookedUpRids ); 05990 } 05991 05992 ASSERT(NT_SUCCESS(NtStatus)); 05993 05994 // 05995 // create the group 05996 // 05997 05998 RtlInitString( &AccountNameAnsi, GROUP_NAME1 ); 05999 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 06000 TST_SUCCESS_ASSERT(NtStatus); 06001 06002 //InitializeObjectAttributes( &ObjectAttributes, &AccountName, 0, 0, NULL ); 06003 06004 GroupRid = 0; 06005 GroupHandle1 = NULL; 06006 NtStatus = SamCreateGroupInDomain( 06007 DomainHandle, 06008 &AccountName, 06009 GROUP_ALL_ACCESS, 06010 &GroupHandle1, 06011 &GroupRid 06012 ); 06013 RtlFreeUnicodeString( &AccountName ); 06014 ASSERT(NT_SUCCESS(NtStatus)); 06015 06016 // 06017 // Make the user a member of this group 06018 // 06019 06020 NtStatus = SamAddMemberToGroup( 06021 GroupHandle1, 06022 UserRid, 06023 SE_GROUP_MANDATORY | 06024 SE_GROUP_ENABLED_BY_DEFAULT | 06025 SE_GROUP_ENABLED 06026 ); 06027 ASSERT(NT_SUCCESS(NtStatus)); 06028 06029 06030 06031 06032 // 06033 // Now try to delete the group 06034 // 06035 06036 NtStatus = SamDeleteGroup( GroupHandle1 ); 06037 if (NtStatus == STATUS_MEMBER_IN_GROUP) { 06038 06039 printf("Succeeded\n"); 06040 06041 } else { 06042 printf("Failed\n"); 06043 printf(" Completion status is 0x%lx\n", NtStatus); 06044 TestStatus = FALSE; 06045 } 06046 06047 06048 // 06049 // Now get rid of the group and possibly the user account 06050 // 06051 06052 NtStatus = SamRemoveMemberFromGroup(GroupHandle1, UserRid); 06053 ASSERT(NT_SUCCESS(NtStatus)); 06054 06055 06056 NtStatus = SamDeleteGroup( GroupHandle1 ); 06057 ASSERT(NT_SUCCESS(NtStatus)); 06058 06059 if (DeleteUser == TRUE) { 06060 NtStatus = SamDeleteUser( UserHandle1 ); 06061 ASSERT(NT_SUCCESS(NtStatus)); 06062 } else { 06063 NtStatus = SamCloseHandle( UserHandle1 ); 06064 ASSERT(NT_SUCCESS(NtStatus)); 06065 } 06066 06067 06068 06070 // // 06071 // Add/Remove Member Suite // 06072 // // 06074 06075 printf("\n"); 06076 printf(" Add/Remove Member Suite . . . . . . . . . . . . . . . Suite\n"); 06077 06078 printf(" Add Member . . . . . . . . . . . . . . . . . . . . . "); 06079 06080 // 06081 // This test sets things up for the next test 06082 // 06083 06084 // 06085 // The following user might already exist (from earlier in the test) 06086 // 06087 06088 RtlInitString( &AccountNameAnsi, USER_NAME1 ); 06089 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 06090 TST_SUCCESS_ASSERT(NtStatus); 06091 06092 //InitializeObjectAttributes( &ObjectAttributes, &AccountName, 0, 0, NULL ); 06093 06094 UserRid = 0; 06095 UserHandle1 = NULL; 06096 NtStatus = SamCreateUserInDomain( 06097 DomainHandle, 06098 &AccountName, 06099 USER_ALL_ACCESS, 06100 &UserHandle1, 06101 &UserRid 06102 ); 06103 RtlFreeUnicodeString( &AccountName ); 06104 DeleteUser = TRUE; 06105 if (NtStatus == STATUS_USER_EXISTS) { 06106 DeleteUser = FALSE; 06107 RtlInitString( &AccountNameAnsi, USER_NAME1 ); 06108 NtStatus = RtlAnsiStringToUnicodeString( &AccountNames[0], &AccountNameAnsi, TRUE ); 06109 TST_SUCCESS_ASSERT(NtStatus); 06110 06111 NtStatus = SamLookupNamesInDomain( 06112 DomainHandle, 06113 1, 06114 &AccountNames[0], 06115 &LookedUpRids, 06116 &LookedUpUses 06117 ); 06118 RtlFreeUnicodeString( &AccountNames[0] ); 06119 TST_SUCCESS_ASSERT(NtStatus); 06120 ASSERT(LookedUpUses[0] == SidTypeUser); 06121 UserRid = LookedUpRids[0]; 06122 NtStatus = SamOpenUser( 06123 DomainHandle, 06124 USER_ALL_ACCESS, 06125 UserRid, 06126 &UserHandle1); 06127 SamFreeMemory( LookedUpUses ); SamFreeMemory( LookedUpRids ); 06128 } 06129 06130 ASSERT(NT_SUCCESS(NtStatus)); 06131 06132 06133 // 06134 // create the group 06135 // 06136 06137 RtlInitString( &AccountNameAnsi, GROUP_NAME1 ); 06138 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 06139 TST_SUCCESS_ASSERT(NtStatus); 06140 06141 //InitializeObjectAttributes( &ObjectAttributes, &AccountName, 0, 0, NULL ); 06142 06143 GroupRid = 0; 06144 GroupHandle1 = NULL; 06145 NtStatus = SamCreateGroupInDomain( 06146 DomainHandle, 06147 &AccountName, 06148 GROUP_ALL_ACCESS, 06149 &GroupHandle1, 06150 &GroupRid 06151 ); 06152 RtlFreeUnicodeString( &AccountName ); 06153 ASSERT(NT_SUCCESS(NtStatus)); 06154 06155 // 06156 // Make the user a member of this group 06157 // 06158 06159 NtStatus = SamAddMemberToGroup( 06160 GroupHandle1, 06161 UserRid, 06162 SE_GROUP_MANDATORY | 06163 SE_GROUP_ENABLED_BY_DEFAULT | 06164 SE_GROUP_ENABLED 06165 ); 06166 06167 if (NT_SUCCESS(NtStatus)) { 06168 06169 NtStatus = SamGetMembersInGroup( 06170 GroupHandle1, 06171 &Members, 06172 &Attributes, 06173 &MemberCount 06174 ); 06175 ASSERT(NT_SUCCESS(NtStatus)); 06176 06177 NtStatus = STATUS_MEMBER_NOT_IN_GROUP; 06178 for ( i=0; i<MemberCount; i++) { 06179 if (Members[i] == UserRid) { 06180 NtStatus = STATUS_SUCCESS; 06181 break; 06182 } 06183 } 06184 06185 if (NT_SUCCESS(NtStatus)) { 06186 if (Attributes[i] == SE_GROUP_MANDATORY | 06187 SE_GROUP_ENABLED_BY_DEFAULT | 06188 SE_GROUP_ENABLED) { 06189 printf("Succeeded\n"); 06190 } else { 06191 printf("Failed\n"); 06192 printf("Member Added but attributes don't match expected value.\n"); 06193 printf("Expected value: 0x%lx\n",(SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED)); 06194 printf("Retrieved value: 0x%lx\n",Attributes[i]); 06195 TestStatus = FALSE; 06196 } 06197 } else { 06198 printf("Failed\n"); 06199 printf("Service returned SUCCESS, but user not in member list for group.\n"); 06200 TestStatus = FALSE; 06201 } 06202 06203 06204 if (Members != NULL) { 06205 SamFreeMemory( Members ); 06206 SamFreeMemory( Attributes ); 06207 } 06208 06209 06210 } else { 06211 printf("Failed\n"); 06212 printf(" Completion status is 0x%lx\n", NtStatus); 06213 TestStatus = FALSE; 06214 } 06215 06216 06217 06218 06219 printf(" Remove Member . . . . . . . . . . . . . . . . . . . . "); 06220 06221 // 06222 // The previous test sets this one up. 06223 // 06224 06225 // 06226 // Now try to remove the user from the group 06227 // 06228 06229 NtStatus = SamRemoveMemberFromGroup(GroupHandle1, UserRid); 06230 if (NT_SUCCESS(NtStatus)) { 06231 06232 NtStatus = SamGetMembersInGroup( 06233 GroupHandle1, 06234 &Members, 06235 &Attributes, 06236 &MemberCount 06237 ); 06238 ASSERT(NT_SUCCESS(NtStatus)); 06239 06240 for ( i=0; i<MemberCount; i++) { 06241 if (Members[i] == UserRid) { 06242 NtStatus = STATUS_MEMBER_IN_GROUP; 06243 break; 06244 } 06245 } 06246 06247 if (NT_SUCCESS(NtStatus)) { 06248 printf("Succeeded\n"); 06249 } else { 06250 printf("Failed\n"); 06251 printf("Service returned SUCCESS, but user still in member list for group.\n"); 06252 TestStatus = FALSE; 06253 } 06254 06255 06256 SamFreeMemory( Members ); 06257 SamFreeMemory( Attributes ); 06258 06259 } else { 06260 printf("Failed\n"); 06261 printf(" Completion status is 0x%lx\n", NtStatus); 06262 TestStatus = FALSE; 06263 } 06264 06265 06266 // 06267 // and clean up the user and group accounts 06268 // 06269 06270 NtStatus = SamDeleteGroup( GroupHandle1 ); 06271 ASSERT(NT_SUCCESS(NtStatus)); 06272 06273 if (DeleteUser == TRUE) { 06274 NtStatus = SamDeleteUser( UserHandle1 ); 06275 ASSERT(NT_SUCCESS(NtStatus)); 06276 } else { 06277 NtStatus = SamCloseHandle( UserHandle1 ); 06278 ASSERT(NT_SUCCESS(NtStatus)); 06279 } 06280 06281 06282 06283 06284 06285 06286 printf(" Add Non-Existant Member . . . . . . . . . . . . . . . "); 06287 06288 // 06289 // create the group 06290 // 06291 06292 RtlInitString( &AccountNameAnsi, GROUP_NAME1 ); 06293 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 06294 TST_SUCCESS_ASSERT(NtStatus); 06295 06296 //InitializeObjectAttributes( &ObjectAttributes, &AccountName, 0, 0, NULL ); 06297 06298 GroupRid = 0; 06299 GroupHandle1 = NULL; 06300 NtStatus = SamCreateGroupInDomain( 06301 DomainHandle, 06302 &AccountName, 06303 GROUP_ALL_ACCESS, 06304 &GroupHandle1, 06305 &GroupRid 06306 ); 06307 RtlFreeUnicodeString( &AccountName ); 06308 ASSERT(NT_SUCCESS(NtStatus)); 06309 06310 // 06311 // Specify a non-existant user be added to this group 06312 // 06313 06314 UserRid = 30732579; // Pretty sure this user doesn't exist. 06315 NtStatus = SamAddMemberToGroup( 06316 GroupHandle1, 06317 UserRid, 06318 SE_GROUP_MANDATORY | 06319 SE_GROUP_ENABLED_BY_DEFAULT | 06320 SE_GROUP_ENABLED 06321 ); 06322 06323 if (NtStatus == STATUS_NO_SUCH_USER) { 06324 06325 printf("Succeeded\n"); 06326 06327 } else { 06328 printf("Failed\n"); 06329 printf(" Completion status is 0x%lx\n", NtStatus); 06330 TestStatus = FALSE; 06331 } 06332 06333 06334 NtStatus = SamDeleteGroup( GroupHandle1 ); 06335 ASSERT(NT_SUCCESS(NtStatus)); 06336 06337 06338 06339 06340 printf(" Remove Non-existant Member . . . . . . . . . . . . . "); 06341 06342 // 06343 // create the group 06344 // 06345 06346 RtlInitString( &AccountNameAnsi, GROUP_NAME1 ); 06347 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 06348 TST_SUCCESS_ASSERT(NtStatus); 06349 06350 //InitializeObjectAttributes( &ObjectAttributes, &AccountName, 0, 0, NULL ); 06351 06352 GroupRid = 0; 06353 GroupHandle1 = NULL; 06354 NtStatus = SamCreateGroupInDomain( 06355 DomainHandle, 06356 &AccountName, 06357 GROUP_ALL_ACCESS, 06358 &GroupHandle1, 06359 &GroupRid 06360 ); 06361 RtlFreeUnicodeString( &AccountName ); 06362 ASSERT(NT_SUCCESS(NtStatus)); 06363 06364 // 06365 // Specify a non-existant user be removed from this group 06366 // 06367 06368 UserRid = 30732579; // Pretty sure this user doesn't exist. 06369 NtStatus = SamRemoveMemberFromGroup( GroupHandle1, UserRid ); 06370 06371 if (NtStatus == STATUS_NO_SUCH_USER) { 06372 06373 printf("Succeeded\n"); 06374 06375 } else { 06376 printf("Failed\n"); 06377 printf(" Completion status is 0x%lx\n", NtStatus); 06378 TestStatus = FALSE; 06379 } 06380 06381 06382 NtStatus = SamDeleteGroup( GroupHandle1 ); 06383 ASSERT(NT_SUCCESS(NtStatus)); 06384 06385 06386 06387 06388 printf(" Remove Primary Group Of Member . . . . . . . . . . . "); 06389 06390 06391 // 06392 // Make a user (might already exist) 06393 // Make a group 06394 // Make the group the user's primary group 06395 // Attempt to remove the group (should fail) 06396 // Change the user so the group isn't the primary group 06397 // remove the group 06398 // delete the group 06399 // If we created the user, delete it. 06400 06401 // 06402 // The following user might already exist (from earlier in the test) 06403 // 06404 06405 RtlInitString( &AccountNameAnsi, USER_NAME1 ); 06406 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 06407 TST_SUCCESS_ASSERT(NtStatus); 06408 06409 //InitializeObjectAttributes( &ObjectAttributes, &AccountName, 0, 0, NULL ); 06410 06411 UserRid = 0; 06412 UserHandle1 = NULL; 06413 NtStatus = SamCreateUserInDomain( 06414 DomainHandle, 06415 &AccountName, 06416 USER_ALL_ACCESS, 06417 &UserHandle1, 06418 &UserRid 06419 ); 06420 RtlFreeUnicodeString( &AccountName ); 06421 DeleteUser = TRUE; 06422 if (NtStatus == STATUS_USER_EXISTS) { 06423 DeleteUser = FALSE; 06424 RtlInitString( &AccountNameAnsi, USER_NAME1 ); 06425 NtStatus = RtlAnsiStringToUnicodeString( &AccountNames[0], &AccountNameAnsi, TRUE ); 06426 TST_SUCCESS_ASSERT(NtStatus); 06427 06428 NtStatus = SamLookupNamesInDomain( 06429 DomainHandle, 06430 1, 06431 &AccountNames[0], 06432 &LookedUpRids, 06433 &LookedUpUses 06434 ); 06435 RtlFreeUnicodeString( &AccountNames[0] ); 06436 TST_SUCCESS_ASSERT(NtStatus); 06437 ASSERT(LookedUpUses[0] == SidTypeUser); 06438 UserRid = LookedUpRids[0]; 06439 NtStatus = SamOpenUser( 06440 DomainHandle, 06441 USER_ALL_ACCESS, 06442 UserRid, 06443 &UserHandle1); 06444 SamFreeMemory( LookedUpUses ); SamFreeMemory( LookedUpRids ); 06445 } 06446 06447 ASSERT(NT_SUCCESS(NtStatus)); 06448 06449 06450 // 06451 // create the group 06452 // 06453 06454 RtlInitString( &AccountNameAnsi, GROUP_NAME1 ); 06455 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 06456 TST_SUCCESS_ASSERT(NtStatus); 06457 06458 //InitializeObjectAttributes( &ObjectAttributes, &AccountName, 0, 0, NULL ); 06459 06460 GroupRid = 0; 06461 GroupHandle1 = NULL; 06462 NtStatus = SamCreateGroupInDomain( 06463 DomainHandle, 06464 &AccountName, 06465 GROUP_ALL_ACCESS, 06466 &GroupHandle1, 06467 &GroupRid 06468 ); 06469 RtlFreeUnicodeString( &AccountName ); 06470 ASSERT(NT_SUCCESS(NtStatus)); 06471 06472 // 06473 // Make the user a member of this group 06474 // 06475 06476 NtStatus = SamAddMemberToGroup( 06477 GroupHandle1, 06478 UserRid, 06479 SE_GROUP_MANDATORY | 06480 SE_GROUP_ENABLED_BY_DEFAULT | 06481 SE_GROUP_ENABLED 06482 ); 06483 ASSERT(NT_SUCCESS(NtStatus)); 06484 06485 06486 // 06487 // Set the user's primary group Id to be this group 06488 // 06489 06490 NtStatus = SamSetInformationUser( 06491 UserHandle1, 06492 UserPrimaryGroupInformation, 06493 &GroupRid 06494 ); 06495 ASSERT(NT_SUCCESS(NtStatus)); 06496 06497 06498 06499 // 06500 // Now try to remove the user from the group 06501 // 06502 06503 NtStatus = SamRemoveMemberFromGroup(GroupHandle1, UserRid); 06504 if (NtStatus == STATUS_MEMBERS_PRIMARY_GROUP) { 06505 06506 printf("Succeeded\n"); 06507 06508 } else { 06509 printf("Failed\n"); 06510 printf(" Completion status is 0x%lx\n", NtStatus); 06511 TestStatus = FALSE; 06512 } 06513 06514 06515 // 06516 // Set the user's primary group Id back and remove the user 06517 // from the group 06518 // 06519 06520 GroupRid = DOMAIN_GROUP_RID_USERS; 06521 NtStatus = SamSetInformationUser( 06522 UserHandle1, 06523 UserPrimaryGroupInformation, 06524 &GroupRid 06525 ); 06526 ASSERT(NT_SUCCESS(NtStatus)); 06527 NtStatus = SamRemoveMemberFromGroup(GroupHandle1, UserRid); 06528 ASSERT(NT_SUCCESS(NtStatus)); 06529 06530 06531 06532 // 06533 // Now get rid of the group and possibly the user account 06534 // 06535 06536 06537 NtStatus = SamDeleteGroup( GroupHandle1 ); 06538 ASSERT(NT_SUCCESS(NtStatus)); 06539 06540 if (DeleteUser == TRUE) { 06541 NtStatus = SamDeleteUser( UserHandle1 ); 06542 ASSERT(NT_SUCCESS(NtStatus)); 06543 } else { 06544 NtStatus = SamCloseHandle( UserHandle1 ); 06545 ASSERT(NT_SUCCESS(NtStatus)); 06546 } 06547 06548 06549 06550 06551 06552 06554 // // 06555 // Set Group Suite (pass 2) // 06556 // // 06558 06559 printf("\n"); 06560 printf(" Set Group . . . . . . . . . . . . . . . . . . . . . . Suite\n"); 06561 06562 06563 printf(" Set Name . . . . . . . . . . . . . . . . . . . . . . "); 06564 printf("(Untested)\n"); 06565 06566 06567 printf(" Set Name Of Well-Known Account . . . . . . . . . . . "); 06568 printf("(Untested)\n"); 06569 06570 } 06571 06572 return(TestStatus); 06573 06574 } 06575 06576 06578 // // 06579 // Alias Object Test Suite // 06580 // // 06582 06583 06584 BOOLEAN 06585 AliasTestSuite( 06586 HANDLE DomainHandle, 06587 HANDLE BuiltinDomainHandle, 06588 PSID DomainSid, 06589 ULONG Pass 06590 ) 06591 06592 { 06593 NTSTATUS NtStatus, IgnoreStatus; 06594 HANDLE AdminAliasHandle, AliasHandle1, AliasHandle2, UserHandle1, UserHandle2, UserHandle3; 06595 ULONG CountReturned, i, MemberCount; 06596 ULONG UserRid, UserRid2, UserRid3, AliasRid, AliasRid2; 06597 PVOID Buffer, Buffer1, Buffer2; 06598 ULONG NameLength; 06599 SAM_ENUMERATE_HANDLE EnumerationContext; 06600 PULONG Members; 06601 PSID *AliasMembers; 06602 PSID_NAME_USE LookedUpUses; 06603 PULONG LookedUpRids; 06604 UNICODE_STRING AccountNames[10], AccountName; 06605 STRING AccountNameAnsi; 06606 PSID UserSid1, UserSid2, GroupSid; 06607 06608 BOOLEAN IndividualTestSucceeded, DeleteUser; 06609 BOOLEAN TestStatus = TRUE; 06610 06611 06612 if (Pass == 1) { 06613 // 06614 // This test suite assumes that lookup and enumeration API funciton 06615 // properly. 06616 // 06617 06618 printf("\n"); 06619 printf("\n"); 06620 printf(" Alias (Pass #1) . . . . . . . . . . . . . . . . . . . Test\n"); 06621 06623 // // 06624 // Open Alias Suite // 06625 // // 06627 06628 printf(" Open Alias . . . . . . . . . . . . . . . . . . . . . Suite\n"); 06629 printf(" Open Aliases . . . . . . . . . . . . . . . . . . . . . "); 06630 IndividualTestSucceeded = TRUE; 06631 EnumerationContext = 0; 06632 NtStatus = SamEnumerateAliasesInDomain( 06633 DomainHandle, 06634 &EnumerationContext, 06635 &Buffer, 06636 12000, // PreferedMaximumLength 06637 &CountReturned 06638 ); 06639 06640 TST_SUCCESS_ASSERT(NtStatus); 06641 ASSERT(Buffer != NULL); 06642 ASSERT(CountReturned > 0); 06643 06644 for (i=0; i<CountReturned; i++) { 06645 06646 NtStatus = SamOpenAlias( 06647 DomainHandle, 06648 ALIAS_ALL_ACCESS, 06649 ((PSAM_RID_ENUMERATION)(Buffer))[i].RelativeId, 06650 &AliasHandle1 06651 ); 06652 06653 if (NT_SUCCESS(NtStatus)) { 06654 06655 NtStatus = SamOpenAlias( 06656 DomainHandle, 06657 GENERIC_READ, 06658 ((PSAM_RID_ENUMERATION)(Buffer))[i].RelativeId, 06659 &AliasHandle2 06660 ); 06661 06662 if (NT_SUCCESS(NtStatus)) { 06663 IgnoreStatus = SamCloseHandle( AliasHandle2 ); 06664 ASSERT( NT_SUCCESS(IgnoreStatus) ); 06665 } else { 06666 printf("Failed\n"); 06667 printf(" Completion status is 0x%lx\n", NtStatus); 06668 printf(" Failed opening alias second time.\n"); 06669 printf(" Rid of account is: 0x%lx\n", 06670 ((PSAM_RID_ENUMERATION)(Buffer))[i].RelativeId); 06671 printf(" Name of account is: %wZ\n", 06672 &((PSAM_RID_ENUMERATION)(Buffer))[i].Name ); 06673 TestStatus = FALSE; 06674 IndividualTestSucceeded = FALSE; 06675 } 06676 06677 IgnoreStatus = SamCloseHandle( AliasHandle1 ); 06678 ASSERT( NT_SUCCESS(IgnoreStatus) ); 06679 06680 } else { 06681 06682 printf("Failed\n"); 06683 printf(" Completion status is 0x%lx\n", NtStatus); 06684 printf(" Failed opening alias for first time.\n"); 06685 printf(" Rid of account is: 0x%lx\n", 06686 ((PSAM_RID_ENUMERATION)(Buffer))[i].RelativeId); 06687 printf(" Name of account is: %wZ\n", 06688 &((PSAM_RID_ENUMERATION)(Buffer))[i].Name ); 06689 TestStatus = FALSE; 06690 IndividualTestSucceeded = FALSE; 06691 } 06692 06693 if (!IndividualTestSucceeded) { 06694 printf(" "); 06695 } 06696 } 06697 06698 06699 SamFreeMemory( Buffer ); 06700 if (IndividualTestSucceeded) { 06701 printf("Succeeded\n"); 06702 } 06703 06704 06705 06707 // // 06708 // Query Alias Suite // 06709 // // 06711 06712 06713 // 06714 // Get the rid of an alias created earlier in the test 06715 // 06716 06717 RtlInitString( &AccountNameAnsi, ALIAS_NAME1 ); 06718 NtStatus = RtlAnsiStringToUnicodeString( &AccountNames[0], &AccountNameAnsi, TRUE ); 06719 TST_SUCCESS_ASSERT(NtStatus); 06720 06721 NtStatus = SamLookupNamesInDomain( 06722 DomainHandle, 06723 1, 06724 &AccountNames[0], 06725 &LookedUpRids, 06726 &LookedUpUses 06727 ); 06728 TST_SUCCESS_ASSERT(NtStatus); 06729 ASSERT(LookedUpUses[0] == SidTypeAlias); 06730 RtlFreeUnicodeString( &AccountNames[0] ); 06731 06732 AliasRid = LookedUpRids[0]; 06733 06734 SamFreeMemory( LookedUpUses ); SamFreeMemory( LookedUpRids ); 06735 06736 06737 printf("\n"); 06738 printf(" Query Alias . . . . . . . . . . . . . . . . . . . . . Suite\n"); 06739 06740 printf(" Query Alias General Information . . . . . . . . . . . "); 06741 06742 06743 NtStatus = SamOpenAlias( 06744 DomainHandle, 06745 ALIAS_READ_INFORMATION, 06746 AliasRid, 06747 &AliasHandle1 06748 ); 06749 ASSERT(NT_SUCCESS(NtStatus) ); 06750 06751 Buffer = NULL; 06752 NtStatus = SamQueryInformationAlias( 06753 AliasHandle1, 06754 AliasGeneralInformation, 06755 &Buffer 06756 ); 06757 if (NT_SUCCESS(NtStatus)) { 06758 if (Buffer != NULL) { 06759 06760 if ( (((ALIAS_GENERAL_INFORMATION *)Buffer)->Name.MaximumLength > 0) && 06761 (((ALIAS_GENERAL_INFORMATION *)Buffer)->Name.Buffer != NULL) ) { 06762 06763 printf("Succeeded\n"); 06764 06765 printf(" Member Count is: 0x%lx\n", 06766 (((ALIAS_GENERAL_INFORMATION *)Buffer)->MemberCount) ); 06767 printf(" Alias Name is: %wZ\n", 06768 &(((ALIAS_GENERAL_INFORMATION *)Buffer)->Name) ); 06769 06770 } else { 06771 printf("Failed\n"); 06772 printf(" Alias Name not returned.\n"); 06773 TestStatus = FALSE; 06774 } 06775 SamFreeMemory( Buffer ); 06776 } else { 06777 printf("Failed\n"); 06778 printf(" Buffer address not set on return.\n"); 06779 printf(" RPC should have allocated a buffer.\n"); 06780 TestStatus = FALSE; 06781 } 06782 } else { 06783 printf("Failed\n"); 06784 printf(" Completion status is 0x%lx\n", NtStatus); 06785 TestStatus = FALSE; 06786 } 06787 IgnoreStatus = SamCloseHandle( AliasHandle1 ); 06788 ASSERT( NT_SUCCESS(IgnoreStatus) ); 06789 06790 06791 06792 06793 printf(" Query Alias Name Information . . . . . . . . . . . . "); 06794 06795 06796 NtStatus = SamOpenAlias( 06797 DomainHandle, 06798 ALIAS_READ_INFORMATION, 06799 AliasRid, 06800 &AliasHandle1 06801 ); 06802 ASSERT(NT_SUCCESS(NtStatus) ); 06803 06804 Buffer = NULL; 06805 NtStatus = SamQueryInformationAlias( 06806 AliasHandle1, 06807 AliasNameInformation, 06808 &Buffer 06809 ); 06810 if (NT_SUCCESS(NtStatus)) { 06811 if (Buffer != NULL) { 06812 06813 if ( (((ALIAS_NAME_INFORMATION *)Buffer)->Name.MaximumLength > 0) && 06814 (((ALIAS_NAME_INFORMATION *)Buffer)->Name.Buffer != NULL) ) { 06815 06816 printf("Succeeded\n"); 06817 06818 printf(" Alias Name is: %wZ\n", 06819 &(((ALIAS_NAME_INFORMATION *)Buffer)->Name) ); 06820 } else { 06821 printf("Failed\n"); 06822 printf(" Alias Name not returned.\n"); 06823 TestStatus = FALSE; 06824 } 06825 SamFreeMemory( Buffer ); 06826 } else { 06827 printf("Failed\n"); 06828 printf(" Buffer address not set on return.\n"); 06829 printf(" RPC should have allocated a buffer.\n"); 06830 TestStatus = FALSE; 06831 } 06832 } else { 06833 printf("Failed\n"); 06834 printf(" Completion status is 0x%lx\n", NtStatus); 06835 TestStatus = FALSE; 06836 } 06837 IgnoreStatus = SamCloseHandle( AliasHandle1 ); 06838 ASSERT( NT_SUCCESS(IgnoreStatus) ); 06839 06840 06841 06842 06843 printf(" Query Alias Admin Comment Information . . . . . . . . "); 06844 06845 06846 NtStatus = SamOpenAlias( 06847 DomainHandle, 06848 ALIAS_READ_INFORMATION, 06849 AliasRid, 06850 &AliasHandle1 06851 ); 06852 ASSERT(NT_SUCCESS(NtStatus) ); 06853 06854 Buffer = NULL; 06855 NtStatus = SamQueryInformationAlias( 06856 AliasHandle1, 06857 AliasAdminCommentInformation, 06858 &Buffer 06859 ); 06860 if (NT_SUCCESS(NtStatus)) { 06861 if (Buffer != NULL) { 06862 06863 if ( (((ALIAS_ADM_COMMENT_INFORMATION *)Buffer)->AdminComment.MaximumLength >= 0) ) { 06864 06865 printf("Succeeded\n"); 06866 06867 printf(" Alias Admin Comment is: %wZ\n", 06868 &(((ALIAS_ADM_COMMENT_INFORMATION *)Buffer)->AdminComment) ); 06869 } else { 06870 printf("Failed\n"); 06871 printf(" Alias Admin Comment not returned.\n"); 06872 TestStatus = FALSE; 06873 } 06874 SamFreeMemory( Buffer ); 06875 } else { 06876 printf("Failed\n"); 06877 printf(" Buffer address not set on return.\n"); 06878 printf(" RPC should have allocated a buffer.\n"); 06879 TestStatus = FALSE; 06880 } 06881 } else { 06882 printf("Failed\n"); 06883 printf(" Completion status is 0x%lx\n", NtStatus); 06884 TestStatus = FALSE; 06885 } 06886 IgnoreStatus = SamCloseHandle( AliasHandle1 ); 06887 ASSERT( NT_SUCCESS(IgnoreStatus) ); 06888 06889 06890 06891 06892 06894 // // 06895 // Get Members Of Alias Suite // 06896 // // 06898 06899 printf("\n"); 06900 printf(" Get Members . . . . . . . . . . . . . . . . . . . . . Suite\n"); 06901 06902 #ifdef LATER // ALIAS_LATER - well-know aliases ? 06903 06904 06905 davidc/chads - this needs to access the builtin domain. 06906 06907 printf(" Get Members of Well-Known Account . . . . . . . . . . "); 06908 06909 NtStatus = SamOpenAlias( 06910 DomainHandle, 06911 ALIAS_LIST_MEMBERS, 06912 DOMAIN_ALIAS_RID_ADMINS, 06913 &AliasHandle1 06914 ); 06915 ASSERT(NT_SUCCESS(NtStatus) ); 06916 06917 Buffer = NULL; 06918 NtStatus = SamGetMembersInAlias( 06919 AliasHandle1, 06920 &AliasMembers, 06921 &Attributes, 06922 &MemberCount 06923 ); 06924 if (NT_SUCCESS(NtStatus)) { 06925 if (Members != NULL || Attributes != NULL) { 06926 06927 printf("Succeeded\n"); 06928 06929 06930 printf(" Member Count: %d Users\n", MemberCount); 06931 for ( i=0; i<MemberCount; i++) { 06932 06933 // printf(" User[%d] Sid: 0x%lx\n", 06934 // i, Members[i]); 06935 06936 06937 } 06938 06939 SamFreeMemory( AliasMembers ); 06940 SamFreeMemory( Attributes ); 06941 06942 06943 } else { 06944 printf("Failed\n"); 06945 printf(" Buffer address not set on return.\n"); 06946 printf(" RPC should have allocated a buffer.\n"); 06947 TestStatus = FALSE; 06948 } 06949 } else { 06950 printf("Failed\n"); 06951 printf(" Completion status is 0x%lx\n", NtStatus); 06952 TestStatus = FALSE; 06953 } 06954 IgnoreStatus = SamCloseHandle( AliasHandle1 ); 06955 ASSERT( NT_SUCCESS(IgnoreStatus) ); 06956 #endif 06957 06958 06959 printf(" Get Members of Empty Alias. . . . . . . . . . . . . . "); 06960 06961 // 06962 // This alias was created earlier in the test 06963 // 06964 06965 RtlInitString( &AccountNameAnsi, ALIAS_NAME1 ); 06966 NtStatus = RtlAnsiStringToUnicodeString( &AccountNames[0], &AccountNameAnsi, TRUE ); 06967 TST_SUCCESS_ASSERT(NtStatus); 06968 06969 NtStatus = SamLookupNamesInDomain( 06970 DomainHandle, 06971 1, 06972 &AccountNames[0], 06973 &LookedUpRids, 06974 &LookedUpUses 06975 ); 06976 TST_SUCCESS_ASSERT(NtStatus); 06977 ASSERT(LookedUpUses[0] == SidTypeAlias); 06978 RtlFreeUnicodeString( &AccountNames[0] ); 06979 06980 06981 06982 AliasHandle1 = NULL; 06983 06984 NtStatus = SamOpenAlias( DomainHandle, ALIAS_LIST_MEMBERS, LookedUpRids[0], &AliasHandle1 ); 06985 TST_SUCCESS_ASSERT(NtStatus); 06986 SamFreeMemory( LookedUpUses ); SamFreeMemory( LookedUpRids ); 06987 06988 NtStatus = SamGetMembersInAlias( 06989 AliasHandle1, 06990 &AliasMembers, 06991 &MemberCount 06992 ); 06993 if (NT_SUCCESS(NtStatus)) { 06994 if (MemberCount == 0) { 06995 06996 printf("Succeeded\n"); 06997 06998 06999 07000 07001 } else { 07002 printf("Failed\n"); 07003 printf(" Member Count > 0 : %d\n", MemberCount); 07004 for ( i=0; i<MemberCount; i++) { 07005 07006 // printf(" User[%d] Rid/Attributes: 0x%lx/0x%lx\n", 07007 // i, Members[i], Attributes[i]); 07008 } 07009 07010 SamFreeMemory( AliasMembers ); 07011 TestStatus = FALSE; 07012 } 07013 } else { 07014 printf("Failed\n"); 07015 printf(" Completion status is 0x%lx\n", NtStatus); 07016 TestStatus = FALSE; 07017 } 07018 IgnoreStatus = SamCloseHandle( AliasHandle1 ); 07019 ASSERT( NT_SUCCESS(IgnoreStatus) ); 07020 07021 07022 07024 // // 07025 // Set Alias Suite (pass 1) // 07026 // // 07028 07029 printf("\n"); 07030 printf(" Set Alias . . . . . . . . . . . . . . . . . . . . . . Suite\n"); 07031 // 07032 07033 07034 // Get the rid of an alias created earlier in the test 07035 // 07036 07037 RtlInitString( &AccountNameAnsi, ALIAS_NAME1 ); 07038 NtStatus = RtlAnsiStringToUnicodeString( &AccountNames[0], &AccountNameAnsi, TRUE ); 07039 TST_SUCCESS_ASSERT(NtStatus); 07040 07041 NtStatus = SamLookupNamesInDomain( 07042 DomainHandle, 07043 1, 07044 &AccountNames[0], 07045 &LookedUpRids, 07046 &LookedUpUses 07047 ); 07048 TST_SUCCESS_ASSERT(NtStatus); 07049 ASSERT(LookedUpUses[0] == SidTypeAlias); 07050 RtlFreeUnicodeString( &AccountNames[0] ); 07051 07052 AliasRid = LookedUpRids[0]; 07053 07054 SamFreeMemory( LookedUpUses ); SamFreeMemory( LookedUpRids ); 07055 07056 07057 07058 printf(" Set Admin Comment . . . . . . . . . . . . . . . . . . "); 07059 07060 NtStatus = SamOpenAlias( 07061 DomainHandle, 07062 ALIAS_WRITE_ACCOUNT | ALIAS_READ_INFORMATION, 07063 AliasRid, 07064 &AliasHandle1 07065 ); 07066 ASSERT(NT_SUCCESS(NtStatus) ); 07067 07068 // 07069 // Get the current value... 07070 // 07071 07072 Buffer1 = NULL; 07073 NtStatus = SamQueryInformationAlias( 07074 AliasHandle1, 07075 AliasAdminCommentInformation, 07076 &Buffer1 07077 ); 07078 TST_SUCCESS_ASSERT(NtStatus); 07079 ASSERT(Buffer1 != NULL); 07080 07081 07082 // 07083 // Change the field to a new value and write it out. 07084 // 07085 07086 NameLength = ((ALIAS_ADM_COMMENT_INFORMATION *)Buffer1)->AdminComment.Length; 07087 if ( NameLength == DummyString1.Length ) { 07088 ((ALIAS_ADM_COMMENT_INFORMATION *)Buffer1)->AdminComment = DummyString2; 07089 } else { 07090 ((ALIAS_ADM_COMMENT_INFORMATION *)Buffer1)->AdminComment = DummyString1; 07091 } 07092 07093 NtStatus = SamSetInformationAlias( 07094 AliasHandle1, 07095 AliasAdminCommentInformation, 07096 Buffer1 07097 ); 07098 if ( NT_SUCCESS(NtStatus) ) { 07099 07100 // 07101 // Now check that the change was really made... 07102 // 07103 07104 Buffer2 = NULL; 07105 NtStatus = SamQueryInformationAlias( 07106 AliasHandle1, 07107 AliasAdminCommentInformation, 07108 &Buffer2 07109 ); 07110 ASSERT(NT_SUCCESS( NtStatus ) ); 07111 if ( 07112 !RtlCompareString( 07113 (PSTRING)&((ALIAS_ADM_COMMENT_INFORMATION *)Buffer1)->AdminComment, 07114 (PSTRING)&((ALIAS_ADM_COMMENT_INFORMATION *)Buffer2)->AdminComment, 07115 TRUE) 07116 ) { 07117 07118 printf("Succeeded\n"); 07119 07120 } else { 07121 07122 printf("Failed\n"); 07123 printf(" Value queried doesn't match value written\n"); 07124 printf(" Value Written is %wZ\n", 07125 (PUNICODE_STRING)&((ALIAS_ADM_COMMENT_INFORMATION *)Buffer1)->AdminComment); 07126 printf(" Value Retrieved is %wZ\n", 07127 (PUNICODE_STRING)&((ALIAS_ADM_COMMENT_INFORMATION *)Buffer2)->AdminComment); 07128 07129 TestStatus = FALSE; 07130 07131 } 07132 07133 SamFreeMemory( Buffer1 ); 07134 SamFreeMemory( Buffer2 ); 07135 07136 } else { 07137 printf("Failed\n"); 07138 printf(" Completion status is 0x%lx\n", NtStatus); 07139 TestStatus = FALSE; 07140 SamFreeMemory( Buffer1 ); 07141 07142 } 07143 07144 07145 07146 07147 07148 } // END PASS #1 07149 if (Pass == 2) { 07150 07151 printf("\n"); 07152 printf("\n"); 07153 printf(" Alias (Pass #2) . . . . . . . . . . . . . . . . . . . Test\n"); 07154 07156 // // 07157 // Delete Alias Suite // 07158 // // 07160 07161 printf("\n"); 07162 printf(" Delete Alias . . . . . . . . . . . . . . . . . . . . Suite\n"); 07163 07164 printf(" Delete Normal Alias . . . . . . . . . . . . . . . . . "); 07165 07166 // 07167 // This alias was created in pass #1 07168 // 07169 07170 RtlInitString( &AccountNameAnsi, ALIAS_NAME1 ); 07171 NtStatus = RtlAnsiStringToUnicodeString( &AccountNames[0], &AccountNameAnsi, TRUE ); 07172 TST_SUCCESS_ASSERT(NtStatus); 07173 07174 NtStatus = SamLookupNamesInDomain( 07175 DomainHandle, 07176 1, 07177 &AccountNames[0], 07178 &LookedUpRids, 07179 &LookedUpUses 07180 ); 07181 TST_SUCCESS_ASSERT(NtStatus); 07182 ASSERT(LookedUpUses[0] == SidTypeAlias); 07183 RtlFreeUnicodeString( &AccountNames[0] ); 07184 07185 07186 07187 AliasHandle1 = NULL; 07188 07189 NtStatus = SamOpenAlias( DomainHandle, DELETE, LookedUpRids[0], &AliasHandle1 ); 07190 TST_SUCCESS_ASSERT(NtStatus); 07191 SamFreeMemory( LookedUpUses ); SamFreeMemory( LookedUpRids ); 07192 07193 NtStatus = SamDeleteAlias( AliasHandle1 ); 07194 if (NT_SUCCESS(NtStatus)) { 07195 printf("Succeeded\n"); 07196 07197 } else { 07198 printf("Failed\n"); 07199 printf(" Completion status is 0x%lx\n", NtStatus); 07200 TestStatus = FALSE; 07201 } 07202 07203 07204 #ifdef LATER // ALIAS_LATER - well know aliases ? 07205 07206 07207 printf(" Delete Well Known Alias . . . . . . . . . . . . . . . "); 07208 07209 AliasHandle1 = NULL; 07210 07211 NtStatus = SamOpenAlias( DomainHandle, DELETE, DOMAIN_GROUP_RID_USERS, &AliasHandle1 ); 07212 TST_SUCCESS_ASSERT(NtStatus); 07213 07214 NtStatus = SamDeleteAlias( AliasHandle1 ); 07215 if (NtStatus == STATUS_SPECIAL_ACCOUNT) { 07216 07217 printf("Succeeded\n"); 07218 07219 } else { 07220 printf("Failed\n"); 07221 printf(" Completion status is 0x%lx\n", NtStatus); 07222 TestStatus = FALSE; 07223 } 07224 07225 NtStatus = SamCloseHandle( AliasHandle1 ); 07226 ASSERT(NT_SUCCESS(NtStatus)); 07227 07228 07229 07230 07231 printf(" Delete Admin Alias. . . . . . . . . . . . . . . . . . "); 07232 AliasHandle1 = NULL; 07233 07234 NtStatus = SamOpenAlias( DomainHandle, DELETE, DOMAIN_ALIAS_RID_ADMINS, &AliasHandle1 ); 07235 TST_SUCCESS_ASSERT(NtStatus); 07236 07237 NtStatus = SamDeleteAlias( AliasHandle1 ); 07238 if (NtStatus == STATUS_SPECIAL_ACCOUNT) { 07239 07240 printf("Succeeded\n"); 07241 07242 } else { 07243 printf("Failed\n"); 07244 printf(" Completion status is 0x%lx\n", NtStatus); 07245 TestStatus = FALSE; 07246 } 07247 07248 NtStatus = SamCloseHandle( AliasHandle1 ); 07249 ASSERT(NT_SUCCESS(NtStatus)); 07250 07251 07252 #endif 07253 07254 07255 07257 // // 07258 // Add/Remove Member Suite // 07259 // // 07261 07262 printf("\n"); 07263 printf(" Add/Remove Member Suite . . . . . . . . . . . . . . . Suite\n"); 07264 07265 printf(" Add Member . . . . . . . . . . . . . . . . . . . . . "); 07266 07267 // 07268 // This test sets things up for the next test 07269 // 07270 07271 // 07272 // The following user might already exist (from earlier in the test) 07273 // 07274 07275 RtlInitString( &AccountNameAnsi, USER_NAME1 ); 07276 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 07277 TST_SUCCESS_ASSERT(NtStatus); 07278 07279 UserRid = 0; 07280 UserHandle1 = NULL; 07281 NtStatus = SamCreateUserInDomain( 07282 DomainHandle, 07283 &AccountName, 07284 USER_ALL_ACCESS, 07285 &UserHandle1, 07286 &UserRid 07287 ); 07288 RtlFreeUnicodeString( &AccountName ); 07289 DeleteUser = TRUE; 07290 if (NtStatus == STATUS_USER_EXISTS) { 07291 DeleteUser = FALSE; 07292 RtlInitString( &AccountNameAnsi, USER_NAME1 ); 07293 NtStatus = RtlAnsiStringToUnicodeString( &AccountNames[0], &AccountNameAnsi, TRUE ); 07294 TST_SUCCESS_ASSERT(NtStatus); 07295 07296 NtStatus = SamLookupNamesInDomain( 07297 DomainHandle, 07298 1, 07299 &AccountNames[0], 07300 &LookedUpRids, 07301 &LookedUpUses 07302 ); 07303 RtlFreeUnicodeString( &AccountNames[0] ); 07304 TST_SUCCESS_ASSERT(NtStatus); 07305 ASSERT(LookedUpUses[0] == SidTypeUser); 07306 UserRid = LookedUpRids[0]; 07307 NtStatus = SamOpenUser( 07308 DomainHandle, 07309 USER_ALL_ACCESS, 07310 UserRid, 07311 &UserHandle1); 07312 SamFreeMemory( LookedUpUses ); SamFreeMemory( LookedUpRids ); 07313 } 07314 07315 ASSERT(NT_SUCCESS(NtStatus)); 07316 07317 // 07318 // This account won't exist yet 07319 // 07320 07321 RtlInitString( &AccountNameAnsi, USER_NAME2 ); 07322 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 07323 TST_SUCCESS_ASSERT(NtStatus); 07324 07325 UserRid2 = 0; 07326 UserHandle2 = NULL; 07327 NtStatus = SamCreateUserInDomain( 07328 DomainHandle, 07329 &AccountName, 07330 USER_ALL_ACCESS, 07331 &UserHandle2, 07332 &UserRid2 07333 ); 07334 RtlFreeUnicodeString( &AccountName ); 07335 07336 ASSERT(NT_SUCCESS(NtStatus)); 07337 07338 07339 // 07340 // create the alias 07341 // 07342 07343 RtlInitString( &AccountNameAnsi, ALIAS_NAME1 ); 07344 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 07345 TST_SUCCESS_ASSERT(NtStatus); 07346 07347 AliasRid = 0; 07348 AliasHandle1 = NULL; 07349 NtStatus = SamCreateAliasInDomain( 07350 DomainHandle, 07351 &AccountName, 07352 ALIAS_ALL_ACCESS, 07353 &AliasHandle1, 07354 &AliasRid 07355 ); 07356 RtlFreeUnicodeString( &AccountName ); 07357 ASSERT(NT_SUCCESS(NtStatus)); 07358 07359 // 07360 // Make user1 a member of this alias 07361 // 07362 07363 UserSid1 = CreateUserSid(DomainSid, UserRid); 07364 ASSERT(UserSid1 != NULL); 07365 07366 UserSid2 = CreateUserSid(DomainSid, UserRid2); 07367 ASSERT(UserSid2 != NULL); 07368 07369 07370 07371 NtStatus = SamAddMemberToAlias( 07372 AliasHandle1, 07373 UserSid1 07374 ); 07375 07376 if (NT_SUCCESS(NtStatus)) { 07377 07378 NtStatus = SamGetMembersInAlias( 07379 AliasHandle1, 07380 &AliasMembers, 07381 &MemberCount 07382 ); 07383 ASSERT(NT_SUCCESS(NtStatus)); 07384 07385 NtStatus = STATUS_MEMBER_NOT_IN_ALIAS; 07386 for ( i=0; i<MemberCount; i++) { 07387 if (RtlEqualSid(AliasMembers[i], UserSid1)) { 07388 NtStatus = STATUS_SUCCESS; 07389 break; 07390 } 07391 } 07392 07393 if (!NT_SUCCESS(NtStatus)) { 07394 printf("Failed\n"); 07395 printf("Service returned SUCCESS, but user not in member list for alias.\n"); 07396 printf("Member list :\n"); 07397 for (i=0; i<MemberCount; i++) { 07398 printfSid(AliasMembers[i]); 07399 printf("\n"); 07400 } 07401 DebugBreak(); 07402 TestStatus = FALSE; 07403 } 07404 07405 07406 if (AliasMembers != NULL) { 07407 SamFreeMemory( AliasMembers ); 07408 } 07409 07410 07411 if (NT_SUCCESS(NtStatus)) { 07412 07413 NtStatus = SamGetAliasMembership( 07414 DomainHandle, 07415 1, 07416 &UserSid1, 07417 &MemberCount, 07418 &Members 07419 ); 07420 ASSERT(NT_SUCCESS(NtStatus)); 07421 07422 NtStatus = STATUS_MEMBER_NOT_IN_ALIAS; 07423 for ( i=0; i<MemberCount; i++) { 07424 if (Members[i] == AliasRid) { 07425 NtStatus = STATUS_SUCCESS; 07426 break; 07427 } 07428 } 07429 07430 if (!NT_SUCCESS(NtStatus)) { 07431 printf("Failed\n"); 07432 printf("Service returned SUCCESS, but alias not in account alias membership list.\n"); 07433 printf("Alias Membership :\n"); 07434 for (i=0; i<MemberCount; i++) { 07435 printf("0x%lx\n", Members[i]); 07436 } 07437 DebugBreak(); 07438 TestStatus = FALSE; 07439 } 07440 07441 if (Members != NULL) { 07442 SamFreeMemory( Members ); 07443 } 07444 07445 07446 // 07447 // Check for correct alias membership for multiple accounts 07448 // User1 should be in alias1 07449 // User2 should be no aliases. 07450 // 07451 07452 if (NT_SUCCESS(NtStatus)) { 07453 07454 PSID SidArray[2]; 07455 SidArray[0] = UserSid1; 07456 SidArray[1] = UserSid2; 07457 07458 NtStatus = SamGetAliasMembership( 07459 DomainHandle, 07460 2, 07461 SidArray, 07462 &MemberCount, 07463 &Members 07464 ); 07465 ASSERT(NT_SUCCESS(NtStatus)); 07466 07467 if (MemberCount != 1) { 07468 07469 printf("Failed\n"); 07470 printf("Service returned SUCCESS, but combined alias membership count for 2 accounts not correct.\n"); 07471 printf("Combined Alias Membership :\n"); 07472 for (i=0; i<MemberCount; i++) { 07473 printf("0x%lx\n", Members[i]); 07474 } 07475 DebugBreak(); 07476 TestStatus = FALSE; 07477 07478 } else { 07479 07480 if (Members[0] != AliasRid) { 07481 printf("Failed\n"); 07482 printf("Service returned SUCCESS, but combined alias membership for 2 accounts not correct.\n"); 07483 printf("Combined Alias Membership :\n"); 07484 for (i=0; i<MemberCount; i++) { 07485 printf("0x%lx\n", Members[i]); 07486 } 07487 DebugBreak(); 07488 TestStatus = FALSE; 07489 07490 } else { 07491 printf("Succeeded\n"); 07492 } 07493 } 07494 07495 if (Members != NULL) { 07496 SamFreeMemory( Members ); 07497 } 07498 } 07499 } 07500 07501 07502 } else { 07503 printf("Failed\n"); 07504 printf(" Completion status is 0x%lx\n", NtStatus); 07505 TestStatus = FALSE; 07506 } 07507 07508 07509 07510 07511 07512 07513 07514 printf(" Add another member to another alias . . . . . . . . . "); 07515 07516 07517 07518 07519 07520 07521 // 07522 // Make user2 a member of alias2 07523 // 07524 07525 // 07526 // This alias was created in pass #1 07527 // 07528 07529 RtlInitString( &AccountNameAnsi, ALIAS_NAME2 ); 07530 NtStatus = RtlAnsiStringToUnicodeString( &AccountNames[0], &AccountNameAnsi, TRUE ); 07531 TST_SUCCESS_ASSERT(NtStatus); 07532 07533 NtStatus = SamLookupNamesInDomain( 07534 DomainHandle, 07535 1, 07536 &AccountNames[0], 07537 &LookedUpRids, 07538 &LookedUpUses 07539 ); 07540 TST_SUCCESS_ASSERT(NtStatus); 07541 ASSERT(LookedUpUses[0] == SidTypeAlias); 07542 RtlFreeUnicodeString( &AccountNames[0] ); 07543 07544 AliasHandle2 = NULL; 07545 AliasRid2 = LookedUpRids[0]; 07546 07547 NtStatus = SamOpenAlias( DomainHandle, ALIAS_ALL_ACCESS, LookedUpRids[0], &AliasHandle2 ); 07548 TST_SUCCESS_ASSERT(NtStatus); 07549 SamFreeMemory( LookedUpUses ); SamFreeMemory( LookedUpRids ); 07550 07551 07552 NtStatus = SamAddMemberToAlias( 07553 AliasHandle2, 07554 UserSid2 07555 ); 07556 07557 if (NT_SUCCESS(NtStatus)) { 07558 07559 NtStatus = SamGetMembersInAlias( 07560 AliasHandle2, 07561 &AliasMembers, 07562 &MemberCount 07563 ); 07564 ASSERT(NT_SUCCESS(NtStatus)); 07565 07566 NtStatus = STATUS_MEMBER_NOT_IN_ALIAS; 07567 for ( i=0; i<MemberCount; i++) { 07568 if (RtlEqualSid(AliasMembers[i], UserSid2)) { 07569 NtStatus = STATUS_SUCCESS; 07570 break; 07571 } 07572 } 07573 07574 if (!NT_SUCCESS(NtStatus)) { 07575 printf("Failed\n"); 07576 printf("Service returned SUCCESS, but user not in member list for alias.\n"); 07577 printf("Member list :\n"); 07578 for (i=0; i<MemberCount; i++) { 07579 printfSid(AliasMembers[i]); 07580 printf("\n"); 07581 } 07582 DebugBreak(); 07583 TestStatus = FALSE; 07584 } 07585 07586 07587 if (AliasMembers != NULL) { 07588 SamFreeMemory( AliasMembers ); 07589 } 07590 07591 07592 if (NT_SUCCESS(NtStatus)) { 07593 07594 NtStatus = SamGetAliasMembership( 07595 DomainHandle, 07596 1, 07597 &UserSid2, 07598 &MemberCount, 07599 &Members 07600 ); 07601 ASSERT(NT_SUCCESS(NtStatus)); 07602 07603 NtStatus = STATUS_MEMBER_NOT_IN_ALIAS; 07604 for ( i=0; i<MemberCount; i++) { 07605 if (Members[i] == AliasRid2) { 07606 NtStatus = STATUS_SUCCESS; 07607 break; 07608 } 07609 } 07610 07611 if (!NT_SUCCESS(NtStatus)) { 07612 printf("Failed\n"); 07613 printf("Service returned SUCCESS, but alias not in account alias membership list.\n"); 07614 printf("Alias Membership :\n"); 07615 for (i=0; i<MemberCount; i++) { 07616 printf("0x%lx\n", Members[i]); 07617 } 07618 DebugBreak(); 07619 TestStatus = FALSE; 07620 } 07621 07622 if (Members != NULL) { 07623 SamFreeMemory( Members ); 07624 } 07625 07626 // 07627 // Check for correct alias membership for multiple accounts 07628 // User1 should be in alias1 07629 // User2 should be in alias2. 07630 // 07631 07632 if (NT_SUCCESS(NtStatus)) { 07633 07634 PSID SidArray[2]; 07635 SidArray[0] = UserSid1; 07636 SidArray[1] = UserSid2; 07637 07638 NtStatus = SamGetAliasMembership( 07639 DomainHandle, 07640 2, 07641 SidArray, 07642 &MemberCount, 07643 &Members 07644 ); 07645 ASSERT(NT_SUCCESS(NtStatus)); 07646 07647 if (MemberCount != 2) { 07648 07649 printf("Failed\n"); 07650 printf("Service returned SUCCESS, but combined alias membership count for 2 accounts not correct.\n"); 07651 printf("Combined Alias Membership :\n"); 07652 for (i=0; i<MemberCount; i++) { 07653 printf("0x%lx\n", Members[i]); 07654 } 07655 DebugBreak(); 07656 TestStatus = FALSE; 07657 07658 } else { 07659 07660 if (((Members[0] == AliasRid) && (Members[1] == AliasRid2)) || 07661 ((Members[0] == AliasRid2) && (Members[1] == AliasRid)) ) { 07662 printf("Succeeded\n"); 07663 } else { 07664 printf("Failed\n"); 07665 printf("Service returned SUCCESS, but combined alias membership for 2 accounts not correct.\n"); 07666 printf("Combined Alias Membership :\n"); 07667 for (i=0; i<MemberCount; i++) { 07668 printf("0x%lx\n", Members[i]); 07669 } 07670 DebugBreak(); 07671 TestStatus = FALSE; 07672 } 07673 } 07674 07675 if (Members != NULL) { 07676 SamFreeMemory( Members ); 07677 } 07678 } 07679 } 07680 07681 07682 } else { 07683 printf("Failed\n"); 07684 printf(" Completion status is 0x%lx\n", NtStatus); 07685 TestStatus = FALSE; 07686 } 07687 07688 07689 // 07690 // Remove user2 from alias2 again 07691 // 07692 07693 NtStatus = SamRemoveMemberFromAlias( 07694 AliasHandle2, 07695 UserSid2 07696 ); 07697 07698 if (NT_SUCCESS(NtStatus)) { 07699 07700 NtStatus = SamGetMembersInAlias( 07701 AliasHandle2, 07702 &AliasMembers, 07703 &MemberCount 07704 ); 07705 ASSERT(NT_SUCCESS(NtStatus)); 07706 07707 NtStatus = STATUS_MEMBER_NOT_IN_ALIAS; 07708 for ( i=0; i<MemberCount; i++) { 07709 if (RtlEqualSid(AliasMembers[i], UserSid2)) { 07710 NtStatus = STATUS_SUCCESS; 07711 break; 07712 } 07713 } 07714 07715 if (NtStatus != STATUS_MEMBER_NOT_IN_ALIAS) { 07716 printf("Failed\n"); 07717 printf("Service returned SUCCESS, but user still in member list for alias.\n"); 07718 printf("Member list :\n"); 07719 for (i=0; i<MemberCount; i++) { 07720 printfSid(AliasMembers[i]); 07721 printf("\n"); 07722 } 07723 DebugBreak(); 07724 TestStatus = FALSE; 07725 } 07726 07727 07728 if (AliasMembers != NULL) { 07729 SamFreeMemory( AliasMembers ); 07730 } 07731 07732 07733 if (NT_SUCCESS(NtStatus)) { 07734 07735 NtStatus = SamGetAliasMembership( 07736 DomainHandle, 07737 1, 07738 &UserSid2, 07739 &MemberCount, 07740 &Members 07741 ); 07742 ASSERT(NT_SUCCESS(NtStatus)); 07743 07744 for ( i=0; i<MemberCount; i++) { 07745 if (Members[i] == AliasRid2) { 07746 NtStatus = STATUS_MEMBER_IN_ALIAS; 07747 break; 07748 } 07749 } 07750 07751 if (!NT_SUCCESS(NtStatus)) { 07752 printf("Failed\n"); 07753 printf("Service returned SUCCESS, but alias still in account alias membership list.\n"); 07754 printf("Alias Membership :\n"); 07755 for (i=0; i<MemberCount; i++) { 07756 printf("0x%lx\n", Members[i]); 07757 } 07758 DebugBreak(); 07759 TestStatus = FALSE; 07760 } 07761 07762 if (Members != NULL) { 07763 SamFreeMemory( Members ); 07764 } 07765 07766 // 07767 // Check for correct alias membership for multiple accounts 07768 // User1 should be in alias1 07769 // User2 should be in no aliases. 07770 // 07771 07772 if (NT_SUCCESS(NtStatus)) { 07773 07774 PSID SidArray[2]; 07775 SidArray[0] = UserSid1; 07776 SidArray[1] = UserSid2; 07777 07778 NtStatus = SamGetAliasMembership( 07779 DomainHandle, 07780 2, 07781 SidArray, 07782 &MemberCount, 07783 &Members 07784 ); 07785 ASSERT(NT_SUCCESS(NtStatus)); 07786 07787 if (MemberCount != 1) { 07788 07789 printf("Failed\n"); 07790 printf("Service returned SUCCESS, but combined alias membership count for 2 accounts not correct.\n"); 07791 printf("Combined Alias Membership :\n"); 07792 for (i=0; i<MemberCount; i++) { 07793 printf("0x%lx\n", Members[i]); 07794 } 07795 DebugBreak(); 07796 TestStatus = FALSE; 07797 07798 } else { 07799 07800 if (Members[0] == AliasRid) { 07801 printf("Succeeded\n"); 07802 } else { 07803 printf("Failed\n"); 07804 printf("Service returned SUCCESS, but combined alias membership for 2 accounts not correct.\n"); 07805 printf("Combined Alias Membership :\n"); 07806 for (i=0; i<MemberCount; i++) { 07807 printf("0x%lx\n", Members[i]); 07808 } 07809 DebugBreak(); 07810 TestStatus = FALSE; 07811 } 07812 } 07813 07814 if (Members != NULL) { 07815 SamFreeMemory( Members ); 07816 } 07817 } 07818 } 07819 07820 07821 } else { 07822 printf("Failed\n"); 07823 printf(" Completion status is 0x%lx\n", NtStatus); 07824 TestStatus = FALSE; 07825 } 07826 07827 07828 NtStatus = SamCloseHandle( AliasHandle2 ); 07829 ASSERT(NT_SUCCESS(NtStatus)); 07830 07831 07832 07833 07834 07835 printf(" Add Another Member . . . . . . . . . . . . . . . . . "); 07836 07837 07838 // 07839 // Make user2 a member of this alias 07840 // 07841 07842 NtStatus = SamAddMemberToAlias( 07843 AliasHandle1, 07844 UserSid2 07845 ); 07846 07847 if (NT_SUCCESS(NtStatus)) { 07848 07849 NtStatus = SamGetMembersInAlias( 07850 AliasHandle1, 07851 &AliasMembers, 07852 &MemberCount 07853 ); 07854 ASSERT(NT_SUCCESS(NtStatus)); 07855 07856 NtStatus = STATUS_MEMBER_NOT_IN_ALIAS; 07857 for ( i=0; i<MemberCount; i++) { 07858 if (RtlEqualSid(AliasMembers[i], UserSid2)) { 07859 NtStatus = STATUS_SUCCESS; 07860 break; 07861 } 07862 } 07863 07864 if (!NT_SUCCESS(NtStatus)) { 07865 printf("Failed\n"); 07866 printf("Service returned SUCCESS, but user not in member list for alias.\n"); 07867 printf("Member list :\n"); 07868 for (i=0; i<MemberCount; i++) { 07869 printfSid(AliasMembers[i]); 07870 printf("\n"); 07871 } 07872 DebugBreak(); 07873 TestStatus = FALSE; 07874 } 07875 07876 07877 if (AliasMembers != NULL) { 07878 SamFreeMemory( AliasMembers ); 07879 } 07880 07881 07882 if (NT_SUCCESS(NtStatus)) { 07883 07884 NtStatus = SamGetAliasMembership( 07885 DomainHandle, 07886 1, 07887 &UserSid2, 07888 &MemberCount, 07889 &Members 07890 ); 07891 ASSERT(NT_SUCCESS(NtStatus)); 07892 07893 NtStatus = STATUS_MEMBER_NOT_IN_ALIAS; 07894 for ( i=0; i<MemberCount; i++) { 07895 if (Members[i] == AliasRid) { 07896 NtStatus = STATUS_SUCCESS; 07897 break; 07898 } 07899 } 07900 07901 if (!NT_SUCCESS(NtStatus)) { 07902 printf("Failed\n"); 07903 printf("Service returned SUCCESS, but alias not in account alias membership list.\n"); 07904 printf("Alias Membership :\n"); 07905 for (i=0; i<MemberCount; i++) { 07906 printf("0x%lx\n", Members[i]); 07907 } 07908 DebugBreak(); 07909 TestStatus = FALSE; 07910 } 07911 07912 if (Members != NULL) { 07913 SamFreeMemory( Members ); 07914 } 07915 07916 // 07917 // Check for correct alias membership for multiple accounts 07918 // User1 should be in alias1 07919 // User2 should be in alias1. 07920 // 07921 07922 if (NT_SUCCESS(NtStatus)) { 07923 07924 PSID SidArray[2]; 07925 SidArray[0] = UserSid1; 07926 SidArray[1] = UserSid2; 07927 07928 NtStatus = SamGetAliasMembership( 07929 DomainHandle, 07930 2, 07931 SidArray, 07932 &MemberCount, 07933 &Members 07934 ); 07935 ASSERT(NT_SUCCESS(NtStatus)); 07936 07937 if (MemberCount != 1) { 07938 07939 printf("Failed\n"); 07940 printf("Service returned SUCCESS, but combined alias membership count for 2 accounts not correct.\n"); 07941 printf("Combined Alias Membership :\n"); 07942 for (i=0; i<MemberCount; i++) { 07943 printf("0x%lx\n", Members[i]); 07944 } 07945 DebugBreak(); 07946 TestStatus = FALSE; 07947 07948 } else { 07949 07950 if (Members[0] != AliasRid) { 07951 printf("Failed\n"); 07952 printf("Service returned SUCCESS, but combined alias membership for 2 accounts not correct.\n"); 07953 printf("Combined Alias Membership :\n"); 07954 for (i=0; i<MemberCount; i++) { 07955 printf("0x%lx\n", Members[i]); 07956 } 07957 DebugBreak(); 07958 TestStatus = FALSE; 07959 07960 } else { 07961 printf("Succeeded\n"); 07962 } 07963 } 07964 07965 if (Members != NULL) { 07966 SamFreeMemory( Members ); 07967 } 07968 } 07969 } 07970 07971 07972 } else { 07973 printf("Failed\n"); 07974 printf(" Completion status is 0x%lx\n", NtStatus); 07975 TestStatus = FALSE; 07976 } 07977 07978 07979 printf(" Remove Member . . . . . . . . . . . . . . . . . . . . "); 07980 07981 // 07982 // The previous test sets this one up. 07983 // 07984 07985 // 07986 // Now try to remove the user from the alias 07987 // 07988 07989 NtStatus = SamRemoveMemberFromAlias(AliasHandle1, UserSid1); 07990 if (NT_SUCCESS(NtStatus)) { 07991 07992 NtStatus = SamGetMembersInAlias( 07993 AliasHandle1, 07994 &AliasMembers, 07995 &MemberCount 07996 ); 07997 ASSERT(NT_SUCCESS(NtStatus)); 07998 07999 for ( i=0; i<MemberCount; i++) { 08000 if (RtlEqualSid(AliasMembers[i], UserSid1)) { 08001 NtStatus = STATUS_MEMBER_IN_ALIAS; 08002 break; 08003 } 08004 } 08005 08006 if (!NT_SUCCESS(NtStatus)) { 08007 printf("Failed\n"); 08008 printf("Service returned SUCCESS, but user still in member list for alias.\n"); 08009 printf("Member list :\n"); 08010 for (i=0; i<MemberCount; i++) { 08011 printfSid(AliasMembers[i]); 08012 printf("\n"); 08013 } 08014 DebugBreak(); 08015 TestStatus = FALSE; 08016 } 08017 08018 SamFreeMemory( AliasMembers ); 08019 08020 if (NT_SUCCESS(NtStatus)) { 08021 08022 NtStatus = SamGetAliasMembership( 08023 DomainHandle, 08024 1, 08025 &UserSid1, 08026 &MemberCount, 08027 &Members 08028 ); 08029 ASSERT(NT_SUCCESS(NtStatus)); 08030 08031 for ( i=0; i<MemberCount; i++) { 08032 if (Members[i] == AliasRid) { 08033 NtStatus = STATUS_MEMBER_IN_ALIAS; 08034 break; 08035 } 08036 } 08037 08038 if (!NT_SUCCESS(NtStatus)) { 08039 printf("Failed\n"); 08040 printf("Service returned SUCCESS, but alias still in account alias membership list.\n"); 08041 printf("Alias Membership :\n"); 08042 for (i=0; i<MemberCount; i++) { 08043 printf("0x%lx\n", Members[i]); 08044 } 08045 DebugBreak(); 08046 TestStatus = FALSE; 08047 } 08048 08049 if (Members != NULL) { 08050 SamFreeMemory( Members ); 08051 } 08052 08053 // 08054 // Check for correct alias membership for multiple accounts 08055 // User1 should be in no aliases 08056 // User2 should be in alias1. 08057 // 08058 08059 if (NT_SUCCESS(NtStatus)) { 08060 08061 PSID SidArray[2]; 08062 SidArray[0] = UserSid1; 08063 SidArray[1] = UserSid2; 08064 08065 NtStatus = SamGetAliasMembership( 08066 DomainHandle, 08067 2, 08068 SidArray, 08069 &MemberCount, 08070 &Members 08071 ); 08072 ASSERT(NT_SUCCESS(NtStatus)); 08073 08074 if (MemberCount != 1) { 08075 08076 printf("Failed\n"); 08077 printf("Service returned SUCCESS, but combined alias membership count for 2 accounts not correct.\n"); 08078 printf("Combined Alias Membership :\n"); 08079 for (i=0; i<MemberCount; i++) { 08080 printf("0x%lx\n", Members[i]); 08081 } 08082 DebugBreak(); 08083 TestStatus = FALSE; 08084 08085 } else { 08086 08087 if (Members[0] != AliasRid) { 08088 printf("Failed\n"); 08089 printf("Service returned SUCCESS, but combined alias membership for 2 accounts not correct.\n"); 08090 printf("Combined Alias Membership :\n"); 08091 for (i=0; i<MemberCount; i++) { 08092 printf("0x%lx\n", Members[i]); 08093 } 08094 DebugBreak(); 08095 TestStatus = FALSE; 08096 08097 } else { 08098 printf("Succeeded\n"); 08099 } 08100 } 08101 08102 if (Members != NULL) { 08103 SamFreeMemory( Members ); 08104 } 08105 } 08106 } 08107 08108 } else { 08109 printf("Failed\n"); 08110 printf(" Completion status is 0x%lx\n", NtStatus); 08111 TestStatus = FALSE; 08112 } 08113 08114 08115 08116 08117 printf(" Add A User to ADMIN Alias . . . . . . . . . . . . . . "); 08118 08119 // 08120 // Make user2 a member of the ADMIN alias 08121 // 08122 08123 NtStatus = SamOpenAlias( 08124 BuiltinDomainHandle, 08125 ALIAS_ALL_ACCESS, 08126 DOMAIN_ALIAS_RID_ADMINS, 08127 &AdminAliasHandle 08128 ); 08129 08130 ASSERT( NT_SUCCESS( NtStatus ) ); 08131 08132 NtStatus = SamAddMemberToAlias( 08133 AdminAliasHandle, 08134 UserSid2 08135 ); 08136 08137 if (NT_SUCCESS(NtStatus)) { 08138 08139 NtStatus = SamGetMembersInAlias( 08140 AdminAliasHandle, 08141 &AliasMembers, 08142 &MemberCount 08143 ); 08144 ASSERT(NT_SUCCESS(NtStatus)); 08145 08146 NtStatus = STATUS_MEMBER_NOT_IN_ALIAS; 08147 for ( i=0; i<MemberCount; i++) { 08148 if (RtlEqualSid(AliasMembers[i], UserSid2)) { 08149 NtStatus = STATUS_SUCCESS; 08150 break; 08151 } 08152 } 08153 08154 if (!NT_SUCCESS(NtStatus)) { 08155 printf("Failed\n"); 08156 printf("Service returned SUCCESS, but user not in member list for alias.\n"); 08157 printf("Member list :\n"); 08158 for (i=0; i<MemberCount; i++) { 08159 printfSid(AliasMembers[i]); 08160 printf("\n"); 08161 } 08162 DebugBreak(); 08163 TestStatus = FALSE; 08164 } 08165 08166 08167 if (AliasMembers != NULL) { 08168 SamFreeMemory( AliasMembers ); 08169 } 08170 08171 08172 if (NT_SUCCESS(NtStatus)) { 08173 08174 NtStatus = SamGetAliasMembership( 08175 BuiltinDomainHandle, 08176 1, 08177 &UserSid2, 08178 &MemberCount, 08179 &Members 08180 ); 08181 ASSERT(NT_SUCCESS(NtStatus)); 08182 08183 NtStatus = STATUS_MEMBER_NOT_IN_ALIAS; 08184 for ( i=0; i<MemberCount; i++) { 08185 if (Members[i] == DOMAIN_ALIAS_RID_ADMINS) { 08186 NtStatus = STATUS_SUCCESS; 08187 break; 08188 } 08189 } 08190 08191 if (!NT_SUCCESS(NtStatus)) { 08192 printf("Failed\n"); 08193 printf("Service returned SUCCESS, but alias not in account alias membership list.\n"); 08194 printf("Alias Membership :\n"); 08195 for (i=0; i<MemberCount; i++) { 08196 printf("0x%lx\n", Members[i]); 08197 } 08198 DebugBreak(); 08199 TestStatus = FALSE; 08200 08201 } else { 08202 08203 printf("Succeeded\n"); 08204 } 08205 08206 if (Members != NULL) { 08207 SamFreeMemory( Members ); 08208 } 08209 } 08210 08211 08212 } else { 08213 printf("Failed\n"); 08214 printf(" Completion status is 0x%lx\n", NtStatus); 08215 TestStatus = FALSE; 08216 } 08217 08218 08219 printf(" Add A Group to ADMIN Alias . . . . . . . . . . . . . . "); 08220 08221 // 08222 // Make a group a member of the ADMIN alias 08223 // 08224 08225 GroupSid = CreateUserSid(DomainSid, DOMAIN_GROUP_RID_USERS ); 08226 ASSERT(GroupSid != NULL); 08227 08228 NtStatus = SamAddMemberToAlias( 08229 AdminAliasHandle, 08230 GroupSid 08231 ); 08232 08233 if (NT_SUCCESS(NtStatus)) { 08234 08235 NtStatus = SamGetMembersInAlias( 08236 AdminAliasHandle, 08237 &AliasMembers, 08238 &MemberCount 08239 ); 08240 ASSERT(NT_SUCCESS(NtStatus)); 08241 08242 NtStatus = STATUS_MEMBER_NOT_IN_ALIAS; 08243 for ( i=0; i<MemberCount; i++) { 08244 if (RtlEqualSid(AliasMembers[i], GroupSid)) { 08245 NtStatus = STATUS_SUCCESS; 08246 break; 08247 } 08248 } 08249 08250 if (!NT_SUCCESS(NtStatus)) { 08251 printf("Failed\n"); 08252 printf("Service returned SUCCESS, but user not in member list for alias.\n"); 08253 printf("Member list :\n"); 08254 for (i=0; i<MemberCount; i++) { 08255 printfSid(AliasMembers[i]); 08256 printf("\n"); 08257 } 08258 DebugBreak(); 08259 TestStatus = FALSE; 08260 } 08261 08262 08263 if (AliasMembers != NULL) { 08264 SamFreeMemory( AliasMembers ); 08265 } 08266 08267 08268 if (NT_SUCCESS(NtStatus)) { 08269 08270 NtStatus = SamGetAliasMembership( 08271 BuiltinDomainHandle, 08272 1, 08273 &GroupSid, 08274 &MemberCount, 08275 &Members 08276 ); 08277 ASSERT(NT_SUCCESS(NtStatus)); 08278 08279 NtStatus = STATUS_MEMBER_NOT_IN_ALIAS; 08280 for ( i=0; i<MemberCount; i++) { 08281 if (Members[i] == DOMAIN_ALIAS_RID_ADMINS) { 08282 NtStatus = STATUS_SUCCESS; 08283 break; 08284 } 08285 } 08286 08287 if (!NT_SUCCESS(NtStatus)) { 08288 printf("Failed\n"); 08289 printf("Service returned SUCCESS, but alias not in account alias membership list.\n"); 08290 printf("Alias Membership :\n"); 08291 for (i=0; i<MemberCount; i++) { 08292 printf("0x%lx\n", Members[i]); 08293 } 08294 DebugBreak(); 08295 TestStatus = FALSE; 08296 08297 } else { 08298 08299 printf("Succeeded\n"); 08300 } 08301 08302 if (Members != NULL) { 08303 SamFreeMemory( Members ); 08304 } 08305 } 08306 08307 08308 } else { 08309 printf("Failed\n"); 08310 printf(" Completion status is 0x%lx\n", NtStatus); 08311 TestStatus = FALSE; 08312 } 08313 08314 08315 // NOTE: user is already created in the group below. Should keep this 08316 // test, AND add another with an all-new group that's been added to the ADMIN 08317 // alias (then ADD user to group, rather than create in it). 08318 printf(" Create user in ADMIN ALIAS'd Group. . . . . . . . . . . "); 08319 08320 RtlInitString( &AccountNameAnsi, USER_NAME3 ); 08321 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 08322 TST_SUCCESS_ASSERT(NtStatus); 08323 08324 UserRid3 = 0; 08325 UserHandle3 = NULL; 08326 NtStatus = SamCreateUserInDomain( 08327 DomainHandle, 08328 &AccountName, 08329 USER_ALL_ACCESS, 08330 &UserHandle3, 08331 &UserRid3 08332 ); 08333 RtlFreeUnicodeString( &AccountName ); 08334 08335 if ( NT_SUCCESS( NtStatus ) ) { 08336 08337 printf("Succeeded\n"); 08338 08339 } else { 08340 08341 printf("Failed\n"); 08342 printf(" Completion status is 0x%lx\n", NtStatus); 08343 TestStatus = FALSE; 08344 } 08345 08346 08347 08348 //NOTE: doesn't work because this is primary group. 08349 //put back in when all-new group is created, above 08350 // printf(" Remove user from ADMIN ALIAS'd Group. . . . . . . . . . . "); 08351 // 08352 // NtStatus = SamOpenGroup( 08353 // DomainHandle, 08354 // GROUP_ALL_ACCESS, 08355 // DOMAIN_GROUP_RID_USERS, 08356 // &GroupHandle 08357 // ); 08358 // 08359 // ASSERT(NT_SUCCESS(NtStatus)); 08360 // 08361 // NtStatus = SamRemoveMemberFromGroup( 08362 // GroupHandle, 08363 // UserRid3 08364 // ); 08365 // 08366 // if ( NT_SUCCESS( NtStatus ) ) { 08367 // 08368 // printf("Succeeded\n"); 08369 // 08370 // } else { 08371 // 08372 // printf("Failed\n"); 08373 // printf(" Completion status is 0x%lx\n", NtStatus); 08374 // TestStatus = FALSE; 08375 // } 08376 // 08377 // IgnoreStatus = SamCloseHandle( GroupHandle ); 08378 // ASSERT(NT_SUCCESS(IgnoreStatus)); 08379 IgnoreStatus = SamCloseHandle( UserHandle3 ); 08380 ASSERT(NT_SUCCESS(IgnoreStatus)); 08381 08382 08383 08384 printf(" Remove User from ADMIN alias. . . . . . . . . . . "); 08385 08386 // 08387 // The previous test sets this one up. 08388 // 08389 // Now try to remove the user from the alias 08390 // 08391 08392 NtStatus = SamRemoveMemberFromAlias(AdminAliasHandle, UserSid2); 08393 if (NT_SUCCESS(NtStatus)) { 08394 08395 NtStatus = SamGetMembersInAlias( 08396 AdminAliasHandle, 08397 &AliasMembers, 08398 &MemberCount 08399 ); 08400 ASSERT(NT_SUCCESS(NtStatus)); 08401 08402 for ( i=0; i<MemberCount; i++) { 08403 if (RtlEqualSid(AliasMembers[i], UserSid2)) { 08404 NtStatus = STATUS_MEMBER_IN_ALIAS; 08405 break; 08406 } 08407 } 08408 08409 if (!NT_SUCCESS(NtStatus)) { 08410 printf("Failed\n"); 08411 printf("Service returned SUCCESS, but user still in member list for alias.\n"); 08412 printf("Member list :\n"); 08413 for (i=0; i<MemberCount; i++) { 08414 printfSid(AliasMembers[i]); 08415 printf("\n"); 08416 } 08417 DebugBreak(); 08418 TestStatus = FALSE; 08419 } 08420 08421 SamFreeMemory( AliasMembers ); 08422 08423 if (NT_SUCCESS(NtStatus)) { 08424 08425 NtStatus = SamGetAliasMembership( 08426 BuiltinDomainHandle, 08427 1, 08428 &UserSid2, 08429 &MemberCount, 08430 &Members 08431 ); 08432 ASSERT(NT_SUCCESS(NtStatus)); 08433 08434 for ( i=0; i<MemberCount; i++) { 08435 if (Members[i] == DOMAIN_ALIAS_RID_ADMINS) { 08436 NtStatus = STATUS_MEMBER_IN_ALIAS; 08437 break; 08438 } 08439 } 08440 08441 if (!NT_SUCCESS(NtStatus)) { 08442 printf("Failed\n"); 08443 printf("Service returned SUCCESS, but alias still in account alias membership list.\n"); 08444 printf("Alias Membership :\n"); 08445 for (i=0; i<MemberCount; i++) { 08446 printf("0x%lx\n", Members[i]); 08447 } 08448 DebugBreak(); 08449 TestStatus = FALSE; 08450 08451 } else { 08452 08453 printf("Succeeded\n"); 08454 } 08455 08456 if (Members != NULL) { 08457 SamFreeMemory( Members ); 08458 } 08459 } 08460 08461 } else { 08462 printf("Failed\n"); 08463 printf(" Completion status is 0x%lx\n", NtStatus); 08464 TestStatus = FALSE; 08465 } 08466 08467 08468 08469 08470 // 08471 // Make user2 a member of the ADMIN alias again, so we can test 08472 // the new function SamRemoveMemberFromForeignDomain(). 08473 // NOTE: we should make this a real test item. 08474 // 08475 08476 NtStatus = SamAddMemberToAlias( 08477 AdminAliasHandle, 08478 UserSid2 08479 ); 08480 08481 ASSERT (NT_SUCCESS(NtStatus)); 08482 08483 NtStatus = SamRemoveMemberFromForeignDomain( 08484 BuiltinDomainHandle, 08485 UserSid2 ); 08486 08487 ASSERT (NT_SUCCESS(NtStatus)); 08488 08489 08490 08491 printf(" Remove Group from ADMIN alias. . . . . . . . . . . "); 08492 08493 // 08494 // The previous test sets this one up. 08495 // 08496 // Now try to remove the group from the alias 08497 // 08498 08499 NtStatus = SamRemoveMemberFromAlias(AdminAliasHandle, GroupSid); 08500 if (NT_SUCCESS(NtStatus)) { 08501 08502 NtStatus = SamGetMembersInAlias( 08503 AdminAliasHandle, 08504 &AliasMembers, 08505 &MemberCount 08506 ); 08507 ASSERT(NT_SUCCESS(NtStatus)); 08508 08509 for ( i=0; i<MemberCount; i++) { 08510 if (RtlEqualSid(AliasMembers[i], GroupSid)) { 08511 NtStatus = STATUS_MEMBER_IN_ALIAS; 08512 break; 08513 } 08514 } 08515 08516 if (!NT_SUCCESS(NtStatus)) { 08517 printf("Failed\n"); 08518 printf("Service returned SUCCESS, but user still in member list for alias.\n"); 08519 printf("Member list :\n"); 08520 for (i=0; i<MemberCount; i++) { 08521 printfSid(AliasMembers[i]); 08522 printf("\n"); 08523 } 08524 DebugBreak(); 08525 TestStatus = FALSE; 08526 } 08527 08528 SamFreeMemory( AliasMembers ); 08529 08530 if (NT_SUCCESS(NtStatus)) { 08531 08532 NtStatus = SamGetAliasMembership( 08533 BuiltinDomainHandle, 08534 1, 08535 &GroupSid, 08536 &MemberCount, 08537 &Members 08538 ); 08539 ASSERT(NT_SUCCESS(NtStatus)); 08540 08541 for ( i=0; i<MemberCount; i++) { 08542 if (Members[i] == DOMAIN_ALIAS_RID_ADMINS) { 08543 NtStatus = STATUS_MEMBER_IN_ALIAS; 08544 break; 08545 } 08546 } 08547 08548 if (!NT_SUCCESS(NtStatus)) { 08549 printf("Failed\n"); 08550 printf("Service returned SUCCESS, but alias still in account alias membership list.\n"); 08551 printf("Alias Membership :\n"); 08552 for (i=0; i<MemberCount; i++) { 08553 printf("0x%lx\n", Members[i]); 08554 } 08555 DebugBreak(); 08556 TestStatus = FALSE; 08557 08558 } else { 08559 08560 printf("Succeeded\n"); 08561 } 08562 08563 if (Members != NULL) { 08564 SamFreeMemory( Members ); 08565 } 08566 } 08567 08568 } else { 08569 printf("Failed\n"); 08570 printf(" Completion status is 0x%lx\n", NtStatus); 08571 TestStatus = FALSE; 08572 } 08573 08574 IgnoreStatus = SamCloseHandle( AdminAliasHandle ); 08575 ASSERT( NT_SUCCESS(IgnoreStatus) ); 08576 08577 08578 08579 printf(" Delete account while member of alias. . . . . . . . . "); 08580 08581 08582 // 08583 // Now delete user2 and check the alias member list is updated 08584 // 08585 08586 NtStatus = SamDeleteUser( UserHandle2 ); 08587 ASSERT(NT_SUCCESS(NtStatus)); 08588 08589 NtStatus = SamGetMembersInAlias( 08590 AliasHandle1, 08591 &AliasMembers, 08592 &MemberCount 08593 ); 08594 ASSERT(NT_SUCCESS(NtStatus)); 08595 08596 for ( i=0; i<MemberCount; i++) { 08597 if (RtlEqualSid(AliasMembers[i], UserSid2)) { 08598 NtStatus = STATUS_MEMBER_IN_ALIAS; 08599 break; 08600 } 08601 } 08602 08603 if (!NT_SUCCESS(NtStatus)) { 08604 printf("Failed\n"); 08605 printf("Service returned SUCCESS, but user still in member list for alias.\n"); 08606 printf("Member list :\n"); 08607 for (i=0; i<MemberCount; i++) { 08608 printfSid(AliasMembers[i]); 08609 printf("\n"); 08610 } 08611 DebugBreak(); 08612 TestStatus = FALSE; 08613 } 08614 08615 SamFreeMemory( AliasMembers ); 08616 08617 if (NT_SUCCESS(NtStatus)) { 08618 08619 NtStatus = SamGetAliasMembership( 08620 DomainHandle, 08621 1, 08622 &UserSid2, 08623 &MemberCount, 08624 &Members 08625 ); 08626 ASSERT(NT_SUCCESS(NtStatus)); 08627 08628 if (MemberCount != 0) { 08629 printf("Failed\n"); 08630 printf("Service returned SUCCESS, but alias still in alias membership list for account.\n"); 08631 printf("Alias Membership :\n"); 08632 for (i=0; i<MemberCount; i++) { 08633 printf("0x%lx\n", Members[i]); 08634 } 08635 DebugBreak(); 08636 TestStatus = FALSE; 08637 } 08638 08639 if (Members != NULL) { 08640 SamFreeMemory( Members ); 08641 } 08642 08643 // 08644 // Check for correct alias membership for multiple accounts 08645 // User1 should be in no aliases 08646 // User2 should be in no aliases. 08647 // 08648 08649 if (NT_SUCCESS(NtStatus)) { 08650 08651 PSID SidArray[2]; 08652 SidArray[0] = UserSid1; 08653 SidArray[1] = UserSid2; 08654 08655 NtStatus = SamGetAliasMembership( 08656 DomainHandle, 08657 2, 08658 SidArray, 08659 &MemberCount, 08660 &Members 08661 ); 08662 ASSERT(NT_SUCCESS(NtStatus)); 08663 08664 if (MemberCount != 0) { 08665 08666 printf("Failed\n"); 08667 printf("Service returned SUCCESS, but combined alias membership count for 2 accounts not correct.\n"); 08668 printf("Combined Alias Membership :\n"); 08669 for (i=0; i<MemberCount; i++) { 08670 printf("0x%lx\n", Members[i]); 08671 } 08672 DebugBreak(); 08673 TestStatus = FALSE; 08674 08675 } else { 08676 printf("Succeeded\n"); 08677 } 08678 08679 if (Members != NULL) { 08680 SamFreeMemory( Members ); 08681 } 08682 } 08683 } 08684 08685 08686 08687 08688 printf(" Delete alias with members . . . . . . . . . . . . . . "); 08689 08690 // 08691 // Make the user a member of this alias (again) 08692 // 08693 08694 NtStatus = SamAddMemberToAlias( 08695 AliasHandle1, 08696 UserSid1 08697 ); 08698 ASSERT(NT_SUCCESS(NtStatus)); 08699 08700 // 08701 // Now delete the alias and check the membership list for user is updated 08702 // 08703 08704 NtStatus = SamDeleteAlias( AliasHandle1 ); 08705 ASSERT(NT_SUCCESS(NtStatus)); 08706 08707 NtStatus = SamGetAliasMembership( 08708 DomainHandle, 08709 1, 08710 &UserSid1, 08711 &MemberCount, 08712 &Members 08713 ); 08714 ASSERT(NT_SUCCESS(NtStatus)); 08715 08716 for ( i=0; i<MemberCount; i++) { 08717 if (Members[i] == AliasRid) { 08718 NtStatus = STATUS_MEMBER_IN_ALIAS; 08719 break; 08720 } 08721 } 08722 08723 if (NT_SUCCESS(NtStatus)) { 08724 printf("Succeeded\n"); 08725 } else { 08726 printf("Failed\n"); 08727 printf("Service returned SUCCESS, but alias still in account alias membership list.\n"); 08728 printf("Alias Membership :\n"); 08729 for (i=0; i<MemberCount; i++) { 08730 printf("0x%lx\n", Members[i]); 08731 } 08732 DebugBreak(); 08733 TestStatus = FALSE; 08734 } 08735 08736 if (Members != NULL) { 08737 SamFreeMemory( Members ); 08738 } 08739 08740 08741 08742 DeleteUserSid(UserSid1); 08743 DeleteUserSid(UserSid2); 08744 08745 // 08746 // and clean up 08747 // 08748 08749 if (DeleteUser == TRUE) { 08750 NtStatus = SamDeleteUser( UserHandle1 ); 08751 ASSERT(NT_SUCCESS(NtStatus)); 08752 } else { 08753 NtStatus = SamCloseHandle( UserHandle1 ); 08754 ASSERT(NT_SUCCESS(NtStatus)); 08755 } 08756 08757 08758 08759 08760 08761 08762 printf(" Add Foreign Domain Member . . . . . . . . . . . . . . "); 08763 08764 // 08765 // create the alias 08766 // 08767 08768 RtlInitString( &AccountNameAnsi, ALIAS_NAME1 ); 08769 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 08770 TST_SUCCESS_ASSERT(NtStatus); 08771 08772 AliasRid = 0; 08773 AliasHandle1 = NULL; 08774 NtStatus = SamCreateAliasInDomain( 08775 DomainHandle, 08776 &AccountName, 08777 ALIAS_ALL_ACCESS, 08778 &AliasHandle1, 08779 &AliasRid 08780 ); 08781 RtlFreeUnicodeString( &AccountName ); 08782 ASSERT(NT_SUCCESS(NtStatus)); 08783 08784 // 08785 // Specify a non-existant user be added to this alias 08786 // 08787 08788 08789 { 08790 PSID ForeignDomainSid; 08791 08792 ForeignDomainSid = CreateUserSid(DomainSid, 307333); // random domain sub-authority 08793 ASSERT(ForeignDomainSid != NULL); 08794 08795 UserRid = 45728; // Random user rid 08796 08797 UserSid1 = CreateUserSid(ForeignDomainSid, UserRid); 08798 ASSERT(UserSid1 != NULL); 08799 08800 DeleteUserSid(ForeignDomainSid); 08801 } 08802 08803 08804 NtStatus = SamAddMemberToAlias( 08805 AliasHandle1, 08806 UserSid1 08807 ); 08808 08809 if (NtStatus == STATUS_SUCCESS) { 08810 08811 NtStatus = SamGetMembersInAlias( 08812 AliasHandle1, 08813 &AliasMembers, 08814 &MemberCount 08815 ); 08816 ASSERT(NT_SUCCESS(NtStatus)); 08817 08818 NtStatus = STATUS_MEMBER_NOT_IN_ALIAS; 08819 for ( i=0; i<MemberCount; i++) { 08820 if (RtlEqualSid(AliasMembers[i], UserSid1)) { 08821 NtStatus = STATUS_SUCCESS; 08822 break; 08823 } 08824 } 08825 08826 if (!NT_SUCCESS(NtStatus)) { 08827 printf("Failed\n"); 08828 printf("Service returned SUCCESS, but user not in member list for alias.\n"); 08829 printf("Member list :\n"); 08830 for (i=0; i<MemberCount; i++) { 08831 printfSid(AliasMembers[i]); 08832 printf("\n"); 08833 } 08834 DebugBreak(); 08835 TestStatus = FALSE; 08836 } 08837 08838 08839 if (AliasMembers != NULL) { 08840 SamFreeMemory( AliasMembers ); 08841 } 08842 08843 08844 if (NT_SUCCESS(NtStatus)) { 08845 08846 NtStatus = SamGetAliasMembership( 08847 DomainHandle, 08848 1, 08849 &UserSid1, 08850 &MemberCount, 08851 &Members 08852 ); 08853 ASSERT(NT_SUCCESS(NtStatus)); 08854 08855 NtStatus = STATUS_MEMBER_NOT_IN_ALIAS; 08856 for ( i=0; i<MemberCount; i++) { 08857 if (Members[i] == AliasRid) { 08858 NtStatus = STATUS_SUCCESS; 08859 break; 08860 } 08861 } 08862 08863 if (NT_SUCCESS(NtStatus)) { 08864 printf("Succeeded\n"); 08865 } else { 08866 printf("Failed\n"); 08867 printf("Service returned SUCCESS, but alias not in account alias membership list.\n"); 08868 printf("Alias Membership :\n"); 08869 for (i=0; i<MemberCount; i++) { 08870 printf("0x%lx\n", Members[i]); 08871 } 08872 DebugBreak(); 08873 TestStatus = FALSE; 08874 } 08875 08876 if (Members != NULL) { 08877 SamFreeMemory( Members ); 08878 } 08879 } 08880 08881 } else { 08882 printf("Failed\n"); 08883 printf(" Completion status is 0x%lx\n", NtStatus); 08884 TestStatus = FALSE; 08885 } 08886 08887 DeleteUserSid(UserSid1); 08888 08889 08890 08891 08892 printf(" Add alias as member . . . . . . . . . . . . . . . . . "); 08893 08894 // 08895 // Specify an alias in the current domain be added to this alias 08896 // 08897 08898 08899 UserSid1 = CreateUserSid(DomainSid, AliasRid2); 08900 ASSERT(UserSid1 != NULL); 08901 08902 08903 NtStatus = SamAddMemberToAlias( 08904 AliasHandle1, 08905 UserSid1 08906 ); 08907 08908 if (NtStatus != STATUS_INVALID_MEMBER) { 08909 08910 printf("Failed\n"); 08911 printf("Expected service to return STATUS_INVALID_MEMBER, actually returned 0x%lx.\n", NtStatus); 08912 DebugBreak(); 08913 TestStatus = FALSE; 08914 } else { 08915 printf("Succeeded\n"); 08916 } 08917 08918 DeleteUserSid(UserSid1); 08919 08920 08921 08922 printf(" Add non-existant account in this domain as member . . "); 08923 08924 // 08925 // Specify a non-existant account in the current domain be added to this alias 08926 // 08927 08928 08929 UserSid1 = CreateUserSid(DomainSid, 32567); // Random rid 08930 ASSERT(UserSid1 != NULL); 08931 08932 08933 NtStatus = SamAddMemberToAlias( 08934 AliasHandle1, 08935 UserSid1 08936 ); 08937 08938 if (NtStatus != STATUS_NO_SUCH_MEMBER) { 08939 08940 printf("Failed\n"); 08941 printf("Expected service to return STATUS_NO_SUCH_MEMBER, actually returned 0x%lx.\n", NtStatus); 08942 DebugBreak(); 08943 TestStatus = FALSE; 08944 } else { 08945 printf("Succeeded\n"); 08946 } 08947 08948 DeleteUserSid(UserSid1); 08949 08950 08951 08952 printf(" Remove Non-member . . . . . . . . . . . . . . . . . . "); 08953 08954 // 08955 // Specify a non-existant user be removed from this alias 08956 // 08957 08958 { 08959 PSID ForeignDomainSid; 08960 08961 ForeignDomainSid = CreateUserSid(DomainSid, 35775); // random domain sub-authority 08962 ASSERT(ForeignDomainSid != NULL); 08963 08964 UserRid = 623545; // Random user rid 08965 08966 UserSid1 = CreateUserSid(ForeignDomainSid, UserRid); 08967 ASSERT(UserSid1 != NULL); 08968 08969 DeleteUserSid(ForeignDomainSid); 08970 } 08971 08972 NtStatus = SamRemoveMemberFromAlias( AliasHandle1, UserSid1 ); 08973 08974 if (NtStatus == STATUS_MEMBER_NOT_IN_ALIAS) { 08975 08976 printf("Succeeded\n"); 08977 08978 } else { 08979 printf("Failed\n"); 08980 printf(" Completion status is 0x%lx\n", NtStatus); 08981 TestStatus = FALSE; 08982 } 08983 08984 DeleteUserSid(UserSid1); 08985 08986 NtStatus = SamDeleteAlias( AliasHandle1 ); 08987 ASSERT(NT_SUCCESS(NtStatus)); 08988 08989 08990 08991 08992 } 08993 08994 return(TestStatus); 08995 08996 } 08997 08998 09000 // // 09001 // User Object Test Suite // 09002 // // 09004 09005 09006 BOOLEAN 09007 UserTestSuite( 09008 HANDLE DomainHandle, 09009 ULONG Pass 09010 ) 09011 09012 09013 { 09014 09015 PUSER_ALL_INFORMATION All, All2; 09016 NTSTATUS NtStatus, IgnoreStatus, TmpStatus; 09017 HANDLE UserHandle1, UserHandle2, GroupHandle1; 09018 ULONG CountReturned, NameLength, MembershipCount, i; 09019 ULONG UserRid, GroupRid; 09020 PVOID Buffer, Buffer1, Buffer2; 09021 SAM_ENUMERATE_HANDLE EnumerationContext; 09022 USER_GENERAL_INFORMATION GeneralInformation; 09023 USER_LOGON_INFORMATION LogonInformation; 09024 USER_ACCOUNT_INFORMATION AccountInformation; 09025 PSID_NAME_USE LookedUpUses; 09026 PULONG LookedUpRids; 09027 UNICODE_STRING AccountNames[10], AccountName; 09028 STRING AccountNameAnsi, TmpAnsiString; 09029 09030 09031 09032 09033 BOOLEAN IndividualTestSucceeded, DeleteUser; 09034 BOOLEAN TestStatus = TRUE; 09035 09036 09037 09038 09039 if (Pass == 1) { 09040 // This test suite assumes that lookup and enumeration API funciton 09041 // properly. 09042 // 09043 09044 printf("\n"); 09045 printf("\n"); 09046 printf(" User (Pass #1) . . . . . . . . . . . . . . . . . . . Test\n"); 09047 09049 // // 09050 // Open User Suite // 09051 // // 09053 09054 printf(" Open User . . . . . . . . . . . . . . . . . . . . . Suite\n"); 09055 printf(" Open Users . . . . . . . . . . . . . . . . . . . . . "); 09056 IndividualTestSucceeded = TRUE; 09057 EnumerationContext = 0; 09058 NtStatus = SamEnumerateUsersInDomain( 09059 DomainHandle, 09060 &EnumerationContext, 09061 0, 09062 &Buffer, 09063 12000, // PreferedMaximumLength 09064 &CountReturned 09065 ); 09066 09067 TST_SUCCESS_ASSERT(NtStatus); 09068 ASSERT(Buffer != NULL); 09069 ASSERT(CountReturned > 0); 09070 09071 for (i=0; i<CountReturned; i++) { 09072 09073 NtStatus = SamOpenUser( 09074 DomainHandle, 09075 USER_ALL_ACCESS, 09076 ((PSAM_RID_ENUMERATION)(Buffer))[i].RelativeId, 09077 &UserHandle1 09078 ); 09079 09080 if (NT_SUCCESS(NtStatus)) { 09081 09082 NtStatus = SamOpenUser( 09083 DomainHandle, 09084 GENERIC_READ, 09085 ((PSAM_RID_ENUMERATION)(Buffer))[i].RelativeId, 09086 &UserHandle2 09087 ); 09088 09089 if (NT_SUCCESS(NtStatus)) { 09090 IgnoreStatus = SamCloseHandle( UserHandle2 ); 09091 ASSERT( NT_SUCCESS(IgnoreStatus) ); 09092 } else { 09093 printf("Failed\n"); 09094 printf(" Completion status is 0x%lx\n", NtStatus); 09095 printf(" Failed opening User second time.\n"); 09096 printf(" Rid of account is: 0x%lx\n", 09097 ((PSAM_RID_ENUMERATION)(Buffer))[i].RelativeId); 09098 printf(" Name of account is: %wZ\n", 09099 &((PSAM_RID_ENUMERATION)(Buffer))[i].Name ); 09100 TestStatus = FALSE; 09101 IndividualTestSucceeded = FALSE; 09102 } 09103 09104 IgnoreStatus = SamCloseHandle( UserHandle1 ); 09105 ASSERT( NT_SUCCESS(IgnoreStatus) ); 09106 09107 } else { 09108 09109 printf("Failed\n"); 09110 printf(" Completion status is 0x%lx\n", NtStatus); 09111 printf(" Failed opening User for first time.\n"); 09112 printf(" Rid of account is: 0x%lx\n", 09113 ((PSAM_RID_ENUMERATION)(Buffer))[i].RelativeId); 09114 printf(" Name of account is: %wZ\n", 09115 &((PSAM_RID_ENUMERATION)(Buffer))[i].Name ); 09116 TestStatus = FALSE; 09117 IndividualTestSucceeded = FALSE; 09118 } 09119 09120 } 09121 09122 09123 SamFreeMemory( Buffer ); 09124 if (IndividualTestSucceeded) { 09125 printf("Succeeded\n"); 09126 } 09127 09128 09129 09131 // // 09132 // Query User Suite // 09133 // // 09135 09136 printf("\n"); 09137 printf(" Query User . . . . . . . . . . . . . . . . . . . . . Suite\n"); 09138 09139 printf(" Query User General Information . . . . . . . . . . . "); 09140 09141 09142 NtStatus = SamOpenUser( 09143 DomainHandle, 09144 USER_READ_GENERAL, 09145 DOMAIN_USER_RID_ADMIN, 09146 &UserHandle1 09147 ); 09148 ASSERT(NT_SUCCESS(NtStatus) ); 09149 09150 Buffer = NULL; 09151 NtStatus = SamQueryInformationUser( 09152 UserHandle1, 09153 UserGeneralInformation, 09154 &Buffer 09155 ); 09156 if (NT_SUCCESS(NtStatus)) { 09157 if (Buffer != NULL) { 09158 09159 if ( (((USER_GENERAL_INFORMATION *)Buffer)->UserName.MaximumLength 09160 >= 0) && 09161 (((USER_GENERAL_INFORMATION *)Buffer)->UserName.Buffer != NULL) 09162 ) { 09163 09164 printf("Succeeded\n"); 09165 09166 printf(" Primary Group is: 0x%lx\n", 09167 (((USER_GENERAL_INFORMATION *)Buffer)->PrimaryGroupId) ); 09168 printf(" User Name is: *%wZ*\n", 09169 &(((USER_GENERAL_INFORMATION *)Buffer)->UserName) ); 09170 printf(" Full Name is: *%wZ*\n", 09171 &(((USER_GENERAL_INFORMATION *)Buffer)->FullName) ); 09172 printf(" Admin Comment is: *%wZ*\n", 09173 &(((USER_GENERAL_INFORMATION *)Buffer)->AdminComment) ); 09174 printf(" User Comment is: *%wZ*\n", 09175 &(((USER_GENERAL_INFORMATION *)Buffer)->UserComment) ); 09176 09177 09178 } else { 09179 printf("Failed\n"); 09180 printf(" One of the UNICODE_STRINGs not returned.\n"); 09181 TestStatus = FALSE; 09182 } 09183 SamFreeMemory( Buffer ); 09184 } else { 09185 printf("Failed\n"); 09186 printf(" Buffer address not set on return.\n"); 09187 printf(" RPC should have allocated a buffer.\n"); 09188 TestStatus = FALSE; 09189 } 09190 } else { 09191 printf("Failed\n"); 09192 printf(" Completion status is 0x%lx\n", NtStatus); 09193 TestStatus = FALSE; 09194 } 09195 IgnoreStatus = SamCloseHandle( UserHandle1 ); 09196 ASSERT( NT_SUCCESS(IgnoreStatus) ); 09197 09198 09199 09200 09201 printf(" Query User Name Information . . . . . . . . . . . . . "); 09202 09203 09204 NtStatus = SamOpenUser( 09205 DomainHandle, 09206 USER_READ_GENERAL, 09207 DOMAIN_USER_RID_ADMIN, 09208 &UserHandle1 09209 ); 09210 ASSERT(NT_SUCCESS(NtStatus) ); 09211 09212 Buffer = NULL; 09213 NtStatus = SamQueryInformationUser( 09214 UserHandle1, 09215 UserNameInformation, 09216 &Buffer 09217 ); 09218 if (NT_SUCCESS(NtStatus)) { 09219 if (Buffer != NULL) { 09220 09221 if ( (((USER_NAME_INFORMATION *)Buffer)->UserName.MaximumLength > 0) && 09222 (((USER_NAME_INFORMATION *)Buffer)->UserName.Buffer != NULL) 09223 ) { 09224 09225 printf("Succeeded\n"); 09226 09227 printf(" User Name is: *%wZ*\n", 09228 &(((USER_NAME_INFORMATION *)Buffer)->UserName) ); 09229 printf(" Full Name is: *%wZ*\n", 09230 &(((USER_NAME_INFORMATION *)Buffer)->FullName) ); 09231 09232 09233 09234 } else { 09235 printf("Failed\n"); 09236 printf(" One of the UNICODE_STRINGs not returned.\n"); 09237 TestStatus = FALSE; 09238 } 09239 SamFreeMemory( Buffer ); 09240 } else { 09241 printf("Failed\n"); 09242 printf(" Buffer address not set on return.\n"); 09243 printf(" RPC should have allocated a buffer.\n"); 09244 TestStatus = FALSE; 09245 } 09246 } else { 09247 printf("Failed\n"); 09248 printf(" Completion status is 0x%lx\n", NtStatus); 09249 TestStatus = FALSE; 09250 } 09251 IgnoreStatus = SamCloseHandle( UserHandle1 ); 09252 ASSERT( NT_SUCCESS(IgnoreStatus) ); 09253 09254 09255 09256 09257 printf(" Query User Account Name Information . . . . . . . . . "); 09258 09259 09260 NtStatus = SamOpenUser( 09261 DomainHandle, 09262 USER_READ_GENERAL, 09263 DOMAIN_USER_RID_ADMIN, 09264 &UserHandle1 09265 ); 09266 ASSERT(NT_SUCCESS(NtStatus) ); 09267 09268 Buffer = NULL; 09269 NtStatus = SamQueryInformationUser( 09270 UserHandle1, 09271 UserAccountNameInformation, 09272 &Buffer 09273 ); 09274 if (NT_SUCCESS(NtStatus)) { 09275 if (Buffer != NULL) { 09276 09277 if ( (((USER_ACCOUNT_NAME_INFORMATION *)Buffer)->UserName.MaximumLength > 0) && 09278 (((USER_ACCOUNT_NAME_INFORMATION *)Buffer)->UserName.Buffer != NULL) 09279 ) { 09280 09281 printf("Succeeded\n"); 09282 09283 printf(" User Name is: *%wZ*\n", 09284 &(((USER_ACCOUNT_NAME_INFORMATION *)Buffer)->UserName) ); 09285 09286 09287 09288 } else { 09289 printf("Failed\n"); 09290 printf(" UNICODE_STRING not returned.\n"); 09291 TestStatus = FALSE; 09292 } 09293 SamFreeMemory( Buffer ); 09294 } else { 09295 printf("Failed\n"); 09296 printf(" Buffer address not set on return.\n"); 09297 printf(" RPC should have allocated a buffer.\n"); 09298 TestStatus = FALSE; 09299 } 09300 } else { 09301 printf("Failed\n"); 09302 printf(" Completion status is 0x%lx\n", NtStatus); 09303 TestStatus = FALSE; 09304 } 09305 IgnoreStatus = SamCloseHandle( UserHandle1 ); 09306 ASSERT( NT_SUCCESS(IgnoreStatus) ); 09307 09308 09309 09310 09311 printf(" Query User Full Name Information . . . . . . . . . . "); 09312 09313 09314 NtStatus = SamOpenUser( 09315 DomainHandle, 09316 USER_READ_GENERAL, 09317 DOMAIN_USER_RID_ADMIN, 09318 &UserHandle1 09319 ); 09320 ASSERT(NT_SUCCESS(NtStatus) ); 09321 09322 Buffer = NULL; 09323 NtStatus = SamQueryInformationUser( 09324 UserHandle1, 09325 UserFullNameInformation, 09326 &Buffer 09327 ); 09328 if (NT_SUCCESS(NtStatus)) { 09329 if (Buffer != NULL) { 09330 09331 if ( (((USER_FULL_NAME_INFORMATION *)Buffer)->FullName.MaximumLength 09332 >= 0) 09333 ) { 09334 09335 printf("Succeeded\n"); 09336 09337 printf(" Full Name is: *%wZ*\n", 09338 &(((USER_FULL_NAME_INFORMATION *)Buffer)->FullName) ); 09339 09340 09341 09342 } else { 09343 printf("Failed\n"); 09344 printf(" UNICODE_STRING not returned.\n"); 09345 TestStatus = FALSE; 09346 } 09347 SamFreeMemory( Buffer ); 09348 } else { 09349 printf("Failed\n"); 09350 printf(" Buffer address not set on return.\n"); 09351 printf(" RPC should have allocated a buffer.\n"); 09352 TestStatus = FALSE; 09353 } 09354 } else { 09355 printf("Failed\n"); 09356 printf(" Completion status is 0x%lx\n", NtStatus); 09357 TestStatus = FALSE; 09358 } 09359 IgnoreStatus = SamCloseHandle( UserHandle1 ); 09360 ASSERT( NT_SUCCESS(IgnoreStatus) ); 09361 09362 09363 09364 09365 printf(" Query User Admin Comment Information . . . . . . . . "); 09366 09367 09368 NtStatus = SamOpenUser( 09369 DomainHandle, 09370 USER_READ_GENERAL, 09371 DOMAIN_USER_RID_ADMIN, 09372 &UserHandle1 09373 ); 09374 ASSERT(NT_SUCCESS(NtStatus) ); 09375 09376 Buffer = NULL; 09377 NtStatus = SamQueryInformationUser( 09378 UserHandle1, 09379 UserAdminCommentInformation, 09380 &Buffer 09381 ); 09382 if (NT_SUCCESS(NtStatus)) { 09383 if (Buffer != NULL) { 09384 09385 if ( (((USER_ADMIN_COMMENT_INFORMATION *)Buffer)->AdminComment.MaximumLength 09386 >= 0) 09387 ) { 09388 09389 printf("Succeeded\n"); 09390 09391 printf(" Admin Comment is: *%wZ*\n", 09392 &(((USER_ADMIN_COMMENT_INFORMATION *)Buffer)->AdminComment) ); 09393 09394 } else { 09395 printf("Failed\n"); 09396 printf(" User Admin Comment not returned.\n"); 09397 TestStatus = FALSE; 09398 } 09399 SamFreeMemory( Buffer ); 09400 } else { 09401 printf("Failed\n"); 09402 printf(" Buffer address not set on return.\n"); 09403 printf(" RPC should have allocated a buffer.\n"); 09404 TestStatus = FALSE; 09405 } 09406 } else { 09407 printf("Failed\n"); 09408 printf(" Completion status is 0x%lx\n", NtStatus); 09409 TestStatus = FALSE; 09410 } 09411 IgnoreStatus = SamCloseHandle( UserHandle1 ); 09412 ASSERT( NT_SUCCESS(IgnoreStatus) ); 09413 09414 09415 09416 09417 printf(" Query User Primary Group Information . . . . . . . . "); 09418 09419 09420 NtStatus = SamOpenUser( 09421 DomainHandle, 09422 USER_READ_GENERAL, 09423 DOMAIN_USER_RID_ADMIN, 09424 &UserHandle1 09425 ); 09426 ASSERT(NT_SUCCESS(NtStatus) ); 09427 09428 Buffer = NULL; 09429 NtStatus = SamQueryInformationUser( 09430 UserHandle1, 09431 UserPrimaryGroupInformation, 09432 &Buffer 09433 ); 09434 if (NT_SUCCESS(NtStatus)) { 09435 if (Buffer != NULL) { 09436 09437 09438 printf("Succeeded\n"); 09439 09440 printf(" Primary Group is: 0x%lx\n", 09441 (((USER_PRIMARY_GROUP_INFORMATION *)Buffer)->PrimaryGroupId) ); 09442 09443 SamFreeMemory( Buffer ); 09444 09445 } else { 09446 printf("Failed\n"); 09447 printf(" Buffer address not set on return.\n"); 09448 printf(" RPC should have allocated a buffer.\n"); 09449 TestStatus = FALSE; 09450 } 09451 } else { 09452 printf("Failed\n"); 09453 printf(" Completion status is 0x%lx\n", NtStatus); 09454 TestStatus = FALSE; 09455 } 09456 IgnoreStatus = SamCloseHandle( UserHandle1 ); 09457 ASSERT( NT_SUCCESS(IgnoreStatus) ); 09458 09459 09460 09461 09462 printf(" Query User Control Information . . . . . . . . . . . "); 09463 09464 09465 NtStatus = SamOpenUser( 09466 DomainHandle, 09467 USER_READ_ACCOUNT, 09468 DOMAIN_USER_RID_ADMIN, 09469 &UserHandle1 09470 ); 09471 ASSERT(NT_SUCCESS(NtStatus) ); 09472 09473 Buffer = NULL; 09474 NtStatus = SamQueryInformationUser( 09475 UserHandle1, 09476 UserControlInformation, 09477 &Buffer 09478 ); 09479 if (NT_SUCCESS(NtStatus)) { 09480 if (Buffer != NULL) { 09481 09482 09483 printf("Succeeded\n"); 09484 09485 printf(" Account Control is: 0x%lx\n", 09486 (((USER_CONTROL_INFORMATION *)Buffer)->UserAccountControl) ); 09487 09488 SamFreeMemory( Buffer ); 09489 09490 09491 } else { 09492 printf("Failed\n"); 09493 printf(" Buffer address not set on return.\n"); 09494 printf(" RPC should have allocated a buffer.\n"); 09495 TestStatus = FALSE; 09496 } 09497 } else { 09498 printf("Failed\n"); 09499 printf(" Completion status is 0x%lx\n", NtStatus); 09500 TestStatus = FALSE; 09501 } 09502 IgnoreStatus = SamCloseHandle( UserHandle1 ); 09503 ASSERT( NT_SUCCESS(IgnoreStatus) ); 09504 09505 09506 09507 09508 printf(" Query User Expiration Information . . . . . . . . . . "); 09509 09510 09511 NtStatus = SamOpenUser( 09512 DomainHandle, 09513 USER_READ_ACCOUNT, 09514 DOMAIN_USER_RID_ADMIN, 09515 &UserHandle1 09516 ); 09517 ASSERT(NT_SUCCESS(NtStatus) ); 09518 09519 Buffer = NULL; 09520 NtStatus = SamQueryInformationUser( 09521 UserHandle1, 09522 UserExpiresInformation, 09523 &Buffer 09524 ); 09525 if (NT_SUCCESS(NtStatus)) { 09526 if (Buffer != NULL) { 09527 09528 09529 printf("Succeeded\n"); 09530 09531 printf(" Account Expires on: (0x%lx, 0x%lx)\n", 09532 (((USER_EXPIRES_INFORMATION *)Buffer)->AccountExpires.HighPart), 09533 (((USER_EXPIRES_INFORMATION *)Buffer)->AccountExpires.LowPart) ); 09534 09535 SamFreeMemory( Buffer ); 09536 09537 09538 } else { 09539 printf("Failed\n"); 09540 printf(" Buffer address not set on return.\n"); 09541 printf(" RPC should have allocated a buffer.\n"); 09542 TestStatus = FALSE; 09543 } 09544 } else { 09545 printf("Failed\n"); 09546 printf(" Completion status is 0x%lx\n", NtStatus); 09547 TestStatus = FALSE; 09548 } 09549 IgnoreStatus = SamCloseHandle( UserHandle1 ); 09550 ASSERT( NT_SUCCESS(IgnoreStatus) ); 09551 09552 09553 printf(" Query User Preferences Information . . . . . . . . . "); 09554 09555 09556 NtStatus = SamOpenUser( 09557 DomainHandle, 09558 USER_READ_PREFERENCES | USER_READ_GENERAL, 09559 DOMAIN_USER_RID_ADMIN, 09560 &UserHandle1 09561 ); 09562 ASSERT(NT_SUCCESS(NtStatus) ); 09563 09564 Buffer = NULL; 09565 NtStatus = SamQueryInformationUser( 09566 UserHandle1, 09567 UserPreferencesInformation, 09568 &Buffer 09569 ); 09570 if (NT_SUCCESS(NtStatus)) { 09571 if (Buffer != NULL) { 09572 09573 if ( (((USER_PREFERENCES_INFORMATION *)Buffer)->UserComment.MaximumLength 09574 >= 0) 09575 ) { 09576 09577 printf("Succeeded\n"); 09578 09579 printf(" User Comment is: *%wZ*\n", 09580 &(((USER_PREFERENCES_INFORMATION *)Buffer)->UserComment) ); 09581 09582 } else { 09583 printf("Failed\n"); 09584 printf(" One of the UNICODE_STRINGs not returned.\n"); 09585 TestStatus = FALSE; 09586 } 09587 SamFreeMemory( Buffer ); 09588 } else { 09589 printf("Failed\n"); 09590 printf(" Buffer address not set on return.\n"); 09591 printf(" RPC should have allocated a buffer.\n"); 09592 TestStatus = FALSE; 09593 } 09594 } else { 09595 printf("Failed\n"); 09596 printf(" Completion status is 0x%lx\n", NtStatus); 09597 TestStatus = FALSE; 09598 } 09599 IgnoreStatus = SamCloseHandle( UserHandle1 ); 09600 ASSERT( NT_SUCCESS(IgnoreStatus) ); 09601 09602 09603 09604 09605 09606 printf(" Query User Home Directory Information . . . . . . . . "); 09607 09608 09609 NtStatus = SamOpenUser( 09610 DomainHandle, 09611 USER_READ_LOGON, 09612 DOMAIN_USER_RID_ADMIN, 09613 &UserHandle1 09614 ); 09615 ASSERT(NT_SUCCESS(NtStatus) ); 09616 09617 Buffer = NULL; 09618 NtStatus = SamQueryInformationUser( 09619 UserHandle1, 09620 UserHomeInformation, 09621 &Buffer 09622 ); 09623 if (NT_SUCCESS(NtStatus)) { 09624 if (Buffer != NULL) { 09625 09626 if ( (((USER_HOME_INFORMATION *)Buffer)->HomeDirectory.MaximumLength 09627 >= 0) && 09628 (((USER_HOME_INFORMATION *)Buffer)->HomeDirectoryDrive.MaximumLength 09629 >= 0) 09630 ) { 09631 09632 printf("Succeeded\n"); 09633 09634 printf(" Home Directory is: *%wZ*\n", 09635 &(((USER_HOME_INFORMATION *)Buffer)->HomeDirectory) ); 09636 printf(" Home Directory Drive is: *%wZ*\n", 09637 &(((USER_HOME_INFORMATION *)Buffer)->HomeDirectoryDrive) ); 09638 09639 09640 } else { 09641 printf("Failed\n"); 09642 printf(" String not returned.\n"); 09643 TestStatus = FALSE; 09644 } 09645 SamFreeMemory( Buffer ); 09646 } else { 09647 printf("Failed\n"); 09648 printf(" Buffer address not set on return.\n"); 09649 printf(" RPC should have allocated a buffer.\n"); 09650 TestStatus = FALSE; 09651 } 09652 } else { 09653 printf("Failed\n"); 09654 printf(" Completion status is 0x%lx\n", NtStatus); 09655 TestStatus = FALSE; 09656 } 09657 IgnoreStatus = SamCloseHandle( UserHandle1 ); 09658 ASSERT( NT_SUCCESS(IgnoreStatus) ); 09659 09660 09661 09662 09663 printf(" Query User Script Path Information . . . . . . . . . "); 09664 09665 09666 NtStatus = SamOpenUser( 09667 DomainHandle, 09668 USER_READ_LOGON, 09669 DOMAIN_USER_RID_ADMIN, 09670 &UserHandle1 09671 ); 09672 ASSERT(NT_SUCCESS(NtStatus) ); 09673 09674 Buffer = NULL; 09675 NtStatus = SamQueryInformationUser( 09676 UserHandle1, 09677 UserScriptInformation, 09678 &Buffer 09679 ); 09680 if (NT_SUCCESS(NtStatus)) { 09681 if (Buffer != NULL) { 09682 09683 if ( (((USER_SCRIPT_INFORMATION *)Buffer)->ScriptPath.MaximumLength 09684 >= 0) 09685 ) { 09686 09687 printf("Succeeded\n"); 09688 09689 printf(" Script Path is: *%wZ*\n", 09690 &(((USER_SCRIPT_INFORMATION *)Buffer)->ScriptPath) ); 09691 09692 09693 } else { 09694 printf("Failed\n"); 09695 printf(" String not returned.\n"); 09696 TestStatus = FALSE; 09697 } 09698 SamFreeMemory( Buffer ); 09699 } else { 09700 printf("Failed\n"); 09701 printf(" Buffer address not set on return.\n"); 09702 printf(" RPC should have allocated a buffer.\n"); 09703 TestStatus = FALSE; 09704 } 09705 } else { 09706 printf("Failed\n"); 09707 printf(" Completion status is 0x%lx\n", NtStatus); 09708 TestStatus = FALSE; 09709 } 09710 IgnoreStatus = SamCloseHandle( UserHandle1 ); 09711 ASSERT( NT_SUCCESS(IgnoreStatus) ); 09712 09713 09714 09715 printf(" Query User ProfilePath Information . . . . . . . . . "); 09716 09717 09718 NtStatus = SamOpenUser( 09719 DomainHandle, 09720 USER_READ_LOGON, 09721 DOMAIN_USER_RID_ADMIN, 09722 &UserHandle1 09723 ); 09724 ASSERT(NT_SUCCESS(NtStatus) ); 09725 09726 Buffer = NULL; 09727 NtStatus = SamQueryInformationUser( 09728 UserHandle1, 09729 UserProfileInformation, 09730 &Buffer 09731 ); 09732 if (NT_SUCCESS(NtStatus)) { 09733 if (Buffer != NULL) { 09734 09735 if ( (((USER_PROFILE_INFORMATION *)Buffer)->ProfilePath.MaximumLength 09736 >= 0) 09737 ) { 09738 09739 printf("Succeeded\n"); 09740 09741 printf(" Profile Path is: *%wZ*\n", 09742 &(((USER_PROFILE_INFORMATION *)Buffer)->ProfilePath) ); 09743 09744 09745 } else { 09746 printf("Failed\n"); 09747 printf(" String not returned.\n"); 09748 TestStatus = FALSE; 09749 } 09750 SamFreeMemory( Buffer ); 09751 } else { 09752 printf("Failed\n"); 09753 printf(" Buffer address not set on return.\n"); 09754 printf(" RPC should have allocated a buffer.\n"); 09755 TestStatus = FALSE; 09756 } 09757 } else { 09758 printf("Failed\n"); 09759 printf(" Completion status is 0x%lx\n", NtStatus); 09760 TestStatus = FALSE; 09761 } 09762 IgnoreStatus = SamCloseHandle( UserHandle1 ); 09763 ASSERT( NT_SUCCESS(IgnoreStatus) ); 09764 09765 09766 09767 printf(" Query User Logon Information . . . . . . . . . . . . "); 09768 09769 09770 NtStatus = SamOpenUser( 09771 DomainHandle, 09772 USER_READ_ACCOUNT | USER_READ_GENERAL | USER_READ_PREFERENCES | USER_READ_LOGON, 09773 DOMAIN_USER_RID_ADMIN, 09774 &UserHandle1 09775 ); 09776 ASSERT(NT_SUCCESS(NtStatus) ); 09777 09778 Buffer = NULL; 09779 NtStatus = SamQueryInformationUser( 09780 UserHandle1, 09781 UserLogonInformation, 09782 &Buffer 09783 ); 09784 if (NT_SUCCESS(NtStatus)) { 09785 if (Buffer != NULL) { 09786 09787 if ( (((USER_LOGON_INFORMATION *)Buffer)->UserName.MaximumLength > 0) && 09788 (((USER_LOGON_INFORMATION *)Buffer)->UserName.Buffer != NULL) 09789 ) { 09790 09791 printf("Succeeded\n"); 09792 09793 printf(" User RID is: 0x%lx\n", 09794 (((USER_LOGON_INFORMATION *)Buffer)->UserId) ); 09795 printf(" Primary Group is: 0x%lx\n", 09796 (((USER_LOGON_INFORMATION *)Buffer)->PrimaryGroupId) ); 09797 printf(" Logon Units are: 0x%lx\n", 09798 (((USER_LOGON_INFORMATION *)Buffer)->LogonHours.UnitsPerWeek) ); 09799 printf(" Bad PWD count is: 0x%lx\n", 09800 (((USER_LOGON_INFORMATION *)Buffer)->BadPasswordCount) ); 09801 printf(" Logon count is: 0x%lx\n", 09802 (((USER_LOGON_INFORMATION *)Buffer)->LogonCount) ); 09803 09804 printf(" last Logon is: (0x%lx, 0x%lx)\n", 09805 (((USER_LOGON_INFORMATION *)Buffer)->LastLogon.HighPart), 09806 (((USER_LOGON_INFORMATION *)Buffer)->LastLogon.LowPart) ); 09807 printf(" last Logoff is: (0x%lx, 0x%lx)\n", 09808 (((USER_LOGON_INFORMATION *)Buffer)->LastLogoff.HighPart), 09809 (((USER_LOGON_INFORMATION *)Buffer)->LastLogoff.LowPart) ); 09810 09811 09812 printf(" User Name is: *%wZ*\n", 09813 &(((USER_LOGON_INFORMATION *)Buffer)->UserName) ); 09814 printf(" Full Name is: *%wZ*\n", 09815 &(((USER_LOGON_INFORMATION *)Buffer)->FullName) ); 09816 printf(" Home Dir is: *%wZ*\n", 09817 &(((USER_LOGON_INFORMATION *)Buffer)->HomeDirectory) ); 09818 printf(" Home Dir Drive is: *%wZ*\n", 09819 &(((USER_LOGON_INFORMATION *)Buffer)->HomeDirectoryDrive) ); 09820 printf(" Script Path is: *%wZ*\n", 09821 &(((USER_LOGON_INFORMATION *)Buffer)->ScriptPath) ); 09822 printf(" Profile Path is: *%wZ*\n", 09823 &(((USER_LOGON_INFORMATION *)Buffer)->ProfilePath) ); 09824 printf(" WorkStations are: *%wZ*\n", 09825 &(((USER_LOGON_INFORMATION *)Buffer)->WorkStations) ); 09826 09827 09828 09829 09830 } else { 09831 printf("Failed\n"); 09832 printf(" One of the UNICODE_STRINGs not returned.\n"); 09833 TestStatus = FALSE; 09834 } 09835 SamFreeMemory( Buffer ); 09836 } else { 09837 printf("Failed\n"); 09838 printf(" Buffer address not set on return.\n"); 09839 printf(" RPC should have allocated a buffer.\n"); 09840 TestStatus = FALSE; 09841 } 09842 } else { 09843 printf("Failed\n"); 09844 printf(" Completion status is 0x%lx\n", NtStatus); 09845 TestStatus = FALSE; 09846 } 09847 IgnoreStatus = SamCloseHandle( UserHandle1 ); 09848 ASSERT( NT_SUCCESS(IgnoreStatus) ); 09849 09850 09851 09852 09853 printf(" Query User Logon Hours . . . . . . . . . . . . . . . "); 09854 09855 09856 NtStatus = SamOpenUser( 09857 DomainHandle, 09858 USER_READ_LOGON, 09859 DOMAIN_USER_RID_ADMIN, 09860 &UserHandle1 09861 ); 09862 ASSERT(NT_SUCCESS(NtStatus) ); 09863 09864 Buffer = NULL; 09865 NtStatus = SamQueryInformationUser( 09866 UserHandle1, 09867 UserLogonHoursInformation, 09868 &Buffer 09869 ); 09870 if (NT_SUCCESS(NtStatus)) { 09871 if (Buffer != NULL) { 09872 09873 printf("Succeeded\n"); 09874 09875 printf(" Logon Units are: 0x%lx\n", 09876 (((USER_LOGON_HOURS_INFORMATION *)Buffer)->LogonHours.UnitsPerWeek) ); 09877 09878 09879 SamFreeMemory( Buffer ); 09880 09881 } else { 09882 printf("Failed\n"); 09883 printf(" Buffer address not set on return.\n"); 09884 printf(" RPC should have allocated a buffer.\n"); 09885 TestStatus = FALSE; 09886 } 09887 } else { 09888 printf("Failed\n"); 09889 printf(" Completion status is 0x%lx\n", NtStatus); 09890 TestStatus = FALSE; 09891 } 09892 IgnoreStatus = SamCloseHandle( UserHandle1 ); 09893 ASSERT( NT_SUCCESS(IgnoreStatus) ); 09894 09895 09896 09897 09898 printf(" Query Account Information . . . . . . . . . . . . . . "); 09899 09900 NtStatus = SamOpenUser( 09901 DomainHandle, 09902 USER_READ_GENERAL | USER_READ_PREFERENCES | 09903 USER_READ_LOGON | USER_READ_ACCOUNT, 09904 DOMAIN_USER_RID_ADMIN, 09905 &UserHandle1 09906 ); 09907 ASSERT(NT_SUCCESS(NtStatus) ); 09908 09909 Buffer = NULL; 09910 NtStatus = SamQueryInformationUser( 09911 UserHandle1, 09912 UserAccountInformation, 09913 &Buffer 09914 ); 09915 if (NT_SUCCESS(NtStatus)) { 09916 if (Buffer != NULL) { 09917 09918 if ( (((USER_ACCOUNT_INFORMATION *)Buffer)->UserName.MaximumLength > 0) && 09919 (((USER_ACCOUNT_INFORMATION *)Buffer)->UserName.Buffer != NULL) 09920 ) { 09921 09922 printf("Succeeded\n"); 09923 09924 printf(" User RID is: 0x%lx\n", 09925 (((USER_ACCOUNT_INFORMATION *)Buffer)->UserId) ); 09926 printf(" Primary Group is: 0x%lx\n", 09927 (((USER_ACCOUNT_INFORMATION *)Buffer)->PrimaryGroupId) ); 09928 printf(" Logon Units are: 0x%lx\n", 09929 (((USER_ACCOUNT_INFORMATION *)Buffer)->LogonHours.UnitsPerWeek) ); 09930 printf(" Bad PWD count is: 0x%lx\n", 09931 (((USER_ACCOUNT_INFORMATION *)Buffer)->BadPasswordCount) ); 09932 printf(" Logon count is: 0x%lx\n", 09933 (((USER_ACCOUNT_INFORMATION *)Buffer)->LogonCount) ); 09934 printf(" Account Ctrl is: 0x%lx\n", 09935 (((USER_ACCOUNT_INFORMATION *)Buffer)->UserAccountControl) ); 09936 09937 printf(" last Logon is: (0x%lx, 0x%lx)\n", 09938 (((USER_ACCOUNT_INFORMATION *)Buffer)->LastLogon.HighPart), 09939 (((USER_ACCOUNT_INFORMATION *)Buffer)->LastLogon.LowPart) ); 09940 printf(" last Logoff is: (0x%lx, 0x%lx)\n", 09941 (((USER_ACCOUNT_INFORMATION *)Buffer)->LastLogoff.HighPart), 09942 (((USER_ACCOUNT_INFORMATION *)Buffer)->LastLogoff.LowPart) ); 09943 printf(" Pwd Last Set is: (0x%lx, 0x%lx)\n", 09944 (((USER_ACCOUNT_INFORMATION *)Buffer)->PasswordLastSet.HighPart), 09945 (((USER_ACCOUNT_INFORMATION *)Buffer)->PasswordLastSet.LowPart) ); 09946 printf(" Account Expires is: (0x%lx, 0x%lx)\n", 09947 (((USER_ACCOUNT_INFORMATION *)Buffer)->AccountExpires.HighPart), 09948 (((USER_ACCOUNT_INFORMATION *)Buffer)->AccountExpires.LowPart) ); 09949 09950 09951 printf(" User Name is: *%wZ*\n", 09952 &(((USER_ACCOUNT_INFORMATION *)Buffer)->UserName) ); 09953 printf(" Full Name is: *%wZ*\n", 09954 &(((USER_ACCOUNT_INFORMATION *)Buffer)->FullName) ); 09955 printf(" Home Dir is: *%wZ*\n", 09956 &(((USER_ACCOUNT_INFORMATION *)Buffer)->HomeDirectory) ); 09957 printf(" Home Dir Drive is: *%wZ*\n", 09958 &(((USER_ACCOUNT_INFORMATION *)Buffer)->HomeDirectoryDrive) ); 09959 printf(" Script Path is: *%wZ*\n", 09960 &(((USER_ACCOUNT_INFORMATION *)Buffer)->ScriptPath) ); 09961 printf(" Profile Path is: *%wZ*\n", 09962 &(((USER_ACCOUNT_INFORMATION *)Buffer)->ProfilePath) ); 09963 printf(" Admin Comment is: *%wZ*\n", 09964 &(((USER_ACCOUNT_INFORMATION *)Buffer)->AdminComment) ); 09965 printf(" WorkStations are: *%wZ*\n", 09966 &(((USER_ACCOUNT_INFORMATION *)Buffer)->WorkStations) ); 09967 09968 09969 09970 } else { 09971 printf("Failed\n"); 09972 printf(" One of the UNICODE_STRINGs not returned.\n"); 09973 TestStatus = FALSE; 09974 } 09975 SamFreeMemory( Buffer ); 09976 } else { 09977 printf("Failed\n"); 09978 printf(" Buffer address not set on return.\n"); 09979 printf(" RPC should have allocated a buffer.\n"); 09980 TestStatus = FALSE; 09981 } 09982 } else { 09983 printf("Failed\n"); 09984 printf(" Completion status is 0x%lx\n", NtStatus); 09985 TestStatus = FALSE; 09986 } 09987 IgnoreStatus = SamCloseHandle( UserHandle1 ); 09988 ASSERT( NT_SUCCESS(IgnoreStatus) ); 09989 09990 09991 09992 09993 09994 09995 09996 09997 printf(" Query Workstations Information . . . . . . . . . . . "); 09998 09999 NtStatus = SamOpenUser( 10000 DomainHandle, 10001 USER_READ_LOGON, 10002 DOMAIN_USER_RID_ADMIN, 10003 &UserHandle1 10004 ); 10005 ASSERT(NT_SUCCESS(NtStatus) ); 10006 10007 Buffer = NULL; 10008 NtStatus = SamQueryInformationUser( 10009 UserHandle1, 10010 UserWorkStationsInformation, 10011 &Buffer 10012 ); 10013 if (NT_SUCCESS(NtStatus)) { 10014 if (Buffer != NULL) { 10015 10016 if ( (((USER_WORKSTATIONS_INFORMATION *)Buffer)->WorkStations.MaximumLength 10017 >= 0) 10018 ) { 10019 10020 printf("Succeeded\n"); 10021 10022 printf(" Workstations is: *%wZ*\n", 10023 &(((USER_WORKSTATIONS_INFORMATION *)Buffer)->WorkStations) ); 10024 10025 10026 } else { 10027 printf("Failed\n"); 10028 printf(" String not returned.\n"); 10029 TestStatus = FALSE; 10030 } 10031 SamFreeMemory( Buffer ); 10032 } else { 10033 printf("Failed\n"); 10034 printf(" Buffer address not set on return.\n"); 10035 printf(" RPC should have allocated a buffer.\n"); 10036 TestStatus = FALSE; 10037 } 10038 } else { 10039 printf("Failed\n"); 10040 printf(" Completion status is 0x%lx\n", NtStatus); 10041 TestStatus = FALSE; 10042 } 10043 IgnoreStatus = SamCloseHandle( UserHandle1 ); 10044 ASSERT( NT_SUCCESS(IgnoreStatus) ); 10045 10046 10047 10048 10049 10050 printf(" Query Internal1 Information . . . . . . . . . . . "); 10051 10052 NtStatus = SamOpenUser( 10053 DomainHandle, 10054 USER_READ_LOGON, 10055 DOMAIN_USER_RID_ADMIN, 10056 &UserHandle1 10057 ); 10058 ASSERT(NT_SUCCESS(NtStatus) ); 10059 10060 Buffer = NULL; 10061 NtStatus = SamQueryInformationUser( 10062 UserHandle1, 10063 UserInternal1Information, 10064 &Buffer 10065 ); 10066 10067 if ( NtStatus == STATUS_INVALID_INFO_CLASS ) { 10068 10069 // 10070 // We're not a trusted client, so we expected this to fail. 10071 // 10072 10073 printf("Succeeded\n"); 10074 10075 } else { 10076 10077 printf("Failed\n"); 10078 printf(" Status was %lx.\n", NtStatus ); 10079 TestStatus = FALSE; 10080 if ( NT_SUCCESS( NtStatus ) ) { 10081 10082 SamFreeMemory( Buffer ); 10083 } 10084 } 10085 10086 // This is the code that USED to test this function, when it was allowed 10087 // for non-trusted clients. 10088 // 10089 // if (NT_SUCCESS(NtStatus)) { 10090 // if (Buffer != NULL) { 10091 // 10092 // if ( (((USER_INTERNAL1_INFORMATION *)Buffer)->CaseInsensitiveDbcs.MaximumLength > 0) && 10093 // (((USER_INTERNAL1_INFORMATION *)Buffer)->CaseInsensitiveDbcs.Buffer != NULL) && 10094 // (((USER_INTERNAL1_INFORMATION *)Buffer)->CaseSensitiveUnicode.MaximumLength > 0) && 10095 // (((USER_INTERNAL1_INFORMATION *)Buffer)->CaseSensitiveUnicode.Buffer != NULL) 10096 // ) { 10097 // 10098 // printf("Succeeded\n"); 10099 // 10100 // // 10101 // // Print them out as strings, even though they've been 10102 // // through a OWF. 10103 // // 10104 // 10105 // printf(" CaseInsensitiveDbcs is: *%s*\n", 10106 // &(((USER_INTERNAL1_INFORMATION *)Buffer)->CaseInsensitiveDbcs) ); 10107 // 10108 // printf(" CaseSensitiveUnicode is: *%s*\n", 10109 // &(((USER_INTERNAL1_INFORMATION *)Buffer)->CaseSensitiveUnicode) ); 10110 // 10111 // 10112 // } else { 10113 // printf("Failed\n"); 10114 // printf(" One of the strings not returned.\n"); 10115 // TestStatus = FALSE; 10116 // } 10117 // SamFreeMemory( Buffer ); 10118 // } else { 10119 // printf("Failed\n"); 10120 // printf(" Buffer address not set on return.\n"); 10121 // printf(" RPC should have allocated a buffer.\n"); 10122 // TestStatus = FALSE; 10123 // } 10124 // } else { 10125 // printf("Failed\n"); 10126 // printf(" Completion status is 0x%lx\n", NtStatus); 10127 // TestStatus = FALSE; 10128 // } 10129 10130 IgnoreStatus = SamCloseHandle( UserHandle1 ); 10131 ASSERT( NT_SUCCESS(IgnoreStatus) ); 10132 10133 10134 10135 10136 10137 printf(" Query Internal2 Information . . . . . . . . . . . "); 10138 10139 NtStatus = SamOpenUser( 10140 DomainHandle, 10141 USER_READ_LOGON, 10142 DOMAIN_USER_RID_ADMIN, 10143 &UserHandle1 10144 ); 10145 ASSERT(NT_SUCCESS(NtStatus) ); 10146 10147 Buffer = NULL; 10148 NtStatus = SamQueryInformationUser( 10149 UserHandle1, 10150 UserInternal2Information, 10151 &Buffer 10152 ); 10153 10154 if ( NtStatus == STATUS_INVALID_INFO_CLASS ) { 10155 10156 // 10157 // We're not a trusted client, so we don't expect to be able 10158 // to do this. 10159 // 10160 10161 printf("Succeeded.\n"); 10162 10163 } else { 10164 10165 printf("Failed\n"); 10166 printf(" Completion status is 0x%lx\n", NtStatus); 10167 TestStatus = FALSE; 10168 SamFreeMemory( Buffer ); 10169 } 10170 10171 // This is the code that USED to test this function, when non-trusted 10172 // clients were allowed to do this... 10173 // 10174 // if (NT_SUCCESS(NtStatus)) { 10175 // if (Buffer != NULL) { 10176 // 10177 // printf("Succeeded\n"); 10178 // 10179 // printf(" last Logon is: (0x%lx, 0x%lx)\n", 10180 // (((USER_INTERNAL2_INFORMATION *)Buffer)->LastLogon.HighPart), 10181 // (((USER_INTERNAL2_INFORMATION *)Buffer)->LastLogon.LowPart) ); 10182 // printf(" last Logoff is: (0x%lx, 0x%lx)\n", 10183 // (((USER_INTERNAL2_INFORMATION *)Buffer)->LastLogoff.HighPart), 10184 // (((USER_INTERNAL2_INFORMATION *)Buffer)->LastLogoff.LowPart) ); 10185 // printf(" BadPwdCount is: (0x%x)\n", 10186 // ((USER_INTERNAL2_INFORMATION *)Buffer)->BadPasswordCount ); 10187 // printf(" LogonCount is: (0x%x)\n", 10188 // ((USER_INTERNAL2_INFORMATION *)Buffer)->LogonCount ); 10189 // 10190 // SamFreeMemory( Buffer ); 10191 // } else { 10192 // printf("Failed\n"); 10193 // printf(" Buffer address not set on return.\n"); 10194 // printf(" RPC should have allocated a buffer.\n"); 10195 // TestStatus = FALSE; 10196 // } 10197 // } else { 10198 // printf("Failed\n"); 10199 // printf(" Completion status is 0x%lx\n", NtStatus); 10200 // TestStatus = FALSE; 10201 // } 10202 10203 IgnoreStatus = SamCloseHandle( UserHandle1 ); 10204 ASSERT( NT_SUCCESS(IgnoreStatus) ); 10205 10206 10207 10208 10209 10210 printf(" Query Set Password Information . . . . . . . . . . . "); 10211 10212 10213 10214 10215 NtStatus = SamOpenUser( 10216 DomainHandle, 10217 USER_READ_LOGON, 10218 DOMAIN_USER_RID_ADMIN, 10219 &UserHandle1 10220 ); 10221 ASSERT(NT_SUCCESS(NtStatus) ); 10222 10223 Buffer = NULL; 10224 NtStatus = SamQueryInformationUser( 10225 UserHandle1, 10226 UserSetPasswordInformation, 10227 &Buffer 10228 ); 10229 if (NtStatus == STATUS_INVALID_INFO_CLASS ) { 10230 10231 printf("Succeeded\n"); 10232 10233 } else { 10234 printf("Failed\n"); 10235 printf(" Completion status is 0x%lx\n", NtStatus); 10236 printf(" Expected 0x%lx (INVALID_INFO_CLASS)\n", STATUS_INVALID_INFO_CLASS); 10237 TestStatus = FALSE; 10238 } 10239 IgnoreStatus = SamCloseHandle( UserHandle1 ); 10240 ASSERT( NT_SUCCESS(IgnoreStatus) ); 10241 10242 10243 10244 10246 // // 10247 // Get Groups For User Suite // 10248 // // 10250 10251 printf("\n"); 10252 printf(" Get Groups For User . . . . . . . . . . . . . . . . . Suite\n"); 10253 10254 printf(" Get Groups For Well-Known Account . . . . . . . . . . "); 10255 10256 NtStatus = SamOpenUser( 10257 DomainHandle, 10258 USER_LIST_GROUPS, 10259 DOMAIN_USER_RID_ADMIN, 10260 &UserHandle1 10261 ); 10262 ASSERT(NT_SUCCESS(NtStatus) ); 10263 10264 Buffer = NULL; 10265 NtStatus = SamGetGroupsForUser( 10266 UserHandle1, 10267 (PGROUP_MEMBERSHIP *)&Buffer, 10268 &MembershipCount 10269 ); 10270 if (NT_SUCCESS(NtStatus)) { 10271 if (Buffer != NULL) { 10272 10273 printf("Succeeded\n"); 10274 10275 10276 printf(" Member of: %d groups\n", MembershipCount); 10277 for ( i=0; i<MembershipCount; i++) { 10278 10279 printf(" Group[%d] Rid/Attributes: 0x%lx/0x%lx\n", 10280 i, 10281 (((PGROUP_MEMBERSHIP)Buffer)[i].RelativeId), 10282 (((PGROUP_MEMBERSHIP)Buffer)[i].Attributes) 10283 ); 10284 10285 } 10286 10287 SamFreeMemory( Buffer ); 10288 10289 10290 } else { 10291 printf("Failed\n"); 10292 printf(" Buffer address not set on return.\n"); 10293 printf(" RPC should have allocated a buffer.\n"); 10294 TestStatus = FALSE; 10295 } 10296 } else { 10297 printf("Failed\n"); 10298 printf(" Completion status is 0x%lx\n", NtStatus); 10299 TestStatus = FALSE; 10300 } 10301 IgnoreStatus = SamCloseHandle( UserHandle1 ); 10302 ASSERT( NT_SUCCESS(IgnoreStatus) ); 10303 10304 10305 10307 // // 10308 // Set User Suite // 10309 // // 10311 10312 printf("\n"); 10313 printf(" Set User . . . . . . . . . . . . . . . . . . . . . . Suite\n"); 10314 10315 printf(" Set General Information . . . . . . . . . . . . . . . "); 10316 NtStatus = SamOpenUser( 10317 DomainHandle, 10318 USER_ALL_ACCESS, 10319 DOMAIN_USER_RID_ADMIN, 10320 &UserHandle1 10321 ); 10322 ASSERT(NT_SUCCESS(NtStatus) ); 10323 10324 // 10325 // Make the parameter marshallable, but don't worry about values. 10326 // 10327 10328 GeneralInformation.UserName = DummyName1; 10329 GeneralInformation.FullName = DummyName1; 10330 GeneralInformation.AdminComment = DummyName1; 10331 GeneralInformation.UserComment = DummyName1; 10332 10333 Buffer = &GeneralInformation; 10334 NtStatus = SamSetInformationUser( 10335 UserHandle1, 10336 UserGeneralInformation, 10337 Buffer 10338 ); 10339 if (NtStatus == STATUS_INVALID_INFO_CLASS ) { 10340 10341 printf("Succeeded\n"); 10342 10343 } else { 10344 printf("Failed\n"); 10345 printf(" Completion status is 0x%lx\n", NtStatus); 10346 printf(" Expected 0x%lx (INVALID_INFO_CLASS)\n", STATUS_INVALID_INFO_CLASS); 10347 TestStatus = FALSE; 10348 } 10349 IgnoreStatus = SamCloseHandle( UserHandle1 ); 10350 ASSERT( NT_SUCCESS(IgnoreStatus) ); 10351 10352 10353 10354 printf(" Set Preferences Information . . . . . . . . . . . . . "); 10355 NtStatus = SamOpenUser( 10356 DomainHandle, 10357 USER_READ_GENERAL | USER_WRITE_PREFERENCES | USER_READ_PREFERENCES, 10358 DOMAIN_USER_RID_ADMIN, 10359 &UserHandle1 10360 ); 10361 ASSERT(NT_SUCCESS(NtStatus) ); 10362 10363 // 10364 // Get the current value... 10365 // 10366 10367 Buffer1 = NULL; 10368 NtStatus = SamQueryInformationUser( 10369 UserHandle1, 10370 UserPreferencesInformation, 10371 &Buffer1 10372 ); 10373 TST_SUCCESS_ASSERT(NtStatus); 10374 ASSERT(Buffer1 != NULL); 10375 10376 10377 // 10378 // Change the fields to new values and write them out. 10379 // 10380 10381 NameLength = ((USER_PREFERENCES_INFORMATION *)Buffer1)->UserComment.Length; 10382 if ( NameLength == DummyString1.Length ) { 10383 ((USER_PREFERENCES_INFORMATION *)Buffer1)->UserComment = DummyString2; 10384 } else { 10385 ((USER_PREFERENCES_INFORMATION *)Buffer1)->UserComment = DummyString1; 10386 } 10387 10388 ((USER_PREFERENCES_INFORMATION *)Buffer1)->CountryCode += 1; 10389 ((USER_PREFERENCES_INFORMATION *)Buffer1)->CodePage += 1; 10390 10391 NtStatus = SamSetInformationUser( 10392 UserHandle1, 10393 UserPreferencesInformation, 10394 Buffer1 10395 ); 10396 if ( NT_SUCCESS(NtStatus) ) { 10397 10398 // 10399 // Now check that the change was really made... 10400 // 10401 10402 NtStatus = SamQueryInformationUser( 10403 UserHandle1, 10404 UserPreferencesInformation, 10405 &Buffer2 10406 ); 10407 ASSERT(NT_SUCCESS( NtStatus ) ); 10408 if ( 10409 !RtlCompareString( 10410 (PSTRING)&((USER_PREFERENCES_INFORMATION *)Buffer1)->UserComment, 10411 (PSTRING)&((USER_PREFERENCES_INFORMATION *)Buffer2)->UserComment, 10412 TRUE) 10413 && 10414 (((USER_PREFERENCES_INFORMATION *)Buffer1)->CountryCode == 10415 ((USER_PREFERENCES_INFORMATION *)Buffer2)->CountryCode) 10416 && 10417 (((USER_PREFERENCES_INFORMATION *)Buffer1)->CodePage == 10418 ((USER_PREFERENCES_INFORMATION *)Buffer2)->CodePage) 10419 ) { 10420 10421 printf("Succeeded\n"); 10422 10423 // 10424 // Change back some fields to keep from screwing up our database 10425 // 10426 10427 ((USER_PREFERENCES_INFORMATION *)Buffer1)->CountryCode -= 1; 10428 ((USER_PREFERENCES_INFORMATION *)Buffer1)->CodePage -= 1; 10429 10430 IgnoreStatus = SamSetInformationUser( 10431 UserHandle1, 10432 UserPreferencesInformation, 10433 Buffer1 10434 ); 10435 ASSERT(NT_SUCCESS(IgnoreStatus)); 10436 10437 } else { 10438 10439 printf("Failed\n"); 10440 printf(" Values queried don't match values written\n"); 10441 printf(" UserComment Written is %wZ\n", 10442 (PUNICODE_STRING)&((USER_PREFERENCES_INFORMATION *)Buffer1)->UserComment); 10443 printf(" UserComment Retrieved is %wZ\n", 10444 (PUNICODE_STRING)&((USER_PREFERENCES_INFORMATION *)Buffer2)->UserComment); 10445 printf(" CountryCode Written is 0x%lx\n", 10446 (ULONG)((USER_PREFERENCES_INFORMATION *)Buffer1)->CountryCode); 10447 printf(" CountryCode Retrieved is 0x%lx\n", 10448 (ULONG)((USER_PREFERENCES_INFORMATION *)Buffer2)->CountryCode); 10449 printf(" CodePage Written is 0x%lx\n", 10450 (ULONG)((USER_PREFERENCES_INFORMATION *)Buffer1)->CodePage); 10451 printf(" CodePage Retrieved is 0x%lx\n", 10452 (ULONG)((USER_PREFERENCES_INFORMATION *)Buffer2)->CodePage); 10453 10454 TestStatus = FALSE; 10455 10456 } 10457 10458 SamFreeMemory( Buffer1 ); 10459 SamFreeMemory( Buffer2 ); 10460 10461 } else { 10462 printf("Failed\n"); 10463 printf(" Completion status is 0x%lx\n", NtStatus); 10464 TestStatus = FALSE; 10465 SamFreeMemory( Buffer1 ); 10466 10467 } 10468 10469 10470 10471 10472 printf(" Set Logon Information . . . . . . . . . . . . . . . . "); 10473 NtStatus = SamOpenUser( 10474 DomainHandle, 10475 USER_ALL_ACCESS, 10476 DOMAIN_USER_RID_ADMIN, 10477 &UserHandle1 10478 ); 10479 ASSERT(NT_SUCCESS(NtStatus) ); 10480 10481 // 10482 // Make the parameter marshallable, but don't worry about values. 10483 // 10484 10485 LogonInformation.UserName = DummyName1; 10486 LogonInformation.FullName = DummyName1; 10487 LogonInformation.HomeDirectory = DummyName1; 10488 LogonInformation.HomeDirectoryDrive = DummyName1; 10489 LogonInformation.ScriptPath = DummyName1; 10490 LogonInformation.ProfilePath = DummyName1; 10491 LogonInformation.WorkStations = DummyName1; 10492 10493 LogonInformation.LogonHours = DummyLogonHours; 10494 10495 Buffer = &LogonInformation; 10496 NtStatus = SamSetInformationUser( 10497 UserHandle1, 10498 UserLogonInformation, 10499 Buffer 10500 ); 10501 if (NtStatus == STATUS_INVALID_INFO_CLASS ) { 10502 10503 printf("Succeeded\n"); 10504 10505 } else { 10506 printf("Failed\n"); 10507 printf(" Completion status is 0x%lx\n", NtStatus); 10508 printf(" Expected 0x%lx (INVALID_INFO_CLASS)\n", STATUS_INVALID_INFO_CLASS); 10509 TestStatus = FALSE; 10510 } 10511 IgnoreStatus = SamCloseHandle( UserHandle1 ); 10512 ASSERT( NT_SUCCESS(IgnoreStatus) ); 10513 10514 10515 10516 printf(" Set Logon Hours Information . . . . . . . . . . . . . "); 10517 NtStatus = SamOpenUser( 10518 DomainHandle, 10519 USER_WRITE_ACCOUNT | USER_READ_LOGON, 10520 DOMAIN_USER_RID_ADMIN, 10521 &UserHandle1 10522 ); 10523 ASSERT(NT_SUCCESS(NtStatus) ); 10524 10525 // 10526 // Get the current value... 10527 // 10528 10529 Buffer1 = NULL; 10530 NtStatus = SamQueryInformationUser( 10531 UserHandle1, 10532 UserLogonHoursInformation, 10533 &Buffer1 10534 ); 10535 TST_SUCCESS_ASSERT(NtStatus); 10536 ASSERT(Buffer1 != NULL); 10537 ASSERT( ((USER_LOGON_HOURS_INFORMATION *)Buffer1)->LogonHours.LogonHours 10538 != NULL); //Don't support zero length bit masks in this test yet. 10539 10540 10541 // 10542 // Change the field to a new value and write it out. 10543 // We have two choices for out test: 10544 // NoLogonRestriction 10545 // DummyLogonHours 10546 // 10547 // They are guaranteed to have different values in the 10548 // LOGON_HOURS_DIFFERENT_OFFSET byte of their respective bit masks. 10549 // 10550 10551 if ( 0 == ((USER_LOGON_HOURS_INFORMATION *)Buffer1)->LogonHours.LogonHours[LOGON_HOURS_DIFFERENT_OFFSET]) { 10552 ((USER_LOGON_HOURS_INFORMATION *)Buffer1)->LogonHours = DummyLogonHours; 10553 } else { 10554 ((USER_LOGON_HOURS_INFORMATION *)Buffer1)->LogonHours = NoLogonRestriction; 10555 } 10556 10557 NtStatus = SamSetInformationUser( 10558 UserHandle1, 10559 UserLogonHoursInformation, 10560 Buffer1 10561 ); 10562 if ( NT_SUCCESS(NtStatus) ) { 10563 10564 // 10565 // Now check that the change was really made... 10566 // 10567 10568 NtStatus = SamQueryInformationUser( 10569 UserHandle1, 10570 UserLogonHoursInformation, 10571 &Buffer2 10572 ); 10573 ASSERT(NT_SUCCESS( NtStatus ) ); 10574 if ( 10575 ((USER_LOGON_HOURS_INFORMATION *)Buffer1)->LogonHours.LogonHours[LOGON_HOURS_DIFFERENT_OFFSET] 10576 == 10577 ((USER_LOGON_HOURS_INFORMATION *)Buffer2)->LogonHours.LogonHours[LOGON_HOURS_DIFFERENT_OFFSET] 10578 ) { 10579 10580 printf("Succeeded\n"); 10581 10582 } else { 10583 10584 printf("Failed\n"); 10585 printf(" Value queried doesn't match value written\n"); 10586 printf(" Units Written are 0x%lx\n", 10587 ((USER_LOGON_HOURS_INFORMATION *)Buffer1)->LogonHours.UnitsPerWeek); 10588 printf(" Units Retrieved are 0x%lx\n", 10589 ((USER_LOGON_HOURS_INFORMATION *)Buffer2)->LogonHours.UnitsPerWeek); 10590 10591 printf(" Byte 0x%lx of the written bit mask is 0x%lx\n", 10592 LOGON_HOURS_DIFFERENT_OFFSET, 10593 (ULONG)((USER_LOGON_HOURS_INFORMATION *)Buffer1)->LogonHours.LogonHours[LOGON_HOURS_DIFFERENT_OFFSET] 10594 ); 10595 printf(" Byte 0x%lx of the retrieved bit mask is 0x%lx\n", 10596 LOGON_HOURS_DIFFERENT_OFFSET, 10597 (ULONG)((USER_LOGON_HOURS_INFORMATION *)Buffer2)->LogonHours.LogonHours[LOGON_HOURS_DIFFERENT_OFFSET] 10598 ); 10599 10600 TestStatus = FALSE; 10601 10602 } 10603 10604 SamFreeMemory( Buffer1 ); 10605 SamFreeMemory( Buffer2 ); 10606 10607 } else { 10608 printf("Failed\n"); 10609 printf(" Completion status is 0x%lx\n", NtStatus); 10610 TestStatus = FALSE; 10611 SamFreeMemory( Buffer1 ); 10612 10613 } 10614 10615 10616 10617 10618 10619 printf(" Set Account Information . . . . . . . . . . . . . . . "); 10620 NtStatus = SamOpenUser( 10621 DomainHandle, 10622 USER_WRITE_ACCOUNT | 10623 USER_READ_GENERAL | 10624 USER_READ_PREFERENCES | 10625 USER_READ_LOGON, 10626 DOMAIN_USER_RID_ADMIN, 10627 &UserHandle1 10628 ); 10629 ASSERT(NT_SUCCESS(NtStatus) ); 10630 10631 // 10632 // Make the parameter marshallable, but don't worry about values. 10633 // 10634 10635 AccountInformation.UserName = DummyName1; 10636 AccountInformation.FullName = DummyName1; 10637 AccountInformation.HomeDirectory = DummyName1; 10638 AccountInformation.HomeDirectoryDrive = DummyName1; 10639 AccountInformation.ScriptPath = DummyName1; 10640 AccountInformation.ProfilePath = DummyName1; 10641 AccountInformation.AdminComment = DummyName1; 10642 AccountInformation.WorkStations = DummyName1; 10643 10644 AccountInformation.LogonHours = DummyLogonHours; 10645 10646 Buffer = &AccountInformation; 10647 NtStatus = SamSetInformationUser( 10648 UserHandle1, 10649 UserAccountInformation, 10650 Buffer 10651 ); 10652 if (NtStatus == STATUS_INVALID_INFO_CLASS ) { 10653 10654 printf("Succeeded\n"); 10655 10656 } else { 10657 printf("Failed\n"); 10658 printf(" Completion status is 0x%lx\n", NtStatus); 10659 printf(" Expected 0x%lx (INVALID_INFO_CLASS)\n", STATUS_INVALID_INFO_CLASS); 10660 TestStatus = FALSE; 10661 } 10662 IgnoreStatus = SamCloseHandle( UserHandle1 ); 10663 ASSERT( NT_SUCCESS(IgnoreStatus) ); 10664 10665 10666 printf(" Set Home . . . . . . . . . . . . . . . . . . . . . . "); 10667 NtStatus = SamOpenUser( 10668 DomainHandle, 10669 USER_WRITE_ACCOUNT | USER_READ_LOGON, 10670 DOMAIN_USER_RID_ADMIN, 10671 &UserHandle1 10672 ); 10673 ASSERT(NT_SUCCESS(NtStatus) ); 10674 10675 // 10676 // Get the current value... 10677 // 10678 10679 Buffer1 = NULL; 10680 NtStatus = SamQueryInformationUser( 10681 UserHandle1, 10682 UserHomeInformation, 10683 &Buffer1 10684 ); 10685 TST_SUCCESS_ASSERT(NtStatus); 10686 ASSERT(Buffer1 != NULL); 10687 10688 10689 // 10690 // Change the field to a new value and write it out. 10691 // 10692 10693 NameLength = ((USER_HOME_INFORMATION *)Buffer1)->HomeDirectory.Length; 10694 if ( NameLength == DummyString1.Length ) { 10695 ((USER_HOME_INFORMATION *)Buffer1)->HomeDirectory = DummyString2; 10696 } else { 10697 ((USER_HOME_INFORMATION *)Buffer1)->HomeDirectory = DummyString1; 10698 } 10699 10700 NameLength = ((USER_HOME_INFORMATION *)Buffer1)->HomeDirectoryDrive.Length; 10701 if ( NameLength == DummyString1.Length ) { 10702 ((USER_HOME_INFORMATION *)Buffer1)->HomeDirectoryDrive = DummyString2; 10703 } else { 10704 ((USER_HOME_INFORMATION *)Buffer1)->HomeDirectoryDrive = DummyString1; 10705 } 10706 10707 NtStatus = SamSetInformationUser( 10708 UserHandle1, 10709 UserHomeInformation, 10710 Buffer1 10711 ); 10712 if ( NT_SUCCESS(NtStatus) ) { 10713 10714 // 10715 // Now check that the change was really made... 10716 // 10717 10718 NtStatus = SamQueryInformationUser( 10719 UserHandle1, 10720 UserHomeInformation, 10721 &Buffer2 10722 ); 10723 ASSERT(NT_SUCCESS( NtStatus ) ); 10724 10725 if (!RtlCompareString( 10726 (PSTRING)&((USER_HOME_INFORMATION *)Buffer1)->HomeDirectory, 10727 (PSTRING)&((USER_HOME_INFORMATION *)Buffer2)->HomeDirectory, 10728 TRUE) ) { 10729 10730 if (!RtlCompareString( 10731 (PSTRING)&((USER_HOME_INFORMATION *)Buffer1)->HomeDirectoryDrive, 10732 (PSTRING)&((USER_HOME_INFORMATION *)Buffer2)->HomeDirectoryDrive, 10733 TRUE) 10734 ) { 10735 printf("Succeeded\n"); 10736 } else { 10737 10738 printf("Failed\n"); 10739 printf(" Drive Value queried doesn't match value written\n"); 10740 printf(" Value Written is %wZ\n", 10741 (PUNICODE_STRING)&((USER_HOME_INFORMATION *)Buffer1)->HomeDirectoryDrive); 10742 printf(" Value Retrieved is %wZ\n", 10743 (PUNICODE_STRING)&((USER_HOME_INFORMATION *)Buffer2)->HomeDirectoryDrive); 10744 10745 TestStatus = FALSE; 10746 } 10747 10748 } else { 10749 10750 printf("Failed\n"); 10751 printf(" Directory Value queried doesn't match value written\n"); 10752 printf(" Value Written is %wZ\n", 10753 (PUNICODE_STRING)&((USER_HOME_INFORMATION *)Buffer1)->HomeDirectory); 10754 printf(" Value Retrieved is %wZ\n", 10755 (PUNICODE_STRING)&((USER_HOME_INFORMATION *)Buffer2)->HomeDirectory); 10756 10757 TestStatus = FALSE; 10758 10759 } 10760 10761 SamFreeMemory( Buffer1 ); 10762 SamFreeMemory( Buffer2 ); 10763 10764 } else { 10765 printf("Failed\n"); 10766 printf(" Completion status is 0x%lx\n", NtStatus); 10767 TestStatus = FALSE; 10768 SamFreeMemory( Buffer1 ); 10769 10770 } 10771 10772 10773 10774 10775 printf(" Set Script . . . . . . . . . . . . . . . . . . . . . "); 10776 NtStatus = SamOpenUser( 10777 DomainHandle, 10778 USER_WRITE_ACCOUNT | USER_READ_LOGON, 10779 DOMAIN_USER_RID_ADMIN, 10780 &UserHandle1 10781 ); 10782 ASSERT(NT_SUCCESS(NtStatus) ); 10783 10784 // 10785 // Get the current value... 10786 // 10787 10788 Buffer1 = NULL; 10789 NtStatus = SamQueryInformationUser( 10790 UserHandle1, 10791 UserScriptInformation, 10792 &Buffer1 10793 ); 10794 TST_SUCCESS_ASSERT(NtStatus); 10795 ASSERT(Buffer1 != NULL); 10796 10797 10798 // 10799 // Change the field to a new value and write it out. 10800 // 10801 10802 NameLength = ((USER_SCRIPT_INFORMATION *)Buffer1)->ScriptPath.Length; 10803 if ( NameLength == DummyString1.Length ) { 10804 ((USER_SCRIPT_INFORMATION *)Buffer1)->ScriptPath = DummyString2; 10805 } else { 10806 ((USER_SCRIPT_INFORMATION *)Buffer1)->ScriptPath = DummyString1; 10807 } 10808 10809 NtStatus = SamSetInformationUser( 10810 UserHandle1, 10811 UserScriptInformation, 10812 Buffer1 10813 ); 10814 if ( NT_SUCCESS(NtStatus) ) { 10815 10816 // 10817 // Now check that the change was really made... 10818 // 10819 10820 NtStatus = SamQueryInformationUser( 10821 UserHandle1, 10822 UserScriptInformation, 10823 &Buffer2 10824 ); 10825 ASSERT(NT_SUCCESS( NtStatus ) ); 10826 if ( 10827 !RtlCompareString( 10828 (PSTRING)&((USER_SCRIPT_INFORMATION *)Buffer1)->ScriptPath, 10829 (PSTRING)&((USER_SCRIPT_INFORMATION *)Buffer2)->ScriptPath, 10830 TRUE) 10831 ) { 10832 10833 printf("Succeeded\n"); 10834 10835 } else { 10836 10837 printf("Failed\n"); 10838 printf(" Value queried doesn't match value written\n"); 10839 printf(" Value Written is %wZ\n", 10840 (PUNICODE_STRING)&((USER_SCRIPT_INFORMATION *)Buffer1)->ScriptPath); 10841 printf(" Value Retrieved is %wZ\n", 10842 (PUNICODE_STRING)&((USER_SCRIPT_INFORMATION *)Buffer2)->ScriptPath); 10843 10844 TestStatus = FALSE; 10845 10846 } 10847 10848 SamFreeMemory( Buffer1 ); 10849 SamFreeMemory( Buffer2 ); 10850 10851 } else { 10852 printf("Failed\n"); 10853 printf(" Completion status is 0x%lx\n", NtStatus); 10854 TestStatus = FALSE; 10855 SamFreeMemory( Buffer1 ); 10856 10857 } 10858 10859 10860 10861 10862 printf(" Set Profile . . . . . . . . . . . . . . . . . . . . . "); 10863 NtStatus = SamOpenUser( 10864 DomainHandle, 10865 USER_WRITE_ACCOUNT | USER_READ_LOGON, 10866 DOMAIN_USER_RID_ADMIN, 10867 &UserHandle1 10868 ); 10869 ASSERT(NT_SUCCESS(NtStatus) ); 10870 10871 // 10872 // Get the current value... 10873 // 10874 10875 Buffer1 = NULL; 10876 NtStatus = SamQueryInformationUser( 10877 UserHandle1, 10878 UserProfileInformation, 10879 &Buffer1 10880 ); 10881 TST_SUCCESS_ASSERT(NtStatus); 10882 ASSERT(Buffer1 != NULL); 10883 10884 10885 // 10886 // Change the field to a new value and write it out. 10887 // 10888 10889 NameLength = ((USER_PROFILE_INFORMATION *)Buffer1)->ProfilePath.Length; 10890 if ( NameLength == DummyString1.Length ) { 10891 ((USER_PROFILE_INFORMATION *)Buffer1)->ProfilePath = DummyString2; 10892 } else { 10893 ((USER_PROFILE_INFORMATION *)Buffer1)->ProfilePath = DummyString1; 10894 } 10895 10896 NtStatus = SamSetInformationUser( 10897 UserHandle1, 10898 UserProfileInformation, 10899 Buffer1 10900 ); 10901 if ( NT_SUCCESS(NtStatus) ) { 10902 10903 // 10904 // Now check that the change was really made... 10905 // 10906 10907 NtStatus = SamQueryInformationUser( 10908 UserHandle1, 10909 UserProfileInformation, 10910 &Buffer2 10911 ); 10912 ASSERT(NT_SUCCESS( NtStatus ) ); 10913 if ( 10914 !RtlCompareString( 10915 (PSTRING)&((USER_PROFILE_INFORMATION *)Buffer1)->ProfilePath, 10916 (PSTRING)&((USER_PROFILE_INFORMATION *)Buffer2)->ProfilePath, 10917 TRUE) 10918 ) { 10919 10920 printf("Succeeded\n"); 10921 10922 } else { 10923 10924 printf("Failed\n"); 10925 printf(" Value queried doesn't match value written\n"); 10926 printf(" Value Written is %wZ\n", 10927 (PUNICODE_STRING)&((USER_PROFILE_INFORMATION *)Buffer1)->ProfilePath); 10928 printf(" Value Retrieved is %wZ\n", 10929 (PUNICODE_STRING)&((USER_PROFILE_INFORMATION *)Buffer2)->ProfilePath); 10930 10931 TestStatus = FALSE; 10932 10933 } 10934 10935 SamFreeMemory( Buffer1 ); 10936 SamFreeMemory( Buffer2 ); 10937 10938 } else { 10939 printf("Failed\n"); 10940 printf(" Completion status is 0x%lx\n", NtStatus); 10941 TestStatus = FALSE; 10942 SamFreeMemory( Buffer1 ); 10943 10944 } 10945 10946 10947 10948 10949 printf(" Set Admin Comment . . . . . . . . . . . . . . . . . . "); 10950 10951 NtStatus = SamOpenUser( 10952 DomainHandle, 10953 USER_WRITE_ACCOUNT | USER_READ_GENERAL, 10954 DOMAIN_USER_RID_ADMIN, 10955 &UserHandle1 10956 ); 10957 ASSERT(NT_SUCCESS(NtStatus) ); 10958 10959 // 10960 // Get the current value... 10961 // 10962 10963 Buffer1 = NULL; 10964 NtStatus = SamQueryInformationUser( 10965 UserHandle1, 10966 UserAdminCommentInformation, 10967 &Buffer1 10968 ); 10969 TST_SUCCESS_ASSERT(NtStatus); 10970 ASSERT(Buffer1 != NULL); 10971 10972 10973 // 10974 // Change the field to a new value and write it out. 10975 // 10976 10977 NameLength = ((USER_ADMIN_COMMENT_INFORMATION *)Buffer1)->AdminComment.Length; 10978 if ( NameLength == DummyString1.Length ) { 10979 ((USER_ADMIN_COMMENT_INFORMATION *)Buffer1)->AdminComment = DummyString2; 10980 } else { 10981 ((USER_ADMIN_COMMENT_INFORMATION *)Buffer1)->AdminComment = DummyString1; 10982 } 10983 10984 NtStatus = SamSetInformationUser( 10985 UserHandle1, 10986 UserAdminCommentInformation, 10987 Buffer1 10988 ); 10989 if ( NT_SUCCESS(NtStatus) ) { 10990 10991 // 10992 // Now check that the change was really made... 10993 // 10994 10995 NtStatus = SamQueryInformationUser( 10996 UserHandle1, 10997 UserAdminCommentInformation, 10998 &Buffer2 10999 ); 11000 ASSERT(NT_SUCCESS( NtStatus ) ); 11001 if ( 11002 !RtlCompareString( 11003 (PSTRING)&((USER_ADMIN_COMMENT_INFORMATION *)Buffer1)->AdminComment, 11004 (PSTRING)&((USER_ADMIN_COMMENT_INFORMATION *)Buffer2)->AdminComment, 11005 TRUE) 11006 ) { 11007 11008 printf("Succeeded\n"); 11009 11010 } else { 11011 11012 printf("Failed\n"); 11013 printf(" Value queried doesn't match value written\n"); 11014 printf(" Value Written is %wZ\n", 11015 (PUNICODE_STRING)&((USER_ADMIN_COMMENT_INFORMATION *)Buffer1)->AdminComment); 11016 printf(" Value Retrieved is %wZ\n", 11017 (PUNICODE_STRING)&((USER_ADMIN_COMMENT_INFORMATION *)Buffer2)->AdminComment); 11018 11019 TestStatus = FALSE; 11020 11021 } 11022 11023 SamFreeMemory( Buffer1 ); 11024 SamFreeMemory( Buffer2 ); 11025 11026 } else { 11027 printf("Failed\n"); 11028 printf(" Completion status is 0x%lx\n", NtStatus); 11029 TestStatus = FALSE; 11030 SamFreeMemory( Buffer1 ); 11031 11032 } 11033 11034 11035 printf(" Set Workstations . . . . . . . . . . . . . . . . . . "); 11036 printf("BROKEN TEST - NOT TESTED\n"); 11037 #ifdef BROKEN 11038 NtStatus = SamOpenUser( 11039 DomainHandle, 11040 USER_WRITE_ACCOUNT | USER_READ_LOGON, 11041 DOMAIN_USER_RID_ADMIN, 11042 &UserHandle1 11043 ); 11044 ASSERT(NT_SUCCESS(NtStatus) ); 11045 11046 // 11047 // Get the current value... 11048 // 11049 11050 Buffer1 = NULL; 11051 NtStatus = SamQueryInformationUser( 11052 UserHandle1, 11053 UserWorkStationsInformation, 11054 &Buffer1 11055 ); 11056 TST_SUCCESS_ASSERT(NtStatus); 11057 ASSERT(Buffer1 != NULL); 11058 11059 11060 // 11061 // Change the field to a new value and write it out. 11062 // 11063 11064 NameLength = ((USER_WORKSTATIONS_INFORMATION *)Buffer1)->WorkStations.Length; 11065 if ( NameLength == DummyString1.Length ) { 11066 ((USER_WORKSTATIONS_INFORMATION *)Buffer1)->WorkStations = DummyString2; 11067 } else { 11068 ((USER_WORKSTATIONS_INFORMATION *)Buffer1)->WorkStations = DummyString1; 11069 } 11070 11071 NtStatus = SamSetInformationUser( 11072 UserHandle1, 11073 UserWorkStationsInformation, 11074 Buffer1 11075 ); 11076 if ( NT_SUCCESS(NtStatus) ) { 11077 11078 // 11079 // Now check that the change was really made... 11080 // 11081 11082 NtStatus = SamQueryInformationUser( 11083 UserHandle1, 11084 UserWorkStationsInformation, 11085 &Buffer2 11086 ); 11087 ASSERT(NT_SUCCESS( NtStatus ) ); 11088 if ( 11089 !RtlCompareString( 11090 (PSTRING)&((USER_WORKSTATIONS_INFORMATION *)Buffer1)->WorkStations, 11091 (PSTRING)&((USER_WORKSTATIONS_INFORMATION *)Buffer2)->WorkStations, 11092 TRUE) 11093 ) { 11094 11095 printf("Succeeded\n"); 11096 11097 } else { 11098 11099 printf("Failed\n"); 11100 printf(" Value queried doesn't match value written\n"); 11101 printf(" Value Written is %wZ\n", 11102 (PUNICODE_STRING)&((USER_WORKSTATIONS_INFORMATION *)Buffer1)->WorkStations); 11103 printf(" Value Retrieved is %wZ\n", 11104 (PUNICODE_STRING)&((USER_WORKSTATIONS_INFORMATION *)Buffer2)->WorkStations); 11105 11106 TestStatus = FALSE; 11107 11108 } 11109 11110 SamFreeMemory( Buffer1 ); 11111 SamFreeMemory( Buffer2 ); 11112 11113 } else { 11114 printf("Failed\n"); 11115 printf(" Completion status is 0x%lx\n", NtStatus); 11116 TestStatus = FALSE; 11117 SamFreeMemory( Buffer1 ); 11118 11119 } 11120 #endif //BROKEN 11121 11122 11123 printf(" Set Internal1 . . . . . . . . . . . . . . . . . . . "); 11124 11125 NtStatus = SamOpenUser( 11126 DomainHandle, 11127 USER_WRITE_ACCOUNT | USER_READ_LOGON | USER_FORCE_PASSWORD_CHANGE, 11128 DOMAIN_USER_RID_ADMIN, 11129 &UserHandle1 11130 ); 11131 ASSERT(NT_SUCCESS(NtStatus) ); 11132 11133 // 11134 // We can't get the current values, since this level is only 11135 // queryable by trusted clients. So just try setting a couple 11136 // of values and make sure that we don't get an error. 11137 // 11138 11139 Buffer1 = RtlAllocateHeap( RtlProcessHeap(), 0, sizeof(USER_INTERNAL1_INFORMATION) ); 11140 ASSERT( Buffer1 != NULL ); 11141 11142 ((PUSER_INTERNAL1_INFORMATION)Buffer1)->NtPasswordPresent = FALSE; 11143 ((PUSER_INTERNAL1_INFORMATION)Buffer1)->LmPasswordPresent = FALSE; 11144 11145 NtStatus = SamSetInformationUser( 11146 UserHandle1, 11147 UserInternal1Information, 11148 Buffer1 11149 ); 11150 11151 if (NtStatus != STATUS_PASSWORD_RESTRICTION) { 11152 11153 printf("Failed\n"); 11154 printf(" Expected Status = 0x%lx\n", STATUS_PASSWORD_RESTRICTION); 11155 printf(" Received Status = 0x%lx\n", NtStatus ); 11156 TestStatus = FALSE; 11157 11158 } else { 11159 11160 // 11161 // The NULL password worked, so let's try a real password. 11162 // 11163 11164 NtStatus = RtlCalculateNtOwfPassword( 11165 &DummyName1, 11166 &((PUSER_INTERNAL1_INFORMATION)Buffer1)->NtOwfPassword 11167 ); 11168 ASSERT(NT_SUCCESS(NtStatus)); 11169 11170 ((PUSER_INTERNAL1_INFORMATION)Buffer1)->NtPasswordPresent = TRUE; 11171 11172 NtStatus = RtlCalculateLmOwfPassword( 11173 DUMMY_STRING1, 11174 &((PUSER_INTERNAL1_INFORMATION)Buffer1)->LmOwfPassword 11175 ); 11176 ASSERT(NT_SUCCESS(NtStatus)); 11177 11178 ((PUSER_INTERNAL1_INFORMATION)Buffer1)->LmPasswordPresent = TRUE; 11179 11180 NtStatus = SamSetInformationUser( 11181 UserHandle1, 11182 UserInternal1Information, 11183 Buffer1 11184 ); 11185 11186 if ( NT_SUCCESS(NtStatus) ) { 11187 11188 printf("Succeeded\n"); 11189 11190 } else { 11191 11192 printf("Failed\n"); 11193 printf(" Return status was %lx\n", NtStatus ); 11194 TestStatus = FALSE; 11195 } 11196 } 11197 11198 RtlFreeHeap( RtlProcessHeap(), 0, Buffer1 ); 11199 11200 11201 // This is the code that used to be here, when UserInternal1Information was 11202 // queryable by non-trusted clients... 11203 // 11204 // Buffer1 = NULL; 11205 // NtStatus = SamQueryInformationUser( 11206 // UserHandle1, 11207 // UserInternal1Information, 11208 // &Buffer1 11209 // ); 11210 // TST_SUCCESS_ASSERT(NtStatus); 11211 // ASSERT(Buffer1 != NULL); 11212 // 11213 // // 11214 // // The passwords were initially empty. Put in some random 11215 // // OWF passwords, and have them written out. 11216 // // 11217 // 11218 // NtStatus = RtlCalculateNtOwfPassword( 11219 // (PNT_PASSWORD)&DummyName1, 11220 // &EncryptedPasswordBuffer 11221 // ); 11222 // 11223 // ((USER_INTERNAL1_INFORMATION *)Buffer1)->CaseSensitiveUnicode.Buffer = (PCHAR)&EncryptedPasswordBuffer; 11224 // ((USER_INTERNAL1_INFORMATION *)Buffer1)->CaseSensitiveUnicode.Length = 16; 11225 // ((USER_INTERNAL1_INFORMATION *)Buffer1)->CaseSensitiveUnicode.MaximumLength = 16; 11226 // 11227 // NtStatus = RtlCalculateNtOwfPassword( 11228 // (PNT_PASSWORD)&DummyName2, 11229 // &EncryptedPasswordBuffer2 11230 // ); 11231 // 11232 // ((USER_INTERNAL1_INFORMATION *)Buffer1)->CaseInsensitiveDbcs.Buffer = (PCHAR)&EncryptedPasswordBuffer2; 11233 // ((USER_INTERNAL1_INFORMATION *)Buffer1)->CaseInsensitiveDbcs.Length = 16; 11234 // ((USER_INTERNAL1_INFORMATION *)Buffer1)->CaseInsensitiveDbcs.MaximumLength = 16; 11235 // 11236 // NtStatus = SamSetInformationUser( 11237 // UserHandle1, 11238 // UserInternal1Information, 11239 // Buffer1 11240 // ); 11241 // if ( NT_SUCCESS(NtStatus) ) { 11242 // 11243 // // 11244 // // Now check that the change was really made... 11245 // // 11246 // 11247 // NtStatus = SamQueryInformationUser( 11248 // UserHandle1, 11249 // UserInternal1Information, 11250 // &Buffer2 11251 // ); 11252 // ASSERT(NT_SUCCESS( NtStatus ) ); 11253 // 11254 // if ( ( 11255 // !RtlCompareString( 11256 // (PSTRING)&((USER_INTERNAL1_INFORMATION *)Buffer1)->CaseSensitiveUnicode, 11257 // (PSTRING)&((USER_INTERNAL1_INFORMATION *)Buffer2)->CaseSensitiveUnicode, 11258 // TRUE) 11259 // ) || ( 11260 // !RtlCompareString( 11261 // (PSTRING)&((USER_INTERNAL1_INFORMATION *)Buffer1)->CaseInsensitiveDbcs, 11262 // (PSTRING)&((USER_INTERNAL1_INFORMATION *)Buffer2)->CaseInsensitiveDbcs, 11263 // TRUE) 11264 // ) ) { 11265 // 11266 // printf("Succeeded\n"); 11267 // 11268 // } else { 11269 // 11270 // printf("Failed\n"); 11271 // printf(" Value queried doesn't match value written\n"); 11272 // printf(" CaseInsensitiveDbcs Written is %wZ\n", 11273 // (PUNICODE_STRING)&((USER_INTERNAL1_INFORMATION *)Buffer1)->CaseInsensitiveDbcs); 11274 // printf(" CaseInsensitiveDbcs Retrieved is %wZ\n", 11275 // (PUNICODE_STRING)&((USER_INTERNAL1_INFORMATION *)Buffer2)->CaseInsensitiveDbcs); 11276 // printf(" CaseSensitiveUnicode Written is %wZ\n", 11277 // (PUNICODE_STRING)&((USER_INTERNAL1_INFORMATION *)Buffer1)->CaseSensitiveUnicode); 11278 // printf(" CaseSensitiveUnicode Retrieved is %wZ\n", 11279 // (PUNICODE_STRING)&((USER_INTERNAL1_INFORMATION *)Buffer2)->CaseSensitiveUnicode); 11280 // 11281 // TestStatus = FALSE; 11282 // 11283 // } 11284 // 11285 // SamFreeMemory( Buffer1 ); 11286 // SamFreeMemory( Buffer2 ); 11287 // 11288 // } else { 11289 // printf("Failed\n"); 11290 // printf(" Completion status is 0x%lx\n", NtStatus); 11291 // TestStatus = FALSE; 11292 // SamFreeMemory( Buffer1 ); 11293 // 11294 // } 11295 11296 11297 11298 printf(" Set Internal2 . . . . . . . . . . . . . . . . . . . "); 11299 11300 NtStatus = SamOpenUser( 11301 DomainHandle, 11302 USER_WRITE_ACCOUNT | USER_READ_LOGON, 11303 DOMAIN_USER_RID_ADMIN, 11304 &UserHandle1 11305 ); 11306 ASSERT(NT_SUCCESS(NtStatus) ); 11307 11308 // 11309 // We can't get the current values, since this level is only 11310 // queryable by trusted clients. We can't set either, but 11311 // try it and make sure we get the correct error. 11312 // 11313 11314 Buffer1 = RtlAllocateHeap( RtlProcessHeap(), 0, sizeof(USER_INTERNAL2_INFORMATION) ); 11315 ASSERT( Buffer1 != NULL ); 11316 11317 ((USER_INTERNAL2_INFORMATION *)Buffer1)->LastLogon.HighPart = 1; 11318 ((USER_INTERNAL2_INFORMATION *)Buffer1)->LastLogoff.HighPart = 2; 11319 ((USER_INTERNAL2_INFORMATION *)Buffer1)->LastLogon.LowPart = 3; 11320 ((USER_INTERNAL2_INFORMATION *)Buffer1)->LastLogoff.LowPart = 4; 11321 ((USER_INTERNAL2_INFORMATION *)Buffer1)->BadPasswordCount = 5; 11322 ((USER_INTERNAL2_INFORMATION *)Buffer1)->LogonCount = 6; 11323 11324 NtStatus = SamSetInformationUser( 11325 UserHandle1, 11326 UserInternal2Information, 11327 Buffer1 11328 ); 11329 11330 RtlFreeHeap( RtlProcessHeap(), 0, Buffer1 ); 11331 11332 if ( NtStatus == STATUS_INVALID_INFO_CLASS ) { 11333 11334 printf("Succeeded\n"); 11335 11336 } else { 11337 11338 printf("Failed\n"); 11339 printf(" Expected Status = 0x%lx\n", STATUS_INVALID_INFO_CLASS); 11340 printf(" Received Status = 0x%lx\n", NtStatus ); 11341 TestStatus = FALSE; 11342 } 11343 11344 // This is the code that was here when UserInternal2Information could be 11345 // queried and set by non-trusted clients... 11346 // 11347 // // 11348 // // Get the current values... 11349 // // 11350 // 11351 // Buffer1 = NULL; 11352 // NtStatus = SamQueryInformationUser( 11353 // UserHandle1, 11354 // UserInternal2Information, 11355 // &Buffer1 11356 // ); 11357 // TST_SUCCESS_ASSERT(NtStatus); 11358 // ASSERT(Buffer1 != NULL); 11359 // 11360 // // 11361 // // Now change the fields and write them out. 11362 // // 11363 // 11364 // ((USER_INTERNAL2_INFORMATION *)Buffer1)->LastLogon.HighPart += 1; 11365 // ((USER_INTERNAL2_INFORMATION *)Buffer1)->LastLogoff.HighPart += 1; 11366 // ((USER_INTERNAL2_INFORMATION *)Buffer1)->LastLogon.LowPart += 2; 11367 // ((USER_INTERNAL2_INFORMATION *)Buffer1)->LastLogoff.LowPart += 2; 11368 // ((USER_INTERNAL2_INFORMATION *)Buffer1)->BadPasswordCount += 1; 11369 // ((USER_INTERNAL2_INFORMATION *)Buffer1)->LogonCount += 1; 11370 // 11371 // NtStatus = SamSetInformationUser( 11372 // UserHandle1, 11373 // UserInternal2Information, 11374 // Buffer1 11375 // ); 11376 // if ( NT_SUCCESS(NtStatus) ) { 11377 // 11378 // // 11379 // // Now check that the change was really made... 11380 // // 11381 // 11382 // NtStatus = SamQueryInformationUser( 11383 // UserHandle1, 11384 // UserInternal2Information, 11385 // &Buffer2 11386 // ); 11387 // ASSERT(NT_SUCCESS( NtStatus ) ); 11388 // if ( 11389 // (((USER_INTERNAL2_INFORMATION *)Buffer1)->LastLogon.HighPart == 11390 // ((USER_INTERNAL2_INFORMATION *)Buffer2)->LastLogon.HighPart) && 11391 // (((USER_INTERNAL2_INFORMATION *)Buffer1)->LastLogon.LowPart == 11392 // ((USER_INTERNAL2_INFORMATION *)Buffer2)->LastLogon.LowPart) && 11393 // (((USER_INTERNAL2_INFORMATION *)Buffer1)->LastLogoff.HighPart == 11394 // ((USER_INTERNAL2_INFORMATION *)Buffer2)->LastLogoff.HighPart) && 11395 // (((USER_INTERNAL2_INFORMATION *)Buffer1)->LastLogoff.LowPart == 11396 // ((USER_INTERNAL2_INFORMATION *)Buffer2)->LastLogoff.LowPart) && 11397 // (((USER_INTERNAL2_INFORMATION *)Buffer1)->BadPasswordCount == 11398 // ((USER_INTERNAL2_INFORMATION *)Buffer2)->BadPasswordCount) && 11399 // (((USER_INTERNAL2_INFORMATION *)Buffer1)->LogonCount == 11400 // ((USER_INTERNAL2_INFORMATION *)Buffer2)->LogonCount) 11401 // ) { 11402 // 11403 // printf("Succeeded\n"); 11404 // 11405 // } else { 11406 // 11407 // printf("Failed\n"); 11408 // printf(" Value queried doesn't match value written\n"); 11409 // 11410 // TestStatus = FALSE; 11411 // 11412 // } 11413 // 11414 // SamFreeMemory( Buffer1 ); 11415 // SamFreeMemory( Buffer2 ); 11416 // 11417 // } else { 11418 // printf("Failed\n"); 11419 // printf(" Completion status is 0x%lx\n", NtStatus); 11420 // TestStatus = FALSE; 11421 // SamFreeMemory( Buffer1 ); 11422 // 11423 // } 11424 11425 11426 11427 printf(" Set Password . . . . . . . . . . . . . . . . . . . . "); 11428 11429 NtStatus = SamOpenUser( 11430 DomainHandle, 11431 USER_FORCE_PASSWORD_CHANGE, 11432 DOMAIN_USER_RID_ADMIN, 11433 &UserHandle1 11434 ); 11435 ASSERT(NT_SUCCESS(NtStatus) ); 11436 11437 // 11438 // Create a fake cleartext UNICODE password and write it out. 11439 // 11440 11441 NtStatus = SamSetInformationUser( 11442 UserHandle1, 11443 UserSetPasswordInformation, 11444 &DummyName2 11445 ); 11446 if ( NT_SUCCESS(NtStatus) ) { 11447 11448 // 11449 // We can't verify that it really worked, so we just have 11450 // to trust the return code. 11451 // 11452 11453 printf("Succeeded\n"); 11454 11455 } else { 11456 11457 printf("Failed\n"); 11458 printf(" Return code was %lx\n", NtStatus ); 11459 TestStatus = FALSE; 11460 } 11461 11462 11463 11464 printf(" Set Control . . . . . . . . . . . . . . . . . . . . . "); 11465 NtStatus = SamOpenUser( 11466 DomainHandle, 11467 USER_WRITE_ACCOUNT | USER_READ_ACCOUNT, 11468 DOMAIN_USER_RID_ADMIN, 11469 &UserHandle1 11470 ); 11471 ASSERT(NT_SUCCESS(NtStatus) ); 11472 11473 Buffer1 = NULL; 11474 NtStatus = SamQueryInformationUser( 11475 UserHandle1, 11476 UserControlInformation, 11477 &Buffer1 11478 ); 11479 TST_SUCCESS_ASSERT(NtStatus); 11480 ASSERT(Buffer1 != NULL); 11481 11482 // 11483 // Change the value and write it back 11484 // 11485 11486 ((USER_CONTROL_INFORMATION *)Buffer1)->UserAccountControl ^= USER_HOME_DIRECTORY_REQUIRED; 11487 11488 11489 NtStatus = SamSetInformationUser( 11490 UserHandle1, 11491 UserControlInformation, 11492 Buffer1 11493 ); 11494 if (NT_SUCCESS(NtStatus)) { 11495 11496 // 11497 // Check the written value to make sure it stuck 11498 // 11499 11500 Buffer2 = NULL; 11501 NtStatus = SamQueryInformationUser( 11502 UserHandle1, 11503 UserControlInformation, 11504 &Buffer2 11505 ); 11506 TST_SUCCESS_ASSERT(NtStatus); 11507 ASSERT(Buffer2 != NULL); 11508 11509 if ( ((USER_CONTROL_INFORMATION *)Buffer1)->UserAccountControl == 11510 ((USER_CONTROL_INFORMATION *)Buffer2)->UserAccountControl ) { 11511 11512 printf("Succeeded\n"); 11513 11514 SamFreeMemory( Buffer2 ); 11515 11516 // 11517 // Make sure the account is left enabled to prevent problems. 11518 // 11519 11520 ((USER_CONTROL_INFORMATION *)Buffer1)->UserAccountControl &= ~USER_ACCOUNT_DISABLED; 11521 11522 IgnoreStatus = SamSetInformationUser( 11523 UserHandle1, 11524 UserControlInformation, 11525 Buffer1 11526 ); 11527 ASSERT(NT_SUCCESS(IgnoreStatus)); 11528 11529 } else { 11530 printf("Failed\n"); 11531 printf(" Returned Value Doesn't Match Set Value.\n"); 11532 TestStatus = FALSE; 11533 } 11534 } else { 11535 printf("Failed\n"); 11536 printf(" Completion status is 0x%lx\n", NtStatus); 11537 TestStatus = FALSE; 11538 } 11539 SamFreeMemory( Buffer1 ); 11540 IgnoreStatus = SamCloseHandle( UserHandle1 ); 11541 ASSERT( NT_SUCCESS(IgnoreStatus) ); 11542 11543 11544 printf(" Set Expires . . . . . . . . . . . . . . . . . . . . . "); 11545 printf("BROKEN TEST - NOT TESTED\n"); 11546 #ifdef BROKEN 11547 NtStatus = SamOpenUser( 11548 DomainHandle, 11549 USER_WRITE_ACCOUNT | USER_READ_ACCOUNT, 11550 DOMAIN_USER_RID_ADMIN, 11551 &UserHandle1 11552 ); 11553 ASSERT(NT_SUCCESS(NtStatus) ); 11554 11555 Buffer1 = NULL; 11556 NtStatus = SamQueryInformationUser( 11557 UserHandle1, 11558 UserExpiresInformation, 11559 &Buffer1 11560 ); 11561 TST_SUCCESS_ASSERT(NtStatus); 11562 ASSERT(Buffer1 != NULL); 11563 11564 // 11565 // Change the value and write it back 11566 // 11567 11568 ((USER_EXPIRES_INFORMATION *)Buffer1)->AccountExpires.LowPart += 1234; 11569 ((USER_EXPIRES_INFORMATION *)Buffer1)->AccountExpires.HighPart += 1234; 11570 11571 11572 NtStatus = SamSetInformationUser( 11573 UserHandle1, 11574 UserExpiresInformation, 11575 Buffer1 11576 ); 11577 if (NT_SUCCESS(NtStatus)) { 11578 11579 // 11580 // Check the written value to make sure it stuck 11581 // 11582 11583 Buffer2 = NULL; 11584 NtStatus = SamQueryInformationUser( 11585 UserHandle1, 11586 UserExpiresInformation, 11587 &Buffer2 11588 ); 11589 TST_SUCCESS_ASSERT(NtStatus); 11590 ASSERT(Buffer2 != NULL); 11591 11592 if ( ( ((USER_EXPIRES_INFORMATION *)Buffer1)->AccountExpires.LowPart == 11593 ((USER_EXPIRES_INFORMATION *)Buffer2)->AccountExpires.LowPart ) && 11594 ( ((USER_EXPIRES_INFORMATION *)Buffer1)->AccountExpires.HighPart == 11595 ((USER_EXPIRES_INFORMATION *)Buffer2)->AccountExpires.HighPart ) ) { 11596 11597 printf("Succeeded\n"); 11598 11599 SamFreeMemory( Buffer2 ); 11600 11601 // 11602 // Change the values back 11603 // 11604 11605 ((USER_EXPIRES_INFORMATION *)Buffer1)->AccountExpires.LowPart += 1234; 11606 ((USER_EXPIRES_INFORMATION *)Buffer1)->AccountExpires.HighPart += 1234; 11607 11608 IgnoreStatus = SamSetInformationUser( 11609 UserHandle1, 11610 UserExpiresInformation, 11611 Buffer1 11612 ); 11613 ASSERT(NT_SUCCESS(IgnoreStatus)); 11614 11615 } else { 11616 printf("Failed\n"); 11617 printf(" Returned Value Doesn't Match Set Value.\n"); 11618 TestStatus = FALSE; 11619 } 11620 } else { 11621 printf("Failed\n"); 11622 printf(" Completion status is 0x%lx\n", NtStatus); 11623 TestStatus = FALSE; 11624 } 11625 SamFreeMemory( Buffer1 ); 11626 IgnoreStatus = SamCloseHandle( UserHandle1 ); 11627 ASSERT( NT_SUCCESS(IgnoreStatus) ); 11628 #endif //BROKEN 11629 11630 11631 11633 // // 11634 // Change Password For User Suite // 11635 // // 11637 11638 printf("\n"); 11639 printf(" Change Password For User . . . . . . . . . . . . . . Suite\n"); 11640 11641 printf(" Change Password For Well-Known User . . . . . . . . . "); 11642 11643 NtStatus = SamOpenUser( 11644 DomainHandle, 11645 USER_CHANGE_PASSWORD, 11646 DOMAIN_USER_RID_ADMIN, 11647 &UserHandle1 11648 ); 11649 ASSERT(NT_SUCCESS(NtStatus) ); 11650 11651 Buffer = NULL; 11652 11653 // 11654 // The current password is DummyName2. Using DummyName2 as the 11655 // old password, change it to DummyName1 and make sure we get 11656 // STATUS_SUCCESS. 11657 // 11658 11659 NtStatus = SamChangePasswordUser( 11660 UserHandle1, 11661 &DummyName2, 11662 &DummyName1 11663 ); 11664 11665 // 11666 // The current password is DummyName1. Using something WRONG for 11667 // the old password, try to change it to DummyName2 and make sure 11668 // it doesn't succeed. 11669 // 11670 11671 if ( NtStatus == STATUS_SUCCESS ) { 11672 11673 NtStatus = SamChangePasswordUser( 11674 UserHandle1, 11675 &DummyName2, 11676 &DummyName2 11677 ); 11678 11679 if ( NtStatus == STATUS_SUCCESS ) { 11680 11681 NtStatus = STATUS_UNSUCCESSFUL; 11682 11683 } else { 11684 11685 NtStatus = STATUS_SUCCESS; 11686 } 11687 } 11688 11689 // 11690 // The current password is DummyName1. Using DummyName1 as the 11691 // old password, change it to DummyName2 and make sure it works 11692 // since by default there is no password history. 11693 // 11694 11695 if ( NtStatus == STATUS_SUCCESS ) { 11696 11697 NtStatus = SamChangePasswordUser( 11698 UserHandle1, 11699 &DummyName1, 11700 &DummyName2 11701 ); 11702 } 11703 11704 if ( NT_SUCCESS( NtStatus ) ) { 11705 11706 printf("Succeeded\n"); 11707 11708 } else { 11709 11710 printf("Failed\n"); 11711 printf(" Status is %lx\n", NtStatus); 11712 11713 TestStatus = FALSE; 11714 } 11715 11716 IgnoreStatus = SamCloseHandle( UserHandle1 ); 11717 ASSERT( NT_SUCCESS(IgnoreStatus) ); 11718 11719 } 11720 11721 // END PASS #1 11722 11723 if (Pass == 2) { 11724 11725 printf("\n"); 11726 printf("\n"); 11727 printf(" User (Pass #2) . . . . . . . . . . . . . . . . . . . Test\n"); 11728 11729 11731 // // 11732 // Delete User Suite // 11733 // // 11735 11736 printf("\n"); 11737 printf(" Delete User . . . . . . . . . . . . . . . . . . . . Suite\n"); 11738 11739 11740 11741 printf(" Delete Normal User . . . . . . . . . . . . . . . . . "); 11742 11743 // 11744 // This User was created in pass #1 11745 // 11746 11747 RtlInitString( &AccountNameAnsi, USER_NAME1 ); 11748 NtStatus = RtlAnsiStringToUnicodeString( &AccountNames[0], &AccountNameAnsi, TRUE ); 11749 TST_SUCCESS_ASSERT(NtStatus); 11750 11751 NtStatus = SamLookupNamesInDomain( 11752 DomainHandle, 11753 1, 11754 &AccountNames[0], 11755 &LookedUpRids, 11756 &LookedUpUses 11757 ); 11758 TST_SUCCESS_ASSERT(NtStatus); 11759 ASSERT(LookedUpUses[0] == SidTypeUser); 11760 RtlFreeUnicodeString( &AccountNames[0] ); 11761 11762 11763 11764 UserHandle1 = NULL; 11765 11766 NtStatus = SamOpenUser( DomainHandle, DELETE, LookedUpRids[0], &UserHandle1 ); 11767 TST_SUCCESS_ASSERT(NtStatus); 11768 SamFreeMemory( LookedUpUses ); SamFreeMemory( LookedUpRids ); 11769 11770 NtStatus = SamDeleteUser( UserHandle1 ); 11771 if (NT_SUCCESS(NtStatus)) { 11772 printf("Succeeded\n"); 11773 11774 } else { 11775 printf("Failed\n"); 11776 printf(" Completion status is 0x%lx\n", NtStatus); 11777 TestStatus = FALSE; 11778 } 11779 11780 11781 11782 11783 printf(" Delete Admin Group Member . . . . . . . . . . . . . . "); 11784 printf("(Unimplemented)\n"); 11785 11786 printf(" Delete Last Admin Group Member . . . . . . . . . . . "); 11787 printf("(Unimplemented)\n"); 11788 11789 11790 11791 11792 11794 // // 11795 // Set User Suite // 11796 // // 11798 11799 printf("\n"); 11800 printf(" Set User (Pass 2) . . . . . . . . . . . . . . . . . . Suite\n"); 11801 11802 printf(" Set ALL information. . . . . . . . . . . . "); 11803 printf("BROKEN TEST - NOT TESTED\n"); 11804 #ifdef BROKEN 11805 11806 RtlInitString( &AccountNameAnsi, "AllUser" ); 11807 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 11808 TST_SUCCESS_ASSERT(NtStatus); 11809 11810 UserRid = 0; 11811 UserHandle1 = NULL; 11812 NtStatus = SamCreateUserInDomain( 11813 DomainHandle, 11814 &AccountName, 11815 USER_ALL_ACCESS, 11816 &UserHandle1, 11817 &UserRid 11818 ); 11819 RtlFreeUnicodeString( &AccountName ); 11820 11821 ASSERT(NT_SUCCESS(NtStatus)); 11822 11823 All = NULL; 11824 11825 NtStatus = SamQueryInformationUser( 11826 UserHandle1, 11827 UserAllInformation, 11828 &All 11829 ); 11830 11831 if ( NT_SUCCESS( NtStatus ) ) { 11832 11833 // 11834 // Now change some of the data, and set it 11835 // 11836 11837 RtlInitString( &TmpAnsiString, "FullName" ); 11838 TmpStatus = RtlAnsiStringToUnicodeString( 11839 (PUNICODE_STRING)(&All->FullName), 11840 &TmpAnsiString, 11841 TRUE ); 11842 ASSERT( NT_SUCCESS( TmpStatus ) ); 11843 11844 RtlInitString( &TmpAnsiString, "HomeDirectory" ); 11845 TmpStatus = RtlAnsiStringToUnicodeString( 11846 (PUNICODE_STRING)(&All->HomeDirectory), 11847 &TmpAnsiString, 11848 TRUE ); 11849 ASSERT( NT_SUCCESS( TmpStatus ) ); 11850 11851 RtlInitString( &TmpAnsiString, "HomeDirectoryDrive" ); 11852 TmpStatus = RtlAnsiStringToUnicodeString( 11853 (PUNICODE_STRING)(&All->HomeDirectoryDrive), 11854 &TmpAnsiString, 11855 TRUE ); 11856 ASSERT( NT_SUCCESS( TmpStatus ) ); 11857 11858 RtlInitString( &TmpAnsiString, "ScriptPath" ); 11859 TmpStatus = RtlAnsiStringToUnicodeString( 11860 (PUNICODE_STRING)(&All->ScriptPath), 11861 &TmpAnsiString, 11862 TRUE ); 11863 ASSERT( NT_SUCCESS( TmpStatus ) ); 11864 11865 RtlInitString( &TmpAnsiString, "ProfilePath" ); 11866 TmpStatus = RtlAnsiStringToUnicodeString( 11867 (PUNICODE_STRING)(&All->ProfilePath), 11868 &TmpAnsiString, 11869 TRUE ); 11870 ASSERT( NT_SUCCESS( TmpStatus ) ); 11871 11872 RtlInitString( &TmpAnsiString, "AdminComment" ); 11873 TmpStatus = RtlAnsiStringToUnicodeString( 11874 (PUNICODE_STRING)(&All->AdminComment), 11875 &TmpAnsiString, 11876 TRUE ); 11877 ASSERT( NT_SUCCESS( TmpStatus ) ); 11878 11879 RtlInitString( &TmpAnsiString, "WorkStations" ); 11880 TmpStatus = RtlAnsiStringToUnicodeString( 11881 (PUNICODE_STRING)(&All->WorkStations), 11882 &TmpAnsiString, 11883 TRUE ); 11884 ASSERT( NT_SUCCESS( TmpStatus ) ); 11885 11886 RtlInitString( &TmpAnsiString, "UserComment" ); 11887 TmpStatus = RtlAnsiStringToUnicodeString( 11888 (PUNICODE_STRING)(&All->UserComment), 11889 &TmpAnsiString, 11890 TRUE ); 11891 ASSERT( NT_SUCCESS( TmpStatus ) ); 11892 11893 RtlInitString( &TmpAnsiString, "Parameters" ); 11894 TmpStatus = RtlAnsiStringToUnicodeString( 11895 (PUNICODE_STRING)(&All->Parameters), 11896 &TmpAnsiString, 11897 TRUE ); 11898 ASSERT( NT_SUCCESS( TmpStatus ) ); 11899 11900 All->CountryCode = 7; 11901 All->CodePage = 8; 11902 11903 All->PasswordExpired = TRUE; 11904 All->NtPasswordPresent = TRUE; 11905 All->LmPasswordPresent = FALSE; 11906 11907 RtlInitString( &TmpAnsiString, "NtPassword" ); 11908 TmpStatus = RtlAnsiStringToUnicodeString( 11909 (PUNICODE_STRING)(&All->NtPassword), 11910 &TmpAnsiString, 11911 TRUE ); 11912 ASSERT( NT_SUCCESS( TmpStatus ) ); 11913 11914 All->LogonHours.UnitsPerWeek = 7; 11915 11916 All->WhichFields = ( USER_ALL_FULLNAME | 11917 USER_ALL_HOMEDIRECTORY | 11918 USER_ALL_HOMEDIRECTORYDRIVE | 11919 USER_ALL_SCRIPTPATH | 11920 USER_ALL_PROFILEPATH | 11921 USER_ALL_ADMINCOMMENT | 11922 USER_ALL_WORKSTATIONS | 11923 USER_ALL_USERCOMMENT | 11924 USER_ALL_PARAMETERS | 11925 USER_ALL_COUNTRYCODE | 11926 USER_ALL_CODEPAGE | 11927 USER_ALL_PASSWORDEXPIRED | 11928 USER_ALL_NTPASSWORDPRESENT | 11929 USER_ALL_LOGONHOURS ); 11930 11931 NtStatus = SamSetInformationUser( 11932 UserHandle1, 11933 UserAllInformation, 11934 All 11935 ); 11936 11937 if ( NT_SUCCESS( NtStatus ) ) { 11938 11939 NtStatus = SamQueryInformationUser( 11940 UserHandle1, 11941 UserAllInformation, 11942 &All2 11943 ); 11944 11945 if ( NT_SUCCESS( NtStatus ) ) { 11946 11947 // 11948 // Verify that queried info is as we set it 11949 // 11950 11951 if ( 11952 11953 // 11954 // Fields that we didn't touch. Note that 11955 // PasswordMustChange changed anyway, since we 11956 // changed from a null to a non-null password. 11957 // 11958 11959 ( All2->WhichFields != (USER_ALL_READ_GENERAL_MASK | 11960 USER_ALL_READ_PREFERENCES_MASK | 11961 USER_ALL_READ_ACCOUNT_MASK | 11962 USER_ALL_READ_LOGON_MASK) ) || 11963 ( !(All->LastLogon.QuadPart == 11964 All2->LastLogon.QuadPart ) ) || 11965 ( !(All->LastLogoff.QuadPart == 11966 All2->LastLogoff.QuadPart ) ) || 11967 ( !(All->PasswordLastSet.QuadPart == 11968 All2->PasswordLastSet.QuadPart ) ) || 11969 ( !(All->AccountExpires.QuadPart == 11970 All2->AccountExpires.QuadPart ) ) || 11971 ( !(All->PasswordCanChange.QuadPart == 11972 All2->PasswordCanChange.QuadPart ) ) || 11973 ( (All->PasswordMustChange.QuadPart == 11974 All2->PasswordMustChange.QuadPart ) ) || 11975 (RtlCompareUnicodeString( 11976 &(All->UserName), 11977 &(All2->UserName), 11978 FALSE) != 0) || 11979 ( All->UserId != All2->UserId ) || 11980 ( All->PrimaryGroupId != All2->PrimaryGroupId ) || 11981 ( All->UserAccountControl != All2->UserAccountControl ) || 11982 ( All->PrivateDataSensitive != 11983 All2->PrivateDataSensitive ) || 11984 11985 // Fields that we changed. Note that we set 11986 // NtPasswordSet, but it shouldn't be set on return. 11987 11988 (RtlCompareUnicodeString( 11989 &(All->FullName), 11990 &(All2->FullName), 11991 FALSE) != 0) || 11992 (RtlCompareUnicodeString( 11993 &(All->HomeDirectory), 11994 &(All2->HomeDirectory), 11995 FALSE) != 0) || 11996 (RtlCompareUnicodeString( 11997 &(All->HomeDirectoryDrive), 11998 &(All2->HomeDirectoryDrive), 11999 FALSE) != 0) || 12000 (RtlCompareUnicodeString( 12001 &(All->ScriptPath), 12002 &(All2->ScriptPath), 12003 FALSE) != 0) || 12004 (RtlCompareUnicodeString( 12005 &(All->ProfilePath), 12006 &(All2->ProfilePath), 12007 FALSE) != 0) || 12008 (RtlCompareUnicodeString( 12009 &(All->AdminComment), 12010 &(All2->AdminComment), 12011 FALSE) != 0) || 12012 (RtlCompareUnicodeString( 12013 &(All->WorkStations), 12014 &(All2->WorkStations), 12015 FALSE) != 0) || 12016 (RtlCompareUnicodeString( 12017 &(All->UserComment), 12018 &(All2->UserComment), 12019 FALSE) != 0) || 12020 (RtlCompareUnicodeString( 12021 &(All->Parameters), 12022 &(All2->Parameters), 12023 FALSE) != 0) || 12024 ( All->CountryCode != All2->CountryCode ) || 12025 ( All->CodePage != All2->CodePage ) || 12026 ( All->LmPasswordPresent != All2->LmPasswordPresent ) || 12027 ( All->NtPasswordPresent == All2->NtPasswordPresent ) || 12028 ( All->LogonHours.UnitsPerWeek != 12029 All2->LogonHours.UnitsPerWeek ) 12030 ) { 12031 12032 NtStatus = STATUS_DATA_ERROR; 12033 } 12034 12035 SamFreeMemory( All2 ); 12036 } 12037 } 12038 12039 SamFreeMemory( All ); 12040 } 12041 12042 if (NtStatus == STATUS_SUCCESS) { 12043 12044 printf("Succeeded\n"); 12045 12046 } else { 12047 printf("Failed\n"); 12048 printf(" Completion status is 0x%lx\n", NtStatus); 12049 TestStatus = FALSE; 12050 } 12051 12052 // 12053 // Now get rid of the user account if necessary 12054 // 12055 12056 NtStatus = SamDeleteUser( UserHandle1 ); 12057 ASSERT(NT_SUCCESS(NtStatus)); 12058 #endif //BROKEN 12059 12060 12061 printf(" Set Primary Group (non member). . . . . . . . . . . . "); 12062 // 12063 // The following user might already exist (from earlier in the test) 12064 // 12065 12066 RtlInitString( &AccountNameAnsi, USER_NAME1 ); 12067 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 12068 TST_SUCCESS_ASSERT(NtStatus); 12069 12070 //InitializeObjectAttributes( &ObjectAttributes, &AccountName, 0, 0, NULL ); 12071 12072 12073 UserRid = 0; 12074 UserHandle1 = NULL; 12075 NtStatus = SamCreateUserInDomain( 12076 DomainHandle, 12077 &AccountName, 12078 USER_ALL_ACCESS, 12079 &UserHandle1, 12080 &UserRid 12081 ); 12082 RtlFreeUnicodeString( &AccountName ); 12083 DeleteUser = TRUE; 12084 if (NtStatus == STATUS_USER_EXISTS) { 12085 DeleteUser = FALSE; 12086 RtlInitString( &AccountNameAnsi, USER_NAME1 ); 12087 NtStatus = RtlAnsiStringToUnicodeString( &AccountNames[0], &AccountNameAnsi, TRUE ); 12088 TST_SUCCESS_ASSERT(NtStatus); 12089 12090 NtStatus = SamLookupNamesInDomain( 12091 DomainHandle, 12092 1, 12093 &AccountNames[0], 12094 &LookedUpRids, 12095 &LookedUpUses 12096 ); 12097 TST_SUCCESS_ASSERT(NtStatus); 12098 ASSERT(LookedUpUses[0] == SidTypeUser); 12099 RtlFreeUnicodeString( &AccountNames[0] ); 12100 NtStatus = SamOpenUser( 12101 DomainHandle, 12102 USER_ALL_ACCESS, 12103 LookedUpRids[0], 12104 &UserHandle1); 12105 SamFreeMemory( LookedUpUses ); SamFreeMemory( LookedUpRids ); 12106 } 12107 12108 ASSERT(NT_SUCCESS(NtStatus)); 12109 12110 12111 // 12112 // The user is not a member of DOMAIN_GROUP_RID_ADMINS. 12113 // See if we can make this group the user's primary group 12114 // 12115 12116 ASSERT(sizeof(GroupRid) == sizeof(USER_PRIMARY_GROUP_INFORMATION)); 12117 GroupRid = DOMAIN_GROUP_RID_ADMINS; 12118 NtStatus = SamSetInformationUser( 12119 UserHandle1, 12120 UserPrimaryGroupInformation, 12121 &GroupRid 12122 ); 12123 12124 if (NtStatus == STATUS_MEMBER_NOT_IN_GROUP) { 12125 12126 printf("Succeeded\n"); 12127 12128 } else { 12129 printf("Failed\n"); 12130 printf(" Completion status is 0x%lx\n", NtStatus); 12131 TestStatus = FALSE; 12132 } 12133 12134 12135 // 12136 // Now get rid of the user account if necessary 12137 // 12138 12139 if (DeleteUser == TRUE) { 12140 NtStatus = SamDeleteUser( UserHandle1 ); 12141 ASSERT(NT_SUCCESS(NtStatus)); 12142 } else { 12143 NtStatus = SamCloseHandle( UserHandle1 ); 12144 ASSERT(NT_SUCCESS(NtStatus)); 12145 } 12146 12147 12148 12149 printf(" Set Primary Group (member). . . . . . . . . . . . . . "); 12150 12151 // 12152 // Make a user (might already exist) 12153 // Make a group 12154 // Make the group the user's primary group 12155 // Change the user so the group isn't the primary group 12156 // remove the group 12157 // delete the group 12158 // If we created the user, delete it. 12159 12160 // 12161 // The following user might already exist (from earlier in the test) 12162 // 12163 12164 RtlInitString( &AccountNameAnsi, USER_NAME1 ); 12165 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 12166 TST_SUCCESS_ASSERT(NtStatus); 12167 12168 //InitializeObjectAttributes( &ObjectAttributes, &AccountName, 0, 0, NULL ); 12169 12170 UserRid = 0; 12171 UserHandle1 = NULL; 12172 NtStatus = SamCreateUserInDomain( 12173 DomainHandle, 12174 &AccountName, 12175 USER_ALL_ACCESS, 12176 &UserHandle1, 12177 &UserRid 12178 ); 12179 RtlFreeUnicodeString( &AccountName ); 12180 DeleteUser = TRUE; 12181 if (NtStatus == STATUS_USER_EXISTS) { 12182 DeleteUser = FALSE; 12183 RtlInitString( &AccountNameAnsi, USER_NAME1 ); 12184 NtStatus = RtlAnsiStringToUnicodeString( &AccountNames[0], &AccountNameAnsi, TRUE ); 12185 TST_SUCCESS_ASSERT(NtStatus); 12186 12187 NtStatus = SamLookupNamesInDomain( 12188 DomainHandle, 12189 1, 12190 &AccountNames[0], 12191 &LookedUpRids, 12192 &LookedUpUses 12193 ); 12194 RtlFreeUnicodeString( &AccountNames[0] ); 12195 TST_SUCCESS_ASSERT(NtStatus); 12196 ASSERT(LookedUpUses[0] == SidTypeUser); 12197 UserRid = LookedUpRids[0]; 12198 NtStatus = SamOpenUser( 12199 DomainHandle, 12200 USER_ALL_ACCESS, 12201 UserRid, 12202 &UserHandle1); 12203 SamFreeMemory( LookedUpUses ); SamFreeMemory( LookedUpRids ); 12204 } 12205 12206 ASSERT(NT_SUCCESS(NtStatus)); 12207 12208 12209 // 12210 // create the group 12211 // 12212 12213 RtlInitString( &AccountNameAnsi, GROUP_NAME1 ); 12214 NtStatus = RtlAnsiStringToUnicodeString( &AccountName, &AccountNameAnsi, TRUE ); 12215 TST_SUCCESS_ASSERT(NtStatus); 12216 12217 //InitializeObjectAttributes( &ObjectAttributes, &AccountName, 0, 0, NULL ); 12218 12219 GroupRid = 0; 12220 GroupHandle1 = NULL; 12221 NtStatus = SamCreateGroupInDomain( 12222 DomainHandle, 12223 &AccountName, 12224 GROUP_ALL_ACCESS, 12225 &GroupHandle1, 12226 &GroupRid 12227 ); 12228 RtlFreeUnicodeString( &AccountName ); 12229 ASSERT(NT_SUCCESS(NtStatus)); 12230 12231 // 12232 // Make the user a member of this group 12233 // 12234 12235 NtStatus = SamAddMemberToGroup( 12236 GroupHandle1, 12237 UserRid, 12238 SE_GROUP_MANDATORY | 12239 SE_GROUP_ENABLED_BY_DEFAULT | 12240 SE_GROUP_ENABLED 12241 ); 12242 ASSERT(NT_SUCCESS(NtStatus)); 12243 12244 12245 // 12246 // Set the user's primary group Id to be this group 12247 // 12248 12249 NtStatus = SamSetInformationUser( 12250 UserHandle1, 12251 UserPrimaryGroupInformation, 12252 &GroupRid 12253 ); 12254 if (NT_SUCCESS(NtStatus)) { 12255 12256 Buffer1 = NULL; 12257 NtStatus = SamQueryInformationUser( 12258 UserHandle1, 12259 UserPrimaryGroupInformation, 12260 &Buffer1 12261 ); 12262 TST_SUCCESS_ASSERT(NtStatus); 12263 ASSERT(Buffer1 != NULL); 12264 12265 if ( ((USER_PRIMARY_GROUP_INFORMATION *)Buffer1)->PrimaryGroupId == 12266 GroupRid ) { 12267 12268 printf("Succeeded\n"); 12269 12270 SamFreeMemory( Buffer1 ); 12271 } else { 12272 12273 printf("Failed\n"); 12274 printf(" Returned Value Doesn't Match Set Value.\n"); 12275 printf(" Value written is: 0x%lx\n", GroupRid); 12276 printf(" Value retrieved is: 0x%lx\n", 12277 ((USER_PRIMARY_GROUP_INFORMATION *)Buffer1)->PrimaryGroupId); 12278 TestStatus = FALSE; 12279 12280 } 12281 12282 } else { 12283 printf("Failed\n"); 12284 printf(" Completion status is 0x%lx\n", NtStatus); 12285 TestStatus = FALSE; 12286 } 12287 12288 12289 // 12290 // Set the user's primary group Id back and remove the user 12291 // from the group 12292 // 12293 12294 GroupRid = DOMAIN_GROUP_RID_USERS; 12295 NtStatus = SamSetInformationUser( 12296 UserHandle1, 12297 UserPrimaryGroupInformation, 12298 &GroupRid 12299 ); 12300 ASSERT(NT_SUCCESS(NtStatus)); 12301 NtStatus = SamRemoveMemberFromGroup(GroupHandle1, UserRid); 12302 ASSERT(NT_SUCCESS(NtStatus)); 12303 12304 12305 12306 // 12307 // Now get rid of the group and possibly the user account 12308 // 12309 12310 12311 NtStatus = SamDeleteGroup( GroupHandle1 ); 12312 ASSERT(NT_SUCCESS(NtStatus)); 12313 12314 if (DeleteUser == TRUE) { 12315 NtStatus = SamDeleteUser( UserHandle1 ); 12316 ASSERT(NT_SUCCESS(NtStatus)); 12317 } else { 12318 NtStatus = SamCloseHandle( UserHandle1 ); 12319 ASSERT(NT_SUCCESS(NtStatus)); 12320 } 12321 12322 12323 12324 12325 12326 12327 12328 12329 12330 printf(" Set Name Information . . . . . . . . . . . . . . . . "); 12331 printf("(Untested)\n"); 12332 12333 12334 } 12335 12336 return(TestStatus); 12337 12338 } 12339 #endif // NOT_PART_OF_PROGRAM