diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2012-01-31 12:53:30 +1100 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2012-02-17 10:48:09 +0100 |
| commit | 2f74f2f18056e83c396b196939bc8f89bd4d0702 (patch) | |
| tree | e2f0879065cb6fa61109f58ad6aa816865ae3472 | |
| parent | b0aa49e9a3238b6395be78c2de101f2b98387686 (diff) | |
| download | samba-2f74f2f18056e83c396b196939bc8f89bd4d0702.tar.gz samba-2f74f2f18056e83c396b196939bc8f89bd4d0702.tar.bz2 samba-2f74f2f18056e83c396b196939bc8f89bd4d0702.zip | |
s3-auth: Add extra error messages on authentication or authorization failure
Signed-off-by: Stefan Metzmacher <metze@samba.org>
| -rw-r--r-- | auth/ntlmssp/ntlmssp_server.c | 4 | ||||
| -rw-r--r-- | source3/auth/auth_ntlmssp.c | 16 | ||||
| -rw-r--r-- | source3/smbd/sesssetup.c | 3 |
3 files changed, 23 insertions, 0 deletions
diff --git a/auth/ntlmssp/ntlmssp_server.c b/auth/ntlmssp/ntlmssp_server.c index b190cf3ab7..1a498e8f74 100644 --- a/auth/ntlmssp/ntlmssp_server.c +++ b/auth/ntlmssp/ntlmssp_server.c @@ -568,6 +568,10 @@ NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state, &state->user_session_key, &state->lm_session_key); if (!NT_STATUS_IS_OK(nt_status)) { + DEBUG(5,("%s: Checking NTLMSSP password for %s\\%s failed: %s\n", + __location__, + ntlmssp_state->domain, ntlmssp_state->user, + nt_errstr(nt_status))); TALLOC_FREE(state); return nt_status; } diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c index 3e809a7a21..f0c96ab168 100644 --- a/source3/auth/auth_ntlmssp.c +++ b/source3/auth/auth_ntlmssp.c @@ -176,6 +176,13 @@ NTSTATUS auth3_check_password(struct auth4_context *auth4_context, nt_status = auth_context->check_ntlm_password(auth_context, mapped_user_info, &server_info); + if (!NT_STATUS_IS_OK(nt_status)) { + DEBUG(5,("Checking NTLMSSP password for %s\\%s failed: %s\n", + user_info->client.domain_name, + user_info->client.account_name, + nt_errstr(nt_status))); + } + username_was_mapped = mapped_user_info->was_mapped; free_user_info(&mapped_user_info); @@ -329,6 +336,15 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state, user_session_key, lm_session_key); } talloc_free(user_info); + + if (!NT_STATUS_IS_OK(nt_status)) { + DEBUG(5,("%s: Checking NTLMSSP password for %s\\%s failed: %s\n", + __location__, + user_info->client.domain_name, + user_info->client.account_name, + nt_errstr(nt_status))); + } + NT_STATUS_NOT_OK_RETURN(nt_status); talloc_steal(mem_ctx, user_session_key->data); diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 1741f4ff90..987b626d6b 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -257,6 +257,9 @@ static void reply_sesssetup_and_X_spnego(struct smb_request *req) talloc_tos(), &session_info); if (!NT_STATUS_IS_OK(status)) { + DEBUG(1,("Failed to generate session_info " + "(user and group token) for session setup: %s\n", + nt_errstr(status))); /* Kill the intermediate vuid */ data_blob_free(&out_blob); invalidate_vuid(sconn, vuid); |