Mishandled errors from Microsoft AD specific LDAP responses

[cuteboi]

I was unable to detect when a user was being locked out, but after some troubleshooting and some debugging, I found that the InvalidCredentials error was wrapping up a lot of possible errors when used against a MicrosoftLDAP implementation.

http://www-01.ibm.com/support/docview.wss?uid=swg21290631

I have a PR coming your way, I hope it's correctly formatted

[itdxsd]

hi guys.

Problem Description

Manager DN is Locked out
Determine if the lock account is for user account and for lock Bind Dn credentials account
Thank you.

Steps to Reproduce

const OPT = {
server: {
url: 'ldap://localhost:10377/',
bindDN: 'cn=SampleServiceID,cn=Users,dc=X8888,dc=com',
bindCredentials: '123',
searchBase: 'dc=BAMPLE,dc=X8888,dc=com',
searchFilter: '(uid={{username}})',
},
};

passport.use('ldap1', new LdapStrategy(OPT));

    passport.authenticate(
        ['ldap1'],
        {
            session: false,
            invalidCredentials: 'invalidCredentials',
            passwordExpired: 'passwordExpired',
            accountDisabled: 'accountDisabled',
            accountExpired: 'accountExpired',
            passwordMustChange: 'passwordMustChange',
            accountLockedOut: 'accountLockedOut',
            invalidLogonHours: 'invalidLogonHours',
            invalidWorkstation: 'invalidWorkstation',
        },
        async (err, userAd, info) => {
            if (err) {
                // will generate a 500 error
                logger.error('Error authenticating with AD');
                return next(err, info);
            }
            if (!userAd) {
                // Generate a JSON response reflecting authentication status
                response.status(200).json(userAd);
            } else {
                    response.status(200).json('Success');
            }
        }
    )(request, response, next)