enhanced error messages

This commit is contained in:
Roland Gruber 2020-06-28 20:52:10 +02:00
parent bc277e4c0a
commit 1523f0ee8f
1 changed files with 29 additions and 15 deletions

View File

@ -1483,22 +1483,36 @@ function getExtendedLDAPErrorMessage($server) {
function getDefaultLDAPErrorString($server) { function getDefaultLDAPErrorString($server) {
$extError = htmlspecialchars(getExtendedLDAPErrorMessage($server)); $extError = htmlspecialchars(getExtendedLDAPErrorMessage($server));
// Active Directory message translations // Active Directory message translations
if ((strpos($extError, 'DSID-031A120C') !== false) && (strpos($extError, '5003') !== false)) { if (strpos($extError, 'DSID') !== false) {
if (strpos($extError, '5003') !== false) {
logNewMessage(LOG_DEBUG, 'Password change failed because of ' . $extError); logNewMessage(LOG_DEBUG, 'Password change failed because of ' . $extError);
$extError = _('Your password does not meet the password strength qualifications. Please retry with another one.'); $extError = _('Your password does not meet the password strength qualifications. Please retry with another one.');
} }
elseif ((strpos($extError, 'DSID') !== false) && (strpos($extError, 'data 773,') !== false)) { elseif (strpos($extError, 'data 530,') !== false) {
logNewMessage(LOG_DEBUG, 'Login failed because of ' . $extError); logNewMessage(LOG_DEBUG, 'Login failed because of ' . $extError);
$extError = _('Password change required'); $extError = _('Logon not permitted at this time');
} }
elseif ((strpos($extError, 'DSID') !== false) && (strpos($extError, 'data 533,') !== false)) { elseif (strpos($extError, 'data 532,') !== false) {
logNewMessage(LOG_DEBUG, 'Login failed because of ' . $extError);
$extError = _('Password is expired');
}
elseif (strpos($extError, 'data 533,') !== false) {
logNewMessage(LOG_DEBUG, 'Login failed because of ' . $extError); logNewMessage(LOG_DEBUG, 'Login failed because of ' . $extError);
$extError = _('Account is deactivated'); $extError = _('Account is deactivated');
} }
elseif ((strpos($extError, 'DSID') !== false) && (strpos($extError, 'data 701,') !== false)) { elseif (strpos($extError, 'data 701,') !== false) {
logNewMessage(LOG_DEBUG, 'Login failed because of ' . $extError); logNewMessage(LOG_DEBUG, 'Login failed because of ' . $extError);
$extError = _('Account is expired'); $extError = _('Account is expired');
} }
elseif (strpos($extError, 'data 773,') !== false) {
logNewMessage(LOG_DEBUG, 'Login failed because of ' . $extError);
$extError = _('Password change required');
}
elseif (strpos($extError, 'data 775,') !== false) {
logNewMessage(LOG_DEBUG, 'Login failed because of ' . $extError);
$extError = _('Account is locked');
}
}
$genericErrorMessage = ldap_error($server); $genericErrorMessage = ldap_error($server);
$message = _('LDAP error, server says:') . ' ' . $genericErrorMessage; $message = _('LDAP error, server says:') . ' ' . $genericErrorMessage;
if (!empty($extError) && ($genericErrorMessage != $extError)) { if (!empty($extError) && ($genericErrorMessage != $extError)) {