summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb
diff options
context:
space:
mode:
Diffstat (limited to 'source4/dsdb/samdb')
-rw-r--r--source4/dsdb/samdb/ldb_modules/update_keytab.c3
-rw-r--r--source4/dsdb/samdb/samdb.c4
2 files changed, 5 insertions, 2 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/update_keytab.c b/source4/dsdb/samdb/ldb_modules/update_keytab.c
index f08600ea32..620c047cd1 100644
--- a/source4/dsdb/samdb/ldb_modules/update_keytab.c
+++ b/source4/dsdb/samdb/ldb_modules/update_keytab.c
@@ -81,6 +81,7 @@ static int add_modified(struct ldb_module *module, struct ldb_dn *dn, bool do_de
struct update_kt_private *data = talloc_get_type(ldb_module_get_private(module), struct update_kt_private);
struct dn_list *item;
char *filter;
+ char *errstring;
struct ldb_result *res;
const char *attrs[] = { NULL };
int ret;
@@ -124,7 +125,7 @@ static int add_modified(struct ldb_module *module, struct ldb_dn *dn, bool do_de
}
cli_credentials_set_conf(item->creds, ldb_get_opaque(ldb, "loadparm"));
- status = cli_credentials_set_secrets(item->creds, ldb_get_event_context(ldb), ldb_get_opaque(ldb, "loadparm"), ldb, NULL, filter);
+ status = cli_credentials_set_secrets(item->creds, ldb_get_event_context(ldb), ldb_get_opaque(ldb, "loadparm"), ldb, NULL, filter, &errstring);
talloc_free(filter);
if (NT_STATUS_IS_OK(status)) {
if (do_delete) {
diff --git a/source4/dsdb/samdb/samdb.c b/source4/dsdb/samdb/samdb.c
index 0ccceddf6b..2232e436d2 100644
--- a/source4/dsdb/samdb/samdb.c
+++ b/source4/dsdb/samdb/samdb.c
@@ -86,6 +86,7 @@ struct cli_credentials *samdb_credentials(struct tevent_context *event_ctx,
{
static struct cli_credentials *static_credentials;
struct cli_credentials *cred;
+ char *error_string;
if (static_credentials) {
return static_credentials;
@@ -103,7 +104,8 @@ struct cli_credentials *samdb_credentials(struct tevent_context *event_ctx,
cli_credentials_set_kerberos_state(cred, CRED_DONT_USE_KERBEROS);
if (!NT_STATUS_IS_OK(cli_credentials_set_secrets(cred, event_ctx, lp_ctx, NULL, NULL,
- SECRETS_LDAP_FILTER))) {
+ SECRETS_LDAP_FILTER, &error_string))) {
+ DEBUG(5, ("(normal if no LDAP backend) %s", error_string));
/* Perfectly OK - if not against an LDAP backend */
talloc_free(cred);
return NULL;