products | company | support | downloads | isp services | contact us
|
mail us
|
mail this page products | company | support | downloads | isp services | contact us |
OpenLDAP is sometimes criticised for poor error message and diagnostics. Partly this is due to the generic standardisation of error messages and partly to the fact that most error messages are reported via clients which can do some serious mangling of any resulting diagnostics.
The best information comes from OpenLDAP's rather voluminous logging (certainly with loglevel -1).
We document below some information on reading OpenLDAP's log and the standard LDAP error messages with some hints as to where the possible cause may lie.
These error messages are defined in RFC 2251 Section 4.1.10.
| Error Name | Number | Explanation/Causes |
| LDAP_SUCCESS | 0 (x'00) | The request was successful. |
| LDAP_OPERATIONS_ERROR | 1 (x'01) | An operations error occurred. |
| LDAP_PROTOCOL_ERROR | 2 (x'02) | A protocol violation was detected. |
| LDAP_TIMELIMIT_EXCEEDED | 3 (x'03) | An LDAP time limit was exceeded. |
| LDAP_SIZELIMIT_EXCEEDED | 4 (x'04) | An LDAP size limit was exceeded. |
| LDAP_COMPARE_FALSE | 5 (x'05) | A compare operation returned false. |
| LDAP_COMPARE_TRUE | 6 (x'06) | A compare operation returned true. |
| LDAP_STRONG_AUTH_NOT_SUPPORTED | 7 (x'07) | The LDAP server does not support strong authentication. |
| LDAP_STRONG_AUTH_REQUIRED | 8 (x'08) | Strong authentication is required for the operation. |
| LDAP_PARTIAL_RESULTS | 9 (x'09) | Partial results only returned. |
| LDAP_REFERRAL | 10 (x'0A) | |
| LDAP_NO_SUCH_ATTRIBUTE | 16 (x'10) | The attribute type specified does not exist in the entry. |
| LDAP_UNDEFINED_TYPE | 17 (x'11) | The attribute type specified is invalid. |
| LDAP_INAPPROPRIATE_MATCHING | 18 (x'12) | Filter type not supported for the specified attribute. |
| LDAP_CONSTRAINT_VIOLATION | 19 (x'13) | An attribute value specified violates some constraint (e.g., a postalAddress has too many lines, or a line that is too long). |
| LDAP_TYPE_OR_VALUE_EXISTS | 20 (x'14) | An attribute type or attribute value specified already exists in the entry. Possible Causes:
|
| LDAP_INVALID_SYNTAX | 21 (x'15) | An invalid attribute value was specified. |
| LDAP_NO_SUCH_OBJECT | 32 (x'20) | The specified object does not exist in The Directory. |
| LDAP_ALIAS_PROBLEM | 33 (x'21) | An alias in The Directory points to a nonexistent entry. |
| LDAP_INVALID_DN_SYNTAX | 34 (x'22) | A syntactically invalid DN was specified. May also happen if you use an LDIF format file (dn: cn=xxx etc.) with ldapdelete which only requires a plain DN. |
| LDAP_IS_LEAF | 35 (x'23) | The object specified is a leaf. |
| LDAP_ALIAS_DEREF_PROBLEM | 36 (x'24) | A problem was encountered when dereferencing an alias. |
| LDAP_INAPPROPRIATE_AUTH | 48 (x'30) | Inappropriate authentication was specified (e.g., LDAP_AUTH_SIMPLE was specified and the entry does not have a userPassword attribute). |
| LDAP_INVALID_CREDENTIALS | 49 (x'31) | Invalid credentials were presented (e.g., the wrong password). |
| LDAP_INSUFFICIENT_ACCESS | 50 (x'32) | The user has insufficient access to perform the operation. |
| LDAP_BUSY | 51 (x'33) | The DSA is busy. |
| LDAP_UNAVAILABLE | 52 (x'34) | The DSA is unavailable. |
| LDAP_UNWILLING_TO_PERFORM | 53 (x'35) | The DSA is unwilling to perform the operation. Additional text: no global superior knowledge - the name that is being added or modified does not exist in any naming context (nomally means no suffix directive) or does not have a valid referral. |
| LDAP_LOOP_DETECT | 54 (x'36) | A loop was detected. |
| LDAP_NAMING_VIOLATION | 64 (x'40) | A naming violation occurred. |
| LDAP_OBJECT_CLASS_VIOLATION | 65 (x'41) | An object class violation occurred (e.g., a "must" attribute was missing from the entry). |
| LDAP_NOT_ALLOWED_ON_NONLEAF | 66 (x'42) | The operation is not allowed on a nonleaf object. |
| LDAP_NOT_ALLOWED_ON_RDN | 67 (x'43) | The operation is not allowed on an RDN. |
| LDAP_ALREADY_EXISTS | 68 (x'44) | The entry already exists. |
| LDAP_NO_OBJECT_CLASS_MODS | 69 (x'45) | Object class modifications are not allowed. |
| LDAP_OTHER | 80 (x'50) | An unknown error occurred. |
| LDAP_SERVER_DOWN | 81 (x'51) | The LDAP library can’t contact the LDAP server. |
| LDAP_LOCAL_ERROR | 82 (x'52) | Some local error occurred. This is usually a failed dynamic memory allocation. |
| LDAP_ENCODING_ERROR | 83 (x'53) | An error was encountered encoding parameters to send to the LDAP server. |
| LDAP_DECODING_ERROR | 84 (x'54) | An error was encountered decoding a result from the LDAP server. |
| LDAP_TIMEOUT | 85 (x'55) | A timelimit was exceeded while waiting for a result. |
| LDAP_AUTH_UNKNOWN | 86 (x'56) | The authentication method specified to ldap_bind() is not known. |
| LDAP_FILTER_ERROR | 87 (x'57) | An invalid filter was supplied to ldap_search() (e.g., unbalanced parentheses). |
| LDAP_USER_CANCELLED | 88 (x'58) | |
| LDAP_PARAM_ERROR | 89 (x'59) | An ldap routine was called with a bad parameter. |
| LDAP_NO_MEMORY | 90 (x'5A) | An memory allocation (e.g., malloc(3) or other dynamic memory allocator) call failed in an ldap library routine. |
This section shows some annotated OpenLDAP logs. Lines beginning # are comments inserted for the purposes of annotation and would not be present in a normal log.
|
Copyright © 1994 - 2008 ZyTrax, Inc. All rights reserved. Legal and Privacy |
site by zytrax |
web-master at zytrax Page modified: February 23 2008. |
tech info
guides home
intro
contents
1 objectives
big picture
2 concepts
3 ldap objects
quickstart
4 install ldap
5 samples
6 config files
7 replicate & refer
reference
8 ldif
9 protocol
10 ldap api
operations
11 howtos
12 trouble
13 performance
14 ldap tools
security
15 security
appendices
notes & info
ldap resources
rfc's & x.500
glossary
ldap objects
change log
This work is licensed under a
Creative Commons License.
If you are happy it's OK - but your browser is giving a less than optimal experience on our site. You could, at no charge, upgrade to a W3C STANDARDS COMPLIANT browser such as Mozilla
FreeBSD
NetBSD
OpenBSD
DragonFlyBSD
Linux
OpenOffice
Mozilla
SourceForge
GNU-Free SW Foundation
Open Source Initiative
Creative Commons
Ibiblio - Library
Open Book Project
Open Directory
Wikipedia
