archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/ds/security/base/lsa/uclient/tests/crbat.bat

215 lines
8.4 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. set PE=/pe:s
  2. set AN=/ANSI
  4. rem Test generic creds
  5. crtest /w:ta /ty:g %PE% %AN%
  6. crtest /r:ta /ty:g %AN%
  8. rem test attributes on creds
  9. crtest /w:t1 /ty:p %PE% /com:"my comment" /password:MyPasswordIsReallyLong /user:[email protected] /at:f,g=1 %AN%
  10. crtest /r:t1 /ty:p %AN%
  12. rem ensure I can write over a cred
  13. crtest /w:t1 /ty:p %PE% /com:"c comment" /password:Pwd2 /user:[email protected] %AN%
  14. crtest /r:t1 /ty:p %AN%
  16. rem ensure a cred matches both the netbios and dns name
  17. crtest /w:s1 /ty:p %PE% /com:"c comment" /password:Pwd3 /user:[email protected] %AN%
  18. crtest /r /tins:s1 %AN%
  19. crtest /r /tids:s1 %AN%
  20. crtest /r /tids:s1.ms.com %AN%
  22. rem ... even if it has a target alias
  23. crtest /w:s2.ms.com /targeta:s2 /ty:p %PE% /com:"c comment" /password:Pwd4 /user:[email protected] %AN%
  24. crtest /r /tins:s2 %AN%
  25. crtest /r /tids:s2 %AN%
  26. crtest /r /tids:s2.ms.com %AN%
  28. rem Try it with a dns host name as target name
  29. crtest /w:s3.ms.com /ty:p %PE% /com:"c comment" /password:Pwd5 /user:[email protected] %AN%
  30. crtest /r /tins:s3 %AN%
  31. crtest /r /tids:s3 %AN%
  32. crtest /r /tids:s3.ms.com %AN%
  34. rem Try a wildcarded server name
  35. crtest /w:*.hp.com /ty:p %PE% /com:"c comment" /password:Pwd6 /user:[email protected] %AN%
  36. crtest /r /tins:hp %AN%
  37. crtest /r /tins:hp.com %AN%
  38. crtest /r /tids:hp.com %AN%
  39. crtest /r /tids:fred.hp.com %AN%
  40. crtest /r /tids:p.com %AN%
  41. crtest /r /tids:fred.hp.com. %AN%
  43. rem Another random test
  44. crtest /w:cliffvdom.nttest.microsoft.com /ti:cliffv2 /ty:p %PE% %AN%
  45. crtest /r /ti:cliffv %AN%
  47. rem Two dots at end of UPN are bogus
  48. crtest /w:*.hp.com /ty:p %PE% /com:"c comment" /password:Pwd1 /user:[email protected].. %AN%
  50. rem This one should make up a tagert alias of "bob" (in an older design)
  51. crtest /w:bob.hp.com /ty:p %PE% /com:"c comment" /password:Pwd8 /user:[email protected] /tids:bob.hp.com %AN%
  52. crtest /r:bob.hp.com /ty:p %AN%
  54. rem Create a credential with a netbios server name
  55. crtest /w:zoe /ty:p %PE% /com:"c comment" /password:Pwd9 /user:[email protected] /tins:zoe %AN%
  56. crtest /e:zoe* %AN%
  58. rem prune it
  59. crtest /w:zoe.hp.com /ty:p %PE% /com:"c comment" /password:Pwd10 /user:[email protected] /tins:zoe /tids:zoe.hp.com %AN%
  60. crtest /e:zoe* %AN%
  62. rem Create a credential with a netbios domain name
  63. crtest /w:zat /ty:p %PE% /password:Pwd11 /user:[email protected] /tins:zat5 /tind:zat %AN%
  65. rem Create a corresponding password credential
  66. crtest /w:zat /ty:p %PE% /password:Pwd12 /user:[email protected] /tins:zat5 /tind:zat %AN%
  67. crtest /e:zat* %AN%
  69. rem Get the domain credentials
  70. crtest /r:zat /tins:zat5 /tind:zat /tidd:zat.ms.com %AN%
  71. crtest /e:zat* %AN%
  73. rem Create the Dns counterparts
  74. crtest /w:zat.ms.com /ty:c %PE% /password:Cert13 /user:@@BCIgACIgACIgACIgACIgACIgACIA /tins:zat5 /tidd:zat.ms.com %AN%
  75. crtest /w:zat.ms.com /ty:p %PE% /password:Pwd14 /user:[email protected]. /tins:zat5 /tidd:zat.ms.com %AN%
  76. crtest /e:zat* %AN%
  78. rem Now prune them
  79. crtest /r:zat /tins:zat5 /tind:zat /tidd:zat.ms.com %AN%
  80. crtest /e:zat* %AN%
  82. rem If I have a cred with TN=dns and TA=Netbios ...
  83. crtest /w:yat.ms.com /ty:p %PE% /password:Pwd15 /user:[email protected]. /tins:yat /tids:yat.ms.com /targetalias:yat %AN%
  84. rem ... then write an entry with TN=netbios, prune should fail
  85. crtest /w:yat /ty:p %PE% /password:Pwd16 /user:[email protected]. /tins:yat %AN%
  88. rem If I have a server cred ...
  89. crtest /w:wat.ms.com /ty:p %PE% /password:Pwd17 /user:[email protected]. /tins:wat /tids:wat.ms.com /targetalias:wat %AN%
  90. crtest /e:wat*
  91. rem ... and a domain cred ...
  92. crtest /w:vat.ms.com /ty:p %PE% /password:Pwd18 /user:[email protected]. /tind:vat /tidd:vat.ms.com /targetalias:vat %AN%
  93. crtest /e:vat*
  94. rem ... prune the server cred as soon as we find out the relationship
  95. crtest /r /tins:wat /tind:vat %AN%
  96. crtest /e:wat*
  97. crtest /e:vat*
  100. rem If I have a domain cred ...
  101. crtest /w:qat.ms.com /ty:p %PE% /password:Pwd19 /user:[email protected]. /tind:qat /tidd:qat.ms.com /targetalias:qat %AN%
  102. crtest /e:qat* %AN%
  103. rem ... morph it to a forest cred as soon as we find out the name
  104. crtest /r /tins:wat /tind:qat /tidt:rat.ms.com %AN%
  105. crtest /e:qat* %AN%
  106. crtest /e:rat* %AN%
  109. rem If I have a domain cred ...
  110. crtest /w:tat.ms.com /ty:p %PE% /password:Pwd20 /user:[email protected]. /tind:tat /tidd:tat.ms.com /targetalias:tat %AN%
  111. crtest /e:tat* %AN%
  112. rem ... and a forest cred ...
  113. crtest /w:sat.ms.com /ty:p %PE% /password:Pwd21 /user:[email protected]. /tidt:sat.ms.com %AN%
  114. crtest /e:sat* %AN%
  115. rem ... prune the domain cred as soon as we find out the relationship
  116. crtest /r /tins:wat /tind:tat /tidt:sat.ms.com %AN%
  117. crtest /e:tat* %AN%
  118. crtest /e:sat* %AN%
  121. rem If I have a domain cred ...
  122. crtest /w:qat.ms.com /ty:p %PE% /password:Pwd22 /user:[email protected]. /tind:qat /tidd:qat.ms.com /targetalias:qat %AN%
  123. crtest /e:qat* %AN%
  124. rem ... morph it to a forest cred as soon as we find out the name
  125. crtest /r /tins:wat /tind:qat /tidt:rat.ms.com %AN%
  126. crtest /e:qat* %AN%
  127. crtest /e:rat* %AN%
  128. rem If I have another domain cred ...
  129. crtest /w:pat.ms.com /ty:p %PE% /password:Pwd23 /user:[email protected]. /tind:pat /tidd:pat.ms.com /targetalias:pat %AN%
  130. rem ... morph it into the same forest
  131. crtest /r /tins:wat /tind:pat /tidt:rat.ms.com %AN%
  132. crtest /e:pat* %AN%
  133. crtest /e:rat* %AN%
  134. rem Add yet another domain alias ...
  135. crtest /w:nat.ms.com /ty:p %PE% /password:Pwd24 /user:[email protected]. /tind:nat /tidd:nat.ms.com /targetalias:nat %AN%
  136. rem ... morph it into the same forest
  137. crtest /r /tins:wat /tind:nat /tidt:rat.ms.com %AN%
  138. crtest /e:nat* %AN%
  139. crtest /e:rat* %AN%
  141. rem Move "pat" to a new forest
  142. crtest /r /tins:wat /tind:pat /tidd:pat.ms.com /tidt:mat.ms.com %AN%
  143. crtest /e:rat* %AN%
  146. rem Note that password creds allow marshaled user names
  147. crtest /w:lat /ty:p %PE% /password:Pwd25 /user:@@BCIgACIgACIgACIgACIgACIgACIA %AN%
  149. rem ensure cert creds don't allow normal user names
  150. crtest /w:lat /ty:c %PE% /password:Pwd26 /user:[email protected]. %AN%
  152. rem ensure we can get the session type
  153. crtest /gst
  155. rem Ensure runas target name matches user name (all canonical combinations)
  156. crtest /w:Nowislat /ty:p %PE% /password:Pwd27 /user:[email protected]. %AN% /credUsernameTarget
  157. crtest /w:[email protected] /ty:p %PE% /password:Pwd27 /user:[email protected] %AN% /credUsernameTarget
  158. crtest /w:[email protected] /ty:p %PE% /password:Pwd27 /user:[email protected] %AN% /credUsernameTarget
  159. crtest /w:[email protected] /ty:p %PE% /password:Pwd27 /user:[email protected]. %AN% /credUsernameTarget
  160. crtest /w:[email protected]. /ty:p %PE% /password:Pwd27 /user:[email protected] %AN% /credUsernameTarget
  161. crtest /w:[email protected]. /ty:p %PE% /password:Pwd27 /user:[email protected]. %AN% /credUsernameTarget
  162. crtest /r:[email protected] /ty:p %AN%
  164. rem Ensure we support canonicalization <domain>/user
  165. crtest /w:cat /ty:p %PE% /password:Pwd27 /user:ms.com.\u26 %AN%
  166. crtest /r:cat /ty:p %AN%
  168. rem Ensure runas support domain\user format
  169. crtest /w:ms.com\u27 /ty:p %PE% /password:Pwd27 /user:ms.com\u27 %AN% /credUsernameTarget
  170. crtest /w:ms.com\u27 /ty:p %PE% /password:Pwd27 /user:ms.com.\u27 %AN% /credUsernameTarget
  171. crtest /w:ms.com.\u27 /ty:p %PE% /password:Pwd27 /user:ms.com\u27 %AN% /credUsernameTarget
  172. crtest /w:ms.com.\u27 /ty:p %PE% /password:Pwd27 /user:ms.com.\u27 %AN% /credUsernameTarget
  173. crtest /r:ms.com\u27 /ty:p %AN%
  176. rem Ensure /Delete supports canonicalization
  177. crtest /w:cat.ms.com /ty:p %PE% /password:Pwd27 /user:ms.com.\u28 %AN%
  178. crtest /de:cat.ms.com. /ty:p %AN%
  179. crtest /w:ms.com\u29 /ty:p %PE% /password:Pwd27 /user:ms.com.\u29 %AN% /credUsernameTarget
  180. crtest /de:ms.com.\u29 /ty:p %AN%
  182. rem Create the special credentials
  183. crtest /w:* /ty:p %PE% /password:Pwd27 /user:ms.com.\u30 %AN%
  184. crtest /w:*Session /ty:p %PE% /password:Pwd27 /user:ms.com.\u30 %AN%
  186. rem Try renaming 'from' the special credentials
  187. crtest /old:* /new:bat.ms.com /ty:p
  188. crtest /r:bat.ms.com /ty:p
  189. crtest /r:* /ty:p
  190. crtest /old:*Session /new:aat.ms.com /ty:p
  191. crtest /r:aat.ms.com /ty:p
  192. crtest /r:*Session /ty:p
  194. rem Try renaming 'to' the special credentials
  195. crtest /old:bat.ms.com /new:* /ty:p
  196. crtest /r:bat.ms.com /ty:p
  197. crtest /r:* /ty:p
  198. crtest /old:aat.ms.com /new:*session /ty:p
  199. crtest /r:aat.ms.com /ty:p
  200. crtest /r:*Session /ty:p
  202. rem Create the session cred with the wrong persistance
  203. crtest /w:*Session /ty:p /pe:l /password:Pwd27 /user:ms.com.\u30 %AN%
  205. rem Rename to the session cred with the wrong persistance
  206. crtest /w:dat.ms.com /ty:p /pe:l /password:Pwd27 /user:ms.com.\u31 %AN%
  207. crtest /old:dat.ms.com /new:*session /ty:p
  210. rem test the DFS syntax
  211. crtest /w:dfsroot\dfsshare /ty:p %PE% /password:Pwd31 /user:ms.com.\u31 %AN%
  212. crtest /r /titn:dfsroot\dfsshare
  214. rem test a non-existent cert
  215. crtest /w:t28 /ty:c %PE% /com:"t28 comment" /password:Cert28 /user:@@BCIgACIgACIgACIgACIgACIgACIA %AN%