s4-auth Add DEBUG() for invalid DNs and errors expanding user groups.

[kai/samba.git] / source4 / auth / sam.c

diff --git a/source4/auth/sam.c b/source4/auth/sam.c
index c83a7d478f70b9d61f0ca84644cac8714c213be5..b98830a0a9fc1bfbe3466d4eab2de54882b7f000 100644 (file)
--- a/source4/auth/sam.c
+++ b/source4/auth/sam.c
@@ -319,6 +319,8 @@ NTSTATUS authsam_expand_nested_groups(struct ldb_context *sam_ctx,
        dn = ldb_dn_from_ldb_val(tmp_ctx, sam_ctx, dn_val);
        if (dn == NULL) {
                talloc_free(tmp_ctx);
+               DEBUG(0, (__location__ ": we failed parsing DN %*.*s, so we cannot calculate the group token\n",
+                         (int)dn_val->length, (int)dn_val->length, dn_val->data));
                return NT_STATUS_INTERNAL_DB_CORRUPTION;
        }
 
@@ -359,6 +361,9 @@ NTSTATUS authsam_expand_nested_groups(struct ldb_context *sam_ctx,
        }
 
        if (ret != LDB_SUCCESS) {
+               DEBUG(1, (__location__ ": dsdb_search for %s failed: %s\n",
+                         ldb_dn_get_extended_linearized(tmp_ctx, dn, 1),
+                         ldb_errstring(sam_ctx)));
                talloc_free(tmp_ctx);
                return NT_STATUS_INTERNAL_DB_CORRUPTION;
        }