This event is generated when the DSA fails to authenticate the
originator of a Bind request. The event returns the following
information:
- The reason why authentication failed. This may be one
of the following:
- Unknown User.
The distinguished name supplied in the Bind request does not
identify an entry within the directory.
- Incorrect Password.
The password supplied in the Bind request does not match the
password stored in the directory entry identified by the
supplied distinguished name.
- Inaccessible Password.
The DSA could not verify the supplied password because the
DSA containing the directory entry is not accessible. This
might be a temporary problem, for example, the connection to
that DSA cannot be made, or it might be a more permanent
problem, where the DSA holding the directory entry is not
a trusted DSA.
- Password Verification Loop.
When a DSA attempts to verify a password, it might need to
communicate with another DSA to access the directory entry
that contains the password. This communication might also
require the specification of a password, which must be
verified by the second DSA. It is therefore possible that
two DSAs will find themselves in a situation where each is
waiting for the other to verify a password. If this happens,
one of the DSAs detects the problem, and the authentication
fails.
- Information on the application or user that requested the
operation. This comprises:
- The application entity title of the DSA from which the Bind
request was received.
- The presentation address of the DSA from which the Bind
request was received.
- The distinguished name that was supplied in the Bind request,
if any.
- The directory protocol in use, that is DAP, DSP, DISP, or DOP.
The DAP protocol is used by directory applications to bind to the DSA.
The DSP protocol is used by other DSAs to chain requests to the DSA.
The DOP protocol is used by other DSAs to manage shadowing agreements.
The DISP protocol is used by other DSAs to replicate information to
or from this DSA.