Expired AD password and PASSTHROUGH authentication

This topic has 1 reply, 2 voices, and was last updated 6 years, 8 months ago by ssripathy.

  • Author
  • #7122

    When user tries to log on to OpenIDM by using PASSTHROUGH authentication to AD and AD user account password is expired then user does not see any information about that situation – logon page just asks user to log on again. Is there a way to inform user in this situation that his/her password is expired?
    I am using OpenIDM 4.1 nightly build.


    Not unless you call some custom endpoint from the script in “augmentSecurityContext” section of authentication.json.
    The ldap error code of 49 is too broad to reveal specific info on why auth failed, so would need the custom endpoint to dig that info out from AD. You could also call a script on AD connector to fetch that info in the same security context.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?