OpenDJ 3.0 Error Message on Lockout Count Error

This topic has 1 reply, 2 voices, and was last updated 3 years, 8 months ago by Rob Matthews.

  • Author
    Posts
  • #23887
     MushtaqB
    Participant

    I have configured the custom password policy with lockout failure count , which is working but authentication we get the error as authentication failed rather than user is locked or account inactive .

    How can we achieve this?

    #23895
     Rob Matthews
    Participant

    In general this is not recommended as it allows a potential attacker to know whether an account is valid or not. However, you can enable ‘return-bind-error-messages’ in the DS global config which will return more comprehensive errors such as –

    Invalid credentials (49)
    additional info: Invalid Credentials: Rejecting a bind request because the account has been administratively disabled

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?