[gnome-initial-setup] accounts: When enterprise account disabled, join as admin
- From: Stefan Walter <stefw src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-initial-setup] accounts: When enterprise account disabled, join as admin
- Date: Sun, 26 May 2013 18:39:52 +0000 (UTC)
commit ed7af423ddb855d3b5878d6bea546d82f3156d02
Author: Stef Walter <stefw redhat com>
Date: Sat May 25 07:30:26 2013 +0200
accounts: When enterprise account disabled, join as admin
When an enterprise login user account is disabled, or needs to have
its password change, just prompt for the administrator to do the join
to the domain. This is exactly the same fall through as if the user
does not have permission to join a machine to a domain.
https://bugzilla.gnome.org/show_bug.cgi?id=699293
https://bugzilla.gnome.org/show_bug.cgi?id=700996
.../pages/account/gis-account-page.c | 15 +++++++++++++--
.../pages/account/um-realm-manager.c | 13 ++++++++++---
.../pages/account/um-realm-manager.h | 1 +
3 files changed, 24 insertions(+), 5 deletions(-)
---
diff --git a/gnome-initial-setup/pages/account/gis-account-page.c
b/gnome-initial-setup/pages/account/gis-account-page.c
index f3e829d..32e5247 100644
--- a/gnome-initial-setup/pages/account/gis-account-page.c
+++ b/gnome-initial-setup/pages/account/gis-account-page.c
@@ -637,9 +637,19 @@ on_realm_login (GObject *source,
GisAccountPage *page = user_data;
UmRealmObject *realm = UM_REALM_OBJECT (source);
GError *error = NULL;
- GBytes *creds;
+ GBytes *creds = NULL;
um_realm_login_finish (result, &creds, &error);
+
+ /*
+ * User login is valid, but cannot authenticate right now (eg: user needs
+ * to change password at next login etc.)
+ */
+ if (g_error_matches (error, UM_REALM_ERROR, UM_REALM_ERROR_CANNOT_AUTH)) {
+ g_clear_error (&error);
+ creds = NULL;
+ }
+
if (error == NULL) {
/* Already joined to the domain, just register this user */
@@ -648,7 +658,8 @@ on_realm_login (GObject *source,
enterprise_permit_user_login (page, realm);
/* Join the domain, try using the user's creds */
- } else if (!um_realm_join_as_user (realm,
+ } else if (creds == NULL ||
+ !um_realm_join_as_user (realm,
gtk_entry_get_text (OBJ (GtkEntry *, "enterprise-login")),
gtk_entry_get_text (OBJ (GtkEntry *, "enterprise-password")),
creds, NULL,
diff --git a/gnome-initial-setup/pages/account/um-realm-manager.c
b/gnome-initial-setup/pages/account/um-realm-manager.c
index e1829ac..5254400 100644
--- a/gnome-initial-setup/pages/account/um-realm-manager.c
+++ b/gnome-initial-setup/pages/account/um-realm-manager.c
@@ -788,18 +788,25 @@ kinit_thread_func (GSimpleAsyncResult *async,
break;
case KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN:
- case KRB5KDC_ERR_CLIENT_REVOKED:
- case KRB5KDC_ERR_KEY_EXP:
case KRB5KDC_ERR_POLICY:
- case KRB5KDC_ERR_ETYPE_NOSUPP:
g_simple_async_result_set_error (async, UM_REALM_ERROR, UM_REALM_ERROR_BAD_LOGIN,
_("Cannot log in as %s at the %s domain"),
login->user, login->domain);
break;
case KRB5KDC_ERR_PREAUTH_FAILED:
+ case KRB5KRB_AP_ERR_BAD_INTEGRITY:
g_simple_async_result_set_error (async, UM_REALM_ERROR, UM_REALM_ERROR_BAD_PASSWORD,
_("Invalid password, please try again"));
break;
+ case KRB5_PREAUTH_FAILED:
+ case KRB5KDC_ERR_KEY_EXP:
+ case KRB5KDC_ERR_CLIENT_REVOKED:
+ case KRB5KDC_ERR_ETYPE_NOSUPP:
+ case KRB5_PROG_ETYPE_NOSUPP:
+ g_simple_async_result_set_error (async, UM_REALM_ERROR, UM_REALM_ERROR_CANNOT_AUTH,
+ _("Cannot log in as %s at the %s domain"),
+ login->user, login->domain);
+ break;
default:
g_simple_async_result_set_error (async, UM_REALM_ERROR, UM_REALM_ERROR_GENERIC,
_("Couldn't connect to the %s domain: %s"),
diff --git a/gnome-initial-setup/pages/account/um-realm-manager.h
b/gnome-initial-setup/pages/account/um-realm-manager.h
index a604fae..0c09152 100644
--- a/gnome-initial-setup/pages/account/um-realm-manager.h
+++ b/gnome-initial-setup/pages/account/um-realm-manager.h
@@ -29,6 +29,7 @@ G_BEGIN_DECLS
typedef enum {
UM_REALM_ERROR_BAD_LOGIN,
UM_REALM_ERROR_BAD_PASSWORD,
+ UM_REALM_ERROR_CANNOT_AUTH,
UM_REALM_ERROR_GENERIC,
} UmRealmErrors;
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
