login failure via external directories does not provide reason

XMLWordPrintable

    • 1
    • 1

      NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion.

      login failure via external directories does not provide reason why the login failed and this is causing really big problem in corporate environments.

      We tested this and this doesn't work neither with LDAP or Crowd. We are using Crowd so probably this will have to be implemented in both JIRA and Crowd.

      --- account with invalid password
ldap_bind: Invalid credentials (49)
	additional info: 80090308: LdapErr: DSID-0C0903A8, 
comment: AcceptSecurityContext error, data 52e, v1db1

--- account with password expired
ldap_bind: Invalid credentials (49)
	additional info: 80090308: LdapErr: DSID-0C0903A8, 
comment: AcceptSecurityContext error, data 532, v1db1

--- disabled account
(TBD)

--- locked account
(TBD)

      Note: the LDAP server being used is Microsoft Active Directory. Return codes are valid for all versions and seem to be similar across all LDAP servers.

      525 user not found
      52e invalid credentials
      530 not permitted to logon at this time
      531 not permitted to logon at this workstation
      532 password expired
      533 account disabled
      701 account expired
      773 user must reset password
      775 user account locked

            Assignee:
            Unassigned
            Reporter:
            Sorin Sbarnea (Citrix)
            Votes:
            8 Vote for this issue
            Watchers:
            11 Start watching this issue

              Created:
              Updated:
              Resolved: