LDAP error codes

LDAP Error Codes
HexDecimalConstant: Description
0x000LDAP_SUCCESS: Indicates the requested client operation completed successfully.
0x011LDAP_OPERATIONS_ERROR: Indicates an internal error. The server is unable to respond with a more specific error and is also unable to properly respond to a request. It does not indicate that the client has sent an erroneous message.
一个内部错误。Server无法正确的 respond 一个request,也无法生成说明错误类型的 respond 。它不代表client 发送了错误的消息。 In NDS 8.3x through NDS 7.xx, this was the default error for NDS errors that did not map to an LDAP error code. To conform to the new LDAP drafts, NDS 8.5 uses 80 (0x50) for such errors.
In NDS 8.3x through NDS 7.xx, 这是一个没有映射到 LDAP错误码的NDS缺省错误。为了符合新的 LDAP草案,NDS 8.5使用80 (0x50) 代表这个错误。
0x022LDAP_PROTOCOL_ERROR: Indicates that the server has received an invalid or malformed request from the client.
Server 从 client 收到了一个无效的或者格式不正确的request 。
0x033LDAP_TIMELIMIT_EXCEEDED: Indicates that the operation's time limit specified by either the client or the server has been exceeded. On search operations, incomplete results are returned.
超出了 Server或者Client指定的时间限制。当进行 serach的时候,返回不完全的结果。
0x044LDAP_SIZELIMIT_EXCEEDED: Indicates that in a search operation, the size limit specified by the client or the server has been exceeded. Incomplete results are returned.
在查询的时候,超出了Server或者 Client指定的size限制。返回不完全的结果。
0x055LDAP_COMPARE_FALSE: Does not indicate an error condition. Indicates that the results of a compare operation are false.
不是错误状态。表示比较操作的结果是 false 。
0x066LDAP_COMPARE_TRUE: Does not indicate an error condition. Indicates that the results of a compare operation are true.
不是错误状态。表示比较操作的结果是 true 。
0x077LDAP_AUTH_METHOD_NOT_SUPPORTED: Indicates that during a bind operation the client requested an authentication method not supported by the LDAP server.
当进行bind操作时, client指定的认证方式不被LDAP? Server支持。
0x088LDAP_STRONG_AUTH_REQUIRED: Indicates one of the following:
  • In bind requests, the LDAP server accepts only strong authentication.
  • In a client request, the client requested an operation such as delete that requires strong authentication.
  • In an unsolicited notice of disconnection, the LDAP server discovers the security protecting the communication between the client and server has unexpectedly failed or been compromised.
  • 当bind请求,LDAP server 只接受strong authentication 。
  • Client要求执行delete等需要 strong authentication的操作。
  • 看不懂,大致是说当没有通知的断开连接,Server发现安全的通信在server 和client之间失败了,或者妥协了。
0x0A10LDAP_REFERRAL: Does not indicate an error condition. In LDAPv3, indicates that the server does not hold the target entry of the request, but that the servers in the referral field may.
不是错误状态。在LDAPv3 中,代表Server无法得到请求的Entry 目标,但是可以介绍一个可能得到的域(field)
0x0B11LDAP_ADMINLIMIT_EXCEEDED: Indicates that an LDAP server limit set by an administrative authority has been exceeded.
LDAP Server 的被权限管理指定的有限集合被超出。
0x0C12LDAP_UNAVAILABLE_CRITICAL_EXTENSION: Indicates that the LDAP server was unable to satisfy a request because one or more critical extensions were not available. Either the server does not support the control or the control is not appropriate for the operation type.
LDAP Server不支持的request ,因为一个或者多个重要的扩展是不允许的。Server 不支持的Control或者Control 对于操作是不恰当的。
0x0D13LDAP_CONFIDENTIALITY_REQUIRED: Indicates that the session is not protected by a protocol such as Transport Layer Security (TLS), which provides session confidentiality.
Session没有被诸如Transport Layer Security (TLS) 之类的协议保护,无法提供Session机密性。
0x0E14LDAP_SASL_BIND_IN_PROGRESS: Does not indicate an error condition, but indicates that the server is ready for the next step in the process. The client must send the server the same SASL mechanism to continue the process.
不是错误状态,代表Server已经为 process的下一步做好了准备。Client必须发送相同的 SASL给Server以继续process 。
0x0F15Not used.
0x1016LDAP_NO_SUCH_ATTRIBUTE: Indicates that the attribute specified in the modify or compare operation does not exist in the entry.
在modify或者 compare操作中指定的属性,在指定Entry中不存在。
0x1117LDAP_UNDEFINED_TYPE: Indicates that the attribute specified in the modify or add operation does not exist in the LDAP server's schema.
在modify或者 add操作中指定的属性,在LDAP Server的 Schema中不存在。
0x1218LDAP_INAPPROPRIATE_MATCHING: Indicates that the matching rule specified in the search filter does not match a rule defined for the attribute's syntax.
在Search Filter 中指定的 rule不能和syntax中的rule 定义匹配。
0x1319LDAP_CONSTRAINT_VIOLATION: Indicates that the attribute value specified in a modify, add, or modify DN operation violates constraints placed on the attribute. The constraint can be one of size or content (string only, no binary).
在modify、 add或者modify DN 操作中指定的属性值,触犯了属性中的限制。那些限制是内容长度或者内容只能是String,不能是binary 等。
0x1420LDAP_TYPE_OR_VALUE_EXISTS: Indicates that the attribute value specified in a modify or add operation already exists as a value for that attribute.
在modify或者 add操作中指定的属性值,在属性中已经存在了。
0x1521LDAP_INVALID_SYNTAX: Indicates that the attribute value specified in an add, compare, or modify operation is an unrecognized or invalid syntax for the attribute.
在add、 compare或者modify 操作中指定的属性值,是不认识或者无效的 syntax 。
?22-31Not used.
0x2032LDAP_NO_SUCH_OBJECT : Indicates the target object cannot be found. This code is not returned on following operations:
  • Search operations that find the search base but cannot find any entries that match the search filter.
  • Bind operations.
无法找到目标Object 。在以下操作中不返回这个代码:
  • Search操作中没有找到任何匹配serach filter 的entry。
  • Bind操作。
0x2133LDAP_ALIAS_PROBLEM: Indicates that an error occurred when an alias was dereferenced.
0x2234LDAP_INVALID_DN_SYNTAX: Indicates that the syntax of the DN is incorrect. (If the DN syntax is correct, but the LDAP server's structure rules do not permit the operation, the server returns LDAP_UNWILLING_TO_PERFORM.)
DN的句法不对。( 如果DN句法正确,但是LDAP Server 的结构规则不许可这个操作,Server返回LDAP_UNWILLING_TO_PERFORM 。 )
0x2335LDAP_IS_LEAF: Indicates that the specified operation cannot be performed on a leaf entry. (This code is not currently in the LDAP specifications, but is reserved for this constant.)
指定的操作不能被实施于一个叶子Entry 上。( 这个错误码不在当前的LDAP 规范中,但是这个常数为此而保留。 )
0x2436LDAP_ALIAS_DEREF_PROBLEM: Indicates that during a search operation, either the client does not have access rights to read the aliased object's name or dereferencing is not allowed.
在search 操作中, client无权读别名了的 对象名或者间接引用是不被许可的。
?37-47Not used.
0x3048LDAP_INAPPROPRIATE_AUTH: Indicates that during a bind operation, the client is attempting to use an authentication method that the client cannot use correctly. For example, either of the following cause this error:
  • The client returns simple credentials when strong credentials are required.
  • The client returns a DN and a password for a simple bind when the entry does not have a password defined.
当bind操作过程中, client试图使用不正确的认证方式。例如,以下情况造成这个error:
  • Client返回简单认证当需要strong credentials 的时候。
  • Client返回 DN和密码为了简单认证,但是 entry没有定义密码。
0x3149LDAP_INVALID_CREDENTIALS: Indicates that during a bind operation one of the following occurred:
  • The client passed either an incorrect DN or password.
  • The password is incorrect because it has expired, intruder detection has locked the account, or some other similar reason.
  • Client传送不正确的DN或者 password 。
  • 密码不正确,因为它过期了,入侵检测锁住了帐号,或者其他类似原因。
0x3250LDAP_INSUFFICIENT_ACCESS: Indicates that the caller does not have sufficient rights to perform the requested operation.
0x3351LDAP_BUSY: Indicates that the LDAP server is too busy to process the client request at this time but if the client waits and resubmits the request, the server may be able to process it then.
LDAP Server太忙以至于无法处理client 的请求,但是如果client等待然后重新提交请求,Server 可能会处理。
0x3452LDAP_UNAVAILABLE: Indicates that the LDAP server cannot process the client's bind request, usually because it is shutting down.
LDAP Server不能处理client 的bind请求,通常是因为它down 机了。
0x3553LDAP_UNWILLING_TO_PERFORM: Indicates that the LDAP server cannot process the request because of server-defined restrictions. This error is returned for the following reasons:
  • The add entry request violates the server's structure rules.
  • The modify attribute request specifies attributes that users cannot modify.
  • Password restrictions prevent the action.
  • Connection restrictions prevent the action.
LDAP Server不能处理request ,因为Server定义的限制。
  • 加Entry的request 违反server的结构规则
  • 改变属性request指定了不允许用户修改的属性
  • 密码限制
  • 连接限制
0x3654LDAP_LOOP_DETECT: Indicates that the client discovered an alias or referral loop, and is thus unable to complete this request.
client 发现一个别名或者引用是循环的,导致这个request 无法完成。
?55-63Not used.
0x4064LDAP_NAMING_VIOLATION: Indicates that the add or modify DN operation violates the schema's structure rules. For example,
  • The request places the entry subordinate to an alias.
  • The request places the entry subordinate to a container that is forbidden by the containment rules.
  • The RDN for the entry uses a forbidden attribute type.
在 add或者 modify DN操作中违反Schema的结构规则。例如:
  • 请求放置entry在别名下
  • 请求放置entry在被包含规则禁止的容器中
  • Entry的RDN使用了禁止的属性类型
0x4165LDAP_OBJECT_CLASS_VIO LATION: Indicates that the add, modify, or modify DN operation violates the object class rules for the entry. For example, the following types of request return this error:
  • The add or modify operation tries to add an entry without a value for a required attribute.
  • The add or modify operation tries to add an entry with a value for an attribute which the class definition does not contain.
  • The modify operation tries to remove a required attribute without removing the auxiliary class that defines the attribute as required.
在 add、 modify或者modify DN操作中违反 entry的object class规则。例如,下面类型的 request导致这个错误:
  • 在 add或者modify操作中试图加一个没有必须属性值的entry 。
  • 在 add或者modify操作中试图加一个有class 定义中没有的值的entry。
  • 在 modify操作中试图删除必须属性而没有删除定义这个属性为必须的那个辅助类。
0x4266LDAP_NOT_ALLOWED_ON_NONLEAF: Indicates that the requested operation is permitted only on leaf entries. For example, the following types of requests return this error:
  • The client requests a delete operation on a parent entry.
  • The client request a modify DN operation on a parent entry.
请求的操作只允许在叶子entry上执行。例如下面类型的 request导致这个错误:
  • Client请求删除操作在父entry上
  • Client请求改变DN在父entry 上
0x4367LDAP_NOT_ALLOWED_ON_RDN: Indicates that the modify operation attempted to remove an attribute value that forms the entry's relative distinguished name.
modify操作试图删除关联着DN 的属性值。
0x4468LDAP_ALREADY_EXISTS: Indicates that the add operation attempted to add an entry that already exists, or that the modify operation attempted to rename an entry to the name of an entry that already exists.
add操作试图加一个已经存在的Entry ,或者modify操作试图重命名Entry 为一个已经存在的entry的名字。
0x4569LDAP_NO_OBJECT_CLASS_MODS: Indicates that the modify operation attempted to modify the structure rules of an object class.
modify操作试图改变object class 的结构规则。
0x4771LDAP_AFFECTS_MULTIPLE_DSAS: Indicates that the modify DN operation moves the entry from one LDAP server to another and thus requires more than one LDAP server.
modify DN的操作移动Entry 从一个LDAP Server到另一个,造成需要超过一个LDAP Server 。
?72-79Not used.
0x5080LDAP_OTHER: Indicates an unknown error condition. This is the default value for NDS error codes which do not map to other LDAP error codes.
一个未知的error状态。这是 NDS中没有映射到其他LDAP错误码上的错误码的缺省值。
  • 0
  • 7
    觉得还不错? 一键收藏
  • 1


  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
评论 1




当前余额3.43前往充值 >
领取后你会自动成为博主和红包主的粉丝 规则
钱包余额 0