From e080ae0faa2556825189f82fa61a7ff5f249dbc5 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Fri, 17 Jun 2011 13:47:14 +1000
Subject: s4-auth: quiet down the krb5 warnings when kerberos is not set to
 'MUST'

this prevents spurious error messages on client commands when when we
will fallback to NTLM authentication

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
---
 source4/auth/credentials/credentials_krb5.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'source4/auth/credentials')

diff --git a/source4/auth/credentials/credentials_krb5.c b/source4/auth/credentials/credentials_krb5.c
index 26fa8099ab..6670f434d9 100644
--- a/source4/auth/credentials/credentials_krb5.c
+++ b/source4/auth/credentials/credentials_krb5.c
@@ -482,7 +482,11 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
 	ret = cli_credentials_get_ccache(cred, event_ctx, lp_ctx,
 					 &ccache, error_string);
 	if (ret) {
-		DEBUG(1, ("Failed to get CCACHE for GSSAPI client: %s\n", error_message(ret)));
+		if (cli_credentials_get_kerberos_state(cred) == CRED_MUST_USE_KERBEROS) {
+			DEBUG(1, ("Failed to get kerberos credentials (kerberos required): %s\n", error_message(ret)));
+		} else {
+			DEBUG(4, ("Failed to get kerberos credentials: %s\n", error_message(ret)));
+		}
 		return ret;
 	}
 
-- 
cgit