LDAP Error 49 when logging on to the SecureLogin LDAP Client

Customer installed SecureLogin in LDAP mode, with Novell eDirectory as the LDAP Directory. After installing the client on the workstation they attempted to logon via the SecureLogin LDAP Client but received LDAP Error 49. The error suggests the username and/or password is invalid.

They were sure their Username and Password to eDirectory were both valid and the account was not locked.

Add additional grace logins; the user had used up all grace logins.
The user changed their password on next logon.

LDAP Error 49 is LDAP_INVALID_CREDENTIALS: Indicates that during a bind operation one of the following occurred:

• The client passed either an incorrect DN or password.
• The password is incorrect because it has expired, intruder detection has locked the account, or some other similar reason.

On this occasion, the user had 0 grace logins. In eDirectory, a user receives a number of grace logins (typically 5 or 6) so they have a number of chances to change their password. The user had been prompted to change their password but had not done this. The SecureLogin LDAP Client had also warned them of the consequences but the user ignored this.