summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb/ldb_modules
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2006-01-10 09:18:48 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:50:01 -0500
commit4f06be612369862d0005c68c3658c3ed18b7883d (patch)
treebd416700aef7e02a15ba67cf4d4df43a8d236ac8 /source4/dsdb/samdb/ldb_modules
parent4222bee0ee079079da78f3d43a99a9427d732316 (diff)
downloadsamba-4f06be612369862d0005c68c3658c3ed18b7883d.tar.gz
samba-4f06be612369862d0005c68c3658c3ed18b7883d.tar.bz2
samba-4f06be612369862d0005c68c3658c3ed18b7883d.zip
r12818: When denying an operation, include what we think the username is in
the error message. Andrew Bartlett (This used to be commit 36c1f67f12d5ac83a7a205c0ec152a79c4a8ba4b)
Diffstat (limited to 'source4/dsdb/samdb/ldb_modules')
-rw-r--r--source4/dsdb/samdb/ldb_modules/kludge_acl.c17
1 files changed, 16 insertions, 1 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/kludge_acl.c b/source4/dsdb/samdb/ldb_modules/kludge_acl.c
index 56b2d4b398..4153456aa1 100644
--- a/source4/dsdb/samdb/ldb_modules/kludge_acl.c
+++ b/source4/dsdb/samdb/ldb_modules/kludge_acl.c
@@ -79,6 +79,20 @@ static enum user_is what_is_user(struct ldb_module *module)
return ANONYMOUS;
}
+static const char *user_name(TALLOC_CTX *mem_ctx, struct ldb_module *module)
+{
+ struct auth_session_info *session_info
+ = ldb_get_opaque(module->ldb, "sessionInfo");
+ if (!session_info) {
+ return "UNKNOWN (NULL)";
+ }
+
+ return talloc_asprintf(mem_ctx, "%s\\%s",
+ session_info->server_info->domain_name,
+ session_info->server_info->account_name);
+ return ANONYMOUS;
+}
+
/* search */
static int kludge_acl_search(struct ldb_module *module, struct ldb_request *req)
{
@@ -123,7 +137,8 @@ static int kludge_acl_change(struct ldb_module *module, struct ldb_request *req)
default:
ldb_set_errstring(module,
talloc_asprintf(req, "kludge_acl_change: "
- "attempted database modify not permitted. User is not SYSTEM or an administrator"));
+ "attempted database modify not permitted. User %s is not SYSTEM or an administrator",
+ user_name(req, module)));
return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
}
}