From: Andrew Bartlett Date: Mon, 28 May 2018 22:39:39 +0000 (+1200) Subject: samldb: Add useful error string to explain why a group may not be deleted. X-Git-Tag: ldb-1.4.0~12 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=95a9dbd1febe9d2db9b900945fa1d7dc08f33058;p=thirdparty%2Fsamba.git samldb: Add useful error string to explain why a group may not be deleted. Signed-off-by: Andrew Bartlett Reviewed-by: Garming Sam --- diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index a46fd3735c8..f6fe6185aa4 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -3872,7 +3872,8 @@ static int samldb_prim_group_users_check(struct samldb_ctx *ac) uint32_t rid; NTSTATUS status; int ret; - struct ldb_result *res; + struct ldb_result *res = NULL; + struct ldb_result *res_users = NULL; const char * const attrs[] = { "objectSid", "isDeleted", NULL }; const char * const noattrs[] = { NULL }; @@ -3911,7 +3912,7 @@ static int samldb_prim_group_users_check(struct samldb_ctx *ac) } /* Deny delete requests from groups which are primary ones */ - ret = dsdb_module_search(ac->module, ac, &res, + ret = dsdb_module_search(ac->module, ac, &res_users, ldb_get_default_basedn(ldb), LDB_SCOPE_SUBTREE, noattrs, DSDB_FLAG_NEXT_MODULE, @@ -3920,7 +3921,14 @@ static int samldb_prim_group_users_check(struct samldb_ctx *ac) if (ret != LDB_SUCCESS) { return ret; } - if (res->count > 0) { + if (res_users->count > 0) { + ldb_asprintf_errstring(ldb_module_get_ctx(ac->module), + "Refusing to delete %s, as it " + "is still the primaryGroupID " + "for %u users", + ldb_dn_get_linearized(res->msgs[0]->dn), + res_users->count); + return LDB_ERR_ENTRY_ALREADY_EXISTS; }