LDAP_SUCCESS = 0 //成功
LDAP_OPERATIONS_ERROR = 1 //操作錯誤
LDAP_PROTOCOL_ERROR = 2 //協議錯誤
LDAP_TIME_LIMIT_EXCEEDED = 3 //超過最大時間限制
LDAP_SIZE_LIMIT_EXCEEDED = 4 //超過最大返回條目數
LDAP_COMPARE_FALSE = 5 //比較不匹配
LDAP_COMPARE_TRUE = 6 //比較匹配
LDAP_AUTH_METHOD_NOT_SUPPORTED = 7 //認證方法未被支持
LDAP_STRONG_AUTH_REQUIRED = 8 //需要強認證
LDAP_PARTIAL_RESULTS = 9 //null
LDAP_REFERRAL = 10 //Referral
LDAP_ADMIN_LIMIT_EXCEEDED = 11 //超出管理員權限
LDAP_UNAVAILABLE_CRITICAL_EXTENSION = 12 //Critical擴展無效
LDAP_CONFIDENTIALITY_REQUIRED = 13 //需要Confidentiality
LDAP_SASL_BIND_IN_PROGRESS = 14 //需要SASL綁定
LDAP_NO_SUCH_ATTRIBUTE = 16 //未找到該屬性
LDAP_UNDEFINED_ATTRIBUTE_TYPE = 17 //未定義的屬性類型
LDAP_INAPPROPRIATE_MATCHING = 18 //不適當的匹配
LDAP_CONSTRAINT_VIOLATION = 19 //約束衝突
LDAP_ATTRIBUTE_OR_value_EXISTS = 20 //屬性或值已存在
LDAP_INVALID_ATTRIBUTE_SYNTAX = 21 //無效的屬性語法
LDAP_NO_SUCH_OBJECT = 32 //未找到該對象
LDAP_ALIAS_PROBLEM = 33 //別名有問題
LDAP_INVALID_DN_SYNTAX = 34 //無效的DN語法
LDAP_IS_LEAF = 35 //null
LDAP_ALIAS_DEREFERENCING_PROBLEM = 36 //Dereference別名有問題
LDAP_INAPPROPRIATE_AUTHENTICATION = 48 //不適當的認證
LDAP_INVALID_CREDENTIALS = 49 //無效的Credential
LDAP_INSUFFICIENT_ACCESS_RIGHTS = 50 //訪問權限不夠
LDAP_BUSY = 51 //遇忙
LDAP_UNAVAILABLE = 52 //無效
LDAP_UNWILLING_TO_PERform = 53 //意外問題
LDAP_LOOP_DETECT = 54 //發現死循環
LDAP_NAMING_VIOLATION = 64 //命名衝突
LDAP_OBJECT_CLASS_VIOLATION = 65 //對象類衝突
LDAP_NOT_ALLOWED_ON_NON_LEAF = 66 //不允許在非葉結點執行此操作
LDAP_NOT_ALLOWED_ON_RDN = 67 //不允許對RDN執行此操作
LDAP_ENTRY_ALREADY_EXISTS = 68 //Entry已存在
LDAP_OBJECT_CLASS_MODS_PROHIBITED = 69 //禁止更改對象類
LDAP_AFFECTS_MULTIPLE_DSAS = 71 //null
LDAP_OTHER = 80 //其它
再來一份十六進制的,大家對照吧。
下面是winldap.h文件中的定義的十六進制錯誤碼,我給其中的絕大部分加上了從活動目錄的書上看的漢語說明,。
typedef enum
Unknown macro: {
LDAP_SUCCESS = 0x00,//操作成功
LDAP_OPERATIONS_ERROR = 0x01,//一個未指定的錯誤發生在處理LDAP請求的服務器上
LDAP_PROTOCOL_ERROR = 0x02,//服務器接受到一個沒有正確格式化或順序出錯的包
LDAP_TIMELIMIT_EXCEEDED = 0x03,//操作上指定的時間限制被超出。這不同於服務器沒有及時響應時的客戶方檢測到的超時錯誤
LDAP_SIZELIMIT_EXCEEDED = 0x04,//搜索返回的項數超過了管理限制或請求限制
LDAP_COMPARE_FALSE = 0x05,//LDAP比較函數(例如ldap_compare())返回FALSE
LDAP_COMPARE_TRUE = 0x06,//LDAP比較函數(例如ldap_compare())返回TRUE
LDAP_AUTH_METHOD_NOT_SUPPORTED = 0x07,//綁定(bind)操作中(例如ldap_bind())請求的認證方法不被服務器支持。如果你使用一個非微軟LDAP客戶與活動目錄通信,這種情況可能發生
LDAP_STRONG_AUTH_REQUIRED = 0x08,//服務器要求一個字符串認證方法而不是一個簡單口令
LDAP_REFERRAL_V2 = 0x09,//搜索結果包含LDAPv2引用或者一個部分結果集
LDAP_PARTIAL_RESULTS = 0x09,
LDAP_REFERRAL = 0x0a,//請求操作必須由另一個擁有適當的命名上下文備份的服務器處理
LDAP_ADMIN_LIMIT_EXCEEDED = 0x0b,//管理限制被超出。例如,搜索操作花費的時間超出了服務器所允許的最大時間
LDAP_UNAVAILABLE_CRIT_EXTENSION = 0x0c,//客戶請求一個LDAP擴展並且指示該擴展是關鍵的,但是服務器並不支持擴展
LDAP_CONFIDENTIALITY_REQUIRED = 0x0d,//操作要求某種級別的加密
LDAP_SASL_BIND_IN_PROGRESS = 0x0e,//當一個SASL綁定(bind)已經在客戶處理過程中時,請求一個綁定(bind)操作
LDAP_NO_SUCH_ATTRIBUTE = 0x10,//客戶嘗試修改或者刪除一個並不存在的項的一個屬性
LDAP_UNDEFINED_TYPE = 0x11,//未定義的類型
LDAP_INAPPROPRIATE_MATCHING = 0x12,//提供的匹配規則對搜索不合適或者對於屬性不合適
LDAP_CONSTRAINT_VIOLATION = 0x13,//客戶請求一個將違背目錄中語義約束的操作。一個經常的原因是不合適的改變了模式--例如當添加一個新類時提供了一個重複的OID(對象識別符)
LDAP_ATTRIBUTE_OR_value_EXISTS = 0x14,//客戶嘗試添加一個已經存在的屬性或值
LDAP_INVALID_SYNTAX = 0x15,//搜索過濾器的語法無效
LDAP_NO_SUCH_OBJECT = 0x20,//客戶嘗試或者刪除一個在目錄中並不存在的項
LDAP_ALIAS_PROBLEM = 0x21,//服務器在處理別名時遇到了一個錯誤
LDAP_INVALID_DN_SYNTAX = 0x22,//請求中指定的可區別名字的格式無效
LDAP_IS_LEAF = 0x23,//函數中指定的項是目錄樹中的一個葉子項
LDAP_ALIAS_DEREF_PROBLEM = 0x24,//在解除對一個別名的引用時服務器遇到了一個錯誤。例如,目的項並不存在
LDAP_INAPPROPRIATE_AUTH = 0x30,//認證級別對於操作不足
LDAP_INVALID_CREDENTIALS = 0x31,//綁定(bind)請求中提供的證書是無效的--例如一個無效的口令
LDAP_INSUFFICIENT_RIGHTS = 0x32,//沒有執行該操作所需的足夠的訪問權限
LDAP_BUSY = 0x33,//服務器太忙碌而無法服務該請求。稍後重新嘗試
LDAP_UNAVAILABLE = 0x34,//目錄服務暫不可用。稍後重新嘗試
LDAP_UNWILLING_TO_PERform = 0x35,//由於管理策略約束方面的原因,服務器將不支持該操作--例如,如果在模式修改沒有被允許或者沒有連接到模式管理器的情況下,試圖修改該模式
LDAP_LOOP_DETECT = 0x36,//在追蹤引用的過程中,客戶引用到它以前已經引用的服務器
LDAP_SORT_CONTROL_MISSING = 0x3C,
LDAP_OFFSET_RANGE_ERROR = 0x3D,
LDAP_NAMING_VIOLATION = 0x40,//客戶指定了一個不正確的對象的可區別名字
LDAP_OBJECT_CLASS_VIOLATION = 0x41,//操作違背了類定義中定義的語義規則
LDAP_NOT_ALLOWED_ON_NONLEAF = 0x42,//所請求的操作只可能在一個葉子對象(非容器)上執行
LDAP_NOT_ALLOWED_ON_RDN = 0x43,//在相對可區別名字上不允許該操作
LDAP_ALREADY_EXISTS = 0x44,//客戶試圖添加一個已經存在的對象
LDAP_NO_OBJECT_CLASS_MODS = 0x45,//客戶試圖通過改變一個對象的objectClass屬性來修改對象的類
LDAP_RESULTS_TOO_LARGE = 0x46,//搜索操作的結果集太大,服務器無法處理
LDAP_AFFECTS_MULTIPLE_DSAS = 0x47,//所請求的操作將影響多個DSA--例如,在一個子樹包含一個下級引用,該引用指向另一個命名上下文的情況下,刪除該子樹將影響多個DSA(目錄服務器代理)
LDAP_VIRTUAL_LIST_VIEW_ERROR = 0x4c,
LDAP_OTHER = 0x50,//發生了一些其他的LDAP錯誤
LDAP_SERVER_DOWN = 0x51,//LDAP服務器已關閉
LDAP_LOCAL_ERROR = 0x52,//客戶發生了其他一些未指定的錯誤
LDAP_ENCODING_ERROR = 0x53,//在將一個LDAP請求編碼爲ASN.1的過程中發生了一個錯誤
LDAP_DECODING_ERROR = 0x54,//從服務器接受到的ASN.1編碼的數據是無效的
LDAP_TIMEOUT = 0x55,//在指定的時間內服務器不能響應客戶
LDAP_AUTH_UNKNOWN = 0x56,//在綁定(bind)請求中指定了一種未知的認證機制
LDAP_FILTER_ERROR = 0x57,//搜索過濾器出現了某種錯誤
LDAP_USER_CANCELLED = 0x58,//用戶取消了操作
LDAP_PARAM_ERROR = 0x59,//函數中指定的某個參數出現了錯誤。例如,向一個LDAP API函數傳遞一個NULL指針,但該函數並不希望這樣,在這種情況下就產生該錯誤
LDAP_NO_MEMORY = 0x5a,//客戶試圖分配內存並且失敗了
LDAP_CONNECT_ERROR = 0x5b,//客戶試圖向服務器建立一個TCP連接並且失敗了
LDAP_NOT_SUPPORTED = 0x5c,//所請求的操作不被這種版本的LDAP協議所支持
LDAP_NO_RESULTS_RETURNED = 0x5e,//從服務器接受到一個響應,但是它沒有包含結果
LDAP_CONTROL_NOT_FOUND = 0x5d,//從服務器接受到的數據表明有一個LDAP控制出現但是在數據中沒有找到一個LDAP控制
LDAP_MORE_RESULTS_TO_RETURN = 0x5f,//因爲有太多的結果,所以客戶無法檢索
LDAP_CLIENT_LOOP = 0x60,//在處理引用時客戶檢測到一個循環
引用數目超過了限制
LDAP_REFERRAL_LIMIT_EXCEEDED = 0x61//客戶追蹤的
}
LDAP_RETCODE;
Hex
Decimal
Constant: Description
0x00
0
LDAP_SUCCESS: Indicates the requested client operation completed successfully.
成功,沒什麼好說的了。
0x01
1
LDAP_OPERATIONS_ERROR: Indicates an internal error. The server is unable to respond with a more specific error and is also unable to properly respond to a request. It does not indicate that the client has sent an erroneous message.
一個內部錯誤。Server無法正確的 respond?一個request,也無法生成說明錯誤類型的 respond?。它不代表client?發送了錯誤的消息。 In NDS 8.3x through NDS 7.xx, this was the default error for NDS errors that did not map to an LDAP error code. To conform to the new LDAP drafts, NDS 8.5 uses 80 (0x50) for such errors.
In NDS 8.3x through NDS 7.xx,?這是一個沒有映射到 LDAP錯誤碼的NDS缺省錯誤。爲了符合新的LDAP草案,NDS 8.5使用80 (0x50)?代表這個錯誤。
0x02
2
LDAP_PROTOCOL_ERROR: Indicates that the server has received an invalid or malformed request from the client.
Server?從 client?收到了一個無效的或者格式不正確的request?。
0x03
3
LDAP_TIMELIMIT_EXCEEDED: Indicates that the operation‘s time limit specified by either the client or the server has been exceeded. On search operations, incomplete results are returned.
超出了 Server或者Client指定的時間限制。當進行 serach的時候,返回不完全的結果。
0x04
4
LDAP_SIZELIMIT_EXCEEDED: Indicates that in a search operation, the size limit specified by the client or the server has been exceeded. Incomplete results are returned.
在查詢的時候,超出了Server或者 Client指定的size限制。返回不完全的結果。
0x05
5
LDAP_COMPARE_FALSE: Does not indicate an error condition. Indicates that the results of a compare operation are false.
不是錯誤狀態。表示比較操作的結果是 false?。
0x06
6
LDAP_COMPARE_TRUE: Does not indicate an error condition. Indicates that the results of a compare operation are true.
不是錯誤狀態。表示比較操作的結果是 true?。
0x07
7
LDAP_AUTH_METHOD_NOT_SUPPORTED: Indicates that during a bind operation the client requested an authentication method not supported by the LDAP server.
當進行bind操作時, client指定的認證方式不被LDAP??Server支持。
0x08
8
LDAP_STRONG_AUTH_REQUIRED: Indicates one of the following:
In bind requests, the LDAP server accepts only strong authentication.
In a client request, the client requested an operation such as delete that requires strong authentication.
In an unsolicited notice of disconnection, the LDAP server discovers the security protecting the communication between the client and server has unexpectedly failed or been compromised.
代表下列情況之一:
當bind請求,LDAP server?只接受strong authentication?。
Client要求執行delete等需要 strong authentication的操作。
看不懂,大致是說當沒有通知的斷開連接,Server發現安全的通信在server?和client之間失敗了,或者妥協了。
0x09
9
Reserved.
保留的
0x0A
10
LDAP_REFERRAL: Does not indicate an error condition. In LDAPv3, indicates that the server does not hold the target entry of the request, but that the servers in the referral field may.
不是錯誤狀態。在LDAPv3?中,代表Server無法得到請求的Entry?目標,但是可以介紹一個可能得到的域(field)。
0x0B
11
LDAP_ADMINLIMIT_EXCEEDED: Indicates that an LDAP server limit set by an administrative authority has been exceeded.
LDAP Server?的被權限管理指定的有限集合被超出。
0x0C
12
LDAP_UNAVAILABLE_CRITICAL_EXTENSION: Indicates that the LDAP server was unable to satisfy a request because one or more critical extensions were not available. Either the server does not support the control or the control is not appropriate for the operation type.
LDAP Server不支持的request?,因爲一個或者多個重要的擴展是不允許的。Server?不支持的Control或者Control?對於操作是不恰當的。
0x0D
13
LDAP_CONFIDENTIALITY_REQUIRED: Indicates that the session is not protected by a protocol such as Transport Layer Security (TLS), which provides session confidentiality.
Session沒有被諸如Transport Layer Security (TLS)?之類的協議保護,無法提供Session機密性。
0x0E
14
LDAP_SASL_BIND_IN_PROGRESS: Does not indicate an error condition, but indicates that the server is ready for the next step in the process. The client must send the server the same SASL mechanism to continue the process.?
不是錯誤狀態,代表Server已經爲 process的下一步做好了準備。Client必須發送相同的 SASL給Server以繼續process?。
0x0F
15
Not used.
未使用。
0x10
16
LDAP_NO_SUCH_ATTRIBUTE: Indicates that the attribute specified in?the modify?or compare operation does not exist in the entry.
在modify或者 compare操作中指定的屬性,在指定Entry中不存在。
0x11
17
LDAP_UNDEFINED_TYPE: Indicates that the attribute specified in?the modify?or add operation does not exist in the LDAP server‘s schema.
在modify或者 add操作中指定的屬性,在LDAP Server的 Schema中不存在。
0x12
18
LDAP_INAPPROPRIATE_MATCHING: Indicates that the matching rule specified in the search filter does not match a rule defined for the attribute‘s syntax.
在Search Filter?中指定的 rule不能和syntax中的rule?定義匹配。
0x13
19
LDAP_CONSTRAINT_VIOLATION: Indicates that the attribute value specified in?a modify, add, or modify DN operation violates constraints placed on the attribute. The constraint can be one of size or content (string only, no binary).
在modify、 add或者modify DN?操作中指定的屬性值,觸犯了屬性中的限制。那些限制是內容長度或者內容只能是String,不能是binary?等。
0x14
20
LDAP_TYPE_OR_VALUE_EXISTS: Indicates that the attribute value specified in?a modify?or add operation already exists as a value for that attribute.
在modify或者 add操作中指定的屬性值,在屬性中已經存在了。
0x15
21
LDAP_INVALID_SYNTAX: Indicates that the attribute value specified in?an add, compare, or modify operation is an unrecognized or invalid syntax for the attribute.
在add、 compare或者modify?操作中指定的屬性值,是不認識或者無效的 syntax?。
?
22-31
Not used.
未使用。
0x20
32
LDAP_NO_SUCH_OBJECT : Indicates the target object cannot be found. This code is not returned on following operations:
Search operations that find the search base but cannot find any entries that match the search filter.
Bind operations.
無法找到目標Object?。在以下操作中不返回這個代碼:
Search操作中沒有找到任何匹配serach?filter?的entry。
Bind操作。
0x21
33
LDAP_ALIAS_PROBLEM: Indicates that an error occurred when an alias was?dereferenced.?
當一個別名被複引用時發生錯誤。
0x22
34
LDAP_INVALID_DN_SYNTAX: Indicates that the syntax of the DN is incorrect. (If the DN syntax is correct, but the LDAP server‘s structure rules do not permit the operation, the server returns LDAP_UNWILLING_TO_PERFORM.)
DN的句法不對。(?如果DN句法正確,但是LDAP Server?的結構規則不許可這個操作,Server返回LDAP_UNWILLING_TO_PERFORM?。 )
0x23
35
LDAP_IS_LEAF: Indicates that the specified operation cannot be performed on a leaf entry. (This code is not currently in the LDAP specifications, but is reserved for this constant.)
指定的操作不能被實施於一個葉子Entry?上。(?這個錯誤碼不在當前的LDAP?規範中,但是這個常數爲此而保留。 )
0x24
36
LDAP_ALIAS_DEREF_PROBLEM: Indicates that during a search operation, either the client does not have access rights to read the aliased object‘s name or dereferencing is not allowed.
在search?操作中, client無權讀別名了的 對象名或者間接引用是不被許可的。
?
37-47
Not used.
未使用。
0x30
48
LDAP_INAPPROPRIATE_AUTH: Indicates that during a bind operation, the client is attempting to use an authentication method that the client cannot use correctly. For example, either of the following cause this error:
The client returns simple credentials when strong credentials are required.
The client returns a DN and a password for a simple bind when the entry does not have a password defined.
當bind操作過程中, client試圖使用不正確的認證方式。例如,以下情況造成這個error:
Client返回簡單認證當需要strong credentials?的時候。
Client返回 DN和密碼爲了簡單認證,但是 entry沒有定義密碼。
0x31
49
LDAP_INVALID_CREDENTIALS: Indicates that during a bind operation one of the following occurred:
The client passed either an incorrect DN or password.
The password is incorrect because it has?expired,?intruder detection has locked the account, or some other similar reason.
當bind操作過程中發生以下情況:
Client傳送不正確的DN或者 password?。
密碼不正確,因爲它過期了,***檢測鎖住了帳號,或者其他類似原因。
0x32
50
LDAP_INSUFFICIENT_ACCESS: Indicates that the caller does not have sufficient rights to perform the requested operation.
調用者沒有足夠的權限執行請求的操作。
0x33
51
LDAP_BUSY: Indicates that the LDAP server is too busy to process the client request at this time but if the client waits and resubmits the request, the server may be able to process it then.
LDAP Server太忙以至於無法處理client?的請求,但是如果client等待然後重新提交請求,Server可能會處理。
0x34
52
LDAP_UNAVAILABLE: Indicates that the LDAP server cannot process the client‘s bind request, usually because it is shutting down.
LDAP Server不能處理client?的bind請求,通常是因爲它down?機了。
0x35
53
LDAP_UNWILLING_TO_PERFORM: Indicates that the LDAP server cannot process the request because of server-defined restrictions. This error is returned for the following reasons:
The add entry request violates the server‘s structure rules.
The modify attribute request specifies attributes that users cannot modify.
Password restrictions prevent the action.
Connection restrictions prevent the action.
LDAP Server不能處理request?,因爲Server定義的限制。
這個錯誤在以下原因下發生:
加Entry的request?違反server的結構規則
改變屬性request指定了不允許用戶修改的屬性
密碼限制
連接限制
0x36
54
LDAP_LOOP_DETECT: Indicates that the client discovered an alias or referral loop, and is thus unable to complete this request.
client?發現一個別名或者引用是循環的,導致這個request?無法完成。
?
55-63
Not used.
未使用。
0x40
64
LDAP_NAMING_VIOLATION: Indicates that?the add?or modify DN operation violates the schema‘s structure rules. For example,
The request places the entry subordinate to an alias.
The request places the entry subordinate to a container that is forbidden by the containment rules.
The RDN for the entry uses a forbidden attribute type.
在 add或者 modify DN操作中違反Schema的結構規則。例如:
請求放置entry在別名下
請求放置entry在被包含規則禁止的容器中
Entry的RDN使用了禁止的屬性類型
0x41
65
LDAP_OBJECT_CLASS_VIO LATION: Indicates that?the add, modify, or modify DN operation violates the object class rules for the entry. For example, the following types of request return this error:
The add?or modify operation tries to add an entry without a value for a required attribute.
The add?or modify operation tries to add an entry with a value for an attribute which the class definition does not contain.
The modify operation tries to remove a required attribute without removing the auxiliary class that defines the attribute as required.
在 add、 modify或者modify DN操作中違反 entry的object class規則。例如,下面類型的request導致這個錯誤:
在 add或者modify操作中試圖加一個沒有必須屬性值的entry?。
在 add或者modify操作中試圖加一個有class?定義中沒有的值的entry。
在 modify操作中試圖刪除必須屬性而沒有刪除定義這個屬性爲必須的那個輔助類。
0x42
66
LDAP_NOT_ALLOWED_ON_NONLEAF: Indicates that the requested operation is permitted only on leaf entries. For example, the following types of requests return this error:
The client requests a delete operation on a parent entry.
The client request a modify DN operation on a parent entry.
請求的操作只允許在葉子entry上執行。例如下面類型的 request導致這個錯誤:
Client請求刪除操作在父entry上
Client請求改變DN在父entry?上
0x43
67
LDAP_NOT_ALLOWED_ON_RDN: Indicates that the modify operation attempted to remove an attribute value that forms the entry‘s relative distinguished name.
modify操作試圖刪除關聯着DN?的屬性值。
0x44
68
LDAP_ALREADY_EXISTS: Indicates that the add operation attempted to add an entry that already exists, or that the modify operation attempted to rename an entry to the name of an entry that already exists.
add操作試圖加一個已經存在的Entry?,或者modify操作試圖重命名Entry?爲一個已經存在的entry的名字。
0x45
69
LDAP_NO_OBJECT_CLASS_MODS: Indicates that the modify operation attempted to modify the structure rules of an object class.
modify操作試圖改變object class?的結構規則。
0x46
70
LDAP_RESULTS_TOO_LARGE: Reserved for CLDAP.?
爲CLDAP保留。
0x47
71
LDAP_AFFECTS_MULTIPLE_DSAS: Indicates that the modify DN operation moves the entry from one LDAP server to another and thus requires more than one LDAP server.
modify DN的操作移動Entry?從一個LDAP Server到另一個,造成需要超過一個LDAP Server?。
?
72-79
Not used.
未使用
0x50
80
LDAP_OTHER: Indicates an unknown error condition. This is the default value for NDS error codes which do not map to other LDAP error codes.?
一個未知的error狀態。這是 NDS中沒有映射到其他LDAP錯誤碼上的錯誤碼的缺省值。
LDAP常見錯誤碼
標籤:border fine 指定 響應 mac either pes his onf