Audit messages
| Message code | Description | Notes |
|---|---|---|
| E000001 | A system error has occurred. | This message is used whenever there is a general processing error. It will contain full details of the error. |
| E001001 | The DIGIPASS Plug-In failed to start up. | The Plug-In encountered a fatal error on startup such as an invalid or missing configuration file. |
| E001002 | The DIGIPASS Plug-In has been forced into the disabled state. | The plug-in has started up, but is in a disabled state in which it will not process authentication requests. This is typically caused by a license problem (an invalid or missing license key in the plug-in's client component record), an invalid component location setting in the configuration file, or a missing component record for the plug-in. |
| E001003 | The Authentication Server failed to start up | The Authentication Server encountered a fatal error on startup. This is typically due to an invalid or missing configuration file or failure to connect to the data store. |
| E002001 | The Active Directory AAL3 library failed to initialize. | The Active Directory AAL3 library encountered a fatal error on initialization, e.g. invalid configuration settings in the configuration file. |
| E002002 | The DIGIPASS Authentication library failed to initialize. | The Authentication library encountered a fatal error on initialization, e.g. invalid configuration settings in the configuration file. |
| E002003 | The ODBC AAL3 library failed to initialize. | The ODBC AAL3 library encountered a fatal error on initialization, e.g. invalid configuration settings in the configuration file. |
| E002004 | The RADIUS protocol handler failed to initialize. |
The protocol handler that receives and processes RADIUS requests did not start up. This may be because of a missing license key in the Authentication Server component record, or because the license key in that component record does not enable RADIUS support. Look for the line RADIUS=Yes in the license key details. A common reason for this error, when RADIUS is enabled in the license key, is that the RADIUS ports are already in use by another process on the machine. Alternatively, the configuration settings may be invalid. |
| E002005 | The Authentication Server AAL3 library failed to initialize. | The authentication server AAL3 library encountered a fatal error on initialization, e.g. invalid configuration settings in the configuration file. |
| E002006 | The Replication library failed to initialize. | The replication library encountered a fatal error on initialization, e.g. invalid configuration settings in the configuration file. |
| E002007 | Initialization of a Replication destination server failed. | The replication library found the configuration of a destination server to be invalid. The library will still start up if its main configuration settings are valid and there is at least one valid destination server. For the invalid destination servers, this audit message is generated. |
| E002008 | The Authentication Server protocol handler failed to initialize. | The protocol handler that receives and processes administration requests and authentication requests from the IIS modules failed initialization. This is typically due to invalid configuration settings or because the API port is already in use by another process on the machine. |
| E002009 | The VM2 Compatibility protocol handler failed to initialize. | The protocol handler that receives and processes authentication requests from the VACMAN Middleware version 2 IIS modules failed initialization. This is typically due to invalid configuration settings or because the API port is already in use by another process on the machine. |
| E002010 | The SOAP protocol handler failed to initialize. | The SOAP protocol handler encountered a fatal error on initialization. Typically, this occurs when the SOAP ports configured in OneSpan Authentication Server are already in use by another application or service. |
| E002011 | The RADIUS dictionary was loaded but with some errors. | OneSpan Authentication Server failed to import one or more RADIUS attribute definitions from the RADIUS dictionary due to parse errors. Those parse errors were ignored and OneSpan Authentication Server succeeded to import the remaining RADIUS attribute definitions. |
| E002012 | Failed to load the RADIUS dictionary file. | OneSpan Authentication Server failed to load the RADIUS dictionary file because the file was not available. This could be due to an incorrect configuration (incorrect path to and/ or dictionary file name). |
| E009001 | An error occurred in the Message Delivery Component. | Message Delivery Component (MDC) encountered an error during the process of submitting a request to the HTTP gateway and interpreting the response. This may indicate a configuration problem for the gateway or connectivity issues. The audit message may contain further details from the gateway. |
| E012001 | The RADIUS Profile was not found in Steel-Belted RADIUS. |
When a RADIUS profile name is in the user account but that name is not found in SBR, the login is failed with this error. This can also occur if there is no RADIUS profile in the user account, but there is a default RADIUS profile configured that was not found in SBR. |
| E012002 | The RADIUS Attribute was not known by Steel-Belted RADIUS. |
When the user account has a RADIUS attribute in its Authorization Profiles/Attributes list, the attribute must be found in SBR. When such an attribute is not known to SBR, the login is failed with this error. The most likely reason for this error to occur is that the spelling of the attribute Name is different in SBR compared to the user account. This may also occur if the value of the attribute does not convert to the correct data type expected by SBR. For example, if an IP address attribute has a value which is not a representation of an IP address. |
| E013001 | A connection to an ODBC data source could not be established. |
An attempt to connect to an ODBC data source failed. This may be caused by any of the following:
|
| E013002 | A connection to an ODBC data source is broken. |
An established connection to an ODBC data source has broken. This may be caused by any of the following:
|
| E013003 | The migration subsystem cannot migrate the data record. | Data migration is enabled, but the migration subsystem cannot migrate the data record. This usually happens if the data migration failed due to an error. |
| E013004 | The data version cannot be handled by this server. | Data migration is enabled, but the migration subsystem is unable to handle the data record. This usually happens if the record data version is unsupported. |
| E016001 | End synchronization for profile incomplete by error. | This audit message is produced by the LDAP Synchronization Tool. |
| E020001 | Task management failed to start. | OneSpan Authentication Server failed to initialize and start the task scheduler. |
| E020002 | Task management failed to stop. | OneSpan Authentication Server failed to stop the task scheduler. |
| W004001 | A connection attempt to Active Directory failed. |
An attempt to connect to an Active Directory domain controller failed. This may be caused by any of the following:
|
| W004004 | A connection attempt to a Replication destination server failed. |
An attempt by the Replication library to connect to a destination server failed. This may be caused by any of the following:
|
| W005001 | A connection to Active Directory has terminated due to an error. |
An established connection to an Active Directory domain controller has broken. This may be caused by any of the following:
|
| W005004 | A connection to a Replication destination server has terminated due to an error. |
An established connection to a destination server has broken. This may be caused by any of the following:
|
| W006001 | An invalid RADIUS packet has been received. |
A RADIUS request received was invalid (did not conform to the RADIUS protocol). The request is discarded. This can also occur when a response is received from a RADIUS Server to which a request was forwarded, if the response was invalid. The response is discarded. |
| W006002 | A RADIUS request has been received from an unknown source. |
A RADIUS request was received but there is no RADIUS client component for the source of the request, and there is no “default” RADIUS client component. The request is discarded. This audit message will be repeated at intervals when the same unknown source sends requests, but not for every request. |
| W006003 | A request has been received from a RADIUS Client with no Shared Secret defined. |
A RADIUS request was received where there is a RADIUS client component for the source of the request, but that component record does not have a shared secret defined. Therefore, it is not possible to handle the request and it is discarded. This will not occur if there is a "default" RADIUS client component that has a shared secret. This audit message will be repeated at intervals when the same source sends requests, but not for every request. |
| W006004 | A RADIUS request forwarded by this server has been received – there must be a circular proxy chain. |
This can occur when the forwards a request to a RADIUS server, and the RADIUS server forwards the request back, due to its own proxy rules. It can also occur indirectly in a longer 'proxy chain'. The request is discarded, otherwise an infinite loop could be created. If this occurs, there must be an error in the proxy configuration of the RADIUS server(s). |
| W006005 | An Access-Challenge received from the RADIUS Server cannot be handled. |
This can occur when the OneSpan Authentication Server forwards a request to a RADIUS server and the RADIUS server responds with an Access-Challenge. An Access-Challenge can only be handled when the OneSpan Authentication Server forwards the password unmodified to the RADIUS server. If the OneSpan Authentication Server verifies an OTP and forwards the static password to the RADIUS server, it is not possible to handle an Access-Challenge from the RADIUS server. |
| W006006 | A RADIUS Server is not responding. | The OneSpan Authentication Server has not managed to get a response from the RADIUS server for some time. This message indicates that there may be a problem with the RADIUS server. |
| W009001 | Virtual DIGIPASS one-time password delivery failed. | The MDC could not successfully deliver a text message via the HTTP gateway. The audit message should contain further details from the gateway. |
| W009002 | Unable to send activation notification message due to missing destination attribute in the user account. |
The activation notification could not be sent, because no destination attribute is specified in the respective user account. This audit message is usually recorded during delayed activation, if the activation/registration operation completes successfully, but the notification messages cannot be sent. |
| W009003 | Delivery of a pending operation notification message failed. |
A notification regarding a pending operation could not be sent (maker–checker authorization). This audit message is recorded, if a pending operation has been successfully created, approved, rejected, or deleted, but the respective notification message cannot be sent. |
| W009004 | Delivery of a push notification message skipped because of duplicate device ID or PNID. |
A push notification message was not sent because a duplicate device ID or DIGIPASS Push Notification Identifier (PNID) for the relevant authenticator license was detected. This can for example occur if the user deletes the app that is used with the relevant authenticator from their mobile device. Push notification messages are sent only once per license to the same device. |
| W010001 | A blank password was used for back-end authentication, as Stored Password Proxy is disabled and the user did not enter a static password. |
This message only occurs when the back-end authentication setting is Always. When Stored Password Proxy is disabled, the OneSpan Authentication Server does not pass on the password stored in the user account to Windows for back-end authentication. If a user does not enter their password as well as their OTP, the login will fail because their password has not been provided to Windows. |
| W011001 | A Backup Virtual DIGIPASS quota of uses has been finished. | BVDP Uses Remaining has just been decremented to 0 for an authenticator. The user will not be able to use that authenticator for backup Virtual Mobile Authenticator logins until the Uses Remaining is increased or cleared. |
| W011002 | No DIGIPASS was found to assign to a new user account for Auto-Assignment. |
No available authenticator were found for auto-assignment. This may be because: there were no unassigned authenticator in the right location; the unassigned authenticator did not conform to policy restrictions; the unassigned authenticator were Reserved for individual assignment. The location in which the OneSpan Authentication Server searches for available authenticator records can be controlled to some extent using the Search Upwards in Org. Unit hierarchy setting. |
| W011003 | A user account has become locked. |
A user just exceeded the User Lock Threshold of failed logins and their user account is now locked. Administrator action is required to unlock the account. When a client application is configured to use auto-unlock and the user account becomes locked, the audit message also contains the date and time when the end user will be able to authenticate again to auto-unlock their user account. |
| W011004 | DIGIPASS auto-assignment has been ignored because Maker–Checker is enabled. | When maker–checker authorization is enabled, assigning an authenticator requires the approval of a checker administrator. Thus, auto-assignment is ignored, even if auto-assignment has been selected in the applicable policy. |
| W011005 | No offline authentication data could be generated. |
This message is audited when no applicable authenticator application can be found to generate offline authentication data. A authenticator application is applicable for generating offline authentication data, if it is a Response-Only authenticator application without scoring support. This occurs, for instance, when a user authenticates using push notification and no such authenticator application is present on the assigned primary authenticator. |
| W011017 | Offline authentication data has been received from a client for which offline authentication is disabled. | OneSpan Authentication Server received an authentication request from a Digipass Authentication for Windows Logon client (2.0 or later), which includes an offline authentication data usage update (state data), although offline authentication is disabled in the effective policy. |
| W012001 | A Replication queue entry has been rejected due to possible tampering. | This message is audited when OneSpan Authentication Server detects that the replication queue entry’s hash value is incorrect. This could be due to possible replication entry tampering. |
| W012002 | A Replication update received has been ignored, as the local data is more up-to-date. |
The Authentication Server has received a data update from another Authentication Server via the replication process, but its local data is already newer than the data received via replication. It is normal that this can occur, but it can also indicate a potential synchronization issue. |
| W012003 | A Replication queue entry has not been inserted. | This can occur when a replication queue has reached its maximum size. This is most likely to occur when the destination server is down or cannot be contacted due to a networking problem. |
| W012004 | A failed attempt to append to the replication queue has been deleted. | This message is audited when OneSpan Authentication Server fails to add a replication entry into the replication queue and finally deletes the replication entry. |
| W013001 | An invalid request has been received by the Authentication Server. | The Authentication Server has received an invalid authentication, administration or replication request. |
| W013002 | A request has been received by the Authentication Server from an unknown source. | The Authentication Server has received an authentication, administration or replication request from an unknown or unauthorized source. If the request was from a valid source, this message indicates that a component record is missing (or that a required restart of the service has not been made since the creation of the necessary component record). |
| W014001 | The License Key is missing or invalid. | A valid, unexpired license key is required to process any kind of authentication request. This message will be generated periodically when authentication requests are received by the Authentication Server, when it does not have a valid license key. |
| W015001 | An invalid request has been received by the SOAP server. | |
| W015002 | A request has been received from a client for which the component record is disabled. | OneSpan Authentication Server received a request for a client component that is disabled. |
| W016001 | Synchronization incomplete. | This audit message is produced by the LDAP Synchronization Tool |
| W016002 | User link for synchronization not attempted. | This audit message is produced by the LDAP Synchronization Tool |
| W016004 | Synchronization of user information attributes during Dynamic User Registration failed. | User information attributes from the back-end system have not been added to the user account during Dynamic User Registration. |
| I001001 | The DIGIPASS Plug-In has started up successfully. | Configuration details are given in the audit message. |
| I001002 | The Authentication Server has started up successfully. |
Configuration details are given in the audit message. Note that the Authentication Server can start up successfully even if a component such as the RADIUS protocol handler does not start up successfully. |
| I001004 | The migration of server data after upgrade has been finished. | OneSpan Authentication Server detected that the server data migration has completed. All server data has been converted to the current data schema version. |
| I002001 | The Active Directory AAL3 library has been initialized successfully. | The Active Directory 'AAL3' library has completed initialization. Configuration details are given in the audit message. |
| I002002 | The DIGIPASS Authentication library has been initialized successfully. | The Authentication library has completed initialization. Configuration details are given in the audit message. |
| I002003 | The ODBC AAL3 library has been initialized successfully. | The ODBC AAL3 library was initialized successfully. Configuration details are given in the audit message. |
| I002004 | The RADIUS protocol handler has been initialized successfully. | The protocol handler that receives and processes RADIUS requests started up. Configuration details are given in the audit message. |
| I002005 | The Authentication Server AAL3 library has been initialized successfully | The Authentication Server AAL3 library was initialized successfully. Configuration details are given in the audit message. |
| I002006 | The Replication library has been initialized successfully. | The replication library was initialized successfully. Configuration details are given in the audit message. |
| I002007 | Initialization of a Replication destination server succeeded. | The replication library initialized a destination server successfully. Configuration details are given in the audit message. |
| I002008 | The Authentication Server protocol handler has been initialized successfully. | The protocol handler that receives and processes administration requests and authentication requests from the IIS modules was initialized successfully. Configuration details are given in the audit message. |
| I002009 | The VM2 Compatibility protocol handler has been initialized successfully. | The protocol handler that receives and processes authentication requests from the VACMAN Middleware version 2 IIS modules was initialized successfully. Configuration details are given in the audit message. |
| I002010 | The SOAP protocol handler has been initialized successfully. | OneSpan Authentication Server has successfully initialized the SOAP communication sub-system and has started listening for incoming requests. |
| I003001 | The DIGIPASS Plug-In has shut down. | |
| I003002 | The Authentication Server has shut down. | |
| I004001 | A connection attempt to Active Directory was successful. | |
| I004004 | A connection attempt to a Replication destination server was successful. | |
| I005001 | A connection to Active Directory has been terminated normally. | An established connection to an Active Directory domain controller has ended with a normal disconnection. |
| I005002 | A connection to Active Directory has been timed out for load-balancing. | An established connection to an Active Directory domain controller has been ended for load-balancing purposes. Periodically, the connections will be dropped and new ones established, in case there is a less busy domain controller available. The time period is defined by the configuration setting Max-Bind-LifeTime in the file, in minutes. |
| I005004 | A connection to a Replication destination server has been terminated normally. | An established connection to a replication destination server has ended with a normal disconnection. |
| I006001 | A RADIUS Access-Request has been received. | OneSpan Authentication Server has received an access request. The audit message will indicate what action will be taken as well as key details of the request. |
| I006002 | A RADIUS Accounting-Request has been received. | OneSpan Authentication Server has received an accounting request. The audit message will indicate what action will be taken as well as key details of the request. |
| I006003 | A RADIUS Server has started responding again. | After OneSpan Authentication Server had not managed to get a response from the RADIUS server for some time, this message indicates that it is responding again. |
| I007001 | A RADIUS Access-Accept has been issued. | The OneSpan Authentication Server has accepted an Access-Request. Note however that it is still possible that after the OneSpan Authentication Server has accepted the request, another component of the overall process may still decide to reject the request ultimately. |
| I007002 | A RADIUS Access-Challenge has been issued. | OneSpan Authentication Server has issued a challenge, either Challenge/Response or Virtual Mobile Authenticator. |
| I007003 | A RADIUS Access-Reject has been issued. | OneSpan Authentication Server has rejected an access request. |
| I007004 | A RADIUS Accounting-Response has been issued. | OneSpan Authentication Server has acknowledged an accounting request. Note however that, unless the request is forwarded to a RADIUS server, no processing is carried out by the OneSpan Authentication Server. |
| I008001 | A DIGIPASS has been moved for assignment to a user. | Upon assignment of an authenticator to a user, if the authenticator is not already in the same location (organizational unit) as the user, it is moved to that location. |
| I008002 | A user-to-user link has been removed due to assignment of a DIGIPASS. | If a user account is linked to another in order to share the authenticator, it must not have an authenticator assigned itself. If an authenticator is assigned, the link will be broken. |
| I009001 | A Virtual Mobile Authenticator one-time password has been delivered. |
The MDC successfully delivered a text message via the HTTP gateway, as reported by the gateway. The audit message may contain further details from the gateway. Note that depending on the gateway, it may still be possible for delivery to fail after the gateway has reported success. |
| I010001 | User authentication was not handled. |
OneSpan Authentication Server decided not to handle an authentication request due to policy and/or user account settings. The main reasons why this may occur are: the effective Local Authentication and back-end authentication settings were both None; the user failed the Windows Group Check, using the Pass Requests for users not in listed groups back to host system option. Note that the effective settings are the effective settings of the policy, unless the user account overrides the policy. |
| I010002 | A stored password change was unhandled. |
OneSpan Authentication Server decided not to handle a password change request due to policy and/or user account settings. The main reasons why this may occur are: the effective Local Authentication and back-end authentication settings were both None; the user failed the Windows Group Check, using the Pass Requests for users not in listed groups back to host system option. Note that the effective settings are the effective settings of the policy, unless the user account overrides the policy. |
| I011001 | A DIGIPASS grace period has been ended by the use of a one-time password |
The grace period expires automatically when a one-time password (OTP) is used to authenticate for the first time, i.e. after the OTP has been successfully validated (if it has not been set manually to expire prior to that in the relevant policy). It also expires after a successful MDL activation, either using an OTP or a signature validation. After the grace period has expired, depending on the Local Authentication settings in the relevant policy, users can then either continue to use both their static password or their authenticator (DIGIPASS or Password), or must only use the authenticator (DIGIPASS/Password during Grace Period or DIGIPASS Only) to log on. |
| I011002 |
A Backup Virtual DIGIPASS expiration date has been set due to the first request for a Virtual one-time password. |
A user has requested a backup Virtual Mobile Authenticator OTP for the first time, when the effective Backup VDP Enabled setting is Yes – Time Limited and they did not already have an Enabled Until date set on their authenticator. At this time, they are given the Time Limit from the policy by adding it to the current date. |
| I011003 | A Backup Virtual DIGIPASS time limit has been expired by the use of the normal one-time password. |
A user who has been using backup Virtual Mobile Authenticator(Backup VDP) has used their normal OTP login using the authenticator again. When the effective Backup VDP Enabled setting is Yes – Time Limited, using the normal OTP login ends their time limit immediately. This is done by setting the Enabled Until date on their authenticator to the current date. An administrator action is required to reset their Enabled Until date, if the user is to be allowed to use backup Virtual Mobile Authenticator again. |
| I011004 | A backup Virtual Mobile Authenticator quota of uses has been set due to the first request for a Virtual one-time password. | A user has requested a backup Virtual Mobile Authenticator OTP for the first time, when the effective Backup VDP Max. Uses/User setting is greater than 0 and they did not already have a Uses Remaining date set on their authenticator. At this time, they are given the Max. Uses/User limit from the policy. |
| I011005 | A user account has been created using Dynamic User Registration. | A user account has been created automatically upon successful back-end authentication. This occurs when the Dynamic User Registration feature is enabled. |
| I011006 | A new static password has been stored using Password Autolearn. | A new static password has been stored in the user account after successful back-end authentication. This occurs when password autolearn is enabled. |
| I011007 | A DIGIPASS has been assigned to a new user account using Auto-Assignment. | Upon creation of a new user account through Dynamic User Registration (DUR), an available authenticator has been assigned to the new account automatically. This occurs when auto-assignment feature is enabled. |
| I011008 | A DIGIPASS has been assigned to a user account using Self-Assignment. | A user has successfully assigned an authenticator to themselves using self-assignment. |
| I011009 | A DIGIPASS challenge has been issued for a Self-Assignment attempt. | A user has obtained a challenge during an attempt to assign an authenticator to themselves using self-assignment. To complete the assignment, they must provide the correct response to the challenge from the authenticator. |
| I011010 | A user has changed their DIGIPASS PIN. | A user has changed the Server PIN during logon, or set it up on first use or after a PIN reset. |
| I011011 | A DIGIPASS has been assigned to a DIGIPASS user account in Provisioning registration. | The command has auto-assigned a new authenticator license to the specified user. |
| I011012 | Added new DIGIPASS for Web activation location | A new authenticator has been added for a Web activation location during software authenticator Provisioning. |
| I011013 | Static Password Update Successful | The static password for the user has been successfully changed. |
| I011014 | A DIGIPASS has been assigned to a DIGIPASS User Account by an Administrator. | An administrator has assigned an authenticator to an authenticator user. |
| I011015 | A static password has been randomized and updated with AD successfully. | OneSpan Authentication Server has successfully generated a new random static password for the user and has updated this new password for this user in Active Directory. |
| I011016 | Offline authentication data generated successfully. | OneSpan Authentication Server has generated new offline authentication data for the Digipass Authentication for Windows Logon according to the policy settings for the offline data generation. |
| I011017 | Authentication Server has received offline authentication state data. | OneSpan Authentication Server has received an offline authentication data usage update from a Digipass Authentication for Windows Logon client. |
| I011018 | Offline data in unconfirmed state, offline data needs to be re-generated. | OneSpan Authentication Server has detected that the offline data for the Digipass Authentication for Windows Logon client is in an unconfirmed state. As a consequence, the offline data will be re-generated. |
| I011019 | A DIGIPASS has been unassigned from a DIGIPASS user account by an administrator. | An authenticator has been unassigned from a user account during the execution of the command. |
| I011020 | A user account has been unlocked after successful authentication. | A previously locked user account has been unlocked by the user auto-unlock mechanism after a successful authentication. |
| I012001 | A query has been specified [object] for report generation. | |
| I013001 | A connection to an ODBC data source has been made successfully. | |
| I013002 | A connection to an ODBC data source has been terminated normally. | An established connection to an ODBC data source has ended with a normal disconnection. |
| I013003 | A data record has been migrated successfully. | |
| I016001 | Start synchronization for profile. | This audit message is produced by the LDAP Synchronization Tool. |
| I016002 | End synchronization for profile. | This audit message is produced by the LDAP Synchronization Tool. |
| I016003 | End synchronization for profile incomplete by terminate request. | This audit message is produced by the LDAP Synchronization Tool. |
| I016004 | Synchronization of user information attributes during Dynamic User Registration was successful. | User information attributes from the back-end system have been added to the user account during Dynamic User Registration. |
| I020001 | Task management has started successfully. | The sub-system in charge of the task management has started successfully. |
| I020002 | Task management stopped. | The sub-system in charge of the task management has stopped successfully. |
| I020010 | Task started. | The execution of an individual background task has started. |
| I020011 | Task completed. | The execution of an individual task has completed. |
| I020012 | Task canceled. | The execution of an individual background task has been canceled. |
| I020020 | Task created. | A new task has been created successfully. |
| I020021 | Task deleted. | A task has been deleted successfully. |
| I020022 | Task modified. | A task has been modified successfully. |
| I020023 | Task suspended. | The execution of a task has been suspended. |
| I020024 | Task resumed. | The execution of a task has been resumed. |
| I020025 | A Task has been reassigned by an Administrator. | This audit message indicates that the ownership of a task was changed by an administrator. This usually happens when a user account is deleted and existing tasks are assigned to a successor user. |
| I021001 | Epoch Header. | This audit message denotes the start of a new secure auditing epoch. |
| I021002 | Epoch Footer. | This audit message denotes the end of a secure auditing epoch. |
| I030010 | A pending operation has been scheduled for approval. | A new pending operation has been scheduled and is awaiting approval by the checker administrator (maker–checker authorization). The audit message includes details about the command and target object. |
| I030011 | A pending operation has been approved. | A checker administrator has approved a pending operation in the context of maker–checker authorization. |
| I030012 | A pending operation has been rejected. | A checker administrator has rejected a pending operation in the context of maker–checker authorization. |
| I030013 | A pending operation has been deleted. | A pending operation has been deleted either explicitly, or after it was approved/rejected by the checker administrator in the context of maker–checker authorization. |
| I030021 | A pending operation has been completed. | A pending operation has been completed successfully after its approval via maker–checker authorization. The audit message includes details about the command and target object. |
| I030022 | A pending operation has been reassigned by an Administrator. | This audit message indicates that either the maker administrator or checker administrator of a pending operation was changed by an administrator. This usually happens when a user account is deleted and existing pending operations are assigned to a successor user. |
| I070001 | A Report has been reassigned by an Administrator. | This audit message indicates that the ownership of a report was changed by an administrator. This usually happens when a user account is deleted and existing reports are assigned to a successor user. |
| I070002 | A Stored Report of the user has been deleted by an Administrator. | This audit message indicates that a stored report was deleted by an administrator. This can happen when a user account with existing stored reports is deleted. |
| S001001 | A query for a single [object] record was successful. | OneSpan Authentication Server or an administrator has made a successful query to the data store for a single record. In the case of the OneSpan Authentication Server this may be a search for its component record. For an administrator it could be any single record query. The audit message has details of the record found. |
| S001002 | A query for [object] records was successful. | OneSpan Authentication Server or an administrator has made a successful query to the data store for some records. In the case of the OneSpan Authentication Server this may be a search for a RADIUS client component record. For an administrator it could be any list query. The audit message has details of the records found but this may be truncated. |
| S001003 | A command of type [object] [command] was successful. | An administrator has issued a successful data modification command such as an update of settings or one of the authenticator application operations like Reset PIN. The audit message has details of the command and results. |
| S002001 | User authentication was successful. | The Authentication library has passed authentication for a request. Note however that the OneSpan Authentication Server or another component of the overall process may still decide to reject the request ultimately. |
| S002002 | User authentication issued a challenge. | The Authentication library has issued a challenge for an authentication request, either Challenge/Response or Virtual Mobile Authenticator. |
| S002003 | A random server challenge has been issued. | |
| S002004 | A stored password change was successful. | OneSpan Authentication Server has successfully processed a password change request. |
| S002005 | Encrypted Static Password Change successful. | OneSpan Authentication Server has successfully updated the encrypted static password for the selected authenticator (DP110). |
| S002006 | Fast-reconnect granted for user. | OneSpan Authentication Server successfully authenticated a user via a fast reconnect authentication. |
| S002007 | A secure challenge has been issued. | The command has successfully generated a secure challenge. |
| S002008 | A signing request has been issued. | The command has successfully generated a signing request. |
| S002009 | Back-end password change was successful. | The Active Directory static password of the user with a configured OneSpan Authentication Server back end was changed successfully. |
| S002011 | Cancel user authentication was successful. | The pending authentication via push notification was cancelled successfully. |
| S003001 | A replication update was sent successfully. | This message is audited at the source server, when a database change is sent to a destination server and processed successfully. |
| S003002 | A Replication update received has been processed successfully. | This message is audited at the destination server, when a database change is received and processed successfully. |
| S004001 | An administrative logon was successful. | An administrative logon to the Authentication Server was successful. |
| S004002 | A Live Audit connection was successful. | A Live Audit connection to the Authentication Server was successful. |
| S004003 | An administrative session was closed. | An administrative session was closed. This could be due to the session expiring, the session having been idle for too long, or due to an explicit session logoff performed by an administrator. |
| S004004 | An administrative session was killed. | An administrator has successfully killed an administrative session. |
| S005001 | Registration Successful | The registration of a software authenticator during Provisioning was successful. |
| S005002 | Activation Successful | The activation of a software authenticator during software authenticator Provisioning was successful. |
| S005003 | Provisioning assignment successful | The assignment of a software authenticator during software authenticator was successful. |
| S005004 | Provisioning server time successful | The server time command, used to get the server time to synchronize a Mobile Authenticator Studio device with the server, was successful. |
| S005005 | Provisioning DSAPPGenerateActivationData successful | The DSAPPGenerateActivationData command for provisioning has completed successfully. |
| S005006 | Provisioning DSAPPActivate successful | The DSAPPActivate command for provisioning was successful. |
| S005007 | Provisioning DSAPPRegister successful | The DSAPPRegister command for provisioning was successful. |
| S005008 | Registration of a DIGIPASS license was successful. | The command has successfully generated an activation message. |
| S005009 | Registration of DIGIPASS device was successful. | The command has successfully generated an activation message. |
| S005010 | A DIGIPASS instance was successfully activated. | The signature was successfully validated. |
| S005011 | DSAPP-SRP registration was successful. | The command has successfully registered DSAPP-SRP; this registration is required to authenticate the user and initiate a DSAPP-SRP provisioning operation. |
| S005012 | DSAPP-SRP generation of ephemeral key was successful. | The command has successfully exchanged keys for a DSAPP-SRP provisioning operation. |
| S005013 | DSAPP-SRP generation of activation data was successful. | Activation data for standard online activation or activation in multi-device licensing mode (Activation Message 1) were successfully generated and the generated activation data was successfully encrypted using DSAPP-SRP session keys. |
| S005014 | DSAPP-SRP activation was successful. | The command to activate DSAPP-SRP was successful. This command is required to activate an authenticator after a successful provisioning operation; the activation also validates the OTP of the newly generated software authenticator or binds it to a mobile device. |
| S005015 | Update of device PNID was successful. | The command to update the device's DIGIPASS Push Notification Identifier (PNID) was successful. |
| S005016 | Retrieving application upgrade info was successful. | The command to upgrade the application was successful. |
| S006001 | Signature Validation Successful. | When signing a transaction using the Signature Verification function, the signature validation was successful. |
| S006002 | Virtual Signature generation successful. | OneSpan Authentication Server successfully generated a Virtual Signature upon request of the user. |
| S006003 | Signature validation request successful. | A transaction data signing request was successfully delivered to and completed by a client (usually a mobile application). |
| S006004 | Retrieving a prepared signature request was successful. | A client (usually a mobile application) successfully retrieved a prepared signature request to authenticate. This occurs during transaction data signing using push notifications. |
| S006005 | Cancel signature validation request was successful. | A client (usually a mobile application) successfully canceled a pending signature request. This occurs during transaction data signing using push notifications. |
| S007001 | Report generation was successful. | A report was generated successfully. |
| S008001 | Server configuration was successful. | OneSpan Authentication Server has successfully updated the server configuration. |
| S009001 | A DNS record update was successful. | The OneSpan Authentication Server has successfully updated a DNS record. |
| S009002 | A DNS record was de-registered successfully. | OneSpan Authentication Server successfully de-registered itself from the DNS subsystem. As a consequence, this instance of OneSpan Authentication Server will not be available anymore for Digipass Authentication for Windows Logon clients who dynamically search for OneSpan Authentication Server hosts. |
| S010001 | EMV-CAP user authentication was successful. | An EMV-CAP-based user authentication was successful for the specified user. |
| S010002 | EMV-CAP DIGIPASS provisioning succeeded. | OneSpan Authentication Server successfully provisioned a new EMV-CAP authenticator . |
| S011002 | Offline authentication data successfully retrieved by client. | A Digipass Authentication for Windows Logon client (2.0 or later) has received requested offline authentication data. |
| S016001 | Synchronization successful. | This audit message is produced by the LDAP Synchronization Tool. |
| S016002 | User link for synchronization successful. | This audit message is produced by the LDAP Synchronization Tool. |
| S016003 | DIGIPASS assignment for synchronization successful. | This audit message is produced by the LDAP Synchronization Tool. |
| S016004 | Create organizational unit for synchronization successful. | This audit message is produced by the LDAP Synchronization Tool. |
| S022001 | Key rotation operation was successful. | OneSpan Authentication Server has successfully rotated a key. |
| S022002 | Key rotation operation has started. | OneSpan Authentication Server has started a key rotation operation. |
| S022003 | The key rotation of a single [object] was successful. | Key rotation of a single [object] was successful. |
| F001001 | A query for a single [object] record failed. | OneSpan Authentication Server or an administrator has made an unsuccessful query to the data store for a single record. In the case of the OneSpan Authentication Server this may be a search for its component record; for an administrator it could be any single record query. The audit message has basic details of the failure, but there should be a preceding E000001 with more details. |
| F001002 | A query for [object] records failed. | OneSpan Authentication Server or an administrator has made an unsuccessful query to the data store for some records. In the case of the OneSpan Authentication Server this may be a search for a RADIUS client component record; for an administrator it could be any list query. The audit message has basic details of the failure, but there should be a preceding E000001 with more details. |
| F001003 | A command of type [object] [command] failed. | An administrator has issued an unsuccessful data modification command such as an update of settings or one of the authenticator application operations like Reset PIN. The audit message has basic details of the failure, and there may be a preceding E000001 with more details. |
| F002001 | User authentication failed. |
The Authentication library has failed authentication for a request. The audit message has details of the failure (see Error and status codes) and there may be a preceding E000001 with error details. When a client application is configured to use auto-unlock and the user account becomes locked, the audit message also contains the date and time when the end user will be able to authenticate again to auto-unlock their user account. |
| F002002 | An encrypted static password change failed. | OneSpan Authentication Server has failed to update the encrypted static password for the specified authenticator (DP110). |
| F002003 | A stored password change failed. | The Authentication Server has not processed a password change request. The audit message has details of the failure (see Error and status codes) and there may be a preceding E000001 with error details. |
| F002004 | Encrypted Static Password Change failed. | OneSpan Authentication Server has failed to update the encrypted static password for a specified authenticator (DP110). |
| F002005 | Fast-reconnect denied for user. | OneSpan Authentication Server has failed to authenticate a user using the fast reconnect mechanism. |
| F002006 | A stored static password change failed due to password strength requirements not being met. | OneSpan Authentication Server has failed to update the stored static password as the new password does not meet the minimum password strength requirements. |
| F002007 | A secure challenge could not be generated. | The command has failed to generate a secure challenge due to invalid input data. |
| F002008 | A signing request could not be generated. | The command has failed to generate a signing request due to invalid input data. |
| F002009 | Back-end password change failed. | Changing the Active Directory static password of the user with a configured OneSpan Authentication Server back end failed. |
| F002009 | Cancel user authentication failed. | The pending authentication via push notification was not cancelled. |
| F003001 | Sending a Replication update was unsuccessful. | This message is audited at the source server, when a database change is not sent to a destination server successfully, or it was sent but the processing at the destination was unsuccessful. |
| F003002 | Processing a Replication update received was unsuccessful. | This message is audited at the destination server, when a database change is received but is not processed successfully. |
| F004001 | An administrative logon was rejected. |
The Authentication library has failed an administrative login request. The audit message has details of the failure (see Error and status codes) and there may be a preceding E000001 with error details. Note that this may occur even when preceded by a successful authentication (S002001) message, for example if the user's credentials were OK but they did not have Administrative Logon privilege. |
| F004002 | A Live Audit connection was rejected. |
The Authentication library has failed a Live Audit connection request. The audit message has details of the failure and there may be a preceding E000001 with error details. Note that this may occur even when preceded by a successful authentication (S002001) message, for example if the user's credentials were OK but they did not have Administrative Logon |
| F005001 | Registration was unsuccessful. | The provisioning registration did not succeed. |
| F005002 | Activation was unsuccessful. | The provisioning activation did not succeed. |
| F005003 | (Provisioning) Assignment was unsuccessful | Assignment of software authenticator during provisioning was unsuccessful. |
| F005004 | (Provisioning) Server time was unsuccessful | The server time command, used to get the server time to synchronize a Mobile Authenticator Studio device with the server, failed. |
| F005005 | (Provisioning) DSAPPGenerateActivationData has failed execution | The provisioning command DSAPPGenerateActivationData failed. |
| F005006 | (Provisioning) DSAPPActivate command failed. | The provisioining command DSAPPActivate has failed execution. |
| F005007 | (Provisioning) DSAPPRegister command failed. | The provisioning command DSAPPRegister has failed execution. |
| F005008 | A registration attempt of a DIGIPASS license failed. | The command has failed to generate an activation message or activation message image due to invalid input data. |
| F005009 | A registration attempt of a DIGIPASS device failed. | The command has failed to generate an activation message or activation message image due to invalid input data. |
| F005010 | An activation attempt of a DIGIPASS instance failed. | The signature validation has failed. |
| F005011 | DSAPP-SRP registration failed. | The command failed to register DSAPP-SRP; consequently, the user was not authenticated and the DSAPP-SRP provisioning operation was not initiated. |
| F005012 | DSAPP-SRP generation of ephemeral key failed. | The keys for a DSAPP-SRP provisioning operation could not be exchanged. |
| F005013 | DSAPP-SRP generation of activation data failed. | Activation data for standard online activation or activation in multi-device licensing mode (Activation Message 1) could not be generated. |
| F005014 | DSAPP-SRP activation failed. | The command failed to activate DSAPP-SRP; consequently, the OTP of the newly generated software authenticator could not be validated or bound to a mobile device. |
| F005015 | Update of device PNID failed. | The command failed to update the device's DIGIPASS Push Notification Identifier (PNID). |
| F005016 | Retrieving application upgrade info failed. | The command failed to upgrade the application. |
| F006001 | Signature validation was unsuccessful. | A signature validation has failed. |
| F006002 | Virtual signature generation failed. | |
| F006003 | Signature validation request failed. | A transaction data signing request using push notifications could not be completed successfully. |
| F006004 | Retrieving a prepared signature request failed. | A client (usually a mobile application) could not retrieve a prepared signature request to authenticate. This occurs during transaction data signing using push notifications. |
| F006005 | Cancel signature validation request failed. | A client (usually a mobile application) could not cancel a pending signature request, e.g. because an authenticator other than the one retrieving the prepared signature request attempted to cancel it. This occurs during transaction data signing using push notifications. |
| F007001 | Report generation failed. | A report generation has failed. |
| F008001 | Server configuration failed. | OneSpan Authentication Server has failed to update the server configuration. |
|
F009001 |
A DNS registration failed. |
The system has failed to update a DNS record. |
| F009002 | A DNS record deregistration failed. | OneSpan Authentication Server has failed to de-register itself from the DNS sub-system. |
| F010001 | EMV-CAP user authentication failed. | An EMV-CAP based user authentication has failed for the specified user. |
| F010002 | Multiple DIGIPASS were found where a single DIGIPASS was required. | OneSpan Authentication Server has found multiple authenticators while it expected a single authenticator. As a consequence, OneSpan Authentication Serverwill fail the further request processing. |
| F010003 | Required request input fields missing. | The operation has failed due to missing request input fields. |
| F010004 | EMV-CAP DIGIPASS provisioning failed. | OneSpan Authentication Server has failed to provision an EMV-CAP authenticator. |
| F011002 | Retrieval of offline authentication data failed. | A Digipass Authentication for Windows Logon client (2.0 or later) requested offline authentication data, but was unable to receive it correctly. |
| F016001 | Synchronization unsuccessful. | This audit message is produced by the LDAP Synchronization Tool. |
| F016002 | User link for synchronization unsuccessful. | This audit message is produced by the LDAP Synchronization Tool. |
| F016003 | DIGIPASS assignment for synchronization unsuccessful. | This audit message is produced by the LDAP Synchronization Tool. |
| F016004 | Create organizational unit for synchronization unsuccessful. | This audit message is produced by the LDAP Synchronization Tool. |
| F020001 | Task failed to start. | OneSpan Authentication Server failed to start a background task. |
| F020002 | Task operation failed. | The execution of a background task has failed. |
| F022001 | Key rotation operation failed. | The execution of a key rotation operation has failed. |
| F022002 | The key rotation of a single record has failed. | OneSpan Authentication Server has failed to rotate a single record. |