s4-drsuapi: Call security_token_debug() with DBGC_DRS_REPL and a proper log level

Selftest logs are full of calls to security_token_debug() with no context
and this is never a log level 0 event, so tidy it up.

The RODC would trigger this each time there is an attempted preload
of a user in the Denied RODC replication group.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

diff --git a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
index 250b4c74c760a1eb0622df3f5992b659d5c5f9ea..eac96a3aa12c71f2adcbc387f1dda25134128624 100644 (file)
--- a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
+++ b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
@@ -1018,7 +1018,8 @@ static WERROR dcesrv_drsuapi_DsReplicaGetInfo(struct dcesrv_call_state *dce_call
                level = security_session_user_level(dce_call->conn->auth_state.session_info, NULL);
                if (level < SECURITY_DOMAIN_CONTROLLER) {
                        DEBUG(1,(__location__ ": Administrator access required for DsReplicaGetInfo\n"));
-                       security_token_debug(0, 2, dce_call->conn->auth_state.session_info->security_token);
+                       security_token_debug(DBGC_DRS_REPL, 2,
+                                            dce_call->conn->auth_state.session_info->security_token);
                        return WERR_DS_DRA_ACCESS_DENIED;
                }
        }

diff --git a/source4/rpc_server/drsuapi/drsutil.c b/source4/rpc_server/drsuapi/drsutil.c
index 53bcb16bd8e4993fef7f0e7a28d17c8908c460f6..6fe254ac96c11ba92b054e56469bdf65c83f73b4 100644 (file)
--- a/source4/rpc_server/drsuapi/drsutil.c
+++ b/source4/rpc_server/drsuapi/drsutil.c
@@ -107,7 +107,7 @@ WERROR drs_security_level_check(struct dcesrv_call_state *dce_call,
                if (call) {
                        DEBUG(0,("%s refused for security token (level=%u)\n",
                                 call, (unsigned)level));
-                       security_token_debug(0, 2, dce_call->conn->auth_state.session_info->security_token);
+                       security_token_debug(DBGC_DRS_REPL, 2, dce_call->conn->auth_state.session_info->security_token);
                }
                return WERR_DS_DRA_ACCESS_DENIED;
        }
@@ -170,7 +170,7 @@ static WERROR drs_security_access_check_log(struct ldb_context *sam_ctx,
        if (ret == LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS) {
                DEBUG(3,("%s refused for security token on %s\n",
                         ext_right, ldb_dn_get_linearized(dn)));
-               security_token_debug(2, 0, token);
+               security_token_debug(DBGC_DRS_REPL, 3, token);
                return WERR_DS_DRA_ACCESS_DENIED;
        } else if (ret != LDB_SUCCESS) {
                DEBUG(1,("Failed to perform access check on %s: %s\n", ldb_dn_get_linearized(dn), ldb_strerror(ret)));