in TestSuites/ADFamily/src/Adapter/MS-NRPC/ServerRoleCaptureCode.cs [9331:10163]
private void VerifyNetrLogonGetDomainInfoResponse(
HRESULT hresult,
_NETLOGON_AUTHENTICATOR? returnAuthenticator,
Level_Values level,
_NETLOGON_DOMAIN_INFORMATION? domainInfo,
_NETLOGON_WORKSTATION_INFORMATION workStaBuffer,
string dnsHostNameAttribute,
string spnAttribute,
string operatingSystemAttribute)
{
if (hresult == HRESULT.ERROR_SUCCESS)
{
_NETLOGON_DOMAIN_INFORMATION domBuffer = domainInfo.Value;
if ((currentSutOperatingSystem == PlatformType.WindowsServer2000_SP4)
|| (currentSutOperatingSystem == PlatformType.WindowsXp)
|| (currentSutOperatingSystem == PlatformType.WindowsServer2003)
|| (currentSutOperatingSystem == PlatformType.WindowsVista)
|| (currentSutOperatingSystem == PlatformType.WindowsServer2008)
|| (currentSutOperatingSystem == PlatformType.Windows7)
|| (currentSutOperatingSystem == PlatformType.WindowsServer2008R2)
|| (currentSutOperatingSystem == PlatformType.Windows8)
|| (currentSutOperatingSystem == PlatformType.WindowsServer2012)
|| (currentSutOperatingSystem == PlatformType.Windows8_1)
|| (currentSutOperatingSystem == PlatformType.WindowsServer2012R2))
{
// Verify MS-NRPC requirement: MS-NRPC_R1035.
// When OS is the specified OS, the server returns success, it indicates that the
// specified OS supports NetrLogonGetDomainInfo method, so it can be captured directly.
Site.CaptureRequirement(
1035,
@"<254> Section 3.5.4.4.9: [NetrLogonGetDomainInfo method is ] Supported in Windows 2000 Server,
Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2,
Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2.");
}
// Verify MS-NRPC requirement: MS-NRPC_R1039.
// Stack has changed pointer to corresponding structure.
// This structure NETLOGON_AUTHENTICATOR is generated based on the IDL from the TD.
// If the method using this field as parameter executes successfully, it indicates
// that this field is the type defined in the TD.
// So when the hresult is success, this requirement is captured.
Site.CaptureRequirement(
1039,
@"[In NetrLogonGetDomainInfo (Opnum 29)]ReturnAuthenticator: A pointer to a NETLOGON_AUTHENTICATOR
structure, as specified in section 2.2.1.1.5, that contains the server return authenticator.");
// Verify NETLOGON_AUTHENTICATOR structure.
this.VerifyNetlogonAuthenticator(hresult, returnAuthenticator);
// Verify MS-NRPC requirement: MS-NRPC_R1044.
// Stack has changed pointer to corresponding structure.
// This structure is generated based on the IDL from the TD,
// if the method having this field as parameter returns success,
// it indicates that this field is the type as defined in the TD.
Site.CaptureRequirement(
1044,
@"[In NetrLogonGetDomainInfo (Opnum 29)]DomBuffer: A pointer to a NETLOGON_DOMAIN_INFORMATION
structure, as specified in section 2.2.1.3.12, that contains information about the domain or
policy information.");
if (level == Level_Values.NetlogonDomainInfo)
{
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
"Verify MS-NRPC_R1057");
// DomainInfo array is generated based on the IDL, and it has only one element.
string actualDomainName = GetRpcUnicodeString(domBuffer.DomainInfo[0].PrimaryDomain.DomainName);
// Verify MS-NRPC requirement: MS-NRPC_R1057.
Site.CaptureRequirementIfAreEqual<string>(
primaryDomainNetBiosName.ToLower(CultureInfo.InvariantCulture),
actualDomainName.ToLower(CultureInfo.InvariantCulture),
1057,
@"[In NetrLogonGetDomainInfo (Opnum 29) If the Level parameter is set to 1, the return
structure MUST be generated as follows:]NETLOGON_DOMAIN_INFO.PrimaryDomain. DomainName
MUST be set to NetbiosDomainName.");
string actualDnsDomainName = GetRpcUnicodeString(
domBuffer.DomainInfo[0].PrimaryDomain.DnsDomainName);
// If actualDnsDomainName ends with '.' (e.g. "contoso.com."), remove the last '.'.
if (actualDnsDomainName[actualDnsDomainName.Length - 1] == '.')
{
actualDnsDomainName = actualDnsDomainName.Substring(0, actualDnsDomainName.Length - 1);
}
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
"Verify MS-NRPC_R1058");
// Verify MS-NRPC requirement: MS-NRPC_R1058.
Site.CaptureRequirementIfAreEqual<string>(
PrimaryDomainDnsName.ToLower(CultureInfo.InvariantCulture),
actualDnsDomainName.ToLower(CultureInfo.InvariantCulture),
1058,
@"[In NetrLogonGetDomainInfo (Opnum 29) If the Level parameter is set to 1, the return
structure MUST be generated as follows:]NETLOGON_DOMAIN_INFO.PrimaryDomain. DnsDomainName
MUST be set to DnsDomainName.");
string actualDnsForestName = GetRpcUnicodeString(
domBuffer.DomainInfo[0].PrimaryDomain.DnsForestName);
// If actualDnsForestName ends with '.' (e.g. "contoso.com."), remove the last '.'.
if (actualDnsForestName[actualDnsForestName.Length - 1] == '.')
{
actualDnsForestName = actualDnsForestName.Substring(0, actualDnsForestName.Length - 1);
}
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
"Verify MS-NRPC_R1059");
// Verify MS-NRPC requirement: MS-NRPC_R1059.
Site.CaptureRequirementIfAreEqual<string>(
Site.Properties["Common.PrimaryDomain.DNSName"],
actualDnsForestName,
1059,
@"[In NetrLogonGetDomainInfo (Opnum 29) If the Level parameter is set to 1, the return
structure MUST be generated as follows:]NETLOGON_DOMAIN_INFO.PrimaryDomain. DnsForestName
MUST be set to DnsForestName.");
Guid actualDomainGuid = domBuffer.DomainInfo[0].PrimaryDomain.DomainGuid;
if (actualDomainGuid != null)
{
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
"Verify MS-NRPC_R1060");
// Verify MS-NRPC requirement: MS-NRPC_R1060.
Site.CaptureRequirementIfAreEqual<string>(
Site.Properties["Common.PrimaryDomainDnsName.ServerGUID"],
actualDomainGuid.ToString(),
1060,
@"[In NetrLogonGetDomainInfo (Opnum 29) If the Level parameter is set to 1, the return
structure MUST be generated as follows:]NETLOGON_DOMAIN_INFO.PrimaryDomain. DomainGuid
MUST be set to DomainGuid if not NULL.");
}
if (domBuffer.DomainInfo[0].PrimaryDomain.DomainSid != null)
{
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
"Verify MS-NRPC_R1061");
string actualDomainSid = GetStringFromRpcSid(domBuffer.DomainInfo[0].PrimaryDomain.DomainSid[0]);
// Verify MS-NRPC requirement: MS-NRPC_R1061.
Site.CaptureRequirementIfAreEqual<string>(
PrimaryDomainSID,
actualDomainSid,
1061,
@"[In NetrLogonGetDomainInfo (Opnum 29) If the Level parameter is set to 1, the return
structure MUST be generated as follows:]NETLOGON_DOMAIN_INFO.PrimaryDomain. DomainSid
MUST be set to DomainSid if DomainSid is not NULL.");
}
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
"Verify MS-NRPC_R1062");
// Verify MS-NRPC requirement: MS-NRPC_R1062.
Site.CaptureRequirementIfAreEqual<uint>(
workStaBuffer.WorkstationInfo[0].WorkstationFlags & 0x3,
domBuffer.DomainInfo[0].WorkstationFlags,
1062,
@"[In NetrLogonGetDomainInfo (Opnum 29) If the Level parameter is set to 1, the return
structure MUST be generated as follows:]NETLOGON_DOMAIN_INFO.WorkstationFlags MUST be set
with the bitwise AND of NETLOGON_WORKSTATION_INFORMATION. WorkstationInfo.WorkstationFlags
and 0x3.");
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
"Verify MS-NRPC_R1063");
// Verify MS-NRPC requirement: MS-NRPC_R1063.
Site.CaptureRequirementIfAreEqual<uint>(
(uint)TrustedDomainCount,
domBuffer.DomainInfo[0].TrustedDomainCount,
1063,
@"[In NetrLogonGetDomainInfo (Opnum 29) If the Level parameter is set to 1, the return
structure MUST be generated as follows:]NETLOGON_DOMAIN_INFO.TrustedDomainCount MUST be
set to the size of the ForestTrustList.");
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
"Verify MS-NRPC_R1064");
// Verify MS-NRPC requirement: MS-NRPC_R1064.
// This structure is generated based on the IDL from the TD.
// If the method using this field as parameter executes successfully, it indicates
// that this field is the type defined in the TD, and the specific content will be verify follows.
// So here only to verify the count number.
Site.CaptureRequirementIfAreEqual<uint>(
(uint)TrustedDomainCount,
domBuffer.DomainInfo[0].TrustedDomainCount,
1064,
@"[In NetrLogonGetDomainInfo (Opnum 29) If the Level parameter is set to 1, the return
structure MUST be generated as follows:]NETLOGON_DOMAIN_INFO.TrustedDomains MUST be set
to a TrustedDomainCount-sized array of NETLOGON_ONE_DOMAIN_INFO structures.");
if (domBuffer.DomainInfo[0].TrustedDomainCount > 0)
{
// Get the expected value for trusted domain.
string[] expectNetBIOSDomainNamesForTrustedDomain = NetBIOSDomainNamesForTrustedDomain.Split(',');
string[] dnsDomainNamesForTrustedDomain =
{ Site.Properties["Common.PrimaryDomain.DNSName"], Site.Properties["TrustDomain.DNSName"] };
string[] domainGuidsForTrustedDomain = DomainGuidsForTrustedDomain.Split(',');
string[] domainSidsForTrustedDomain = DomainSidsForTrustedDomain.Split(',');
string[] machineAccountRidForTrustedDomain =
Site.Properties["MS_NRPC.Adapter.MachineAccountRidForTrustedDomain"].Split(',');
string[] flagsForTrustedDomain = FlagsForTrustedDomain.Split(',');
string[] parentIndexForTrustedDomain = ParentIndexForTrustedDomain.Split(',');
string[] trustTypeForTrustedDomain = TrustTypeForTrustedDomain.Split(',');
string[] trustAttributesForTrustedDomain = TrustAttributesForTrustedDomain.Split(',');
// Used to indicate whether the returned value is right.
bool isNetBIOSDomainNamesCorrect = true;
bool isDnsDomainNamesCorrect = true;
bool isDomainGuidsCorrect = true;
bool isDomainSidsCorrect = true;
bool isDnsForestNameCorrect = true;
bool isTrustExtensionLengthCorrect = true;
bool isTrustExtensionBufferCorrect = true;
foreach (_NETLOGON_ONE_DOMAIN_INFO domain in domBuffer.DomainInfo[0].TrustedDomains)
{
// A local variable used to indicate if a match is found for a specified object.
bool isMatchFound = false;
#region NETBIOSDomainNames
foreach (string expectedNetBIOSDomainName in expectNetBIOSDomainNamesForTrustedDomain)
{
if (expectedNetBIOSDomainName.Equals(
GetRpcUnicodeString(domain.DomainName),
StringComparison.OrdinalIgnoreCase))
{
isMatchFound = true;
this.VerifyOneDomainInfo(hresult, domain, expectedNetBIOSDomainName);
break;
}
}
if (!isMatchFound)
{
isNetBIOSDomainNamesCorrect = false;
}
#endregion
// Reset to false for next use.
isMatchFound = false;
#region DnsDomainNames
foreach (string dnsDomainName in dnsDomainNamesForTrustedDomain)
{
if (dnsDomainName.Equals(GetRpcUnicodeString(domain.DnsDomainName), StringComparison.OrdinalIgnoreCase))
{
isMatchFound = true;
break;
}
}
if (!isMatchFound)
{
isDnsDomainNamesCorrect = false;
}
#endregion
// Reset to false for next use.
isMatchFound = false;
#region DomainGuids
foreach (string domainGuid in domainGuidsForTrustedDomain)
{
if (domainGuid.Equals(domain.DomainGuid.ToString(), StringComparison.OrdinalIgnoreCase))
{
isMatchFound = true;
break;
}
}
if (!isMatchFound)
{
isDomainGuidsCorrect = false;
}
#endregion
// Reset to false for next use.
isMatchFound = false;
#region DomainSids
for (int i = 0; i < domainSidsForTrustedDomain.Length; i++)
{
if (domainSidsForTrustedDomain[i].Equals(
GetStringFromRpcSid(domain.DomainSid[0]),
StringComparison.OrdinalIgnoreCase))
{
isMatchFound = true;
break;
}
}
if (!isMatchFound)
{
isDomainSidsCorrect = false;
}
#endregion
#region DnsForestName
if (null != domain.DnsForestName.Buffer)
{
isDnsForestNameCorrect = false;
}
#endregion
#region TrustExtensionLength
// Section 3.5.4.3.9: For Windows 2000, windows xp, Windows Server 2003, Windows Vista,
// Windows Server 2008, Windows 7, and Windows Server 2008 R2,
// NETLOGON_ONE_DOMAIN_INFO.TrustExtension MaximumLength and Length are set to the size 0x10.
if (!(domain.TrustExtension.MaximumLength == 0x10
&& domain.TrustExtension.Length == 0x10))
{
isTrustExtensionLengthCorrect = false;
}
#endregion
// Reset to false for next use.
isMatchFound = false;
#region TrustExtensionBuffer
// If workStationFlags is 0, which indicates the client doesn't receive inbound trusts,
// the bit F in returned domBuffer.DomainInfo[0].TrustedDomains[i].TrustExtension.Buffer.
// Flags field should NOT be set. Because according to the TD, TrustExtension contains the
// fileds in DS_DOMAIN_TRUSTSW structure, in DS_DOMAIN_TRUSTSW, bit F means domain directly
// trusts the current domain. The conclusion is if workStationFlags is 0 the bit F
// in returned domain should not be set.
// In configuration file, the expected Flags value is configured with bit F not set.
// So only verify these requirements when workStationFlags is 0.
for (int i = 0; i < domBuffer.DomainInfo[0].TrustedDomainCount; i++)
{
if (IsBufferCorrectForTrustedDomain(
domain.TrustExtension.Buffer,
uint.Parse(flagsForTrustedDomain[i], CultureInfo.InvariantCulture),
uint.Parse(parentIndexForTrustedDomain[i], CultureInfo.InvariantCulture),
uint.Parse(trustTypeForTrustedDomain[i], CultureInfo.InvariantCulture),
uint.Parse(trustAttributesForTrustedDomain[i], CultureInfo.InvariantCulture)))
{
isMatchFound = true;
break;
}
}
if (!isMatchFound)
{
isTrustExtensionBufferCorrect = false;
}
#endregion
}
if (PDCIsWindows)
{
if (currentSutOperatingSystem == PlatformType.Windows2000
|| currentSutOperatingSystem == PlatformType.WindowsXp
|| currentSutOperatingSystem == PlatformType.WindowsServer2003
|| currentSutOperatingSystem == PlatformType.WindowsVista
|| currentSutOperatingSystem == PlatformType.WindowsServer2008
|| currentSutOperatingSystem == PlatformType.Windows7
|| currentSutOperatingSystem == PlatformType.WindowsServer2008R2
|| currentSutOperatingSystem == PlatformType.Windows8
|| currentSutOperatingSystem == PlatformType.WindowsServer2012
|| currentSutOperatingSystem == PlatformType.Windows8_1
|| currentSutOperatingSystem == PlatformType.WindowsServer2012R2)
{
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
@"Verify MS-NRPC_R1070,
MaximumLength: {0},
Length: {1}",
domBuffer.DomainInfo[0].TrustedDomains[0].TrustExtension.MaximumLength,
domBuffer.DomainInfo[0].TrustedDomains[0].TrustExtension.Length);
// Verify MS-NRPC requirement: MS-NRPC_R1070.
Site.CaptureRequirementIfIsTrue(
isTrustExtensionLengthCorrect,
1070,
@"<257> Section 3.5.4.4.9: For Windows 2000, Windows XP, Windows Server 2003,
Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8,
Windows Server 2012, Windows 8.1, and Windows Server 2012 R2, NETLOGON_ONE_DOMAIN_INFO.TrustExtension
MaximumLength and Length are set to the size 0x10.");
// If workStationFlags is 0, which indicates the client doesn't receive inbound trusts,
// the bit F in returned domBuffer.DomainInfo[0].TrustedDomains[i].TrustExtension.Buffer.
// Flags field should NOT be set. Because according to the TD, TrustExtension contains
// the fields in DS_DOMAIN_TRUSTSW structure, in DS_DOMAIN_TRUSTSW, bit F means
// domain directly trusts the current domain. The conclusion is
// if workStationFlags is 0 the bit F in returned domain should not be set.
// In configuration file, the expected Flags value is configured with bit F not set.
// So only verify these requirements when workStationFlags is 0.
if (workStaBuffer.WorkstationInfo[0].WorkstationFlags == 0)
{
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
@"Verify MS-NRPC_R1071,
Buffer: {0}",
domBuffer.DomainInfo[0].TrustedDomains[0].TrustExtension.Buffer);
// Verify MS-NRPC requirement: MS-NRPC_R1071.
Site.CaptureRequirementIfIsTrue(
isTrustExtensionBufferCorrect,
1071,
@"<188> Section 3.5.5.3.9:Buffer points to a buffer containing the following
fields of a DS_DOMAIN_TRUSTSW structure: Flags, ParentIndex, TrustType,
TrustAttributes.");
}
}
}
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
@"Verify MS-NRPC_R1065,
DomainName.Buffer: {0}",
domBuffer.DomainInfo[0].TrustedDomains[0].DomainName.Buffer.ToString());
// Verify MS-NRPC requirement: MS-NRPC_R1065.
Site.CaptureRequirementIfIsTrue(
isNetBIOSDomainNamesCorrect,
1065,
@"[In NetrLogonGetDomainInfo (Opnum 29) If the Level parameter is set to 1,
a TrustedDomainCount-sized array of NETLOGON_ONE_DOMAIN_INFO structures MUST be
generated as follows:] NETLOGON_ONE_DOMAIN_INFO.DomainName MUST be set to the
NetBIOS domain name of the trusted domain.");
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
@"Verify MS-NRPC_R1066,
DnsDomainName: {0}",
GetRpcUnicodeString(domBuffer.DomainInfo[0].TrustedDomains[0].DnsDomainName));
// Verify MS-NRPC requirement: MS-NRPC_R1066.
Site.CaptureRequirementIfIsTrue(
isDnsDomainNamesCorrect,
1066,
@"[In NetrLogonGetDomainInfo (Opnum 29) If the Level parameter is set to 1,
a TrustedDomainCount-sized array of NETLOGON_ONE_DOMAIN_INFO structures MUST be
generated as follows:] NETLOGON_ONE_DOMAIN_INFO.DnsDomainName MUST be set to the
DNS domain name of the trusted domain.");
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
@"Verify MS-NRPC_R1067,
DnsForestName: {0}",
GetRpcUnicodeString(domBuffer.DomainInfo[0].TrustedDomains[0].DnsForestName));
// Verify MS-NRPC requirement: MS-NRPC_R1067.
// All DnsForestName field in domBuffer.DomainInfo[0].TrustedDomains array must be null.
Site.CaptureRequirementIfIsTrue(
isDnsForestNameCorrect,
1067,
@"[In NetrLogonGetDomainInfo (Opnum 29) If the Level parameter is set to 1,
a TrustedDomainCount-sized array of NETLOGON_ONE_DOMAIN_INFO structures MUST be generated
as follows:] NETLOGON_ONE_DOMAIN_INFO.DnsForestName MUST be set to NULL string.");
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
@"Verify MS-NRPC_R1068,
DomainGuid: {0}",
domBuffer.DomainInfo[0].TrustedDomains[0].DomainGuid.ToString());
// Verify MS-NRPC requirement: MS-NRPC_R1068.
Site.CaptureRequirementIfIsTrue(
isDomainGuidsCorrect,
1068,
@"[In NetrLogonGetDomainInfo (Opnum 29) If the Level parameter is set to 1,
a TrustedDomainCount-sized array of NETLOGON_ONE_DOMAIN_INFO structures MUST be generated
as follows:] NETLOGON_ONE_DOMAIN_INFO.DomainGuid MUST be set to the domain GUID of the
trusted domain.");
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
@"Verify MS-NRPC_R1069,
DomainSid: {0}",
domBuffer.DomainInfo[0].TrustedDomains[0].DomainSid.ToString());
// Verify MS-NRPC requirement: MS-NRPC_R1069.
Site.CaptureRequirementIfIsTrue(
isDomainSidsCorrect,
1069,
@"[In NetrLogonGetDomainInfo (Opnum 29) If the Level parameter is set to 1,
a TrustedDomainCount-sized array of NETLOGON_ONE_DOMAIN_INFO structures MUST be generated
as follows:] NETLOGON_ONE_DOMAIN_INFO.DomainSid MUST be set to the domain SID of the
trusted domain.<188>");
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
"Verify MS-NRPC_R1072");
// Verify MS-NRPC requirement: MS-NRPC_R1072.
Site.CaptureRequirementIfAreEqual<uint>(
(uint)PdcSupportedEncryptionTypes,
domBuffer.DomainInfo[0].SupportedEncTypes,
1072,
@"[In NetrLogonGetDomainInfo (Opnum 29) If the Level parameter is set to 1, the return
structure MUST be generated as follows:]NETLOGON_DOMAIN_INFO. SupportedEncTypes MUST be
set to the supported encryption algorithms.");
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
"Verify MS-NRPC_R1074");
// Verify MS-NRPC requirement: MS-NRPC_R1074.
Site.CaptureRequirementIfAreEqual<uint>(
0,
domBuffer.DomainInfo[0].LsaPolicy.LsaPolicySize,
1074,
@"[In NetrLogonGetDomainInfo (Opnum 29) If the Level parameter is set to
1]NETLOGON_DOMAIN_INFO.LsaPolicy.LsaPolicySize is set to 0.");
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
"Verify MS-NRPC_R1075");
// Verify MS-NRPC requirement: MS-NRPC_R1075.
Site.CaptureRequirementIfIsNull(
domBuffer.DomainInfo[0].LsaPolicy.LsaPolicy,
1075,
@"[In NetrLogonGetDomainInfo (Opnum 29) If the Level parameter is set to
1]NETLOGON_DOMAIN_INFO.LsaPolicy.LsaPolicy is set to NULL.");
// If WkstaBuffer.WorkstationInfo.WorkstationFlags has the 0x2 bit set.
if ((workStaBuffer.WorkstationInfo[0].WorkstationFlags & 0x2) == 0x2)
{
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
"Verify MS-NRPC_R1076");
// Verify MS-NRPC requirement: MS-NRPC_R1076.
Site.CaptureRequirementIfAreEqual<string>(
dnsHostNameAttribute,
GetRpcUnicodeString(domBuffer.DomainInfo[0].DnsHostNameInDs),
1076,
@"[In NetrLogonGetDomainInfo (Opnum 29)] If WkstaBuffer.WorkstationInfo.WorkstationFlags
has the 0x2 bit set, NETLOGON_DOMAIN_INFO.DnsHostNameInDs is set to the dNSHostName
([MS-ADA1] section 2.185) of the client account.");
}
// If WkstaBuffer.WorkstationInfo.WorkstationFlags does not have the 0x2 bit set.
if ((workStaBuffer.WorkstationInfo[0].WorkstationFlags & 0x2) != 0x2)
{
string expectedNetBiosName =
string.Format(CultureInfo.InvariantCulture, "HOST/{0}", Site.Properties["Common.ENDPOINT.NetbiosName"]);
string clientDnsHostName = Site.Properties["Common.ENDPOINT.NetbiosName"] + "." + Site.Properties["Common.PrimaryDomain.DNSName"];
string expectedFqdnName =
string.Format(CultureInfo.InvariantCulture, "HOST/{0}", clientDnsHostName);
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
@"Verify MS-NRPC_R1078,
expected NetBIOS SPN name: {0},
actual SPN name: {1}",
expectedNetBiosName,
spnAttribute);
// Verify MS-NRPC requirement: MS-NRPC_R1078.
Site.CaptureRequirementIfIsTrue(
spnAttribute.Contains(expectedNetBiosName),
1078,
@"[In NetrLogonGetDomainInfo (Opnum 29) If WkstaBuffer.WorkstationInfo.WorkstationFlags
does not have the 0x2 bit set, the server adds the SPNs of ]HOST/<Netbios name>[ to the
ServicePrincipalName attribute of the clients account].");
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
@"Verify MS-NRPC_R1079,
expected FQDN SPN name: {0},
actual SPN name: {1}",
expectedFqdnName,
spnAttribute);
// Verify MS-NRPC requirement: MS-NRPC_R1079.
Site.CaptureRequirementIfIsTrue(
spnAttribute.Contains(expectedFqdnName),
1079,
@"[In NetrLogonGetDomainInfo (Opnum 29) If WkstaBuffer.WorkstationInfo.WorkstationFlags
does not have the 0x2 bit set, the server adds the SPNs of ]HOST/<FQDN name>[ to the
ServicePrincipalName attribute of the clients account].");
}
// If the WkstaBuffer.WorkstationInfo.OsName is specified.
if (workStaBuffer.WorkstationInfo[0].OsName.Length != 0)
{
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
"Verify MS-NRPC_R262");
// Verify MS-NRPC requirement: MS-NRPC_R262.
Site.CaptureRequirementIfAreEqual<string>(
ClientOsVersion,
operatingSystemAttribute,
262,
@"[In NETLOGON_WORKSTATION_INFO structure]OsName:The DC that receives this data
structure updates the operatingSystem attribute of the client's machine account
object in Active Directory, as specified in [MS-ADA3], section 2.52.");
}
// If WkstaBuffer.WorkstationInfo.OsVersion is specified
// but WkstaBuffer.WorkstationInfo.OsName is not specified.
if (workStaBuffer.WorkstationInfo[0].OsName.Length == 0
&& workStaBuffer.WorkstationInfo[0].OsVersion.Length != 0)
{
byte[] buffer =
MarshalHelper.GetBytes(workStaBuffer.WorkstationInfo[0].OsVersion.Buffer, false);
// According to [MS-RPRN] the latest byte is wProductType.
OS_TYPE clientOSType = (OS_TYPE)buffer[buffer.Length - 1];
if (clientOSType == OS_TYPE.VER_NT_WORKSTATION)
{
// Verify requirement MS-NRPC_R1084 and MS-NRPC_R1085.
string isR1084Implemented = Site.Properties.Get("MS_NRPC.SHOULDMAY.R1084Implementation");
bool isR1085Satisfied = operatingSystemAttribute.Equals(
"Windows Workstation",
StringComparison.OrdinalIgnoreCase);
if (PDCIsWindows)
{
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
@"Verify MS-NRPC_R1085, operatingSystem attribute:{0}",
operatingSystemAttribute);
// Verify MS-NRPC requirement: MS-NRPC_R1085.
Site.CaptureRequirementIfIsTrue(
isR1085Satisfied,
1085,
@"[In NetrLogonGetDomainInfo (Opnum 29)]If WkstaBuffer.WorkstationInfo.OsVersion
is specified but WkstaBuffer.WorkstationInfo.OsName is not, and if the
wProductType is VER_NT_WORKSTATION, then the string ""Windows Workstation""
is used to update the operatingSystem attribute in Windows Vista,
Windows server 2K8, Windows 7, Windows NT, Windows server 2K8 R2.");
if (null == isR1084Implemented)
{
Site.Properties.Add("MS_NRPC.SHOULDMAY.R1084Implementation", bool.TrueString);
isR1084Implemented = bool.TrueString;
}
}
if (null != isR1084Implemented)
{
bool implement = bool.Parse(isR1084Implemented);
bool isSatisfied = isR1085Satisfied;
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
@"Verify MS-NRPC_R1084,
operatingSystem attribute: {0}",
operatingSystemAttribute);
// Verify MS-NRPC requirement: MS-NRPC_R1084.
Site.CaptureRequirementIfAreEqual<bool>(
implement,
isSatisfied,
1084,
string.Format(CultureInfo.InvariantCulture,
@"[In NetrLogonGetDomainInfo (Opnum 29)]If WkstaBuffer.WorkstationInfo.OsVersion
is specified but WkstaBuffer.WorkstationInfo.OsName is not, then a different
generic string SHOULD be used to update the operatingSystem attribute, depending
on the value of WkstaBuffer.WorkstationInfo.OsVersion.wProductType. If the
wProductType is VER_NT_WORKSTATION, then the string that SHOULD be used is
""Windows Workstation"".
This requirement is {0} implemented.",
implement ? string.Empty : "not"));
}
}
else
{
// Verify requirement MS-NRPC_R1088 and MS-NRPC_R101088.
string isR1088Implemented = Site.Properties.Get("MS_NRPC.SHOULDMAY.R1088Implementation");
bool isR101088Satisfied = operatingSystemAttribute.Equals(
"Windows Server",
StringComparison.OrdinalIgnoreCase);
if (PDCIsWindows)
{
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
@"Verify MS-NRPC_R101088,
operatingSystem attribute:{0}",
operatingSystemAttribute);
// Verify MS-NRPC requirement: MS-NRPC_R101088.
Site.CaptureRequirementIfIsTrue(
isR101088Satisfied,
101088,
@"[In NetrLogonGetDomainInfo (Opnum 29)]otherwise
[If WkstaBuffer.WorkstationInfo.OsVersion is specified but
WkstaBuffer.WorkstationInfo.OsName is not, and the wProductType
isn't VER_NT_WORKSTATION] the string ""Windows Server"" is used to update
the operatingSystem attribute in Windows Vista, Windows server 2K8,
Windows 7, Windows NT, Windows server 2K8 R2.");
if (null == isR1088Implemented)
{
Site.Properties.Add("MS_NRPC.SHOULDMAY.R1088Implementation", bool.TrueString);
isR1088Implemented = bool.TrueString;
}
}
if (null != isR1088Implemented)
{
bool implement = bool.Parse(isR1088Implemented);
bool isSatisfied = isR101088Satisfied;
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
@"Verify MS-NRPC_R1088,
operatingSystem attribute: {0}",
operatingSystemAttribute);
// Verify MS-NRPC requirement: MS-NRPC_R1088.
Site.CaptureRequirementIfAreEqual<bool>(
implement,
isSatisfied,
1088,
string.Format(CultureInfo.InvariantCulture,
@"[In NetrLogonGetDomainInfo (Opnum 29)]otherwise[If
WkstaBuffer.WorkstationInfo.OsVersion is specified but
WkstaBuffer.WorkstationInfo.OsName is not, and the wProductType isn't
VER_NT_WORKSTATION] the string SHOULD be ""Windows Server""
This requirement is {0} implemented.",
implement ? string.Empty : "not"));
}
}
}
// If WkstaBuffer.WorkstationInfo.OsName and
// WkstaBuffer.WorkstationInfo.OsVersion are not specified.
if (workStaBuffer.WorkstationInfo[0].OsName.Length == 0
&& workStaBuffer.WorkstationInfo[0].OsVersion.Length == 0)
{
// Verify requirement MS-NRPC_R1082 and MS-NRPC_R1083.
string isR1082Implemented = Site.Properties.Get("MS_NRPC.SHOULDMAY.R1082Implementation");
bool isR1083Satisfied = operatingSystemAttribute.Equals(
"Windows unknown version",
StringComparison.OrdinalIgnoreCase);
if (PDCIsWindows)
{
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
@"Verify MS-NRPC_R1083,
operatingSystem attribute:{0}",
operatingSystemAttribute);
// Verify MS-NRPC requirement: MS-NRPC_R1083.
Site.CaptureRequirementIfIsTrue(
isR1083Satisfied,
1083,
@"[In NetrLogonGetDomainInfo (Opnum 29)]If WkstaBuffer.WorkstationInfo.OsName and
WkstaBuffer.WorkstationInfo.OsVersion are not specified, then a generic string
""Windows unknown version"" is used to update the operatingSystem attribute in
Windows Vista, Windows server 2K8, Windows 7, Windows NT, Windows server 2K8 R2.");
if (null == isR1082Implemented)
{
Site.Properties.Add("MS_NRPC.SHOULDMAY.R1082Implementation", bool.TrueString);
isR1082Implemented = bool.TrueString;
}
}
if (null != isR1082Implemented)
{
bool implement = bool.Parse(isR1082Implemented);
bool isSatisfied = isR1083Satisfied;
// Add the debug information.
Site.Log.Add(
LogEntryKind.Debug,
@"Verify MS-NRPC_R1082,
operatingSystem attribute: {0}",
operatingSystemAttribute);
// Verify MS-NRPC requirement: MS-NRPC_R1082.
Site.CaptureRequirementIfAreEqual<bool>(
implement,
isSatisfied,
1082,
string.Format(CultureInfo.InvariantCulture,
@"[In NetrLogonGetDomainInfo (Opnum 29)]If WkstaBuffer.WorkstationInfo. OsName
and WkstaBuffer.WorkstationInfo.OsVersion are not specified, then a generic
string SHOULD be used to update the operatingSystem attribute
(""Windows unknown version"").
This requirement is {0} implemented.",
implement ? string.Empty : "not"));
}
}
}
}
}
}