diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl
index 9a6e4a2..a294ed9 100644
--- a/source4/librpc/idl/lsa.idl
+++ b/source4/librpc/idl/lsa.idl
@@ -240,10 +240,12 @@ import "misc.idl", "security.idl";
 		LSA_POLICY_INFO_ROLE=6,
 		LSA_POLICY_INFO_REPLICA=7,
 		LSA_POLICY_INFO_QUOTA=8,
-		LSA_POLICY_INFO_DB=9,
+		LSA_POLICY_INFO_MOD=9,
 		LSA_POLICY_INFO_AUDIT_FULL_SET=10,
 		LSA_POLICY_INFO_AUDIT_FULL_QUERY=11,
-		LSA_POLICY_INFO_DNS=12
+		LSA_POLICY_INFO_DNS=12,
+		LSA_POLICY_INFO_DNS_INT=13,
+		LSA_POLICY_INFO_L_ACCOUNT_DOMAIN=14
 	} lsa_PolicyInfo;
 
 	typedef [switch_type(uint16)] union {
@@ -255,10 +257,12 @@ import "misc.idl", "security.idl";
 		[case(LSA_POLICY_INFO_ROLE)]             lsa_ServerRole         role;
 		[case(LSA_POLICY_INFO_REPLICA)]          lsa_ReplicaSourceInfo  replica;
 		[case(LSA_POLICY_INFO_QUOTA)]            lsa_DefaultQuotaInfo   quota;
-		[case(LSA_POLICY_INFO_DB)]               lsa_ModificationInfo   db;
+		[case(LSA_POLICY_INFO_MOD)]              lsa_ModificationInfo   mod;
 		[case(LSA_POLICY_INFO_AUDIT_FULL_SET)]   lsa_AuditFullSetInfo   auditfullset;
 		[case(LSA_POLICY_INFO_AUDIT_FULL_QUERY)] lsa_AuditFullQueryInfo auditfullquery;
 		[case(LSA_POLICY_INFO_DNS)]              lsa_DnsDomainInfo      dns;
+		[case(LSA_POLICY_INFO_DNS_INT)]          lsa_DnsDomainInfo      dns_int;
+		[case(LSA_POLICY_INFO_L_ACCOUNT_DOMAIN)] lsa_DomainInfo         l_account_domain;
 	} lsa_PolicyInformation;
 
 	NTSTATUS lsa_QueryInfoPolicy (
@@ -486,23 +490,39 @@ import "misc.idl", "security.idl";
 	/* Function:           0x16 */
 	[todo] NTSTATUS lsa_SetQuotasForAccount();
 	
+	typedef [bitmap32bit] bitmap {
+		LSA_POLICY_MODE_INTERACTIVE             = 0x00000001,
+		LSA_POLICY_MODE_NETWORK                 = 0x00000002,
+		LSA_POLICY_MODE_BATCH                   = 0x00000004,
+		LSA_POLICY_MODE_SERVICE                 = 0x00000010,
+		LSA_POLICY_MODE_PROXY			= 0x00000020,
+		LSA_POLICY_MODE_DENY_INTERACTIVE        = 0x00000040,
+		LSA_POLICY_MODE_DENY_NETWORK            = 0x00000080,
+		LSA_POLICY_MODE_DENY_BATCH              = 0x00000100,
+		LSA_POLICY_MODE_DENY_SERVICE            = 0x00000200,
+		LSA_POLICY_MODE_REMOTE_INTERACTIVE      = 0x00000400,
+		LSA_POLICY_MODE_DENY_REMOTE_INTERACTIVE = 0x00000800,
+		LSA_POLICY_MODE_ALL			= 0x00000FF7,
+		LSA_POLICY_MODE_ALL_NT4			= 0x00000037
+	} lsa_SystemAccessModeFlags;
+
 	/* Function:    0x17 */
 	NTSTATUS lsa_GetSystemAccessAccount(
-		[in]	policy_handle *handle,
+		[in]      policy_handle *handle,
 		[out,ref] uint32 *access_mask
 		);
 
 	/* Function:    0x18 */
 	NTSTATUS lsa_SetSystemAccessAccount(
-		[in]	policy_handle *handle,
-		[in]	uint32 access_mask
+		[in] policy_handle *handle,
+		[in] uint32 access_mask
 		);
 
 	/* Function:        0x19 */
 	NTSTATUS lsa_OpenTrustedDomain(
 		[in]     policy_handle *handle,
 		[in]     dom_sid2      *sid,
-		[in]         uint32         access_mask,
+		[in]     uint32         access_mask,
 		[out]    policy_handle *trustdom_handle
 		);
 
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index 3b70f3e..7df7a7c 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -393,6 +393,19 @@ static WERROR dcesrv_dssetup_DsRoleGetPrimaryDomainInformation(struct dcesrv_cal
 	return WERR_INVALID_PARAM;
 }
 
+/*
+ fill in the AuditEvents info
+*/
+static NTSTATUS dcesrv_lsa_info_AuditEvents(struct lsa_policy_state *state,
+	TALLOC_CTX *mem_ctx, struct lsa_AuditEventsInfo *info)
+{
+	/* TODO: auditing disabled at the moment */
+	info->auditing_mode = 0;
+	info->settings = NULL;
+	info->count = 0;
+
+	return NT_STATUS_OK;
+}
 
 /*
   fill in the AccountDomain info
@@ -444,15 +457,26 @@ static NTSTATUS dcesrv_lsa_QueryInfoPolicy2(struct dcesrv_call_state *dce_call,
 	ZERO_STRUCTP(r->out.info);
 
 	switch (r->in.level) {
+	case LSA_POLICY_INFO_AUDIT_EVENTS:
+		return dcesrv_lsa_info_AuditEvents(state, mem_ctx, &r->out.info->audit_events);
+
 	case LSA_POLICY_INFO_DOMAIN:
+		return dcesrv_lsa_info_AccountDomain(state, mem_ctx, &r->out.info->domain);
+
 	case LSA_POLICY_INFO_ACCOUNT_DOMAIN:
 		return dcesrv_lsa_info_AccountDomain(state, mem_ctx, &r->out.info->account_domain);
 
 	case LSA_POLICY_INFO_DNS:
 		return dcesrv_lsa_info_DNS(state, mem_ctx, &r->out.info->dns);
-	case LSA_POLICY_INFO_DB:
+
+	case LSA_POLICY_INFO_DNS_INT:
+		return dcesrv_lsa_info_DNS(state, mem_ctx, &r->out.info->dns_int);
+
+	case LSA_POLICY_INFO_L_ACCOUNT_DOMAIN:
+		return dcesrv_lsa_info_AccountDomain(state, mem_ctx, &r->out.info->l_account_domain);
+
+	case LSA_POLICY_INFO_MOD:
 	case LSA_POLICY_INFO_AUDIT_FULL_SET:
-	case LSA_POLICY_INFO_AUDIT_FULL_QUERY:
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 
@@ -1951,7 +1975,36 @@ static NTSTATUS dcesrv_lsa_SetQuotasForAccount(struct dcesrv_call_state *dce_cal
 static NTSTATUS dcesrv_lsa_GetSystemAccessAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
 		       struct lsa_GetSystemAccessAccount *r)
 {
-	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+	int i;
+	NTSTATUS status;
+	struct lsa_EnumPrivsAccount enumPrivs;
+
+	enumPrivs.in.handle = r->in.handle;
+
+	status = dcesrv_lsa_EnumPrivsAccount(dce_call, mem_ctx, &enumPrivs);
+	if (!NT_STATUS_IS_OK(status)) {
+		return status;
+	}	
+
+	*(r->out.access_mask) = 0x00000000;
+
+	for (i = 0; i < enumPrivs.out.privs->count; i++) {
+		int priv = enumPrivs.out.privs->set[i].luid.low;
+
+		switch (priv) {
+		case SEC_PRIV_INTERACTIVE_LOGON:
+			*(r->out.access_mask) |= LSA_POLICY_MODE_INTERACTIVE;
+			break;
+		case SEC_PRIV_NETWORK_LOGON:
+			*(r->out.access_mask) |= LSA_POLICY_MODE_NETWORK;
+			break;
+		case SEC_PRIV_REMOTE_INTERACTIVE_LOGON:
+			*(r->out.access_mask) |= LSA_POLICY_MODE_REMOTE_INTERACTIVE;
+			break;
+		}
+	}
+
+	return NT_STATUS_OK;
 }
 
 
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index 69bf333..8daead3 100644
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -46,7 +46,7 @@ static bool test_OpenPolicy(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
 	NTSTATUS status;
 	uint16_t system_name = '\\';
 
-	printf("\ntesting OpenPolicy\n");
+	printf("\nTesting OpenPolicy\n");
 
 	qos.len = 0;
 	qos.impersonation_level = 2;
@@ -88,7 +88,7 @@ bool test_lsa_OpenPolicy2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 	struct lsa_OpenPolicy2 r;
 	NTSTATUS status;
 
-	printf("\ntesting OpenPolicy2\n");
+	printf("\nTesting OpenPolicy2\n");
 
 	*handle = talloc(mem_ctx, struct policy_handle);
 	if (!*handle) {
@@ -780,7 +780,7 @@ static bool test_LookupPrivName(struct dcerpc_pipe *p,
 }
 
 static bool test_RemovePrivilegesFromAccount(struct dcerpc_pipe *p, 
-					     TALLOC_CTX *mem_ctx, 				  
+					     TALLOC_CTX *mem_ctx,
 					     struct policy_handle *handle,
 					     struct policy_handle *acct_handle,
 					     struct lsa_LUID *luid)
@@ -790,7 +790,7 @@ static bool test_RemovePrivilegesFromAccount(struct dcerpc_pipe *p,
 	struct lsa_PrivilegeSet privs;
 	bool ret = true;
 
-	printf("Testing RemovePrivilegesFromAccount\n");
+	printf("\nTesting RemovePrivilegesFromAccount\n");
 
 	r.in.handle = acct_handle;
 	r.in.remove_all = 0;
@@ -830,7 +830,7 @@ static bool test_RemovePrivilegesFromAccount(struct dcerpc_pipe *p,
 }
 
 static bool test_AddPrivilegesToAccount(struct dcerpc_pipe *p, 
-					TALLOC_CTX *mem_ctx, 				  
+					TALLOC_CTX *mem_ctx,
 					struct policy_handle *acct_handle,
 					struct lsa_LUID *luid)
 {
@@ -839,7 +839,7 @@ static bool test_AddPrivilegesToAccount(struct dcerpc_pipe *p,
 	struct lsa_PrivilegeSet privs;
 	bool ret = true;
 
-	printf("Testing AddPrivilegesToAccount\n");
+	printf("\nTesting AddPrivilegesToAccount\n");
 
 	r.in.handle = acct_handle;
 	r.in.privs = &privs;
@@ -860,7 +860,7 @@ static bool test_AddPrivilegesToAccount(struct dcerpc_pipe *p,
 }
 
 static bool test_EnumPrivsAccount(struct dcerpc_pipe *p, 
-				  TALLOC_CTX *mem_ctx, 				  
+				  TALLOC_CTX *mem_ctx,
 				  struct policy_handle *handle,
 				  struct policy_handle *acct_handle)
 {
@@ -868,7 +868,7 @@ static bool test_EnumPrivsAccount(struct dcerpc_pipe *p,
 	struct lsa_EnumPrivsAccount r;
 	bool ret = true;
 
-	printf("Testing EnumPrivsAccount\n");
+	printf("\nTesting EnumPrivsAccount\n");
 
 	r.in.handle = acct_handle;
 
@@ -894,6 +894,60 @@ static bool test_EnumPrivsAccount(struct dcerpc_pipe *p,
 	return ret;
 }
 
+static bool test_GetSystemAccessAccount(struct dcerpc_pipe *p,
+					TALLOC_CTX *mem_ctx,
+					struct policy_handle *handle,
+					struct policy_handle *acct_handle)
+{
+	NTSTATUS status;
+	uint32_t access_mask;
+	struct lsa_GetSystemAccessAccount r;
+
+	printf("\nTesting GetSystemAccessAccount\n");
+
+	r.in.handle = acct_handle;
+	r.out.access_mask = &access_mask;
+
+	status = dcerpc_lsa_GetSystemAccessAccount(p, mem_ctx, &r);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("GetSystemAccessAccount failed - %s\n", nt_errstr(status));
+		return false;
+	}
+
+	if (r.out.access_mask != NULL) {
+		printf("Rights:");
+		if (*(r.out.access_mask) & LSA_POLICY_MODE_INTERACTIVE)
+			printf(" LSA_POLICY_MODE_INTERACTIVE");
+		if (*(r.out.access_mask) & LSA_POLICY_MODE_NETWORK)
+			printf(" LSA_POLICY_MODE_NETWORK");
+		if (*(r.out.access_mask) & LSA_POLICY_MODE_BATCH)
+			printf(" LSA_POLICY_MODE_BATCH");
+		if (*(r.out.access_mask) & LSA_POLICY_MODE_SERVICE)
+			printf(" LSA_POLICY_MODE_SERVICE");
+		if (*(r.out.access_mask) & LSA_POLICY_MODE_PROXY)
+			printf(" LSA_POLICY_MODE_PROXY");
+		if (*(r.out.access_mask) & LSA_POLICY_MODE_DENY_INTERACTIVE)
+			printf(" LSA_POLICY_MODE_DENY_INTERACTIVE");
+		if (*(r.out.access_mask) & LSA_POLICY_MODE_DENY_NETWORK)
+			printf(" LSA_POLICY_MODE_DENY_NETWORK");
+		if (*(r.out.access_mask) & LSA_POLICY_MODE_DENY_BATCH)
+			printf(" LSA_POLICY_MODE_DENY_BATCH");
+		if (*(r.out.access_mask) & LSA_POLICY_MODE_DENY_SERVICE)
+			printf(" LSA_POLICY_MODE_DENY_SERVICE");
+		if (*(r.out.access_mask) & LSA_POLICY_MODE_REMOTE_INTERACTIVE)
+			printf(" LSA_POLICY_MODE_REMOTE_INTERACTIVE");
+		if (*(r.out.access_mask) & LSA_POLICY_MODE_DENY_REMOTE_INTERACTIVE)
+			printf(" LSA_POLICY_MODE_DENY_REMOTE_INTERACTIVE");
+		if (*(r.out.access_mask) & LSA_POLICY_MODE_ALL)
+			printf(" LSA_POLICY_MODE_ALL");
+		if (*(r.out.access_mask) & LSA_POLICY_MODE_ALL_NT4)
+			printf(" LSA_POLICY_MODE_ALL_NT4");
+		printf("\n");
+	}
+
+	return true;
+}
+
 static bool test_Delete(struct dcerpc_pipe *p, 
 		       TALLOC_CTX *mem_ctx, 
 		       struct policy_handle *handle)
@@ -901,7 +955,7 @@ static bool test_Delete(struct dcerpc_pipe *p,
 	NTSTATUS status;
 	struct lsa_Delete r;
 
-	printf("testing Delete\n");
+	printf("\nTesting Delete\n");
 
 	r.in.handle = handle;
 	status = dcerpc_lsa_Delete(p, mem_ctx, &r);
@@ -920,13 +974,13 @@ static bool test_DeleteObject(struct dcerpc_pipe *p,
 	NTSTATUS status;
 	struct lsa_DeleteObject r;
 
-	printf("testing DeleteObject\n");
+	printf("\nTesting DeleteObject\n");
 
 	r.in.handle = handle;
 	r.out.handle = handle;
 	status = dcerpc_lsa_DeleteObject(p, mem_ctx, &r);
 	if (!NT_STATUS_IS_OK(status)) {
-		printf("Delete failed - %s\n", nt_errstr(status));
+		printf("DeleteObject failed - %s\n", nt_errstr(status));
 		return false;
 	}
 
@@ -945,7 +999,7 @@ static bool test_CreateAccount(struct dcerpc_pipe *p,
 
 	newsid = dom_sid_parse_talloc(mem_ctx, "S-1-5-12349876-4321-2854");
 
-	printf("Testing CreateAccount\n");
+	printf("\nTesting CreateAccount\n");
 
 	r.in.handle = handle;
 	r.in.sid = newsid;
@@ -997,7 +1051,7 @@ static bool test_DeleteTrustedDomain(struct dcerpc_pipe *p,
 
 	status = dcerpc_lsa_OpenTrustedDomainByName(p, mem_ctx, &r);
 	if (!NT_STATUS_IS_OK(status)) {
-		printf("lsa_OpenTrustedDomainByName failed - %s\n", nt_errstr(status));
+		printf("OpenTrustedDomainByName failed - %s\n", nt_errstr(status));
 		return false;
 	}
 
@@ -1025,7 +1079,7 @@ static bool test_DeleteTrustedDomainBySid(struct dcerpc_pipe *p,
 
 	status = dcerpc_lsa_DeleteTrustedDomain(p, mem_ctx, &r);
 	if (!NT_STATUS_IS_OK(status)) {
-		printf("lsa_DeleteTrustedDomain failed - %s\n", nt_errstr(status));
+		printf("DeleteTrustedDomain failed - %s\n", nt_errstr(status));
 		return false;
 	}
 
@@ -1071,7 +1125,7 @@ static bool test_CreateSecret(struct dcerpc_pipe *p,
 	secname[GLOBAL] = talloc_asprintf(mem_ctx, "G$torturesecret-%u", (uint_t)random());
 
 	for (i=0; i< 2; i++) {
-		printf("Testing CreateSecret of %s\n", secname[i]);
+		printf("\nTesting CreateSecret of %s\n", secname[i]);
 		
 		init_lsa_String(&r.in.name, secname[i]);
 		
@@ -1383,7 +1437,7 @@ static bool test_EnumAccountRights(struct dcerpc_pipe *p,
 	struct lsa_EnumAccountRights r;
 	struct lsa_RightSet rights;
 
-	printf("Testing EnumAccountRights\n");
+	printf("\nTesting EnumAccountRights\n");
 
 	r.in.handle = acct_handle;
 	r.in.sid = sid;
@@ -1409,11 +1463,11 @@ static bool test_QuerySecurity(struct dcerpc_pipe *p,
 	struct lsa_QuerySecurity r;
 
 	if (torture_setting_bool(tctx, "samba4", false)) {
-		printf("skipping QuerySecurity test against Samba4\n");
+		printf("\nskipping QuerySecurity test against Samba4\n");
 		return true;
 	}
 
-	printf("Testing QuerySecurity\n");
+	printf("\nTesting QuerySecurity\n");
 
 	r.in.handle = acct_handle;
 	r.in.sec_info = 7;
@@ -1436,7 +1490,7 @@ static bool test_OpenAccount(struct dcerpc_pipe *p,
 	struct lsa_OpenAccount r;
 	struct policy_handle acct_handle;
 
-	printf("Testing OpenAccount\n");
+	printf("\nTesting OpenAccount\n");
 
 	r.in.handle = handle;
 	r.in.sid = sid;
@@ -1453,6 +1507,10 @@ static bool test_OpenAccount(struct dcerpc_pipe *p,
 		return false;
 	}
 
+	if (!test_GetSystemAccessAccount(p, mem_ctx, handle, &acct_handle)) {
+		return false;
+	}
+
 	if (!test_QuerySecurity(p, mem_ctx, handle, &acct_handle)) {
 		return false;
 	}
@@ -1471,7 +1529,7 @@ static bool test_EnumAccounts(struct dcerpc_pipe *p,
 	int i;
 	bool ret = true;
 
-	printf("\ntesting EnumAccounts\n");
+	printf("\nTesting EnumAccounts\n");
 
 	r.in.handle = handle;
 	r.in.resume_handle = &resume_handle;
@@ -1502,7 +1560,7 @@ static bool test_EnumAccounts(struct dcerpc_pipe *p,
 		 * be on schannel, or we would not be able to do the
 		 * rest */
 
-		printf("testing all accounts\n");
+		printf("Testing all accounts\n");
 		for (i=0;i<sids1.num_sids;i++) {
 			ret &= test_OpenAccount(p, mem_ctx, handle, sids1.sids[i].sid);
 			ret &= test_EnumAccountRights(p, mem_ctx, handle, sids1.sids[i].sid);
@@ -1514,7 +1572,7 @@ static bool test_EnumAccounts(struct dcerpc_pipe *p,
 		return ret;
 	}
 	
-	printf("trying EnumAccounts partial listing (asking for 1 at 2)\n");
+	printf("Trying EnumAccounts partial listing (asking for 1 at 2)\n");
 	resume_handle = 2;
 	r.in.num_entries = 1;
 	r.out.sids = &sids2;
@@ -1544,7 +1602,7 @@ static bool test_LookupPrivDisplayName(struct dcerpc_pipe *p,
 	   terminals */
 	uint16_t language_id = (random() % 4) + 0x409;
 
-	printf("testing LookupPrivDisplayName(%s)\n", priv_name->string);
+	printf("\nTesting LookupPrivDisplayName(%s)\n", priv_name->string);
 	
 	r.in.handle = handle;
 	r.in.name = priv_name;
@@ -1575,7 +1633,7 @@ static bool test_EnumAccountsWithUserRight(struct dcerpc_pipe *p,
 
 	ZERO_STRUCT(sids);
 	
-	printf("testing EnumAccountsWithUserRight(%s)\n", priv_name->string);
+	printf("\nTesting EnumAccountsWithUserRight(%s)\n", priv_name->string);
 	
 	r.in.handle = handle;
 	r.in.name = priv_name;
@@ -1608,7 +1666,7 @@ static bool test_EnumPrivs(struct dcerpc_pipe *p,
 	int i;
 	bool ret = true;
 
-	printf("\ntesting EnumPrivs\n");
+	printf("\nTesting EnumPrivs\n");
 
 	r.in.handle = handle;
 	r.in.resume_handle = &resume_handle;
@@ -1990,7 +2048,7 @@ static bool test_CreateTrustedDomain(struct dcerpc_pipe *p,
 	struct lsa_QueryTrustedDomainInfo q;
 	int i;
 
-	printf("Testing CreateTrustedDomain for 12 domains\n");
+	printf("\nTesting CreateTrustedDomain for 12 domains\n");
 
 	if (!test_EnumTrustDom(p, mem_ctx, handle)) {
 		ret = false;
@@ -2086,7 +2144,7 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p,
 	enum ndr_err_code ndr_err;
 	int i;
 
-	printf("Testing CreateTrustedDomainEx2 for 12 domains\n");
+	printf("\nTesting CreateTrustedDomainEx2 for 12 domains\n");
 
 	status = dcerpc_fetch_session_key(p, &session_key);
 	if (!NT_STATUS_IS_OK(status)) {
@@ -2127,7 +2185,7 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p,
 		ndr_err = ndr_push_struct_blob(&auth_blob, mem_ctx, lp_iconv_convenience(tctx->lp_ctx), &auth_struct,
 					       (ndr_push_flags_fn_t)ndr_push_trustAuthInAndOutBlob);
 		if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
-			printf("ndr_push_struct_blob of trustAuthInAndOutBlob structure failed");
+			printf("ndr_push_struct_blob of trustAuthInAndOutBlob structure failed\n");
 			ret = false;
 		}
 
@@ -2214,7 +2272,7 @@ static bool test_QueryDomainInfoPolicy(struct dcerpc_pipe *p,
 		r.in.handle = handle;
 		r.in.level = i;
 
-		printf("\ntrying QueryDomainInformationPolicy level %d\n", i);
+		printf("\nTrying QueryDomainInformationPolicy level %d\n", i);
 
 		status = dcerpc_lsa_QueryDomainInformationPolicy(p, tctx, &r);
 
@@ -2232,38 +2290,56 @@ static bool test_QueryDomainInfoPolicy(struct dcerpc_pipe *p,
 }
 
 
-static bool test_QueryInfoPolicy(struct dcerpc_pipe *p, 
-				 struct torture_context *tctx, 
-				 struct policy_handle *handle)
+static bool test_QueryInfoPolicyCalls(	bool version2,
+					struct dcerpc_pipe *p,
+					struct torture_context *tctx,
+					struct policy_handle *handle)
 {
 	struct lsa_QueryInfoPolicy r;
 	NTSTATUS status;
 	int i;
 	bool ret = true;
-	printf("\nTesting QueryInfoPolicy\n");
 
-	for (i=1;i<13;i++) {
+	if (version2)
+		printf("\nTesting QueryInfoPolicy2\n");
+	else
+		printf("\nTesting QueryInfoPolicy\n");
+
+	for (i=1;i<15;i++) {
 		r.in.handle = handle;
 		r.in.level = i;
 
-		printf("\ntrying QueryInfoPolicy level %d\n", i);
+		if (version2)
+			printf("\nTrying QueryInfoPolicy2 level %d\n", i);
+		else
+			printf("\nTrying QueryInfoPolicy level %d\n", i);
 
-		status = dcerpc_lsa_QueryInfoPolicy(p, tctx, &r);
+		if (version2)
+			/* We can perform the cast, because both types are
+			   structurally equal */
+			status = dcerpc_lsa_QueryInfoPolicy2(p, tctx,
+				 (struct lsa_QueryInfoPolicy2*) &r);
+		else
+			status = dcerpc_lsa_QueryInfoPolicy(p, tctx, &r);
 
 		switch (i) {
-		case LSA_POLICY_INFO_DB:
+		case LSA_POLICY_INFO_MOD:
 		case LSA_POLICY_INFO_AUDIT_FULL_SET:
-		case LSA_POLICY_INFO_AUDIT_FULL_QUERY:
 			if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
-				printf("server should have failed level %u: %s\n", i, nt_errstr(status));
+				printf("Server should have failed level %u: %s\n", i, nt_errstr(status));
 				ret = false;
 			}
 			break;
 		case LSA_POLICY_INFO_DOMAIN:
 		case LSA_POLICY_INFO_ACCOUNT_DOMAIN:
+		case LSA_POLICY_INFO_L_ACCOUNT_DOMAIN:
 		case LSA_POLICY_INFO_DNS:
+		case LSA_POLICY_INFO_DNS_INT:
 			if (!NT_STATUS_IS_OK(status)) {
-				printf("QueryInfoPolicy failed - %s\n", nt_errstr(status));
+				if (version2)
+					printf("QueryInfoPolicy2 failed - %s\n", nt_errstr(status));
+				else
+					printf("QueryInfoPolicy failed - %s\n", nt_errstr(status));
 				ret = false;
 			}
 			break;
@@ -2271,17 +2347,24 @@ static bool test_QueryInfoPolicy(struct dcerpc_pipe *p,
 			if (torture_setting_bool(tctx, "samba4", false)) {
 				/* Other levels not implemented yet */
 				if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_INFO_CLASS)) {
-					printf("QueryInfoPolicy failed - %s\n", nt_errstr(status));
+					if (version2)
+						printf("QueryInfoPolicy2 failed - %s\n", nt_errstr(status));
+					else
+						printf("QueryInfoPolicy failed - %s\n", nt_errstr(status));
 					ret = false;
 				}
 			} else if (!NT_STATUS_IS_OK(status)) {
-				printf("QueryInfoPolicy failed - %s\n", nt_errstr(status));
+				if (version2)
+					printf("QueryInfoPolicy2 failed - %s\n", nt_errstr(status));
+				else
+					printf("QueryInfoPolicy failed - %s\n", nt_errstr(status));
 				ret = false;
 			}
 			break;
 		}
 
-		if (NT_STATUS_IS_OK(status) && i == LSA_POLICY_INFO_DNS) {
+		if (NT_STATUS_IS_OK(status) && (i == LSA_POLICY_INFO_DNS
+			|| i == LSA_POLICY_INFO_DNS_INT)) {
 			/* Let's look up some of these names */
 
 			struct lsa_TransNameArray tnames;
@@ -2323,56 +2406,18 @@ static bool test_QueryInfoPolicy(struct dcerpc_pipe *p,
 	return ret;
 }
 
+static bool test_QueryInfoPolicy(struct dcerpc_pipe *p, 
+				 struct torture_context *tctx, 
+				 struct policy_handle *handle)
+{
+	return test_QueryInfoPolicyCalls(false, p, tctx, handle);
+}
+
 static bool test_QueryInfoPolicy2(struct dcerpc_pipe *p, 
 				  struct torture_context *tctx, 
 				  struct policy_handle *handle)
 {
-	struct lsa_QueryInfoPolicy2 r;
-	NTSTATUS status;
-	int i;
-	bool ret = true;
-	printf("\nTesting QueryInfoPolicy2\n");
-	for (i=1;i<13;i++) {
-		r.in.handle = handle;
-		r.in.level = i;
-
-		printf("\ntrying QueryInfoPolicy2 level %d\n", i);
-
-		status = dcerpc_lsa_QueryInfoPolicy2(p, tctx, &r);
-		
-		switch (i) {
-		case LSA_POLICY_INFO_DB:
-		case LSA_POLICY_INFO_AUDIT_FULL_SET:
-		case LSA_POLICY_INFO_AUDIT_FULL_QUERY:
-			if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
-				printf("server should have failed level %u: %s\n", i, nt_errstr(status));
-				ret = false;
-			}
-			break;
-		case LSA_POLICY_INFO_DOMAIN:
-		case LSA_POLICY_INFO_ACCOUNT_DOMAIN:
-		case LSA_POLICY_INFO_DNS:
-			if (!NT_STATUS_IS_OK(status)) {
-				printf("QueryInfoPolicy2 failed - %s\n", nt_errstr(status));
-				ret = false;
-			}
-			break;
-		default:
-			if (torture_setting_bool(tctx, "samba4", false)) {
-				/* Other levels not implemented yet */
-				if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_INFO_CLASS)) {
-					printf("QueryInfoPolicy2 failed - %s\n", nt_errstr(status));
-					ret = false;
-				}
-			} else if (!NT_STATUS_IS_OK(status)) {
-				printf("QueryInfoPolicy2 failed - %s\n", nt_errstr(status));
-				ret = false;
-			}
-			break;
-		}
-	}
-
-	return ret;
+	return test_QueryInfoPolicyCalls(true, p, tctx, handle);
 }
 
 static bool test_GetUserName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
@@ -2407,7 +2452,7 @@ bool test_lsa_Close(struct dcerpc_pipe *p,
 	struct lsa_Close r;
 	struct policy_handle handle2;
 
-	printf("\ntesting Close\n");
+	printf("\nTesting Close\n");
 
 	r.in.handle = handle;
 	r.out.handle = &handle2;