Domanda
I use UnboundID for the authentication against Active Directory. I have same error code when I authenticate with the wrong password and when the user is configured with “user must change password at next logon”. “wrong password” exception:
https://stackoverflow.com/questions/17299835
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianLDAPException(resultCode=49 (invalid credentials), errorMessage='80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece
“user must change password at next logon” exception:
LDAPException(resultCode=49 (invalid credentials), errorMessage='80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 773, vece
The only difference is the value of word data in the exception message. I do not want to rely on the message. How to distinguish between “user must change password at next logon” and “wrong password” use cases?
Soluzione
A quick look at this page:
http://ldapwiki.willeke.com/wiki/Common%20Active%20Directory%20Bind%20Errors
Shows that: data 52e = Returns when username is valid but password/credential is invalid.
data 773 = Entry's password must be changed before logging on LDAP pwdLastSet: value of 0 indicates admin-required password change - MUST_CHANGE_PASSWD
-jim
