Openldap Error
Contents |
causes of LDAP errors C.1.1. ldap_*: Can't contact LDAP server The Can't contact LDAP server error is usually returned when the LDAP server cannot be contacted. microsoft ldap error codes This may occur for many reasons: the LDAP server is not running; this active directory ldap error codes can be checked by running, for example, telnet
Ldap Error Code 49 Acceptsecuritycontext Error Data 52e V1db1
argument is a valid LDAP url corresponding to the interface the server is supposed to be listening on. C.1.2. ldap_*: No such object The no such object error is generally returned when the target DN of the operation cannot be located. This section details reasons common to all operations. You should also look for answers specific to the operation (as indicated in the error ldap error code 32 message). The most common reason for this error is non-existence of the named object. First, check for typos. Also note that, by default, a new directory server holds no objects (except for a few system entries). So, if you are setting up a new directory server and get this message, it may simply be that you have yet to add the object you are trying to locate. The error commonly occurs because a DN was not specified and a default was not properly configured. If you have a suffix specified in slapd.conf eg. suffix "dc=example,dc=com" You should use ldapsearch -b 'dc=example,dc=com' '(cn=jane*)' to tell it where to start the search. The -b should be specified for all LDAP commands unless you have an ldap.conf(5) default configured. See ldapsearch(1), ldapmodify(1) Also, slapadd(8) and its ancillary programs are very strict about the syntax of the LDIF file. Some liberties in the LDIF file may result in an apparently successful creation of the database, but accessing some parts of it may be difficult. One known common error in database creation is putting a blank line before the first entry in the LDIF fi
example, if you ldap error code 49 - invalid credentials are adding "cn=bob,dc=domain,dc=com" and you get: ldap_add: No
Ldap: Error Code 49 - 80090308: Ldaperr: Dsid-0c0903a8
such object The entry "dc=domain,dc=com" likely doesn't exist. You can use ldapsearch to
Ldap Error Code 34
see if does exist: ldapsearch -b 'dc=domain,dc=com' -s base '(objectclass=*)' If it doesn't, add it. See the Quick Start Guide http://www.openldap.org/doc/admin24/appendix-common-errors.html (http://www.openldap.org/doc/admin/quickstart.html) for assistance. Note: if the entry being added is the same as database suffix, it's parent isn't required. Ie: if your suffix is "dc=domain,dc=com", "dc=com" doesn't need to exist to add "dc=domain,dc=com". This error will also occur if you try to http://www.openldap.org/faq/data/cache/157.html add any entry that the server is not configured to hold. For example, if your database suffix is "dc=domain,dc=com" and you attempt to add "dc=domain2,dc=com", "dc=com", "dc=domain,dc=org", "o=domain,c=us", or an other DN in the "dc=domain,dc=com" subtree, the server will return a "No such object" (or referral) error. slapd(8) will generally return "no global superior knowledge" as additional information indicating its return noSuchObject instead of a referral as the server is not configured with knowledge of a global superior server. See also: ldapadd(1) ldapmodify(1) ldap_add/delete/modify/rename: no global superior knowledge [Append to This Answer] Previous: ldap_add/modify: Object class violation Next: ldap add: invalid structural object class chain This document is: http://www.openldap.org/faq/index.cgi?file=157 [Search] [Appearance] This is a Faq-O-Matic 2.721.test. © Copyright 1998-2013, OpenLDAP Foundation, info@OpenLDAP.org
error 1 0x01 LDAP_PROTOCOL_ERROR Protocol error 2 0x02 LDAP_TIMELIMIT_EXCEEDED Timelimit exceeded 3 0x03 LDAP_SIZELIMIT_EXCEEDED Sizelimit exceeded 4 0x04 LDAP_COMPARE_FALSE Compare false 5 0x05 LDAP_COMPARE_TRUE http://software.fujitsu.com/jp/manual/manualfiles/M050000/B1WN4901/02/irepab/irep0158.htm Compare true 6 0x06 LDAP_STRONG_AUTH_NOT_SUPPORTED Strong authentication not http://docs.oracle.com/javase/tutorial/jndi/ldap/exceptions.html supported 7 0x07 LDAP_STRONG_AUTH_REQUIRED Strong authentication required 8 0x08 LDAP_PARTIAL_RESULTS Partial results and referral received 9 0x09 LDAP_REFERRAL Referral 10 0x0a LDAP_ADMINLIMIT_EXCEEDED Admin limit exceeded 11 0x0b LDAP_UNAVAILABLE_CRITICAL_EXTENSION Unavailable critical extension 12 0x0c LDAP_CONFIDENTIALITY_REQUIRED Confidentiality required ldap error 13 0x0d LDAP_SASL_BIND_IN_PROGRESS SASL bind in progress 14 0x0e LDAP_NO_SUCH_ATTRIBUTE No such attribute 16 0x10 LDAP_UNDEFINED_TYPE Undefined attribute type 17 0x11 LDAP_INAPPROPRIATE_MATCHING Inappropriate matching 18 0x12 LDAP_CONSTRAINT_VIOLATION Constraint violation 19 0x13 LDAP_TYPE_OR_VALUE_EXISTS Type or value exists 20 0x14 LDAP_INVALID_SYNTAX Invalid syntax 21 0x15 LDAP_NO_SUCH_OBJECT No ldap error code such object 32 0x20 LDAP_ALIAS_PROBLEM Alias problem 33 0x21 LDAP_INVALID_DN_SYNTAX Invalid DN syntax 34 0x22 LDAP_IS_LEAF Object is a leaf 35 0x23 LDAP_ALIAS_DEREF_PROBLEM Alias dereferencing problem 36 0x24 LDAP_INAPPROPRIATE_AUTH Inappropriate authentication 48 0x30 LDAP_INVALID_CREDENTIALS Invalid credentials 49 0x31 LDAP_INSUFFICIENT_ACCESS Insufficient access 50 0x32 LDAP_BUSY DSA is busy 51 0x33 LDAP_UNAVAILABLE DSA is unavailable 52 0x34 LDAP_UNWILLING_TO_PERFORM DSA is unwilling to perform 53 0x35 LDAP_LOOP_DETECT Loop detected 54 0x36 LDAP_NAMING_VIOLATION Naming violation 64 0x40 LDAP_OBJECT_CLASS_VIOLATION Object class violation 65 0x41 LDAP_NOT_ALLOWED_ON_NONLEAF Operation not allowed on nonleaf 66 0x42 LDAP_NOT_ALLOWED_ON_RDN Operation not allowed on RDN 67 0x43 LDAP_ALREADY_EXISTS Already exists 68 0x44 LDAP_NO_OBJECT_CLASS_MODS Cannot modify object class 69 0x45 LDAP_RESULTS_TOO_LARGE Results too large 70 0x46 LDAP_AFFECTS_MULTIPLE_DSAS Affects multiple DSAs 71 0x47 LDAP_OTHER Unknown error 80 0x50 LDAP_SERVER_DOWN Can't contact LDAP server 81 0x51 LDAP_LOCA
API How LDAP Operations Map to JNDI APIs How LDAP Error Codes Map to JNDI Exceptions Security Modes of Authenticating to LDAP Authentication Mechanisms Anonymous Simple SASL Digest-MD5 SSL and Custom Sockets More LDAP Operations LDAP Compare Search Results LDAP Unsolicited Notifications Connection Management Creation Closing Pooling Configuration Frequently Asked Questions Trail: Java Naming and Directory Interface Lesson: Advanced Topics for LDAP Users Section: JNDI as an LDAP API Home Page > Java Naming and Directory Interface > Advanced Topics for LDAP Users «Previous•Trail•Next» How LDAP Error Codes Map to JNDI Exceptions The LDAP defines a set of status codes that are returned with LDAP responses sent by the LDAP server (see RFC 2251). In the JNDI, error conditions are indicated as checked exceptions that are subclasses of NamingException. See the Naming Exceptions section for an overview of the JNDI exception classes. The LDAP service provider translates the LDAP status code it receives from the LDAP server to the appropriate subclass of NamingException. The following table shows the mapping between LDAP status codes and JNDI exceptions. LDAP Status Code Meaning Exception or Action 0 Success Report success. 1 Operations error NamingException 2 Protocol error CommunicationException 3 Time limit exceeded. TimeLimitExceededException 4 Size limit exceeded. SizeLimitExceededException 5 Compared false. Used by DirContext.search(). Does not generate an exception. 6 Compared true. Used by DirContext.search(). Does not generate an exception. 7 Authentication method not supported. AuthenticationNotSupportedException 8 Strong authentication required. AuthenticationNotSupportedException 9 Partial results being returned. If the environment property "java.naming.referral" is set to "ignore" or the contents of the error do not contain a referral, throw a PartialResultException. Otherwise, use contents to build a referral. 10 Referral encountered. If the environment property "java.naming.referral" is set to "ignore", then ignore. If the property is set to "throw", thro