From 4f06be612369862d0005c68c3658c3ed18b7883d Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Tue, 10 Jan 2006 09:18:48 +0000
Subject: r12818: When denying an operation, include what we think the username
 is in the error message.

Andrew Bartlett
(This used to be commit 36c1f67f12d5ac83a7a205c0ec152a79c4a8ba4b)
---
 source4/dsdb/samdb/ldb_modules/kludge_acl.c | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

(limited to 'source4/dsdb/samdb/ldb_modules/kludge_acl.c')

diff --git a/source4/dsdb/samdb/ldb_modules/kludge_acl.c b/source4/dsdb/samdb/ldb_modules/kludge_acl.c
index 56b2d4b398..4153456aa1 100644
--- a/source4/dsdb/samdb/ldb_modules/kludge_acl.c
+++ b/source4/dsdb/samdb/ldb_modules/kludge_acl.c
@@ -79,6 +79,20 @@ static enum user_is what_is_user(struct ldb_module *module)
 	return ANONYMOUS;
 }
 
+static const char *user_name(TALLOC_CTX *mem_ctx, struct ldb_module *module) 
+{
+	struct auth_session_info *session_info
+		= ldb_get_opaque(module->ldb, "sessionInfo");
+	if (!session_info) {
+		return "UNKNOWN (NULL)";
+	}
+	
+	return talloc_asprintf(mem_ctx, "%s\\%s",
+			       session_info->server_info->domain_name,
+			       session_info->server_info->account_name);
+	return ANONYMOUS;
+}
+
 /* search */
 static int kludge_acl_search(struct ldb_module *module, struct ldb_request *req)
 {
@@ -123,7 +137,8 @@ static int kludge_acl_change(struct ldb_module *module, struct ldb_request *req)
 	default:
 		ldb_set_errstring(module, 
 				  talloc_asprintf(req, "kludge_acl_change: "
-						  "attempted database modify not permitted. User is not SYSTEM or an administrator"));
+						  "attempted database modify not permitted. User %s is not SYSTEM or an administrator",
+						  user_name(req, module)));
 		return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
 	}
 }
-- 
cgit