Chris, The LDAP authentication runs as a C-plugin, at least up through 7.6.x, so the error messages will be found in the arplugin.log file, assuming you have enabled it. What you get back from LDAP depends on the LDAP implementation. Sometimes it is a plain text message such as "bad password" and sometimes it can be an obscure 8 hex digit number, but I have found that entering such a number in the Google search to bar usually leads to something helpful.
I don't think that you can divert the arplugin.log to log to a form. There's no easy way to capture that log file through workflow associated with the attempt to log in and authenticate via LDAP ( for starters, you can't run workflow unless you're already logged in ). You could run a command line process periodically to look or grep for known error texts and send a notification based on that... Hope this helps... Doug -- Doug Blair +1 224-558-5462 Sent from my iPad Air Auto-corrected typos, misspellings and non-sequiturs are gratefully attributed to Steve Jobs :-) > On Feb 27, 2014, at 9:10 AM, "Pruitt, Christopher (Bank of America Account)" > <christopher.pru...@hp.com> wrote: > > Hello All, > > Has ever heard of a way to capture specific LDAP error code/return codes to > display different messages? > > I don't think the different LDAP errors are controlled by any specific code > we have control over and as far as I understand it the BMC Remedy engine uses > a Java plugin that communicates to LDAP via a jar file. Meaning that is no > source code. However, I found the following couple error messages in BMC > documentation and it looks like the lockout message isn't coming from LDAP > but from Remedy AR System Server itself... > > 623 Error > Authentication failed. > Make sure that your user name and password were entered correctly. > > 624 Error > User account locked out due to too many bad password attempts. > Consecutive login attempts failed because of invalid passwords. The AR System > server administrator can configure the number of attempts to allow. To unlock > your account, reset your password or contact your administrator. > > So we are trying to determine if there is a way to capture specific LDAP > error code/return codes to display different messages. > > Any Feedback on this would be appreciated. > > Christopher Pruitt > Business Consulting III > > HP Enterprises Services > christopher.pru...@hp.com > www.hp.com<http://www.hp.com/> > > > Confidentiality Notice: This message and any files transmitted with it are > intended for the sole use of the entity or individual to whom it is > addressed, and may contain information that is confidential, privileged, and > exempt from disclosure under applicable law. If you are not the intended > addressee for this e-mail, you are hereby notified that any copying, > distribution, or dissemination of this e-mail is strictly prohibited. If you > have received this e-mail in error, please immediately destroy, erase, or > discard this message. Please notify the sender immediately by return e-mail > if you have received this e-mail by mistake. > > > > > _______________________________________________________________________________ > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org > "Where the Answers Are, and have been for 20 years" > _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"
