go to post Steve Clay · Nov 30, 2022 You can find this information in the audit log. Make sure auditing is enabled, enable the LoginFailure audit event, and you should see the detailed reason for failure there.
go to post Steve Clay · May 17, 2022 It is available in 2022.1, it just hasn't hit the documentation yet. You can go ahead and use it.
go to post Steve Clay · Feb 25, 2022 Yes, this is absolutely correct, the code checks the R/W status of the database. If it is set to read-only, it will not be copied up to the durable directory. The first version which has this feature are kits based off of IRIS 2021.2.
go to post Steve Clay · Mar 16, 2020 You can use the Get and Modify methods in coordination with the Security.Resources:List() query (which allows wildcards). Here is some untested code which will give you an idea of what you can do: %SYS>s x=##Class(Security.Roles).Get("%developer",.Properties) %SYS>zw PropertiesProperties("Description")="A Role owned by all Developers"Properties("GrantedRoles")=""Properties("Resources")="%DB_%DEFAULT:RW,%DB_IRISLIB:R,%DB_IRISLOCALDATA:R,%DB_IRISTEMP:RW,%DB_USER:RW,%Development:U,%DocDB_Admin:U,%Service_Console:U,%Service_DocDB:U,%Service_Object:U,%Service_SQL:U,%Service_Telnet:U,%Service_Terminal:U,%Service_WebGateway:U,%System_CallOut:U" ;Now get the list of resources you want using a result set. Set Rset = ##class(%ResultSet).%New("Security.Resources:List") i '$$$ISOK(Rset) d $SYSTEM.Status.DisplayError(%objlasterror) q s Status=Rset.Execute("*") ; See class documentation of what you can use for wildcards here i '$$$ISOK(Status) Do $System.OBJ.DisplayError(Status) q s ResourceString="" While Rset.Next(.Status) { s Resource=Rset.Data("Name")s ResourceString=ResourceString_Resource_":RW"_"," } i '$$$ISOK(Status) Do $System.OBJ.DisplayError(Status) qs ResourceString=$e(ResourceString,1,*-1) ; Remove trailing comma;Now add to the existing resource string. Duplicates are ignored. s Properties(Resources)=Properties("Resources")_","_ResourceString ;Now save it s Status=##Class(Security.Roles).Modify("%developer",.Properties)
go to post Steve Clay · Apr 4, 2019 Take a look at the LDAP.MAC routine in the SAMPLES database. Look at Example 5 which shows how to change a password in Active directory using LDAP.