Created
October 12, 2011 15:34
-
-
Save freeeve/1281539 to your computer and use it in GitHub Desktop.
LDAP error map quick reference (maps data error codes to failure reasons)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
525 ERROR_NO_SUCH_USER (The specified account does not exist.) | |
NOTE: Returns when username is invalid. | |
52e ERROR_LOGON_FAILURE (Logon failure: unknown user name or bad password.) | |
NOTE: Returns when username is valid but password/credential is invalid. | |
Will prevent most other errors from being displayed as noted. | |
530 ERROR_INVALID_LOGON_HOURS (Logon failure: account logon time restriction violation.) | |
NOTE: Returns only when presented with valid username and password/credential. | |
531 ERROR_INVALID_WORKSTATION (Logon failure: user not allowed to log on to this computer.) | |
LDAP[userWorkstations: <multivalued list of workstation names>] | |
NOTE: Returns only when presented with valid username and password/credential. | |
532 ERROR_PASSWORD_EXPIRED (Logon failure: the specified account password has expired. | |
LDAP[userAccountControl: <bitmask=0x00800000>] - PASSWORDEXPIRED | |
NOTE: Returns only when presented with valid username and password/credential. | |
533 ERROR_ACCOUNT_DISABLED (Logon failure: account currently disabled.) | |
LDAP[userAccountControl: <bitmask=0x00000002>] - ACCOUNTDISABLE | |
NOTE: Returns only when presented with valid username and password/credential | |
701 ERROR_ACCOUNT_EXPIRED (The user's account has expired.) | |
LDAP[accountExpires: <value of -1, 0, or extemely large value indicates account will not expire>] - ACCOUNTEXPIRED | |
nNOTE: Returns only when presented with valid username and password/credential. | |
773 ERROR_PASSWORD_MUST_CHANGE (The user's password must be changed before logging on the first time.) | |
LDAP[pwdLastSet: <value of 0 indicates admin-required password change>] - MUST_CHANGE_PASSWD | |
NOTE: Returns only when presented with valid username and password/credential. | |
775 ERROR_ACCOUNT_LOCKED_OUT (The referenced account is currently locked out and may not be logged on to.) | |
LDAP[userAccountControl: <bitmask=0x00000010>] - LOCKOUT | |
NOTE: Returns even if invalid password is presented |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Updated for easier copy/paste when emailing users with troubleshooting information.