summaryrefslogtreecommitdiffstats
path: root/ipa-client/ipa-join.c
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2011-07-06 10:30:24 -0400
committerRob Crittenden <rcritten@redhat.com>2011-07-19 20:41:54 -0400
commit02df85bb2e1e5142285b185803a118f4430dbe1f (patch)
treea79c8c28a1bc149fbc8d8834bdac2c8022152141 /ipa-client/ipa-join.c
parente8c7eaf260d4515b9e31e8423d143a1e13e840cb (diff)
downloadfreeipa-02df85bb2e1e5142285b185803a118f4430dbe1f.tar.gz
freeipa-02df85bb2e1e5142285b185803a118f4430dbe1f.tar.xz
freeipa-02df85bb2e1e5142285b185803a118f4430dbe1f.zip
Make ipa-client-install error messages more understandable and relevant.
* Check remote LDAP server to see if it is a V2 server * Replace numeric return values with alphanumeric constants * Display the error message from the ipa-enrollment extended op * Remove generic join failed error message when XML-RPC fails * Don't display Certificate subject base when enrollment fails * Return proper error message when LDAP bind fails https://fedorahosted.org/freeipa/ticket/1417
Diffstat (limited to 'ipa-client/ipa-join.c')
-rw-r--r--ipa-client/ipa-join.c24
1 files changed, 12 insertions, 12 deletions
diff --git a/ipa-client/ipa-join.c b/ipa-client/ipa-join.c
index 21c087b68..95f2939cd 100644
--- a/ipa-client/ipa-join.c
+++ b/ipa-client/ipa-join.c
@@ -475,15 +475,9 @@ join_ldap(const char *ipaserver, char *hostname, const char ** binddn, const cha
/* Now rebind as the host */
ld = connect_ldap(ipaserver, *binddn, bindpw);
if (!ld) {
- if (has_principal) {
- if (!quiet)
- fprintf(stderr, _("Host is already joined.\n"));
- rval = 13;
- } else {
- if (!quiet)
- fprintf(stderr, _("Incorrect password.\n"));
- rval = 15;
- }
+ if (!quiet)
+ fprintf(stderr, _("Incorrect password.\n"));
+ rval = 15;
goto done;
}
@@ -491,13 +485,19 @@ join_ldap(const char *ipaserver, char *hostname, const char ** binddn, const cha
valrequest.bv_len = strlen(hostname);
if ((rc = ldap_extended_operation_s(ld, JOIN_OID, &valrequest, NULL, NULL, &oidresult, &valresult)) != LDAP_SUCCESS) {
+ char *s = NULL;
+#ifdef LDAP_OPT_DIAGNOSTIC_MESSAGE
+ ldap_get_option(ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, &s);
+#else
+ ldap_get_option(ld, LDAP_OPT_ERROR_STRING, &s);
+#endif
if (!quiet)
- fprintf(stderr, _("principal not found in host entry\n"));
+ fprintf(stderr, _("Enrollment failed. %s\n"), s);
if (debug) {
fprintf(stderr, "ldap_extended_operation_s failed: %s",
ldap_err2string(rc));
}
- rval = 18;
+ rval = 13;
goto ldap_done;
}
@@ -1003,7 +1003,7 @@ join(const char *server, const char *hostname, const char *bindpw, const char *k
}
cleanup:
- if (NULL != subject && !quiet)
+ if (NULL != subject && !quiet && rval == 0)
fprintf(stderr, _("Certificate subject base is: %s\n"), subject);
free((char *)princ);