Description
Sorry, I'm not sure how to properly reopen existing issue which was closed due to inactivity.
Basically, I have the same issue as in #70210.
I'm trying to handle the case where Active Directory user enters correct credentials but his password was either reset or expired. I can rely on LdapException.ServerErrorMessage on Windows where it provides details like:
80090308: LdapErr: DSID-0C0903A8, comment: AcceptSecurityContext error, data 773, v1db1
But on Linux this property is always empty. I can't rely on LdapException.ErrorCode since it always equals to 49 (LDAP_INVALID_CREDENTIALS) which is expected.
I've checked both 7.0 and 8.0.0-preview.1.23110.8 versions of System.DirectoryServices.Protocols with the same result.
It seems that the issue stems from the usage of LdapOption.LDAP_OPT_SERVER_ERROR here even though it is mentioned it's not supported on Linux (here).
Replacing it with LdapOption.LDAP_OPT_ERROR_STRING allows to get the desired error message from Active Directory on Linux.
Would it be possible to use LdapOption.LDAP_OPT_ERROR_STRING in LdapSessionOptions for Linux? Or to add some other way to get that information if this change can break existing code for LDAP servers other than AD?