another patches for net_ads.c

Michael Adam ma at sernet.de
Thu Aug 3 14:31:33 GMT 2006 

Hi,

I am working on an enhanced error reporting of the
net-utility, especially the "net ads join" portion.

As a first step I changed all the DEBUG calls in
utils/net_ads.c into d_printf calls, since my feeling
was that the stuff that is output from the commandline
utility directly should not be clobbered with the
debug headers. (And the code in net_ads.c is not
used elsewhere in samba.) I use a macro (in a possibly
slightly clumsy manner) to obey the debug levels.

Any opinions about this?

I also changed the error code returned by
libads/ldap.c:ads_connect if no dc was found in a more
appropriate one (the old one resulted in a "no such
file or directory" message).

You can find these changes in the attached patch against
SAMBA_3_0.

As a next step, I am thinking about a way to hand 
the reason for the failure of the domain join action
down to the net_ads_join code, so that a meaningful
message can be printed at the end. To me, the most obvious,
easy and ugly method for this would be the use of some 
global variable.

Regards, Michael

-------------- next part --------------
Index: libads/ldap.c
===================================================================
--- libads/ldap.c	(revision 17383)
+++ libads/ldap.c	(working copy)
@@ -282,7 +282,7 @@
 		goto got_connection;
 	}
 
-	return ADS_ERROR_SYSTEM(errno?errno:ENOENT);
+	return ADS_ERROR_NT(NT_STATUS_NO_LOGON_SERVERS);
 
 got_connection:
 	DEBUG(3,("Connected to LDAP server %s\n", inet_ntoa(ads->ldap_ip)));
Index: utils/net_ads.c
===================================================================
--- utils/net_ads.c	(revision 17383)
+++ utils/net_ads.c	(working copy)
@@ -24,6 +24,19 @@
 #include "includes.h"
 #include "utils/net.h"
 
+/* 
+ * This (slightly hacky?!) macro is used for replacing DEBUG calls
+ * by d_printf calls, obeying debug levels. 
+ */
+#define CHECKDEBUG(level) ( \
+	((level) <= MAX_DEBUG_LEVEL) && \
+	( \
+	  (DEBUGLEVEL_CLASS[ DBGC_CLASS ] >= (level)) \
+	  ||  \
+          (!DEBUGLEVEL_CLASS_ISSET[ DBGC_CLASS ] && \
+            DEBUGLEVEL_CLASS[ DBGC_ALL   ] >= (level))  \
+	) )
+
 #ifdef HAVE_ADS
 
 int net_ads_usage(int argc, const char **argv)
@@ -278,7 +291,7 @@
 			second_time = True;
 			goto retry;
 		} else {
-			DEBUG(0,("ads_connect: %s\n", ads_errstr(status)));
+			d_printf("%s.\n", ads_errstr(status));
 			ads_destroy(&ads);
 			return NULL;
 		}
@@ -542,7 +555,7 @@
 
 	rc = ads_find_user_acct(ads, &res, argv[0]);
 	if (!ADS_ERR_OK(rc)) {
-		DEBUG(0, ("User %s does not exist\n", argv[0]));
+		d_printf("User %s does not exist.\n", argv[0]);
 		ads_destroy(&ads);
 		return -1;
 	}
@@ -668,7 +681,7 @@
 
 	rc = ads_find_user_acct(ads, &res, argv[0]);
 	if (!ADS_ERR_OK(rc)) {
-		DEBUG(0, ("Group %s does not exist\n", argv[0]));
+		d_printf("Group %s does not exist.\n", argv[0]);
 		ads_destroy(&ads);
 		return -1;
 	}
@@ -764,12 +777,14 @@
 	DOM_SID *dom_sid = NULL;
 
 	if (!secrets_init()) {
-		DEBUG(1,("Failed to initialise secrets database\n"));
+		if (CHECKDEBUG(1)) {
+			d_printf("Failed to initialise secrets database.\n");
+		}
 		return -1;
 	}
 
 	if (!(ctx = talloc_init("net_ads_leave"))) {
-		DEBUG(0, ("Could not initialise talloc context\n"));
+		d_printf("Could not initialise talloc context.\n");
 		return -1;
 	}
 
@@ -820,7 +835,9 @@
 	ADS_STRUCT *ads = NULL;
 
 	if (!secrets_init()) {
-		DEBUG(1,("Failed to initialise secrets database\n"));
+		if (CHECKDEBUG(1)) {
+			d_printf("Failed to initialise secrets database.\n");
+		}
 		return -1;
 	}
 
@@ -876,7 +893,9 @@
 	}
 
 	if (!secrets_init()) {
-		DEBUG(1,("Failed to initialise secrets database\n"));
+		if (CHECKDEBUG(1)) {
+			d_printf("Failed to initialise secrets database.\n");
+		}
 		return -1;
 	}
 	
@@ -944,12 +963,16 @@
 		return status;
 		
 	if ( (count = ads_count_replies(ads_s, res)) != 1 ) {
-		DEBUG(1,("net_set_machine_spn: %d entries returned!\n", count));
+		if (CHECKDEBUG(1)) {
+			d_printf("net_set_machine_spn: %d entries returned!\n", count);
+		}
 		return ADS_ERROR(LDAP_NO_MEMORY);	
 	}
 	
 	if ( (dn_string = ads_get_dn(ads_s, res)) == NULL ) {
-		DEBUG(1, ("ads_add_machine_acct: ads_get_dn returned NULL (malloc failure?)\n"));
+		if (CHECKDEBUG(1)) {
+			d_printf("ads_add_machine_acct: ads_get_dn returned NULL (malloc failure?)\n");
+		}
 		goto done;
 	}
 	
@@ -1014,12 +1037,16 @@
 		return status;
 		
 	if ( (count = ads_count_replies(ads_s, res)) != 1 ) {
-		DEBUG(1,("net_set_machine_spn: %d entries returned!\n", count));
+		if (CHECKDEBUG(1)) {
+			d_printf("net_set_machine_spn: %d entries returned!\n", count);
+		}
 		return ADS_ERROR(LDAP_NO_MEMORY);	
 	}
 	
 	if ( (dn_string = ads_get_dn(ads_s, res)) == NULL ) {
-		DEBUG(1, ("ads_add_machine_acct: ads_get_dn returned NULL (malloc failure?)\n"));
+		if (CHECKDEBUG(1)) {
+			d_printf("ads_add_machine_acct: ads_get_dn returned NULL (malloc failure?)\n");
+		}
 		goto done;
 	}
 	
@@ -1093,14 +1120,16 @@
 
 	status = ads_domain_func_level( ads, &domain_func );
 	if ( !ADS_ERR_OK(status) ) {
-		DEBUG(2,("Failed to determine domain functional level!\n"));
+		if (CHECKDEBUG(2)) {
+			d_printf("Failed to determine domain functional level!\n");
+		}
 		return False;
 	}
 
 	/* go ahead and setup the default salt */
 
 	if ( (std_salt = kerberos_standard_des_salt()) == NULL ) {
-		DEBUG(0,("net_derive_salting_principal: failed to obtain stanard DES salt\n"));
+		d_printf("net_derive_salting_principal: failed to obtain stanard DES salt\n");
 		return False;
 	}
 
@@ -1119,7 +1148,9 @@
 		}
 		
 		if ( (count = ads_count_replies(ads, res)) != 1 ) {
-			DEBUG(1,("net_set_machine_spn: %d entries returned!\n", count));
+			if (CHECKDEBUG(1)) {
+				d_printf("net_set_machine_spn: %d entries returned!\n", count);
+			}
 			return False;
 		}
 		
@@ -1199,7 +1230,7 @@
 	}
 
 	if (!(ctx = talloc_init("net_ads_join"))) {
-		DEBUG(0, ("Could not initialise talloc context\n"));
+		d_printf("Could not initialise talloc context.\n");
 		goto fail;
 	}
 
@@ -1240,7 +1271,10 @@
 	password = talloc_strdup(ctx, tmp_password);
 	
 	if ( net_join_domain( ctx, ads->config.ldap_server_name, &ads->ldap_ip, &domain_sid, password ) != 0 ) {
-		d_fprintf(stderr, "Failed to join domain!\n");
+		if (CHECKDEBUG(1)) {
+			/* There should be more detailed output here... */
+			d_printf("net_join_domain call failed.\n");
+		}
 		goto fail;
 	}
 	
@@ -1307,7 +1341,9 @@
 	}
 
 	if ( !net_derive_salting_principal( ctx, ads ) ) {
-		DEBUG(1,("Failed to determine salting principal\n"));
+		if (CHECKDEBUG(1)) {
+			d_printf("Failed to determine salting principal\n");
+		}
 		goto fail;
 	}
 
@@ -1329,7 +1365,9 @@
 
 	/* Now build the keytab, using the same ADS connection */
 	if (lp_use_kerberos_keytab() && ads_keytab_create_default(ads)) {
-		DEBUG(1,("Error creating host keytab!\n"));
+		if (CHECKDEBUG(1)) {
+			d_printf("Error creating host keytab!\n");
+		}
 	}
 
 	d_printf("Joined '%s' to realm '%s'\n", global_myname(), ads->config.realm);
@@ -1341,6 +1379,7 @@
 	return 0;
 
 fail:
+	d_fprintf(stderr, "Failed to join domain!\n");
 	ads_destroy(&ads);
 	return -1;
 }
@@ -1688,7 +1727,9 @@
 	ADS_STATUS ret;
 
 	if (!secrets_init()) {
-		DEBUG(1,("Failed to initialise secrets database\n"));
+		if (CHECKDEBUG(1)) {
+			d_printf("Failed to initialise secrets database\n");
+		}
 		return -1;
 	}

More information about the samba-technical mailing list