From 8d751b02a5f4708a98e2ca0c41e7273d56bd9b06 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 28 Mar 2003 09:59:11 +0000 Subject: Try to get meaningful errors out of ldap more often - get the error string from the server, not just the error code translation. Andrew Bartlett (This used to be commit 92415441fdc0f7d7c8b338d4cd4bbbba5418f88e) --- source3/passdb/pdb_ldap.c | 49 ++++++++++++++++++++++++++++++++++++----------- 1 file changed, 38 insertions(+), 11 deletions(-) diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 33b27e5528..69a7d9a919 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -650,10 +650,14 @@ static int ldapsam_search_one_user (struct ldapsam_privates *ldap_state, const c rc = ldapsam_search(ldap_state, lp_ldap_suffix (), scope, filter, attr, 0, result); if (rc != LDAP_SUCCESS) { - DEBUG(0,("ldapsam_search_one_user: Problem during the LDAP search: %s\n", - ldap_err2string (rc))); + char *ld_error; + ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING, + &ld_error); + DEBUG(0,("ldapsam_search_one_user: Problem during the LDAP search: %s (%s)\n", + ld_error, ldap_err2string (rc))); DEBUG(3,("ldapsam_search_one_user: Query was: %s, %s\n", lp_ldap_suffix(), filter)); + SAFE_FREE(ld_error); } return rc; @@ -915,8 +919,13 @@ static NTSTATUS ldapsam_delete_entry(struct ldapsam_privates *ldap_state, ldap_mods_free(mods, 1); if (rc != LDAP_SUCCESS) { - DEBUG(0, ("could not delete attributes for %s, error: %s\n", - dn, ldap_err2string(rc))); + char *ld_error; + ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING, + &ld_error); + + DEBUG(0, ("could not delete attributes for %s, error: %s (%s)\n", + dn, ldap_err2string(rc), ld_error)); + SAFE_FREE(ld_error); ldap_memfree(dn); return NT_STATUS_UNSUCCESSFUL; } @@ -2000,9 +2009,13 @@ static NTSTATUS ldapsam_update_sam_account(struct pdb_methods *my_methods, SAM_A ret = ldapsam_modify_entry(my_methods,newpwd,dn,mods,LDAP_MOD_REPLACE, False); ldap_mods_free(mods,1); - if (NT_STATUS_IS_ERR(ret)) { - DEBUG(0,("failed to modify user with uid = %s\n", - pdb_get_username(newpwd))); + if (!NT_STATUS_IS_OK(ret)) { + char *ld_error; + ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING, + &ld_error); + DEBUG(0,("failed to modify user with uid = %s, error: %s (%s)\n", + pdb_get_username(newpwd), ld_error, ldap_err2string(rc))); + SAFE_FREE(ld_error); return ret; } @@ -2160,11 +2173,15 @@ static int ldapsam_search_one_group (struct ldapsam_privates *ldap_state, filter, group_attr, 0, result); if (rc != LDAP_SUCCESS) { + char *ld_error; + ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING, + &ld_error); DEBUG(0, ("ldapsam_search_one_group: " - "Problem during the LDAP search: %s\n", - ldap_err2string(rc))); + "Problem during the LDAP search: LDAP error: %s (%s)", + ld_error, ldap_err2string(rc))); DEBUG(3, ("ldapsam_search_one_group: Query was: %s, %s\n", lp_ldap_suffix(), filter)); + SAFE_FREE(ld_error); } return rc; @@ -2415,7 +2432,12 @@ static NTSTATUS ldapsam_add_group_mapping_entry(struct pdb_methods *methods, ldap_mods_free(mods, 1); if (rc != LDAP_SUCCESS) { - DEBUG(0, ("failed to modify group %i\n", map->gid)); + char *ld_error; + ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING, + &ld_error); + DEBUG(0, ("failed to add group %i error: %s (%s)\n", map->gid, + ld_error, ldap_err2string(rc))); + SAFE_FREE(ld_error); return NT_STATUS_UNSUCCESSFUL; } @@ -2467,7 +2489,12 @@ static NTSTATUS ldapsam_update_group_mapping_entry(struct pdb_methods *methods, ldap_mods_free(mods, 1); if (rc != LDAP_SUCCESS) { - DEBUG(0, ("failed to modify group %i\n", map->gid)); + char *ld_error; + ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING, + &ld_error); + DEBUG(0, ("failed to modify group %i error: %s (%s)\n", map->gid, + ld_error, ldap_err2string(rc))); + SAFE_FREE(ld_error); } DEBUG(2, ("successfully modified group %i in LDAP\n", map->gid)); -- cgit