Show why a LookupName fails (help debugging)
[samba.git] / source4 / rpc_server / lsa / dcesrv_lsa.c
index 4375088e1703c42a41fe2ef9ddd8e883ef23012a..4d381ea978c1077bbd87e35e2eee9cc6fe05c244 100644 (file)
@@ -644,9 +644,26 @@ static NTSTATUS dcesrv_lsa_CreateTrustedDomain(struct dcesrv_call_state *dce_cal
 
        /* create the trusted_domain */
        ret = ldb_add(trusted_domain_state->policy->sam_ldb, msg);
 
        /* create the trusted_domain */
        ret = ldb_add(trusted_domain_state->policy->sam_ldb, msg);
-       if (ret != LDB_SUCCESS) {
-               DEBUG(0,("Failed to create trusted_domain record %s: %s\n",
-                        ldb_dn_get_linearized(msg->dn), ldb_errstring(trusted_domain_state->policy->sam_ldb)));
+       switch (ret) {
+       case  LDB_SUCCESS:
+               break;
+       case  LDB_ERR_ENTRY_ALREADY_EXISTS:
+               ldb_transaction_cancel(trusted_domain_state->policy->sam_ldb);
+               DEBUG(0,("Failed to create trusted domain record %s: %s\n",
+                        ldb_dn_get_linearized(msg->dn),
+                        ldb_errstring(trusted_domain_state->policy->sam_ldb)));
+               return NT_STATUS_DOMAIN_EXISTS;
+       case  LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS:
+               ldb_transaction_cancel(trusted_domain_state->policy->sam_ldb);
+               DEBUG(0,("Failed to create trusted domain record %s: %s\n",
+                        ldb_dn_get_linearized(msg->dn),
+                        ldb_errstring(trusted_domain_state->policy->sam_ldb)));
+               return NT_STATUS_ACCESS_DENIED;
+       default:
+               ldb_transaction_cancel(trusted_domain_state->policy->sam_ldb);
+               DEBUG(0,("Failed to create user record %s: %s\n",
+                        ldb_dn_get_linearized(msg->dn),
+                        ldb_errstring(trusted_domain_state->policy->sam_ldb)));
                return NT_STATUS_INTERNAL_DB_CORRUPTION;
        }
 
                return NT_STATUS_INTERNAL_DB_CORRUPTION;
        }