davidpelfree · July 17, 2017 17:12
diff --git a/ActiveDirectoryUtils.java b/ActiveDirectoryUtils.java
 package util;

 import java.util.regex.Matcher;
 import java.util.regex.Pattern;

 public final class ActiveDirectoryUtils {

    private static final Pattern ERROR_CODE = Pattern.compile(".*LDAP: error code\\s([0-9]*).*data\\s([0-9a-f]{3,4}).*");

    public static final int USERNAME_NOT_FOUND = 0x525;
    public static final int INVALID_PASSWORD = 0x52e;
    public static final int NOT_PERMITTED_AT_THIS_TIME = 0x530;
    public static final int NOT_PERMITTED_AT_THIS_WORKSTATION = 0x531;
    public static final int PASSWORD_EXPIRED = 0x532;
    public static final int ACCOUNT_DISABLED = 0x533;
    public static final int ACCOUNT_EXPIRED = 0x701;
    public static final int PASSWORD_NEEDS_RESET = 0x773;
    public static final int ACCOUNT_LOCKED = 0x775;


    /**
     * @return array of: code, subcode
     */
    public static int[] parseErrorCode(String message) {
        Matcher m = ERROR_CODE.matcher(message);

        if (m.matches()) {
            return new int[]{
                    Integer.parseInt(m.group(1)),
                    Integer.parseInt(m.group(2), 16) // subcode is in Hex
            };
        }

        return new int[]{-1, -1};
    }

    public static String subCodeToLogMessage(int code, int subcode) {
        switch (code) {
            case 49:
                switch (subcode) {
                    case USERNAME_NOT_FOUND:
                        return "User was not found in directory";
                    case INVALID_PASSWORD:
                        return "Supplied password was invalid";
                    case NOT_PERMITTED_AT_THIS_TIME:
                        return "User not permitted to logon at this time";
                    case NOT_PERMITTED_AT_THIS_WORKSTATION:
                        return "User not permitted to logon at this workstation";
                    case PASSWORD_EXPIRED:
                        return "Password has expired";
                    case ACCOUNT_DISABLED:
                        return "Account is disabled";
                    case ACCOUNT_EXPIRED:
                        return "Account expired";
                    case PASSWORD_NEEDS_RESET:
                        return "User must reset password";
                    case ACCOUNT_LOCKED:
                        return "Account locked";
                }
        }

        return "Unknown (error code: " + code + " subcode: " + Integer.toHexString(subcode) + ")";
    }

    /**
     * Manual test
     */
    public static void main(String... args) {
        final int[] codes = new int[]{0x525, 0x52e, 0x530, 0x531, 0x532, 0x533, 0x773, 0x775};
        for (int code : codes) {
            final String msg = "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C8, comment: AcceptSecurityContext error, data " + Integer.toHexString(code) + ", v2580]";
            System.out.println("Error response: " + msg);
            int[] codeArr = parseErrorCode(msg);
            System.out.println("Means: " + subCodeToLogMessage(codeArr[0], codeArr[1]));
            System.out.println();
        }

    }
 }
	package util;

	import java.util.regex.Matcher;
	import java.util.regex.Pattern;

	public final class ActiveDirectoryUtils {

	private static final Pattern ERROR_CODE = Pattern.compile(".LDAP: error code\\s([0-9]).data\\s([0-9a-f]{3,4}).");

	public static final int USERNAME_NOT_FOUND = 0x525;
	public static final int INVALID_PASSWORD = 0x52e;
	public static final int NOT_PERMITTED_AT_THIS_TIME = 0x530;
	public static final int NOT_PERMITTED_AT_THIS_WORKSTATION = 0x531;
	public static final int PASSWORD_EXPIRED = 0x532;
	public static final int ACCOUNT_DISABLED = 0x533;
	public static final int ACCOUNT_EXPIRED = 0x701;
	public static final int PASSWORD_NEEDS_RESET = 0x773;
	public static final int ACCOUNT_LOCKED = 0x775;


	/**
	* @return array of: code, subcode
	*/
	public static int[] parseErrorCode(String message) {
	Matcher m = ERROR_CODE.matcher(message);

	if (m.matches()) {
	return new int[]{
	Integer.parseInt(m.group(1)),
	Integer.parseInt(m.group(2), 16) // subcode is in Hex
	};
	}

	return new int[]{-1, -1};
	}

	public static String subCodeToLogMessage(int code, int subcode) {
	switch (code) {
	case 49:
	switch (subcode) {
	case USERNAME_NOT_FOUND:
	return "User was not found in directory";
	case INVALID_PASSWORD:
	return "Supplied password was invalid";
	case NOT_PERMITTED_AT_THIS_TIME:
	return "User not permitted to logon at this time";
	case NOT_PERMITTED_AT_THIS_WORKSTATION:
	return "User not permitted to logon at this workstation";
	case PASSWORD_EXPIRED:
	return "Password has expired";
	case ACCOUNT_DISABLED:
	return "Account is disabled";
	case ACCOUNT_EXPIRED:
	return "Account expired";
	case PASSWORD_NEEDS_RESET:
	return "User must reset password";
	case ACCOUNT_LOCKED:
	return "Account locked";
	}
	}

	return "Unknown (error code: " + code + " subcode: " + Integer.toHexString(subcode) + ")";
	}

	/**
	* Manual test
	*/
	public static void main(String... args) {
	final int[] codes = new int[]{0x525, 0x52e, 0x530, 0x531, 0x532, 0x533, 0x773, 0x775};
	for (int code : codes) {
	final String msg = "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C8, comment: AcceptSecurityContext error, data " + Integer.toHexString(code) + ", v2580]";
	System.out.println("Error response: " + msg);
	int[] codeArr = parseErrorCode(msg);
	System.out.println("Means: " + subCodeToLogMessage(codeArr[0], codeArr[1]));
	System.out.println();
	}

	}
	}