From: Andrew Bartlett <abartlet@samba.org>
Date: Wed, 16 Feb 2022 04:24:19 +0000 (+1300)
Subject: selftest: Allow RPC-SAMR to cope with OemChangePasswordUser2 being un-implemented
X-Git-Tag: tevent-0.12.0~401
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a2fa7f427aafdd463bbbd18bb495e9f95407e6f4;p=thirdparty%2Fsamba.git

selftest: Allow RPC-SAMR to cope with OemChangePasswordUser2 being un-implemented

This is important to allow, after other changes, for the Samba AD DC to again
pass rpc.samr after the removal of LM hash support from the DC.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
---

diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index 6c901c3c2ab..b8bab9825e2 100644
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -2096,6 +2096,18 @@ static bool test_OemChangePasswordUser2(struct dcerpc_pipe *p,
 			__location__, __FUNCTION__,
 			oldpass, newpass, nt_errstr(r.out.result));
 
+	if (torture_setting_bool(tctx, "samba4", false)) {
+		torture_assert_ntstatus_equal(tctx,
+					      r.out.result,
+					      NT_STATUS_NOT_IMPLEMENTED,
+					      "Samba4 should refuse LM password change");
+		/*
+		 * No point continuing, once we have checked this is not
+		 * implemented
+		 */
+		return true;
+	}
+
 	if (!NT_STATUS_EQUAL(r.out.result, NT_STATUS_PASSWORD_RESTRICTION)
 	    && !NT_STATUS_EQUAL(r.out.result, NT_STATUS_WRONG_PASSWORD)) {
 		torture_result(tctx, TORTURE_FAIL, "OemChangePasswordUser2 failed, should have returned WRONG_PASSWORD (or at least 'PASSWORD_RESTRICTON') for invalid password verifier - %s\n",