r24987: Clarify error conditions in secrets handling, before I add ACLs to
authorAndrew Bartlett <abartlet@samba.org>
Fri, 7 Sep 2007 07:31:26 +0000 (07:31 +0000)
committerGerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 20:05:23 +0000 (15:05 -0500)
secrets.ldb

Andrew Bartlett
(This used to be commit 17a61bd5690f60d762b9c7171f1269fe1a311bab)

source4/rpc_server/lsa/dcesrv_lsa.c

index 531cfc49e57563aa05f989b75e9d23b7571837ac..326217e63fbebc7658f0d07cd0c262b04e129aab 100644 (file)
@@ -2301,7 +2301,7 @@ static NTSTATUS dcesrv_lsa_CreateSecret(struct dcesrv_call_state *dce_call, TALL
                DEBUG(0,("Failed to create secret record %s: %s\n",
                         ldb_dn_get_linearized(msg->dn), 
                         ldb_errstring(secret_state->sam_ldb)));
-               return NT_STATUS_INTERNAL_DB_CORRUPTION;
+               return NT_STATUS_ACCESS_DENIED;
        }
 
        handle = dcesrv_handle_new(dce_call->context, LSA_HANDLE_SECRET);
@@ -2398,8 +2398,8 @@ static NTSTATUS dcesrv_lsa_OpenSecret(struct dcesrv_call_state *dce_call, TALLOC
                }
                
                if (ret != 1) {
-                       DEBUG(0,("Found %d records matching DN %s\n", ret,
-                                ldb_dn_get_linearized(policy_state->system_dn)));
+                       DEBUG(0,("Found %d records matching CN=%s\n", 
+                                ret, ldb_binary_encode_string(mem_ctx, name)));
                        return NT_STATUS_INTERNAL_DB_CORRUPTION;
                }
        }