s3:auth:check_sam_security: improve calling and logging of pdb_update_sam_account

[ira/wip.git] / source3 / auth / auth_sam.c

diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
index 7835b1818325708d4212bf65f65c13b956510b67..e7b9f2b019098299184b1db59e17b1edc5d733b7 100644 (file)
--- a/source3/auth/auth_sam.c
+++ b/source3/auth/auth_sam.c
@@ -365,10 +365,16 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
                                                      &updated_badpw);
                }
                if (updated_autolock || updated_badpw){
+                       NTSTATUS status;
+
                        become_root();
-                       if(!NT_STATUS_IS_OK(pdb_update_sam_account(sampass)))
-                               DEBUG(1, ("Failed to modify entry.\n"));
+                       status = pdb_update_sam_account(sampass);
                        unbecome_root();
+
+                       if (!NT_STATUS_IS_OK(status)) {
+                               DEBUG(1, ("Failed to modify entry: %s\n",
+                                         nt_errstr(status)));
+                       }
                }
                goto done;
        }
@@ -381,10 +387,16 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
        }
 
        if (updated_autolock || updated_badpw){
+               NTSTATUS status;
+
                become_root();
-               if(!NT_STATUS_IS_OK(pdb_update_sam_account(sampass)))
-                       DEBUG(1, ("Failed to modify entry.\n"));
+               status = pdb_update_sam_account(sampass);
                unbecome_root();
+
+               if (!NT_STATUS_IS_OK(status)) {
+                       DEBUG(1, ("Failed to modify entry: %s\n",
+                                 nt_errstr(status)));
+               }
        }
 
        nt_status = sam_account_ok(mem_ctx, sampass, user_info);