LDAP常見錯誤碼
LDAP_SUCCESS = 0 //成功
LDAP_OPERATIONS_ERROR = 1 //操作錯誤
LDAP_PROTOCOL_ERROR = 2 //協議錯誤
LDAP_TIME_LIMIT_EXCEEDED = 3 //超過最大時間限制
LDAP_SIZE_LIMIT_EXCEEDED = 4 //超過最大返回條目數
LDAP_COMPARE_FALSE = 5 //比較不匹配
LDAP_COMPARE_TRUE = 6 //比較匹配
LDAP_AUTH_METHOD_NOT_SUPPORTED = 7 //認證方法未被支持
LDAP_STRONG_AUTH_REQUIRED = 8 //需要強認證
LDAP_PARTIAL_RESULTS = 9 //null
LDAP_REFERRAL = 10 //Referral
LDAP_ADMIN_LIMIT_EXCEEDED = 11 //超出管理員權限
LDAP_UNAVAILABLE_CRITICAL_EXTENSION = 12 //Critical擴展無效
LDAP_CONFIDENTIALITY_REQUIRED = 13 //需要Confidentiality
LDAP_SASL_BIND_IN_PROGRESS = 14 //需要SASL綁定
LDAP_NO_SUCH_ATTRIBUTE = 16 //未找到該屬性
LDAP_UNDEFINED_ATTRIBUTE_TYPE = 17 //未定義的屬性類型
LDAP_INAPPROPRIATE_MATCHING = 18 //不適當的匹配
LDAP_CONSTRAINT_VIOLATION = 19 //約束衝突
LDAP_ATTRIBUTE_OR_value_EXISTS = 20 //屬性或值已存在
LDAP_INVALID_ATTRIBUTE_SYNTAX = 21 //無效的屬性語法
LDAP_NO_SUCH_OBJECT = 32 //未找到該對象
LDAP_ALIAS_PROBLEM = 33 //別名有問題
LDAP_INVALID_DN_SYNTAX = 34 //無效的DN語法
LDAP_IS_LEAF = 35 //null
LDAP_ALIAS_DEREFERENCING_PROBLEM = 36 //Dereference別名有問題
LDAP_INAPPROPRIATE_AUTHENTICATION = 48 //不適當的認證
LDAP_INVALID_CREDENTIALS = 49 //無效的Credential
LDAP_INSUFFICIENT_ACCESS_RIGHTS = 50 //訪問權限不夠
LDAP_BUSY = 51 //遇忙
LDAP_UNAVAILABLE = 52 //無效
LDAP_UNWILLING_TO_PERform = 53 //意外問題
LDAP_LOOP_DETECT = 54 //發現死循環
LDAP_NAMING_VIOLATION = 64 //命名衝突
LDAP_OBJECT_CLASS_VIOLATION = 65 //對象類衝突
LDAP_NOT_ALLOWED_ON_NON_LEAF = 66 //不允許在非葉結點執行此操作
LDAP_NOT_ALLOWED_ON_RDN = 67 //不允許對RDN執行此操作
LDAP_ENTRY_ALREADY_EXISTS = 68 //Entry已存在
LDAP_OBJECT_CLASS_MODS_PROHIBITED = 69 //禁止更改對象類
LDAP_AFFECTS_MULTIPLE_DSAS = 71 //null
LDAP_OTHER = 80 //其它
再來一份十六進制的,大家對照吧。
下面是winldap.h文件中的定義的十六進制錯誤碼,我給其中的絕大部分加上了從活動目錄的書上看的漢語說明,。
typedef enum
Unknown macro: {
LDAP_SUCCESS = 0x00,//操作成功
LDAP_OPERATIONS_ERROR = 0x01,//一個未指定的錯誤發生在處理LDAP請求的服務器上
LDAP_PROTOCOL_ERROR = 0x02,//服務器接受到一個沒有正確格式化或順序出錯的包
LDAP_TIMELIMIT_EXCEEDED = 0x03,//操作上指定的時間限制被超出。這不同於服務器沒有及時響應時的客戶方檢測到的超時錯誤
LDAP_SIZELIMIT_EXCEEDED = 0x04,//搜索返回的項數超過了管理限制或請求限制
LDAP_COMPARE_FALSE = 0x05,//LDAP比較函數(例如ldap_compare())返回FALSE
LDAP_COMPARE_TRUE = 0x06,//LDAP比較函數(例如ldap_compare())返回TRUE
LDAP_AUTH_METHOD_NOT_SUPPORTED = 0x07,//綁定(bind)操作中(例如ldap_bind())請求的認證方法不被服務器支持。如果你使用一個非微軟LDAP客戶與活動目錄通信,這種情況可能發生
LDAP_STRONG_AUTH_REQUIRED = 0x08,//服務器要求一個字符串認證方法而不是一個簡單口令
LDAP_REFERRAL_V2 = 0x09,//搜索結果包含LDAPv2引用或者一個部分結果集
LDAP_PARTIAL_RESULTS = 0x09,
LDAP_REFERRAL = 0x0a,//請求操作必須由另一個擁有適當的命名上下文備份的服務器處理
LDAP_ADMIN_LIMIT_EXCEEDED = 0x0b,//管理限制被超出。例如,搜索操作花費的時間超出了服務器所允許的最大時間
LDAP_UNAVAILABLE_CRIT_EXTENSION = 0x0c,//客戶請求一個LDAP擴展並且指示該擴展是關鍵的,但是服務器並不支持擴展
LDAP_CONFIDENTIALITY_REQUIRED = 0x0d,//操作要求某種級別的加密
LDAP_SASL_BIND_IN_PROGRESS = 0x0e,//當一個SASL綁定(bind)已經在客戶處理過程中時,請求一個綁定(bind)操作
LDAP_NO_SUCH_ATTRIBUTE = 0x10,//客戶嘗試修改或者刪除一個並不存在的項的一個屬性
LDAP_UNDEFINED_TYPE = 0x11,//未定義的類型
LDAP_INAPPROPRIATE_MATCHING = 0x12,//提供的匹配規則對搜索不合適或者對於屬性不合適
LDAP_CONSTRAINT_VIOLATION = 0x13,//客戶請求一個將違背目錄中語義約束的操作。一個經常的原因是不合適的改變了模式--例如當添加一個新類時提供了一個重複的OID(對象識別符)
LDAP_ATTRIBUTE_OR_value_EXISTS = 0x14,//客戶嘗試添加一個已經存在的屬性或值
LDAP_INVALID_SYNTAX = 0x15,//搜索過濾器的語法無效
LDAP_NO_SUCH_OBJECT = 0x20,//客戶嘗試或者刪除一個在目錄中並不存在的項
LDAP_ALIAS_PROBLEM = 0x21,//服務器在處理別名時遇到了一個錯誤
LDAP_INVALID_DN_SYNTAX = 0x22,//請求中指定的可區別名字的格式無效
LDAP_IS_LEAF = 0x23,//函數中指定的項是目錄樹中的一個葉子項
LDAP_ALIAS_DEREF_PROBLEM = 0x24,//在解除對一個別名的引用時服務器遇到了一個錯誤。例如,目的項並不存在
LDAP_INAPPROPRIATE_AUTH = 0x30,//認證級別對於操作不足
LDAP_INVALID_CREDENTIALS = 0x31,//綁定(bind)請求中提供的證書是無效的--例如一個無效的口令
LDAP_INSUFFICIENT_RIGHTS = 0x32,//沒有執行該操作所需的足夠的訪問權限
LDAP_BUSY = 0x33,//服務器太忙碌而無法服務該請求。稍後重新嘗試
LDAP_UNAVAILABLE = 0x34,//目錄服務暫不可用。稍後重新嘗試
LDAP_UNWILLING_TO_PERform = 0x35,//由於管理策略約束方面的原因,服務器將不支持該操作--例如,如果在模式修改沒有被允許或者沒有連接到模式管理器的情況下,試圖修改該模式
LDAP_LOOP_DETECT = 0x36,//在追蹤引用的過程中,客戶引用到它以前已經引用的服務器
LDAP_SORT_CONTROL_MISSING = 0x3C,
LDAP_OFFSET_RANGE_ERROR = 0x3D,
LDAP_NAMING_VIOLATION = 0x40,//客戶指定了一個不正確的對象的可區別名字
LDAP_OBJECT_CLASS_VIOLATION = 0x41,//操作違背了類定義中定義的語義規則
LDAP_NOT_ALLOWED_ON_NONLEAF = 0x42,//所請求的操作只可能在一個葉子對象(非容器)上執行
LDAP_NOT_ALLOWED_ON_RDN = 0x43,//在相對可區別名字上不允許該操作
LDAP_ALREADY_EXISTS = 0x44,//客戶試圖添加一個已經存在的對象
LDAP_NO_OBJECT_CLASS_MODS = 0x45,//客戶試圖通過改變一個對象的objectClass屬性來修改對象的類
LDAP_RESULTS_TOO_LARGE = 0x46,//搜索操作的結果集太大,服務器無法處理
LDAP_AFFECTS_MULTIPLE_DSAS = 0x47,//所請求的操作將影響多個DSA--例如,在一個子樹包含一個下級引用,該引用指向另一個命名上下文的情況下,刪除該子樹將影響多個DSA(目錄服務器代理)
LDAP_VIRTUAL_LIST_VIEW_ERROR = 0x4c,
LDAP_OTHER = 0x50,//發生了一些其他的LDAP錯誤
LDAP_SERVER_DOWN = 0x51,//LDAP服務器已關閉
LDAP_LOCAL_ERROR = 0x52,//客戶發生了其他一些未指定的錯誤
LDAP_ENCODING_ERROR = 0x53,//在將一個LDAP請求編碼爲ASN.1的過程中發生了一個錯誤
LDAP_DECODING_ERROR = 0x54,//從服務器接受到的ASN.1編碼的數據是無效的
LDAP_TIMEOUT = 0x55,//在指定的時間內服務器不能響應客戶
LDAP_AUTH_UNKNOWN = 0x56,//在綁定(bind)請求中指定了一種未知的認證機制
LDAP_FILTER_ERROR = 0x57,//搜索過濾器出現了某種錯誤
LDAP_USER_CANCELLED = 0x58,//用戶取消了操作
LDAP_PARAM_ERROR = 0x59,//函數中指定的某個參數出現了錯誤。例如,向一個LDAP API函數傳遞一個NULL指針,但該函數並不希望這樣,在這種情況下就產生該錯誤
LDAP_NO_MEMORY = 0x5a,//客戶試圖分配內存並且失敗了
LDAP_CONNECT_ERROR = 0x5b,//客戶試圖向服務器建立一個TCP連接並且失敗了
LDAP_NOT_SUPPORTED = 0x5c,//所請求的操作不被這種版本的LDAP協議所支持
LDAP_NO_RESULTS_RETURNED = 0x5e,//從服務器接受到一個響應,但是它沒有包含結果
LDAP_CONTROL_NOT_FOUND = 0x5d,//從服務器接受到的數據表明有一個LDAP控制出現但是在數據中沒有找到一個LDAP控制
LDAP_MORE_RESULTS_TO_RETURN = 0x5f,//因爲有太多的結果,所以客戶無法檢索
LDAP_CLIENT_LOOP = 0x60,//在處理引用時客戶檢測到一個循環
引用數目超過了限制
LDAP_REFERRAL_LIMIT_EXCEEDED = 0x61//客戶追蹤的
}
LDAP_RETCODE;
Hex |
Decimal |
Constant: Description |
0x00 |
0 |
LDAP_SUCCESS: Indicates the requested client operation completed successfully. |
0x01 |
1 |
LDAP_OPERATIONS_ERROR: Indicates an internal error. The server is unable to respond with a more specific error and is also unable to properly respond to a request. It does not indicate that the client has sent an erroneous message. |
0x02 |
2 |
LDAP_PROTOCOL_ERROR: Indicates that the server has received an invalid or malformed request from the client. |
0x03 |
3 |
LDAP_TIMELIMIT_EXCEEDED: Indicates that the operation's time limit specified by either the client or the server has been exceeded. On search operations, incomplete results are returned. |
0x04 |
4 |
LDAP_SIZELIMIT_EXCEEDED: Indicates that in a search operation, the size limit specified by the client or the server has been exceeded. Incomplete results are returned. |
0x05 |
5 |
LDAP_COMPARE_FALSE: Does not indicate an error condition. Indicates that the results of a compare operation are false. |
0x06 |
6 |
LDAP_COMPARE_TRUE: Does not indicate an error condition. Indicates that the results of a compare operation are true. |
0x07 |
7 |
LDAP_AUTH_METHOD_NOT_SUPPORTED: Indicates that during a bind operation the client requested an authentication method not supported by the LDAP server. |
0x08 |
8 |
LDAP_STRONG_AUTH_REQUIRED: Indicates one of the following:
代表下列情況之一:
|
0x09 |
9 |
Reserved. |
0x0A |
10 |
LDAP_REFERRAL: Does not indicate an error condition. In LDAPv3, indicates that the server does not hold the target entry of the request, but that the servers in the referral field may. |
0x0B |
11 |
LDAP_ADMINLIMIT_EXCEEDED: Indicates that an LDAP server limit set by an administrative authority has been exceeded. |
0x0C |
12 |
LDAP_UNAVAILABLE_CRITICAL_EXTENSION: Indicates that the LDAP server was unable to satisfy a request because one or more critical extensions were not available. Either the server does not support the control or the control is not appropriate for the operation type. |
0x0D |
13 |
LDAP_CONFIDENTIALITY_REQUIRED: Indicates that the session is not protected by a protocol such as Transport Layer Security (TLS), which provides session confidentiality. |
0x0E |
14 |
LDAP_SASL_BIND_IN_PROGRESS: Does not indicate an error condition, but indicates that the server is ready for the next step in the process. The client must send the server the same SASL mechanism to continue the process.? |
0x0F |
15 |
Not used. |
0x10 |
16 |
LDAP_NO_SUCH_ATTRIBUTE: Indicates that the attribute specified in?the modify?or compare operation does not exist in the entry. |
0x11 |
17 |
LDAP_UNDEFINED_TYPE: Indicates that the attribute specified in?the modify?or add operation does not exist in the LDAP server's schema. |
0x12 |
18 |
LDAP_INAPPROPRIATE_MATCHING: Indicates that the matching rule specified in the search filter does not match a rule defined for the attribute's syntax. |
0x13 |
19 |
LDAP_CONSTRAINT_VIOLATION: Indicates that the attribute value specified in?a modify, add, or modify DN operation violates constraints placed on the attribute. The constraint can be one of size or content (string only, no binary). |
0x14 |
20 |
LDAP_TYPE_OR_VALUE_EXISTS: Indicates that the attribute value specified in?a modify?or add operation already exists as a value for that attribute. |
0x15 |
21 |
LDAP_INVALID_SYNTAX: Indicates that the attribute value specified in?an add, compare, or modify operation is an unrecognized or invalid syntax for the attribute. |
? |
22-31 |
Not used. |
0x20 |
32 |
LDAP_NO_SUCH_OBJECT : Indicates the target object cannot be found. This code is not returned on following operations:
無法找到目標Object?。在以下操作中不返回這個代碼:
|
0x21 |
33 |
LDAP_ALIAS_PROBLEM: Indicates that an error occurred when an alias was?dereferenced.? |
0x22 |
34 |
LDAP_INVALID_DN_SYNTAX: Indicates that the syntax of the DN is incorrect. (If the DN syntax is correct, but the LDAP server's structure rules do not permit the operation, the server returns LDAP_UNWILLING_TO_PERFORM.) |
0x23 |
35 |
LDAP_IS_LEAF: Indicates that the specified operation cannot be performed on a leaf entry. (This code is not currently in the LDAP specifications, but is reserved for this constant.) |
0x24 |
36 |
LDAP_ALIAS_DEREF_PROBLEM: Indicates that during a search operation, either the client does not have access rights to read the aliased object's name or dereferencing is not allowed. |
? |
37-47 |
Not used. |
0x30 |
48 |
LDAP_INAPPROPRIATE_AUTH: Indicates that during a bind operation, the client is attempting to use an authentication method that the client cannot use correctly. For example, either of the following cause this error:
當bind操作過程中, client試圖使用不正確的認證方式。例如,以下情況造成這個error:
|
0x31 |
49 |
LDAP_INVALID_CREDENTIALS: Indicates that during a bind operation one of the following occurred:
當bind操作過程中發生以下情況:
|
0x32 |
50 |
LDAP_INSUFFICIENT_ACCESS: Indicates that the caller does not have sufficient rights to perform the requested operation. |
0x33 |
51 |
LDAP_BUSY: Indicates that the LDAP server is too busy to process the client request at this time but if the client waits and resubmits the request, the server may be able to process it then. |
0x34 |
52 |
LDAP_UNAVAILABLE: Indicates that the LDAP server cannot process the client's bind request, usually because it is shutting down. |
0x35 |
53 |
LDAP_UNWILLING_TO_PERFORM: Indicates that the LDAP server cannot process the request because of server-defined restrictions. This error is returned for the following reasons:
LDAP Server不能處理request?,因爲Server定義的限制。
|
0x36 |
54 |
LDAP_LOOP_DETECT: Indicates that the client discovered an alias or referral loop, and is thus unable to complete this request. |
? |
55-63 |
Not used. |
0x40 |
64 |
LDAP_NAMING_VIOLATION: Indicates that?the add?or modify DN operation violates the schema's structure rules. For example,
在 add或者 modify DN操作中違反Schema的結構規則。例如:
|
0x41 |
65 |
LDAP_OBJECT_CLASS_VIO LATION: Indicates that?the add, modify, or modify DN operation violates the object class rules for the entry. For example, the following types of request return this error:
在 add、 modify或者modify DN操作中違反 entry的object class規則。例如,下面類型的request導致這個錯誤:
|
0x42 |
66 |
LDAP_NOT_ALLOWED_ON_NONLEAF: Indicates that the requested operation is permitted only on leaf entries. For example, the following types of requests return this error:
請求的操作只允許在葉子entry上執行。例如下面類型的 request導致這個錯誤:
|
0x43 |
67 |
LDAP_NOT_ALLOWED_ON_RDN: Indicates that the modify operation attempted to remove an attribute value that forms the entry's relative distinguished name. |
0x44 |
68 |
LDAP_ALREADY_EXISTS: Indicates that the add operation attempted to add an entry that already exists, or that the modify operation attempted to rename an entry to the name of an entry that already exists. |
0x45 |
69 |
LDAP_NO_OBJECT_CLASS_MODS: Indicates that the modify operation attempted to modify the structure rules of an object class. |
0x46 |
70 |
LDAP_RESULTS_TOO_LARGE: Reserved for CLDAP.? |
0x47 |
71 |
LDAP_AFFECTS_MULTIPLE_DSAS: Indicates that the modify DN operation moves the entry from one LDAP server to another and thus requires more than one LDAP server. |
? |
72-79 |
Not used. |
0x50 |
80 |
LDAP_OTHER: Indicates an unknown error condition. This is the default value for NDS error codes which do not map to other LDAP error codes.? |