diff options
author | Andrew Bartlett <abartlet@samba.org> | 2018-05-29 10:39:39 +1200 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2018-05-30 04:23:27 +0200 |
commit | 95a9dbd1febe9d2db9b900945fa1d7dc08f33058 (patch) | |
tree | 491130ca5d938908196e626692ec233264cb1adc /source4/dsdb/samdb/ldb_modules/samldb.c | |
parent | 642dd37d51d8fb69b04ec444a590550b1807a0d8 (diff) | |
download | samba-95a9dbd1febe9d2db9b900945fa1d7dc08f33058.tar.gz |
samldb: Add useful error string to explain why a group may not be deleted.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Diffstat (limited to 'source4/dsdb/samdb/ldb_modules/samldb.c')
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/samldb.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index a46fd3735c8..f6fe6185aa4 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -3872,7 +3872,8 @@ static int samldb_prim_group_users_check(struct samldb_ctx *ac) uint32_t rid; NTSTATUS status; int ret; - struct ldb_result *res; + struct ldb_result *res = NULL; + struct ldb_result *res_users = NULL; const char * const attrs[] = { "objectSid", "isDeleted", NULL }; const char * const noattrs[] = { NULL }; @@ -3911,7 +3912,7 @@ static int samldb_prim_group_users_check(struct samldb_ctx *ac) } /* Deny delete requests from groups which are primary ones */ - ret = dsdb_module_search(ac->module, ac, &res, + ret = dsdb_module_search(ac->module, ac, &res_users, ldb_get_default_basedn(ldb), LDB_SCOPE_SUBTREE, noattrs, DSDB_FLAG_NEXT_MODULE, @@ -3920,7 +3921,14 @@ static int samldb_prim_group_users_check(struct samldb_ctx *ac) if (ret != LDB_SUCCESS) { return ret; } - if (res->count > 0) { + if (res_users->count > 0) { + ldb_asprintf_errstring(ldb_module_get_ctx(ac->module), + "Refusing to delete %s, as it " + "is still the primaryGroupID " + "for %u users", + ldb_dn_get_linearized(res->msgs[0]->dn), + res_users->count); + return LDB_ERR_ENTRY_ALREADY_EXISTS; } |