From: David Mulder Date: Mon, 4 Apr 2022 16:42:40 +0000 (-0600) Subject: gpo: Improve Certificate Auto Enroll Debug messages X-Git-Tag: tevent-0.12.0~171 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=63bbdbae19dda6d28ecf8ce27addda728c7a028d;p=thirdparty%2Fsamba.git gpo: Improve Certificate Auto Enroll Debug messages Signed-off-by: David Mulder Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Apr 5 01:44:33 UTC 2022 on sn-devel-184 --- diff --git a/python/samba/gp_cert_auto_enroll_ext.py b/python/samba/gp_cert_auto_enroll_ext.py index 061d2c06c20..e5c2f2e4394 100644 --- a/python/samba/gp_cert_auto_enroll_ext.py +++ b/python/samba/gp_cert_auto_enroll_ext.py @@ -86,8 +86,8 @@ def get_supported_templates(server): env=env, stdout=PIPE, stderr=PIPE) out, err = p.communicate() if p.returncode != 0: - log.warn('Failed to fetch the list of supported templates.') - log.debug(err.decode()) + data = { 'Error': err.decode() } + log.error('Failed to fetch the list of supported templates.', data) return out.strip().split() return [] @@ -142,7 +142,8 @@ def cert_enroll(ca, trust_dir, private_dir): out, err = p.communicate() log.debug(out.decode()) if p.returncode != 0: - log.debug(err.decode()) + data = { 'Error': err.decode(), 'CA': ca['cn'][0] } + log.error('Failed to add Certificate Authority', data) supported_templates = get_supported_templates(ca['dNSHostName'][0]) for template, attrs in ca['certificateTemplates'].items(): if template not in supported_templates: @@ -158,7 +159,8 @@ def cert_enroll(ca, trust_dir, private_dir): out, err = p.communicate() log.debug(out.decode()) if p.returncode != 0: - log.debug(err.decode()) + data = { 'Error': err.decode(), 'Certificate': nickname } + log.error('Failed to request certificate', data) data['files'].extend([keyfile, certfile]) data['templates'].append(nickname) if update is not None: