Merge from HEAD - get better error strings from the ldap server in pdb_ldap.

Andrew Bartlett

diff --git a/source/passdb/pdb_ldap.c b/source/passdb/pdb_ldap.c
index c8ae96344a52ec77196bb5804387fa7a35f6d24e..226c1fc171f5fbbd97e47e4124f7f77a9cbc816a 100644 (file)
--- a/source/passdb/pdb_ldap.c
+++ b/source/passdb/pdb_ldap.c
@@ -649,10 +649,14 @@ static int ldapsam_search_one_user (struct ldapsam_privates *ldap_state, const c
        rc = ldapsam_search(ldap_state, lp_ldap_suffix (), scope, filter, attr, 0, result);
 
        if (rc != LDAP_SUCCESS) {
-               DEBUG(0,("ldapsam_search_one_user: Problem during the LDAP search: %s\n", 
-                       ldap_err2string (rc)));
+               char *ld_error;
+               ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
+                               &ld_error);
+               DEBUG(0,("ldapsam_search_one_user: Problem during the LDAP search: %s (%s)\n", 
+                       ld_error, ldap_err2string (rc)));
                DEBUG(3,("ldapsam_search_one_user: Query was: %s, %s\n", lp_ldap_suffix(), 
                        filter));
+               SAFE_FREE(ld_error);
        }
        
        return rc;
@@ -914,8 +918,13 @@ static NTSTATUS ldapsam_delete_entry(struct ldapsam_privates *ldap_state,
        ldap_mods_free(mods, 1);
 
        if (rc != LDAP_SUCCESS) {
-               DEBUG(0, ("could not delete attributes for %s, error: %s\n",
-                         dn, ldap_err2string(rc)));
+               char *ld_error;
+               ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
+                               &ld_error);
+               
+               DEBUG(0, ("could not delete attributes for %s, error: %s (%s)\n",
+                         dn, ldap_err2string(rc), ld_error));
+               SAFE_FREE(ld_error);
                ldap_memfree(dn);
                return NT_STATUS_UNSUCCESSFUL;
        }
@@ -1999,9 +2008,13 @@ static NTSTATUS ldapsam_update_sam_account(struct pdb_methods *my_methods, SAM_A
        ret = ldapsam_modify_entry(my_methods,newpwd,dn,mods,LDAP_MOD_REPLACE, False);
        ldap_mods_free(mods,1);
 
-       if (NT_STATUS_IS_ERR(ret)) {
-               DEBUG(0,("failed to modify user with uid = %s\n",
-                                       pdb_get_username(newpwd)));
+       if (!NT_STATUS_IS_OK(ret)) {
+               char *ld_error;
+               ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
+                               &ld_error);
+               DEBUG(0,("failed to modify user with uid = %s, error: %s (%s)\n",
+                        pdb_get_username(newpwd), ld_error, ldap_err2string(rc)));
+               SAFE_FREE(ld_error);
                return ret;
        }
 
@@ -2159,11 +2172,15 @@ static int ldapsam_search_one_group (struct ldapsam_privates *ldap_state,
                            filter, group_attr, 0, result);
 
        if (rc != LDAP_SUCCESS) {
+               char *ld_error;
+               ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
+                               &ld_error);
                DEBUG(0, ("ldapsam_search_one_group: "
-                         "Problem during the LDAP search: %s\n",
-                         ldap_err2string(rc)));
+                         "Problem during the LDAP search: LDAP error: %s (%s)",
+                         ld_error, ldap_err2string(rc)));
                DEBUG(3, ("ldapsam_search_one_group: Query was: %s, %s\n",
                          lp_ldap_suffix(), filter));
+               SAFE_FREE(ld_error);
        }
 
        return rc;
@@ -2414,7 +2431,12 @@ static NTSTATUS ldapsam_add_group_mapping_entry(struct pdb_methods *methods,
        ldap_mods_free(mods, 1);
 
        if (rc != LDAP_SUCCESS) {
-               DEBUG(0, ("failed to modify group %i\n", map->gid));
+               char *ld_error;
+               ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
+                               &ld_error);
+               DEBUG(0, ("failed to add group %i error: %s (%s)\n", map->gid, 
+                         ld_error, ldap_err2string(rc)));
+               SAFE_FREE(ld_error);
                return NT_STATUS_UNSUCCESSFUL;
        }
 
@@ -2466,7 +2488,12 @@ static NTSTATUS ldapsam_update_group_mapping_entry(struct pdb_methods *methods,
        ldap_mods_free(mods, 1);
 
        if (rc != LDAP_SUCCESS) {
-               DEBUG(0, ("failed to modify group %i\n", map->gid));
+               char *ld_error;
+               ldap_get_option(ldap_state->ldap_struct, LDAP_OPT_ERROR_STRING,
+                               &ld_error);
+               DEBUG(0, ("failed to modify group %i error: %s (%s)\n", map->gid, 
+                         ld_error, ldap_err2string(rc)));
+               SAFE_FREE(ld_error);
        }
 
        DEBUG(2, ("successfully modified group %i in LDAP\n", map->gid));