// <summary>
// the function is used to create a DrsUpdateRef request
// </summary>
public DRS_MSG_UPDREFS CreateRequestForDrsUpdateRef(
EnvironmentConfig.Machine machine,
DsServer dest,
DRS_OPTIONS options,
NamingContext nc = NamingContext.ConfigNC)
{
string nc_name = null;
Guid nc_guid = Guid.Empty;
string nc_sid = null;
DSNAME nc_obj;
switch (nc)
{
case NamingContext.ConfigNC:
nc_obj = dest.Domain.ConfigNC;
break;
case NamingContext.SchemaNC:
nc_obj = dest.Domain.SchemaNC;
break;
case NamingContext.AppNC:
if (EnvironmentConfig.TestDS)
{
nc_obj = ((AddsDomain)dest.Domain).OtherNCs[0];
}
else
{
nc_obj = ((AdldsDomain)dest.Domain).AppNCs[0];
}
break;
case NamingContext.DomainNC:
if (!EnvironmentConfig.TestDS)
{
nc_obj = new DSNAME();
}
nc_obj = ((AddsDomain)dest.Domain).DomainNC;
break;
default:
nc_obj = new DSNAME();
break;
}
nc_name = LdapUtility.ConvertUshortArrayToString(nc_obj.StringName);
nc_guid = nc_obj.Guid;
nc_sid = convertSidToString(nc_obj.Sid);
DRS_MSG_UPDREFS?req = DRSClient.CreateUpdateRefsRequest(
nc_name,
nc_guid,
nc_sid,
dest.DsaNetworkAddress,
dest.NtdsDsaObjectGuid,
options);
return((DRS_MSG_UPDREFS)req);
}
/// <summary>
/// constructor
/// </summary>
/// <param name="svr">sut</param>
/// <param name="toDel">source</param>
/// <param name="op">flags</param>
/// <param name="cred">credential</param>
public DelReplicaSource(EnvironmentConfig.Machine svr, EnvironmentConfig.Machine toDel, DRS_OPTIONS op, EnvironmentConfig.User cred, NamingContext nc = NamingContext.ConfigNC, bool needKCC = true)
{
sut = svr;
target = toDel;
if ((op & DRS_OPTIONS.DRS_LOCAL_ONLY) == 0)
{
options = op | DRS_OPTIONS.DRS_REF_OK;
}
else
{
options = op;
}
user = cred;
doKCC = needKCC;
}
public DRS_MSG_REPMOD createDRS_MSG_REPMOD_Request(
EnvironmentConfig.Machine machine,
DsServer src,
DRS_OPTIONS replicaFlags,
DRS_MSG_REPMOD_FIELDS modifyFields,
DRS_OPTIONS options
)
{
#region generate the parameters
string ncReplicaDistinguishedName = LdapUtility.ConvertUshortArrayToString(src.Domain.ConfigNC.StringName);
Guid ncReplicaObjectGuid = src.Domain.ConfigNC.Guid;
NT4SID ncReplicaObjectSid = src.Domain.ConfigNC.Sid;
Guid sourceDsaGuid = src.NtdsDsaObjectGuid;
string sourceDsaName = src.DsaNetworkAddress;
#endregion
REPLTIMES s = new REPLTIMES();
s.rgTimes = new byte[84];
for (int i = 0; i < s.rgTimes.Length; i++)
{
s.rgTimes[i] = 1;
}
string sid = convertSidToString(ncReplicaObjectSid);
DRS_MSG_REPMOD?req = DRSClient.CreateReplicaModifyRequest(
ncReplicaDistinguishedName,
ncReplicaObjectGuid,
sid,
sourceDsaGuid,
sourceDsaName,
s,
replicaFlags,
modifyFields,
options);
return((DRS_MSG_REPMOD)req);
}
public void DRSR_DRSGetNCChanges_Failed_NoStrongEncryptionByClient()
{
DrsrTestChecker.Check();
EnvironmentConfig.Machine dcServer = EnvironmentConfig.Machine.WritableDC1;
EnvironmentConfig.Machine dcPartner = EnvironmentConfig.Machine.WritableDC2;
DsServer dcServerMachine = (DsServer)EnvironmentConfig.MachineStore[dcServer];
DsServer dcPartnerMachine = (DsServer)EnvironmentConfig.MachineStore[dcPartner];
NamingContext specifiedNC = NamingContext.DomainNC;
string userdn = ldapAdpter.TestAddUserObj(dcServerMachine);
AddObjectUpdate aou = new AddObjectUpdate(dcServer, userdn);
updateStorage.PushUpdate(aou);
string groupdn = DRSTestData.DRSGetNCChange_ExistGroup + "," + LdapUtility.ConvertUshortArrayToString(((AddsDomain)dcServerMachine.Domain).DomainNC.StringName);
DRS_OPTIONS ulFlags = DRS_OPTIONS.NONE;
try
{
ldapAdpter.RemoveObjectFromGroup(dcServerMachine, userdn, groupdn);
}
catch
{
//it's OK if user is not in group
}
drsTestClient.SyncDCs(dcServer, dcServer);
//add a user to group dn
BaseTestSite.Log.Add(LogEntryKind.Comment, "Add user dn {0} to group dn {1} on DC {2}", userdn, groupdn, dcServer);
ResultCode addret = ldapAdpter.AddObjectToGroup(dcServerMachine, userdn, groupdn);
BaseTestSite.Assert.IsTrue(addret == ResultCode.Success, "add userdn {0} to group dn {1} failed", userdn, groupdn);
AddObjectUpdate adduserUpdate = new AddObjectUpdate(dcServer, userdn);
updateStorage.PushUpdate(adduserUpdate);
DRS_EXTENSIONS_IN_FLAGS clientCapbilities = DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_BASE | DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_GETCHGREPLY_V6; // not contains | DRS_EXTENSIONS_IN_FLAGS.DRS_EXT_STRONG_ENCRYPTION;
BaseTestSite.Log.Add(LogEntryKind.Comment, "Bind to DC server: {0}", dcServer);
uint ret = drsTestClient.DrsBind(dcServer, EnvironmentConfig.User.WritableDC2Account, clientCapbilities);
BaseTestSite.Assert.AreEqual <uint>(0, ret, "IDL_DRSBind should return 0 with a success bind to DC");
BaseTestSite.Log.Add(LogEntryKind.Comment,
"Calling IDL_DRSNCChanges (V8 request) to get changes for a specified NC from a DC server. The reply compression is not required.");
uint?outVersion;
DRS_MSG_GETCHGREPLY?outMessage;
ret = drsTestClient.DrsGetNCChanges(
dcServer,
DrsGetNCChanges_Versions.V8,
dcPartner,
ulFlags,
specifiedNC,
EXOP_REQ_Codes.None,
FSMORoles.None,
null,
out outVersion,
out outMessage);
BaseTestSite.Assert.AreNotEqual <uint>(0, ret, "IDL_DRSGetNCChanges should not return 0x0 for failure");
BaseTestSite.Assert.AreEqual <uint>((uint)Win32ErrorCode_32.SEC_E_ALGORITHM_MISMATCH, ret, "Verify error code detail: IDL_DRSNCChanges should return SEC_E_ALGORITHM_MISMATCH due to DRS_EXT_STRONG_ENCRYPTION not included in bind.");
}
