From 4f06be612369862d0005c68c3658c3ed18b7883d Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 10 Jan 2006 09:18:48 +0000 Subject: r12818: When denying an operation, include what we think the username is in the error message. Andrew Bartlett (This used to be commit 36c1f67f12d5ac83a7a205c0ec152a79c4a8ba4b) --- source4/dsdb/samdb/ldb_modules/kludge_acl.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/source4/dsdb/samdb/ldb_modules/kludge_acl.c b/source4/dsdb/samdb/ldb_modules/kludge_acl.c index 56b2d4b398..4153456aa1 100644 --- a/source4/dsdb/samdb/ldb_modules/kludge_acl.c +++ b/source4/dsdb/samdb/ldb_modules/kludge_acl.c @@ -79,6 +79,20 @@ static enum user_is what_is_user(struct ldb_module *module) return ANONYMOUS; } +static const char *user_name(TALLOC_CTX *mem_ctx, struct ldb_module *module) +{ + struct auth_session_info *session_info + = ldb_get_opaque(module->ldb, "sessionInfo"); + if (!session_info) { + return "UNKNOWN (NULL)"; + } + + return talloc_asprintf(mem_ctx, "%s\\%s", + session_info->server_info->domain_name, + session_info->server_info->account_name); + return ANONYMOUS; +} + /* search */ static int kludge_acl_search(struct ldb_module *module, struct ldb_request *req) { @@ -123,7 +137,8 @@ static int kludge_acl_change(struct ldb_module *module, struct ldb_request *req) default: ldb_set_errstring(module, talloc_asprintf(req, "kludge_acl_change: " - "attempted database modify not permitted. User is not SYSTEM or an administrator")); + "attempted database modify not permitted. User %s is not SYSTEM or an administrator", + user_name(req, module))); return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS; } } -- cgit