Microsoft LDAP 錯誤代碼 (2007-08-18 23:11)
http://support.microsoft.com/kb/218185/
Microsoft Windows 2000 Active Directory 使用 Internet 標準的羽量級目錄訪問協定 (LDAP) 來訪問資訊。在回應各種 LDAP 請求時,網域控制站會返回包含域 LDAP 錯誤代碼的回應,這些錯誤代碼指示協定操作的狀態。本文將介紹這些錯誤代碼。
下表描述了這些錯誤代碼。
代碼 值 說明
---------------------------------------------------------------------------
LDAP_SUCCESS 0x00 請求成功。
LDAP_OPERATIONS_ERROR 0x01 LDAP 庫初始化失敗。
LDAP_PROTOCOL_ERROR 0x02 出現協定錯誤。
LDAP_TIMELIMIT_EXCEEDED 0x03 超出時間限制。
LDAP_SIZELIMIT_EXCEEDED 0x04 超出大小限制。
LDAP_COMPARE_FALSE 0x05 比較結果為 FALSE。
LDAP_COMPARE_TRUE 0x06 比較結果為 TRUE。
LDAP_AUTH_METHOD_NOT_SUPPORTED 0x07 不支援此身份驗證方法。
LDAP_STRONG_AUTH_REQUIRED 0x08 需要加強的身份驗證。
LDAP_REFERRAL_V2 0x09 LDAP 版本 2 檢索。
LDAP_PARTIAL_RESULTS 0x09 接收到部分結果和檢索。
LDAP_REFERRAL 0x0a 出現檢索。
LDAP_ADMIN_LIMIT_EXCEEDED 0x0b 超出伺服器上的管理限制。
LDAP_UNAVAILABLE_CRIT_EXTENSION 0x0c 沒有精密擴展。
LDAP_CONFIDENTIALITY_REQUIRED 0x0d 需要保密。
LDAP_NO_SUCH_ATTRIBUTE 0x10 請求的屬性不存在。
LDAP_UNDEFINED_TYPE 0x11 類型未定義。
LDAP_INAPPROPRIATE_MATCHING 0x12 出現不適當的匹配。
LDAP_CONSTRAINT_VIOLATION 0x13 出現約束衝突。
LDAP_ATTRIBUTE_OR_VALUE_EXISTS 0x14 屬性已存在或已被賦值。
LDAP_INVALID_SYNTAX 0x15 語法無效。
LDAP_NO_SUCH_OBJECT 0x20 對象不存在。
ld_matched 在LDAP_NO_SUCH_OBJECT
錯誤返回事件中,這個參數包含DN匹配的程度;
LDAP_ALIAS_PROBLEM 0x21 別名無效。
LDAP_INVALID_DN_SYNTAX 0x22 辨別名的語法無效。
LDAP_IS_LEAF 0x23 該物件為葉物件。
LDAP_ALIAS_DEREF_PROBLEM 0x24 無法取消對別名的引用。
LDAP_INAPPROPRIATE_AUTH 0x30 身份驗證不正確。
LDAP_INVALID_CREDENTIALS 0x31 提供的憑據無效。
LDAP_INSUFFICIENT_RIGHTS 0x32 用戶無足夠的存取權限。
LDAP_BUSY 0x33 伺服器忙。
LDAP_UNAVAILABLE 0x34 伺服器不可用。
LDAP_UNWILLING_TO_PERFORM 0x35 伺服器不處理目錄請求。
LDAP_LOOP_DETECT 0x36 引用鏈迴圈回至引用伺服器。
LDAP_NAMING_VIOLATION 0x40 存在命名衝突。
LDAP_OBJECT_CLASS_VIOLATION 0x41 存在物件類別衝突。
LDAP_NOT_ALLOWED_ON_NONLEAF 0x42 不允許在非葉物件上操作。
LDAP_NOT_ALLOWED_ON_RDN 0x43 不允許在 RDN 上操作。
LDAP_ALREADY_EXISTS 0x44 對象已存在。
LDAP_NO_OBJECT_CLASS_MODS 0x45 無法修改物件類別。
LDAP_RESULTS_TOO_LARGE 0x46 返回的結果太大。
LDAP_AFFECTS_MULTIPLE_DSAS 0x47 多個目錄服務代理受到影響。
LDAP_OTHER 0x50 出現未知錯誤。
LDAP_SERVER_DOWN 0x51 無法聯繫 LDAP 伺服器。
LDAP_LOCAL_ERROR 0x52 出現本地錯誤。
LDAP_ENCODING_ERROR 0x53 出現編碼錯誤。
LDAP_DECODING_ERROR 0x54 出現解碼錯誤。
LDAP_TIMEOUT 0x55 搜索超時。
LDAP_AUTH_UNKNOWN 0x56 出現未知的身份驗證錯誤。
LDAP_FILTER_ERROR 0x57 搜索篩選器不正確。
LDAP_USER_CANCELLED 0x58 用戶已取消操作。
LDAP_PARAM_ERROR 0x59 傳遞給常式的參數不正確。
LDAP_NO_MEMORY 0x5a 系統記憶體不足。
LDAP_CONNECT_ERROR 0x5b 無法建立到伺服器的連接。
LDAP_NOT_SUPPORTED 0x5c 不支援此功能。
LDAP_CONTROL_NOT_FOUND 0x5d ldap 函數找不到指定控制項。
LDAP_NO_RESULTS_RETURNED 0x5e 不支援此功能。
LDAP_MORE_RESULTS_TO_RETURN 0x5f 將返回其他結果。
LDAP_CLIENT_LOOP 0x60 檢測到客戶迴圈。
LDAP_REFERRAL_LIMIT_EXCEEDED 0x61 超出檢索限制。
LDAP_SASL_BIND_IN_PROGRESS 0x0E 多階段綁定的中間綁定結果
這篇文章中的資訊適用於:
| ? | Microsoft Windows 2000 Server |
| ? | Microsoft Windows 2000 Advanced Server |
| ? | Microsoft Windows 2000 Datacenter Server |
詳細的英文解釋:
藍色是我的翻譯,紅色是不能確定的翻譯文字,黑色嘛,是原文。
| Hex | Decimal | Constant: Description |
| 0×00 | 0 | LDAP_SUCCESS: Indicates the requested client operation completed successfully. 成功,沒什麼好說的了。 |
| 0×01 | 1 | LDAP_OPERATIONS_ERROR: Indicates an internal error. The server is unable to respond with a more specific error and is also unable to properly respond to a request. It does not indicate that the client has sent an erroneous message. 一個內部錯誤。Server無法正確的 respond 一個request,也無法生成說明錯誤類型的 respond 。它不代表client 發送了錯誤的消息。 In NDS 8.3x through NDS 7.xx, this was the default error for NDS errors that did not map to an LDAP error code. To conform to the new LDAP drafts, NDS 8.5 uses 80 (0×50) for such errors. In NDS 8.3x through NDS 7.xx, 這是一個沒有映射到 LDAP錯誤碼的NDS缺省錯誤。為了符合新的 LDAP草案,NDS 8.5使用80 (0×50) 代表這個錯誤。 |
| 0×02 | 2 | LDAP_PROTOCOL_ERROR: Indicates that the server has received an invalid or malformed request from the client. Server 從 client 收到了一個無效的或者格式不正確的request 。 |
| 0×03 | 3 | LDAP_TIMELIMIT_EXCEEDED: Indicates that the operation’s time limit specified by either the client or the server has been exceeded. On search operations, incomplete results are returned. 超出了 Server或者Client指定的時間限制。當進行 serach的時候,返回不完全的結果。 |
| 0×04 | 4 | LDAP_SIZELIMIT_EXCEEDED: Indicates that in a search operation, the size limit specified by the client or the server has been exceeded. Incomplete results are returned. 在查詢的時候,超出了Server或者 Client指定的size限制。返回不完全的結果。 |
| 0×05 | 5 | LDAP_COMPARE_FALSE: Does not indicate an error condition. Indicates that the results of a compare operation are false. 不是錯誤狀態。表示比較操作的結果是 false 。 |
| 0×06 | 6 | LDAP_COMPARE_TRUE: Does not indicate an error condition. Indicates that the results of a compare operation are true. 不是錯誤狀態。表示比較操作的結果是 true 。 |
| 0×07 | 7 | LDAP_AUTH_METHOD_NOT_SUPPORTED: Indicates that during a bind operation the client requested an authentication method not supported by the LDAP server. 當進行bind操作時, client指定的認證方式不被LDAP Server支援。 |
| 0×08 | 8 | LDAP_STRONG_AUTH_REQUIRED: Indicates one of the following:
代表下列情況之一: |
| 0×09 | 9 | Reserved. 保留的 |
| 0×0A | 10 | LDAP_REFERRAL: Does not indicate an error condition. In LDAPv3, indicates that the server does not hold the target entry of the request, but that the servers in the referral field may. 不是錯誤狀態。在LDAPv3 中,代表Server無法得到請求的Entry 目標,但是可以介紹一個可能得到的域(field)。 |
| 0×0B | 11 | LDAP_ADMINLIMIT_EXCEEDED: Indicates that an LDAP server limit set by an administrative authority has been exceeded. LDAP Server 的被許可權管理指定的有限集合被超出。 |
| 0×0C | 12 | LDAP_UNAVAILABLE_CRITICAL_EXTENSION: Indicates that the LDAP server was unable to satisfy a request because one or more critical extensions were not available. Either the server does not support the control or the control is not appropriate for the operation type. LDAP Server不支持的request ,因為一個或者多個重要的擴展是不允許的。Server 不支持的Control或者Control 對於操作是不恰當的。 |
| 0×0D | 13 | LDAP_CONFIDENTIALITY_REQUIRED: Indicates that the session is not protected by a protocol such as Transport Layer Security (TLS), which provides session confidentiality. Session沒有被諸如Transport Layer Security (TLS) 之類的協議保護,無法提供Session機密性。 |
| 0×0E | 14 | LDAP_SASL_BIND_IN_PROGRESS: Does not indicate an error condition, but indicates that the server is ready for the next step in the process. The client must send the server the same SASL mechanism to continue the process. 不是錯誤狀態,代表Server已經為 process的下一步做好了準備。Client必須發送相同的 SASL給Server以繼續process 。 |
| 0×0F | 15 | Not used. 未使用。 |
| 0×10 | 16 | LDAP_NO_SUCH_ATTRIBUTE: Indicates that the attribute specified in the modify or compare operation does not exist in the entry. 在modify或者 compare操作中指定的屬性,在指定Entry中不存在。 |
| 0×11 | 17 | LDAP_UNDEFINED_TYPE: Indicates that the attribute specified in the modify or add operation does not exist in the LDAP server’s schema. 在modify或者 add操作中指定的屬性,在LDAP Server的 Schema中不存在。 |
| 0×12 | 18 | LDAP_INAPPROPRIATE_MATCHING: Indicates that the matching rule specified in the search filter does not match a rule defined for the attribute’s syntax. 在Search Filter 中指定的 rule不能和syntax中的rule 定義匹配。 |
| 0×13 | 19 | LDAP_CONSTRAINT_VIOLATION: Indicates that the attribute value specified in a modify, add, or modify DN operation violates constraints placed on the attribute. The constraint can be one of size or content (string only, no binary). 在modify、 add或者modify DN 操作中指定的屬性值,觸犯了屬性中的限制。那些限制是內容長度或者內容只能是String,不能是binary 等。 |
| 0×14 | 20 | LDAP_TYPE_OR_VALUE_EXISTS: Indicates that the attribute value specified in a modify or add operation already exists as a value for that attribute. 在modify或者 add操作中指定的屬性值,在屬性中已經存在了。 |
| 0×15 | 21 | LDAP_INVALID_SYNTAX: Indicates that the attribute value specified in an add, compare, or modify operation is an unrecognized or invalid syntax for the attribute. 在add、 compare或者modify 操作中指定的屬性值,是不認識或者無效的 syntax 。 |
| 22-31 | Not used. 未使用。 |
|
| 0×20 | 32 | LDAP_NO_SUCH_OBJECT: Indicates the target object cannot be found. This code is not returned on following operations:
無法找到目標Object 。在以下操作中不返回這個代碼:
|
| 0×21 | 33 | LDAP_ALIAS_PROBLEM: Indicates that an error occurred when an alias was dereferenced. 當一個別名被覆引用時發生錯誤。 |
| 0×22 | 34 | LDAP_INVALID_DN_SYNTAX: Indicates that the syntax of the DN is incorrect. (If the DN syntax is correct, but the LDAP server’s structure rules do not permit the operation, the server returns LDAP_UNWILLING_TO_PERFORM.) DN的句法不對。( 如果DN句法正確,但是LDAP Server 的結構規則不許可這個操作,Server返回LDAP_UNWILLING_TO_PERFORM 。 ) |
| 0×23 | 35 | LDAP_IS_LEAF: Indicates that the specified operation cannot be performed on a leaf entry. (This code is not currently in the LDAP specifications, but is reserved for this constant.) 指定的操作不能被實施于一個葉子Entry 上。( 這個錯誤碼不在當前的LDAP 規範中,但是這個常數為此而保留。 ) |
| 0×24 | 36 | LDAP_ALIAS_DEREF_PROBLEM: Indicates that during a search operation, either the client does not have access rights to read the aliased object’s name or dereferencing is not allowed. 在search 操作中, client無權讀別名了的 物件名或者間接引用是不被許可的。 |
| 37-47 | Not used. 未使用。 |
|
| 0×30 | 48 | LDAP_INAPPROPRIATE_AUTH: Indicates that during a bind operation, the client is attempting to use an authentication method that the client cannot use correctly. For example, either of the following cause this error:
當bind操作過程中, client試圖使用不正確的認證方式。例如,以下情況造成這個error:
|
| 0×31 | 49 | LDAP_INVALID_CREDENTIALS: Indicates that during a bind operation one of the following occurred:
當bind操作過程中發生以下情況:
|
| 0×32 | 50 | LDAP_INSUFFICIENT_ACCESS: Indicates that the caller does not have sufficient rights to perform the requested operation. 調用者沒有足夠的許可權執行請求的操作。 |
| 0×33 | 51 | LDAP_BUSY: Indicates that the LDAP server is too busy to process the client request at this time but if the client waits and resubmits the request, the server may be able to process it then. LDAP Server太忙以至於無法處理client 的請求,但是如果client等待然後重新提交請求,Server 可能會處理。 |
| 0×34 | 52 | LDAP_UNAVAILABLE: Indicates that the LDAP server cannot process the client’s bind request, usually because it is shutting down. LDAP Server不能處理client 的bind請求,通常是因為它down 機了。 |
| 0×35 | 53 | LDAP_UNWILLING_TO_PERFORM: Indicates that the LDAP server cannot process the request because of server-defined restrictions. This error is returned for the following reasons:
LDAP Server不能處理request ,因為Server定義的限制。 |
| 0×36 | 54 | LDAP_LOOP_DETECT: Indicates that the client discovered an alias or referral loop, and is thus unable to complete this request. client 發現一個別名或者引用是迴圈的,導致這個request 無法完成。 |
| 55-63 | Not used. 未使用。 |
|
| 0×40 | 64 | LDAP_NAMING_VIOLATION: Indicates that the add or modify DN operation violates the schema’s structure rules. For example,
在 add或者 modify DN操作中違反Schema的結構規則。例如:
|
| 0×41 | 65 | LDAP_OBJECT_CLASS_VIOLATION: Indicates that the add, modify, or modify DN operation violates the object class rules for the entry. For example, the following types of request return this error:
在 add、 modify或者modify DN操作中違反 entry的object class規則。例如,下面類型的 request導致這個錯誤: |
| 0×42 | 66 | LDAP_NOT_ALLOWED_ON_NONLEAF: Indicates that the requested operation is permitted only on leaf entries. For example, the following types of requests return this error:
請求的操作只允許在葉子entry上執行。例如下面類型的 request導致這個錯誤: |
| 0×43 | 67 | LDAP_NOT_ALLOWED_ON_RDN: Indicates that the modify operation attempted to remove an attribute value that forms the entry’s relative distinguished name. modify操作試圖刪除關聯著DN 的屬性值。 |
| 0×44 | 68 | LDAP_ALREADY_EXISTS: Indicates that the add operation attempted to add an entry that already exists, or that the modify operation attempted to rename an entry to the name of an entry that already exists. add操作試圖加一個已經存在的Entry ,或者modify操作試圖重命名Entry 為一個已經存在的entry的名字。 |
| 0×45 | 69 | LDAP_NO_OBJECT_CLASS_MODS: Indicates that the modify operation attempted to modify the structure rules of an object class. modify操作試圖改變object class 的結構規則。 |
| 0×46 | 70 | LDAP_RESULTS_TOO_LARGE: Reserved for CLDAP. 為CLDAP保留。 |
| 0×47 | 71 | LDAP_AFFECTS_MULTIPLE_DSAS: Indicates that the modify DN operation moves the entry from one LDAP server to another and thus requires more than one LDAP server. modify DN的操作移動Entry 從一個LDAP Server到另一個,造成需要超過一個LDAP Server 。 |
| 72-79 | Not used. 未使用 |
|
| 0×50 | 80 | LDAP_OTHER: Indicates an unknown error condition. This is the default value for NDS error codes which do not map to other LDAP error codes. 一個未知的error狀態。這是 NDS中沒有映射到其他LDAP錯誤碼上的錯誤碼的缺省值。 |