LDAP Error Codes

 

蓝色是我的翻译,红色是不能确定的翻译文字,黑色嘛,是原文。

Hex

Decimal

Constant: Description

0x00

0

LDAP_SUCCESS: Indicates the requested client operation completed successfully.

成功,没什么好说的了。

0x01

1

LDAP_OPERATIONS_ERROR: Indicates an internal error. The server is unable to respond with a more specific error and is also unable to properly respond to a request. It does not indicate that the client has sent an erroneous message.

一个内部错误。Server无法正确的 respond 一个request,也无法生成说明错误类型的 respond 。它不代表client 发送了错误的消息。 In NDS 8.3x through NDS 7.xx, this was the default error for NDS errors that did not map to an LDAP error code. To conform to the new LDAP drafts, NDS 8.5 uses 80 (0x50) for such errors.

In NDS 8.3x through NDS 7.xx, 这是一个没有映射到 LDAP错误码的NDS缺省错误。为了符合新的 LDAP草案,NDS 8.5使用80 (0x50) 代表这个错误。

0x02

2

LDAP_PROTOCOL_ERROR: Indicates that the server has received an invalid or malformed request from the client.

Server 从 client 收到了一个无效的或者格式不正确的request 。

0x03

3

LDAP_TIMELIMIT_EXCEEDED: Indicates that the operation's time limit specified by either the client or the server has been exceeded. On search operations, incomplete results are returned.

超出了 Server或者Client指定的时间限制。当进行 serach的时候,返回不完全的结果。

0x04

4

LDAP_SIZELIMIT_EXCEEDED: Indicates that in a search operation, the size limit specified by the client or the server has been exceeded. Incomplete results are returned.

在查询的时候,超出了Server或者 Client指定的size限制。返回不完全的结果。

0x05

5

LDAP_COMPARE_FALSE: Does not indicate an error condition. Indicates that the results of a compare operation are false.

不是错误状态。表示比较操作的结果是 false 。

0x06

6

LDAP_COMPARE_TRUE: Does not indicate an error condition. Indicates that the results of a compare operation are true.

不是错误状态。表示比较操作的结果是 true 。

0x07

7

LDAP_AUTH_METHOD_NOT_SUPPORTED: Indicates that during a bind operation the client requested an authentication method not supported by the LDAP server.

当进行bind操作时, client指定的认证方式不被LDAP? Server支持。

0x08

8

LDAP_STRONG_AUTH_REQUIRED: Indicates one of the following:

  • In bind requests, the LDAP server accepts only strong authentication.
  • In a client request, the client requested an operation such as delete that requires strong authentication.
  • In an unsolicited notice of disconnection, the LDAP server discovers the security protecting the communication between the client and server has unexpectedly failed or been compromised.

代表下列情况之一:

  • 当bind请求,LDAP server 只接受strong authentication 。
  • Client要求执行delete等需要 strong authentication的操作。
  • 看不懂,大致是说当没有通知的断开连接,Server发现安全的通信在server 和client之间失败了,或者妥协了。

0x09

9

Reserved.

保留的

0x0A

10

LDAP_REFERRAL: Does not indicate an error condition. In LDAPv3, indicates that the server does not hold the target entry of the request, but that the servers in the referral field may.

不是错误状态。在LDAPv3 中,代表Server无法得到请求的Entry 目标,但是可以介绍一个可能得到的域(field)。

0x0B

11

LDAP_ADMINLIMIT_EXCEEDED: Indicates that an LDAP server limit set by an administrative authority has been exceeded.

LDAP Server 的被权限管理指定的有限集合被超出。

0x0C

12

LDAP_UNAVAILABLE_CRITICAL_EXTENSION: Indicates that the LDAP server was unable to satisfy a request because one or more critical extensions were not available. Either the server does not support the control or the control is not appropriate for the operation type.

LDAP Server不支持的request ,因为一个或者多个重要的扩展是不允许的。Server 不支持的Control或者Control 对于操作是不恰当的。

0x0D

13

LDAP_CONFIDENTIALITY_REQUIRED: Indicates that the session is not protected by a protocol such as Transport Layer Security (TLS), which provides session confidentiality.

Session没有被诸如Transport Layer Security (TLS) 之类的协议保护,无法提供Session机密性。

0x0E

14

LDAP_SASL_BIND_IN_PROGRESS: Does not indicate an error condition, but indicates that the server is ready for the next step in the process. The client must send the server the same SASL mechanism to continue the process. 

不是错误状态,代表Server已经为 process的下一步做好了准备。Client必须发送相同的 SASL给Server以继续process 。

0x0F

15

Not used.

未使用。

0x10

16

LDAP_NO_SUCH_ATTRIBUTE: Indicates that the attribute specified in the modify or compare operation does not exist in the entry.

在modify或者 compare操作中指定的属性,在指定Entry中不存在。

0x11

17

LDAP_UNDEFINED_TYPE: Indicates that the attribute specified in the modify or add operation does not exist in the LDAP server's schema.

在modify或者 add操作中指定的属性,在LDAP Server的 Schema中不存在。

0x12

18

LDAP_INAPPROPRIATE_MATCHING: Indicates that the matching rule specified in the search filter does not match a rule defined for the attribute's syntax.

在Search Filter 中指定的 rule不能和syntax中的rule 定义匹配。

0x13

19

LDAP_CONSTRAINT_VIOLATION: Indicates that the attribute value specified in a modify, add, or modify DN operation violates constraints placed on the attribute. The constraint can be one of size or content (string only, no binary).

在modify、 add或者modify DN 操作中指定的属性值,触犯了属性中的限制。那些限制是内容长度或者内容只能是String,不能是binary 等。

0x14

20

LDAP_TYPE_OR_VALUE_EXISTS: Indicates that the attribute value specified in a modify or add operation already exists as a value for that attribute.

在modify或者 add操作中指定的属性值,在属性中已经存在了。

0x15

21

LDAP_INVALID_SYNTAX: Indicates that the attribute value specified in an add, compare, or modify operation is an unrecognized or invalid syntax for the attribute.

在add、 compare或者modify 操作中指定的属性值,是不认识或者无效的 syntax 。

?

22-31

Not used.

未使用。

0x20

32

LDAP_NO_SUCH_OBJECT : Indicates the target object cannot be found. This code is not returned on following operations:

  • Search operations that find the search base but cannot find any entries that match the search filter.
  • Bind operations.

无法找到目标Object 。在以下操作中不返回这个代码:

  • Search操作中没有找到任何匹配serach filter 的entry。
  • Bind操作。

0x21

33

LDAP_ALIAS_PROBLEM: Indicates that an error occurred when an alias was dereferenced. 

当一个别名被复引用时发生错误。

0x22

34

LDAP_INVALID_DN_SYNTAX: Indicates that the syntax of the DN is incorrect. (If the DN syntax is correct, but the LDAP server's structure rules do not permit the operation, the server returns LDAP_UNWILLING_TO_PERFORM.)

DN的句法不对。( 如果DN句法正确,但是LDAP Server 的结构规则不许可这个操作,Server返回LDAP_UNWILLING_TO_PERFORM 。 )

0x23

35

LDAP_IS_LEAF: Indicates that the specified operation cannot be performed on a leaf entry. (This code is not currently in the LDAP specifications, but is reserved for this constant.)

指定的操作不能被实施于一个叶子Entry 上。( 这个错误码不在当前的LDAP 规范中,但是这个常数为此而保留。 )

0x24

36

LDAP_ALIAS_DEREF_PROBLEM: Indicates that during a search operation, either the client does not have access rights to read the aliased object's name or dereferencing is not allowed.

在search 操作中, client无权读别名了的 对象名或者间接引用是不被许可的。

?

37-47

Not used.

未使用。

0x30

48

LDAP_INAPPROPRIATE_AUTH: Indicates that during a bind operation, the client is attempting to use an authentication method that the client cannot use correctly. For example, either of the following cause this error:

  • The client returns simple credentials when strong credentials are required.
  • The client returns a DN and a password for a simple bind when the entry does not have a password defined.

当bind操作过程中, client试图使用不正确的认证方式。例如,以下情况造成这个error:

  • Client返回简单认证当需要strong credentials 的时候。
  • Client返回 DN和密码为了简单认证,但是 entry没有定义密码。

0x31

49

LDAP_INVALID_CREDENTIALS: Indicates that during a bind operation one of the following occurred:

  • The client passed either an incorrect DN or password.
  • The password is incorrect because it has expired, intruder detection has locked the account, or some other similar reason.

当bind操作过程中发生以下情况:

  • Client传送不正确的DN或者 password 。
  • 密码不正确,因为它过期了,入侵检测锁住了帐号,或者其他类似原因。

0x32

50

LDAP_INSUFFICIENT_ACCESS: Indicates that the caller does not have sufficient rights to perform the requested operation.

调用者没有足够的权限执行请求的操作。

0x33

51

LDAP_BUSY: Indicates that the LDAP server is too busy to process the client request at this time but if the client waits and resubmits the request, the server may be able to process it then.

LDAP Server太忙以至于无法处理client 的请求,但是如果client等待然后重新提交请求,Server 可能会处理。

0x34

52

LDAP_UNAVAILABLE: Indicates that the LDAP server cannot process the client's bind request, usually because it is shutting down.

LDAP Server不能处理client 的bind请求,通常是因为它down 机了。

0x35

53

LDAP_UNWILLING_TO_PERFORM: Indicates that the LDAP server cannot process the request because of server-defined restrictions. This error is returned for the following reasons:

  • The add entry request violates the server's structure rules.
  • The modify attribute request specifies attributes that users cannot modify.
  • Password restrictions prevent the action.
  • Connection restrictions prevent the action.

LDAP Server不能处理request ,因为Server定义的限制。

这个错误在以下原因下发生:

  • 加Entry的request 违反server的结构规则
  • 改变属性request指定了不允许用户修改的属性
  • 密码限制
  • 连接限制

0x36

54

LDAP_LOOP_DETECT: Indicates that the client discovered an alias or referral loop, and is thus unable to complete this request.

client 发现一个别名或者引用是循环的,导致这个request 无法完成。

?

55-63

Not used.

未使用。

0x40

64

LDAP_NAMING_VIOLATION: Indicates that the add or modify DN operation violates the schema's structure rules. For example,

  • The request places the entry subordinate to an alias.
  • The request places the entry subordinate to a container that is forbidden by the containment rules.
  • The RDN for the entry uses a forbidden attribute type.

在 add或者 modify DN操作中违反Schema的结构规则。例如:

  • 请求放置entry在别名下
  • 请求放置entry在被包含规则禁止的容器中
  • Entry的RDN使用了禁止的属性类型

0x41

65

LDAP_OBJECT_CLASS_VIO LATION: Indicates that the add, modify, or modify DN operation violates the object class rules for the entry. For example, the following types of request return this error:

  • The add or modify operation tries to add an entry without a value for a required attribute.
  • The add or modify operation tries to add an entry with a value for an attribute which the class definition does not contain.
  • The modify operation tries to remove a required attribute without removing the auxiliary class that defines the attribute as required.

在 add、 modify或者modify DN操作中违反 entry的object class规则。例如,下面类型的 request导致这个错误:

  • 在 add或者modify操作中试图加一个没有必须属性值的entry 。
  • 在 add或者modify操作中试图加一个有class 定义中没有的值的entry。
  • 在 modify操作中试图删除必须属性而没有删除定义这个属性为必须的那个辅助类。

0x42

66

LDAP_NOT_ALLOWED_ON_NONLEAF: Indicates that the requested operation is permitted only on leaf entries. For example, the following types of requests return this error:

  • The client requests a delete operation on a parent entry.
  • The client request a modify DN operation on a parent entry.

请求的操作只允许在叶子entry上执行。例如下面类型的 request导致这个错误:

  • Client请求删除操作在父entry上
  • Client请求改变DN在父entry 上

0x43

67

LDAP_NOT_ALLOWED_ON_RDN: Indicates that the modify operation attempted to remove an attribute value that forms the entry's relative distinguished name.

modify操作试图删除关联着DN 的属性值。

0x44

68

LDAP_ALREADY_EXISTS: Indicates that the add operation attempted to add an entry that already exists, or that the modify operation attempted to rename an entry to the name of an entry that already exists.

add操作试图加一个已经存在的Entry ,或者modify操作试图重命名Entry 为一个已经存在的entry的名字。

0x45

69

LDAP_NO_OBJECT_CLASS_MODS: Indicates that the modify operation attempted to modify the structure rules of an object class.

modify操作试图改变object class 的结构规则。

0x46

70

LDAP_RESULTS_TOO_LARGE: Reserved for CLDAP. 

为CLDAP保留。

0x47

71

LDAP_AFFECTS_MULTIPLE_DSAS: Indicates that the modify DN operation moves the entry from one LDAP server to another and thus requires more than one LDAP server.

modify DN的操作移动Entry 从一个LDAP Server到另一个,造成需要超过一个LDAP Server 。

?

72-79

Not used.

未使用

0x50

80

LDAP_OTHER: Indicates an unknown error condition. This is the default value for NDS error codes which do not map to other LDAP error codes. 

一个未知的error状态。这是 NDS中没有映射到其他LDAP错误码上的错误码的缺省值。