From e080ae0faa2556825189f82fa61a7ff5f249dbc5 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 17 Jun 2011 13:47:14 +1000 Subject: s4-auth: quiet down the krb5 warnings when kerberos is not set to 'MUST' this prevents spurious error messages on client commands when when we will fallback to NTLM authentication Pair-Programmed-With: Andrew Bartlett --- source4/auth/credentials/credentials_krb5.c | 6 +++++- source4/auth/gensec/gensec.c | 2 +- 2 files changed, 6 insertions(+), 2 deletions(-) (limited to 'source4/auth') diff --git a/source4/auth/credentials/credentials_krb5.c b/source4/auth/credentials/credentials_krb5.c index 26fa8099ab..6670f434d9 100644 --- a/source4/auth/credentials/credentials_krb5.c +++ b/source4/auth/credentials/credentials_krb5.c @@ -482,7 +482,11 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred, ret = cli_credentials_get_ccache(cred, event_ctx, lp_ctx, &ccache, error_string); if (ret) { - DEBUG(1, ("Failed to get CCACHE for GSSAPI client: %s\n", error_message(ret))); + if (cli_credentials_get_kerberos_state(cred) == CRED_MUST_USE_KERBEROS) { + DEBUG(1, ("Failed to get kerberos credentials (kerberos required): %s\n", error_message(ret))); + } else { + DEBUG(4, ("Failed to get kerberos credentials: %s\n", error_message(ret))); + } return ret; } diff --git a/source4/auth/gensec/gensec.c b/source4/auth/gensec/gensec.c index b91e790d3c..7e6a83d51f 100644 --- a/source4/auth/gensec/gensec.c +++ b/source4/auth/gensec/gensec.c @@ -639,7 +639,7 @@ static NTSTATUS gensec_start_mech(struct gensec_security *gensec_security) if (gensec_security->ops->client_start) { status = gensec_security->ops->client_start(gensec_security); if (!NT_STATUS_IS_OK(status)) { - DEBUG(2, ("Failed to start GENSEC client mech %s: %s\n", + DEBUG(gensec_security->subcontext?4:2, ("Failed to start GENSEC client mech %s: %s\n", gensec_security->ops->name, nt_errstr(status))); } return status; -- cgit