I need to have in a exploitable format the failed binds. Something similar to the correct binds in the accesslog. I have seen that some people talks about the use of loglevel 256, but i thing that is too hard. Any help would be welcome.
Why don't use the pwdFailureTime attribute provided by ppolicy overlay?