From 63bbdbae19dda6d28ecf8ce27addda728c7a028d Mon Sep 17 00:00:00 2001 From: David Mulder Date: Mon, 4 Apr 2022 10:42:40 -0600 Subject: [PATCH] gpo: Improve Certificate Auto Enroll Debug messages Signed-off-by: David Mulder Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Apr 5 01:44:33 UTC 2022 on sn-devel-184 --- python/samba/gp_cert_auto_enroll_ext.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/python/samba/gp_cert_auto_enroll_ext.py b/python/samba/gp_cert_auto_enroll_ext.py index 061d2c06c20..e5c2f2e4394 100644 --- a/python/samba/gp_cert_auto_enroll_ext.py +++ b/python/samba/gp_cert_auto_enroll_ext.py @@ -86,8 +86,8 @@ def get_supported_templates(server): env=env, stdout=PIPE, stderr=PIPE) out, err = p.communicate() if p.returncode != 0: - log.warn('Failed to fetch the list of supported templates.') - log.debug(err.decode()) + data = { 'Error': err.decode() } + log.error('Failed to fetch the list of supported templates.', data) return out.strip().split() return [] @@ -142,7 +142,8 @@ def cert_enroll(ca, trust_dir, private_dir): out, err = p.communicate() log.debug(out.decode()) if p.returncode != 0: - log.debug(err.decode()) + data = { 'Error': err.decode(), 'CA': ca['cn'][0] } + log.error('Failed to add Certificate Authority', data) supported_templates = get_supported_templates(ca['dNSHostName'][0]) for template, attrs in ca['certificateTemplates'].items(): if template not in supported_templates: @@ -158,7 +159,8 @@ def cert_enroll(ca, trust_dir, private_dir): out, err = p.communicate() log.debug(out.decode()) if p.returncode != 0: - log.debug(err.decode()) + data = { 'Error': err.decode(), 'Certificate': nickname } + log.error('Failed to request certificate', data) data['files'].extend([keyfile, certfile]) data['templates'].append(nickname) if update is not None: