ldap连接错误类型:
INVALID_CREDENTIALS: 80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 52e, v2580
INVALID_CREDENTIALS: 80090308: LdapErr: DSID-0C090400, comment: AcceptSecurityContext error, data 77 5, v1db1
Error codeErrorDescription 525 User not found Returned when an invalid username is supplied. 52e Invalid credentials Returned when a valid username is supplied but an invalid password/credential is supplied. If this error is received, it will prevent most other errors from being displayed. 530 Not permitted to logon at this time Returned when a valid username and password/credential are supplied during times when login is restricted. 531 Not permitted to logon from this workstation Returned when a valid username and password/credential are supplied, but the user is restriced from using the workstation where the login was attempted. 532 Password expired Returned when a valid username is supplied, and the supplied password is valid but expired. 533 Account disabled Returned when a valid username and password/credential are supplied but the account has been disabled. 701 Account expired Returned when a valid username and password/credential are supplied but the account has expired. 773 User must reset password Returned when a valid username and password/credential are supplied, but the user must change their password immediately (before logging in for the first time, or after the password was reset by an administrator). 775 Account locked out Returned when a valid username is supplied, but the account is locked out. Note that this error will be returned regardless of whether or not the password is invalid.
对上面的四种情况,得到的异常信息如下:
//下次登录必须修改密码 ,正确的密码
8009030C: LdapErr: DSID-0C0904DC, comment: AcceptSecurityContext error, data 773, v1db1//下次登录必须修改密码 ,错误的密码
8009030C: LdapErr: DSID-0C0904DC, comment: AcceptSecurityContext error, data 52e, v1db1//密码过期 ,正确的密码
8009030C: LdapErr: DSID-0C0904DC, comment: AcceptSecurityContext error, data 532, v1db1//密码过期 ,错误的密码
8009030C: LdapErr: DSID-0C0904DC, comment: AcceptSecurityContext error, data 52e, v1db1
可以看出,当密码错误时,返回的错误信息中有data 52e的数据,可以依据异常信息中的这种差别来进行旧密码的校验。
参考:http://fwhyy.com/2015/09/csharp-operation-ad-to-modify-the-user-password/
Original: https://www.cnblogs.com/dreamer-fish/p/16397413.html
Author: momingliu11
Title: LDAP连接认证错误类型
原创文章受到原创版权保护。转载请注明出处:https://www.johngo689.com/551643/
转载文章受原作者版权保护。转载请注明原作者出处!