Bind error

[jor6e]

With the last major version (2.x.x), the error property in bind funtion was more complete, why not in 3?

For example, the error 49 has suberrors, I would like to know the suberrors with version 3.

I refer to this: https://community.bmc.com/s/article/How-to-understand-LDAP-Error-Codes

For example, error code 49, error subcode 525, 52e, etc.

[jsumners]

Can you please provide examples of error messages you are talking about? I do not understand the issue.

[jor6e]

Sorry, I think it is not an error, or maybe yes.

v2.x.x.
bind error response:
LDAPError [InvalidCredentialsError]: 80090308: LdapErr: DSID-0C090447, comment: AcceptSecurityContext error, data 533, v3839

v3.x.x.
bind error response
LDAPError [InvalidCredentialsError]: Invalid Credentials

As you can check, the error description in v3 is less complete than v2.

Thanks.

[jsumners]

Please provide the full stack trace for the errors instead of just the message property.

[jor6e]

v3

LDAPError [InvalidCredentialsError]: Invalid Credentials
    at messageCallback (C:\Users\username\Desktop\my-project\node_modules\ldapjs\lib\client\client.js:1261:45)
    at Parser.onMessage (C:\Users\username\Desktop\my-project\node_modules\ldapjs\lib\client\client.js:919:14)
    at Parser.emit (node:events:527:28)
    at Parser.write (C:\Users\username\Desktop\my-project\node_modules\ldapjs\lib\messages\parser.js:135:8)
    at TLSSocket.onData (C:\Users\username\Desktop\my-project\node_modules\ldapjs\lib\client\client.js:875:22)
    at TLSSocket.emit (node:events:527:28)
    at addChunk (node:internal/streams/readable:315:12)
    at readableAddChunk (node:internal/streams/readable:289:9)
    at TLSSocket.Readable.push (node:internal/streams/readable:228:10)
    at TLSWrap.onStreamRead (node:internal/stream_base_commons:190:23) {
  lde_message: 'Invalid Credentials',
  lde_dn: null
}

v2

LDAPError [InvalidCredentialsError]: 80090308: LdapErr: DSID-0C090447, comment: AcceptSecurityContext error, data 533, v3839
    at messageCallback (C:\Users\username\Desktop\my-project\node_modules\ldapjs\lib\client\client.js:1220:45)
    at Parser.onMessage (C:\Users\username\Desktop\my-project\node_modules\ldapjs\lib\client\client.js:888:14)
    at Parser.emit (node:events:527:28)
    at Parser.write (C:\Users\username\Desktop\my-project\node_modules\ldapjs\lib\messages\parser.js:107:8)
    at TLSSocket.onData (C:\Users\username\Desktop\my-project\node_modules\ldapjs\lib\client\client.js:875:22)
    at TLSSocket.emit (node:events:527:28)
    at addChunk (node:internal/streams/readable:315:12)
    at readableAddChunk (node:internal/streams/readable:289:9)
    at TLSSocket.Readable.push (node:internal/streams/readable:228:10)
    at TLSWrap.onStreamRead (node:internal/stream_base_commons:190:23) {
  lde_message: '80090308: LdapErr: DSID-0C090447, comment: AcceptSecurityContext error, data 533, v3839\x00',
  lde_dn: null
}

[classmatewu]

I also met this error code: InvalidCredentialsError with the same stack trace today, but my bind dn and bind password is also right.
what is the meaning of this code and under what circumstances may it appear?

[jsumners]

Please file a different issue if you think binding is not working correctly. This issue is about the information in the error.

[jsumners]

Regarding this actual issue: I am not ignoring it. To diagnose how the difference occurs will require running through a test case on both v2 and v3 with a debugger to inspect what happens where. It will take me some time to get to it. If anyone wants to provide such an analysis, that'd be great.

[bladerunner2020]

This is really important.
v2.3.x: InvalidcredentialsError: 80090308: LdapErr: DSID-OC090447, comment: AcceptSecurityContext error, data 532...
v3.0.3: {Invalid Credentials} (code: 49, name: InvalidCredentialsError)

data 532 - means that the password is expired, while code 49 gives no clues what's wrong.

I am afraid but I think we will need to downgrade as it is very difficult to troubleshoot errors in v3.

[jsumners]

It seems it isn't important enough for you to contribute anything useful to the conversation nor a solution.

[bladerunner2020]

As soon as we get more data I will share our analysis. We modified our code to be able to use v2 and v3 based on an environment variable. Invalid credentials error looks the same on both versions. Unfortunately we can't test right now with expired password error, where we saw the difference in the past.