summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2006-11-25 18:57:47 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:28:33 -0500
commit304653e05279891ad70d6ace88d04df6dfa3102c (patch)
treecf817ae97f69b7f8ff2eb02e59ca97c8038d019a
parenteee64196a3b6433606a436bba3ab36896fdada18 (diff)
downloadsamba-304653e05279891ad70d6ace88d04df6dfa3102c.tar.gz
samba-304653e05279891ad70d6ace88d04df6dfa3102c.tar.bz2
samba-304653e05279891ad70d6ace88d04df6dfa3102c.zip
r19902: give better errors...
metze (This used to be commit b4d7d49c276a4ec0bcf7971909e74e10476e9ca3)
-rw-r--r--source4/rpc_server/samr/dcesrv_samr.c35
1 files changed, 32 insertions, 3 deletions
diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index ae8089b051..7fba9099bd 100644
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -944,9 +944,24 @@ static NTSTATUS samr_CreateDomainGroup(struct dcesrv_call_state *dce_call, TALLO
/* create the group */
ret = samdb_add(d_state->sam_ctx, mem_ctx, msg);
- if (ret != 0) {
- DEBUG(0,("Failed to create group record %s\n",
- ldb_dn_get_linearized(msg->dn)));
+ switch (ret) {
+ case LDB_SUCCESS:
+ break;
+ case LDB_ERR_ENTRY_ALREADY_EXISTS:
+ ldb_transaction_cancel(d_state->sam_ctx);
+ DEBUG(0,("Failed to create group record %s: %s\n",
+ ldb_dn_get_linearized(msg->dn),
+ ldb_errstring(d_state->sam_ctx)));
+ return NT_STATUS_GROUP_EXISTS;
+ case LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS:
+ DEBUG(0,("Failed to create group record %s: %s\n",
+ ldb_dn_get_linearized(msg->dn),
+ ldb_errstring(d_state->sam_ctx)));
+ return NT_STATUS_ACCESS_DENIED;
+ default:
+ DEBUG(0,("Failed to create group record %s: %s\n",
+ ldb_dn_get_linearized(msg->dn),
+ ldb_errstring(d_state->sam_ctx)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
@@ -1219,6 +1234,12 @@ static NTSTATUS samr_CreateUser2(struct dcesrv_call_state *dce_call, TALLOC_CTX
ldb_dn_get_linearized(msg->dn),
ldb_errstring(d_state->sam_ctx)));
return NT_STATUS_USER_EXISTS;
+ case LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS:
+ ldb_transaction_cancel(d_state->sam_ctx);
+ DEBUG(0,("Failed to create user record %s: %s\n",
+ ldb_dn_get_linearized(msg->dn),
+ ldb_errstring(d_state->sam_ctx)));
+ return NT_STATUS_ACCESS_DENIED;
default:
ldb_transaction_cancel(d_state->sam_ctx);
DEBUG(0,("Failed to create user record %s: %s\n",
@@ -1250,6 +1271,8 @@ static NTSTATUS samr_CreateUser2(struct dcesrv_call_state *dce_call, TALLOC_CTX
sid = samdb_result_dom_sid(mem_ctx, msgs[0], "objectSid");
if (sid == NULL) {
ldb_transaction_cancel(d_state->sam_ctx);
+ DEBUG(0,("Apparently we failed to get the objectSid of the just created account record %s\n",
+ ldb_dn_get_linearized(msg->dn)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
@@ -1482,6 +1505,8 @@ static NTSTATUS samr_CreateDomAlias(struct dcesrv_call_state *dce_call, TALLOC_C
break;
case LDB_ERR_ENTRY_ALREADY_EXISTS:
return NT_STATUS_ALIAS_EXISTS;
+ case LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS:
+ return NT_STATUS_ACCESS_DENIED;
default:
DEBUG(0,("Failed to create alias record %s: %s\n",
ldb_dn_get_linearized(msg->dn),
@@ -2124,6 +2149,8 @@ static NTSTATUS samr_AddGroupMember(struct dcesrv_call_state *dce_call, TALLOC_C
return NT_STATUS_OK;
case LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS:
return NT_STATUS_MEMBER_IN_GROUP;
+ case LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS:
+ return NT_STATUS_ACCESS_DENIED;
default:
return NT_STATUS_UNSUCCESSFUL;
}
@@ -2228,6 +2255,8 @@ static NTSTATUS samr_DeleteGroupMember(struct dcesrv_call_state *dce_call, TALLO
return NT_STATUS_OK;
case LDB_ERR_NO_SUCH_ATTRIBUTE:
return NT_STATUS_MEMBER_NOT_IN_GROUP;
+ case LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS:
+ return NT_STATUS_ACCESS_DENIED;
default:
return NT_STATUS_UNSUCCESSFUL;
}