Good morning,

we use LDAP within uniface to allow users to login to our system. When the username/password is correct, all is fine. But when an invalid password is used all we get is error code 49. Is it possible to get a more meaningful error message. Something like: username/password is incorrect Password has expired or username has been disabled.

My code is:

;-----------------------------------------------------------------------
; Initialise an ldap session (using PRIMARY DOMAIN CONTROLLER details)
; Get handle back to the session for use by subsequent calls
;-----------------------------------------------------------------------
activate "LDAP".LDAP_SSLINIT(v_handle,v_p_svr,v_p_port,v_ssl)
if($status != 0)        ;Failed 
    return(0)
endif

then

;---------------------------------------------------------
; Perform a BIND to the LDAP (thereby authenticating user)
;---------------------------------------------------------
activate "LDAP".LDAP_BIND_S(v_handle,v_dn,v_cred,v_method)

Uniface is a bit odd but I think the calls to ldap should be the same as in say Java.

From the RFC4511, Appendix A.2 (https://tools.ietf.org/html/rfc4511#appendix-A.2) this means

invalidCredentials (49)
Indicates that the provided credentials (e.g., the user's name and password) are invalid.

The RFC4511 defines these standard error codes.

Depending on your specific LDAP server it may return additional (non-standard) error codes (like for example the Oracle OID: http://docs.oracle.com/cd/B28196_01/idmanage.1014/b15991/trblsht.htm#CHDFJBIG)