svn commit: samba r12818 - in branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules: .

abartlet at samba.org abartlet at samba.org
Tue Jan 10 09:18:49 GMT 2006


Author: abartlet
Date: 2006-01-10 09:18:48 +0000 (Tue, 10 Jan 2006)
New Revision: 12818

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=12818

Log:
When denying an operation, include what we think the username is in
the error message.

Andrew Bartlett

Modified:
   branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/kludge_acl.c


Changeset:
Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/kludge_acl.c
===================================================================
--- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/kludge_acl.c	2006-01-10 09:17:58 UTC (rev 12817)
+++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/kludge_acl.c	2006-01-10 09:18:48 UTC (rev 12818)
@@ -79,6 +79,20 @@
 	return ANONYMOUS;
 }
 
+static const char *user_name(TALLOC_CTX *mem_ctx, struct ldb_module *module) 
+{
+	struct auth_session_info *session_info
+		= ldb_get_opaque(module->ldb, "sessionInfo");
+	if (!session_info) {
+		return "UNKNOWN (NULL)";
+	}
+	
+	return talloc_asprintf(mem_ctx, "%s\\%s",
+			       session_info->server_info->domain_name,
+			       session_info->server_info->account_name);
+	return ANONYMOUS;
+}
+
 /* search */
 static int kludge_acl_search(struct ldb_module *module, struct ldb_request *req)
 {
@@ -123,7 +137,8 @@
 	default:
 		ldb_set_errstring(module, 
 				  talloc_asprintf(req, "kludge_acl_change: "
-						  "attempted database modify not permitted. User is not SYSTEM or an administrator"));
+						  "attempted database modify not permitted. User %s is not SYSTEM or an administrator",
+						  user_name(req, module)));
 		return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
 	}
 }



More information about the samba-cvs mailing list