diff options
| author | Douglas Bagnall <douglas.bagnall@catalyst.net.nz> | 2022-08-19 10:12:07 +1200 |
|---|---|---|
| committer | Douglas Bagnall <dbagnall@samba.org> | 2022-09-06 21:12:36 +0000 |
| commit | 62fe118e99e6f0f2c9c09101ec0f79283a342171 (patch) | |
| tree | 7bed85d6327c19dd7367f249df9d5250c05a67c2 /python | |
| parent | c61e8cdefcae917f65ae83cfe89d6e284df6b687 (diff) | |
| download | samba-62fe118e99e6f0f2c9c09101ec0f79283a342171.tar.gz samba-62fe118e99e6f0f2c9c09101ec0f79283a342171.tar.bz2 samba-62fe118e99e6f0f2c9c09101ec0f79283a342171.zip | |
samba-tool: reduce repetitious jargon on credentials failure
We already print the following due to DBG_ERR()s:
cli_credentials_failed_kerberos_login: krb5_cc_get_principal failed: No such file or directory
Failed to bind - LDAP error 49 LDAP_INVALID_CREDENTIALS - <8009030C: LdapErr: DSID-0C0904DC, comment: AcceptSecurityContext error, data 52e, v1db1> <>
Failed to connect to 'ldap://10.53.57.30' with backend 'ldap': LDAP error 49 LDAP_INVALID_CREDENTIALS - <8009030C: LdapErr: DSID-0C0904DC, comment: AcceptSecurityContext error, data 52e, v1db1> <>
We don't *really* need to follow that with:
ERROR(ldb): LDAP connection to ldap://10.53.57.30 failed - LDAP error 49 LDAP_INVALID_CREDENTIALS - <8009030C: LdapErr: DSID-0C0904DC, comment: AcceptSecurityContext error, data 52e, v1db1> <>
rather we can say:
Bad username or password.
Also, we don't really need to print a traceback, which we seem to do
for some commands and not others.
Maybe *sometimes* "bad username or password" might be technically
incorrect (e.g. --simple-bind-dn), but in those cases the user is
already behaving strangely, and they will still see the
LDAP_INVALID_CREDENTIALS twice. Kerberos failures don't come this way.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9608
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'python')
| -rw-r--r-- | python/samba/netcmd/__init__.py | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/python/samba/netcmd/__init__.py b/python/samba/netcmd/__init__.py index eeb28964142..40b9b213f70 100644 --- a/python/samba/netcmd/__init__.py +++ b/python/samba/netcmd/__init__.py @@ -21,7 +21,7 @@ import samba from samba import colour from samba.getopt import SambaOption from samba.logger import get_samba_logger -from ldb import LdbError +from ldb import LdbError, ERR_INVALID_CREDENTIALS import sys import traceback import textwrap @@ -112,7 +112,11 @@ class Command(object): if isinstance(inner_exception, LdbError): (ldb_ecode, ldb_emsg) = inner_exception.args - self.errf.write("ERROR(ldb): %s - %s\n" % (message, ldb_emsg)) + if ldb_ecode == ERR_INVALID_CREDENTIALS: + print("Invalid username or password", file=self.errf) + force_traceback = False + else: + self.errf.write("ERROR(ldb): %s - %s\n" % (message, ldb_emsg)) elif isinstance(inner_exception, AssertionError): self.errf.write("ERROR(assert): %s\n" % message) force_traceback = True |