Various LDAP configuration settings have been applied to configure OC logon using the sAMAccountName for Active Directory but log in fails with 'Invalid Credentials'.

Note: An ACLS has already been created for the target LDAP group.

Error captured in the hub.log

hub: login [LDAP] - (logon_user) 0 user found for (&(objectClass=person)(|(userPrincipalName=<userid>@<example>.com)(sAMAccountName=<userid>@<example>.com))), do not know which to use.

1. Launch Infrastructure Manager, double click on the hub to open the conifguration menu, click on Settings, click on LDAP, set the User field with DOMAIN\USER, Click on Test to confirm connection, save the change.

2. In Infrastructure Manager, ctrl + right-click on the hub probe, select Raw Configure, expand the ldap folder, select the Active Directory folder and update below keys;

filter_user = (&(objectClass=person)(|(sAMAccountName=$loginname)))
format = $username
lookup = no
member_lookup_reverse = no

3. Apply the change and validate UIM logins using the designated sAMAccountName

How do I interpret the LDAP error messages in the hub log when an LDAP login failure occurs?