ldap_error(3) -- Linux man page
NAMEldap_perror, ld_errno, ldap_result2error, ldap_errlist, ldap_err2string - LDAP protocol error handling routines
LIBRARYOpenLDAP LDAP (libldap, -lldap)
#include <ldap.h> char *ldap_err2string( int err ); void ldap_perror( LDAP *ld, const char *s ) int ldap_result2error( LDAP *ld, LDAPMessage *res, int freeit )
DESCRIPTIONThese routines provide interpretation of the various error codes returned by the LDAP protocol and LDAP library routines or associated with an LDAP session. The error code associated with an LDAP session is accessible using ldap_get_option(3) and ldap_set_option(3) with the LDAP_OPT_RESULT_CODE option (previously called LDAP_OPT_ERROR_NUMBER).
The ldap_result2error() routine takes res, a result as produced by ldap_result(3) or ldap_search_s(3), and returns the corresponding error code. Possible error codes are listed below. If the freeit parameter is non zero it indicates that the res parameter should be freed by a call to ldap_msgfree(3) after the error code has been extracted. The ld_errno field in ld is set and returned.
The returned value can be passed to ldap_err2string() to get a text description of the message. The string returned from ldap_err2string() is a pointer to a static area that should not be modified.
The ldap_perror() routine can be called to print an indication of the error on standard error, similar to the way perror(3) works.
ERRORSThe possible values for an ldap error code are:
- The request was successful.
- An operations error occurred.
- A protocol violation was detected.
- An LDAP time limit was exceeded.
- An LDAP size limit was exceeded.
- A compare operation returned false.
- A compare operation returned true.
- The LDAP server does not support strong authentication.
- Strong authentication is required for the operation.
- Partial results only returned.
- The attribute type specified does not exist in the entry.
- The attribute type specified is invalid.
- Filter type not supported for the specified attribute.
- An attribute value specified violates some constraint (e.g., a postalAddress has too many lines, or a line that is too long).
- An attribute type or attribute value specified already exists in the entry.
- An invalid attribute value was specified.
- The specified object does not exist in The Directory.
- An alias in The Directory points to a nonexistent entry.
- A syntactically invalid DN was specified.
- The object specified is a leaf.
- A problem was encountered when dereferencing an alias.
- Inappropriate authentication was specified (e.g., LDAP_AUTH_SIMPLE was specified and the entry does not have a userPassword attribute).
- Invalid credentials were presented (e.g., the wrong password).
- The user has insufficient access to perform the operation.
- The DSA is busy.
- The DSA is unavailable.
- The DSA is unwilling to perform the operation.
- A loop was detected.
- A naming violation occurred.
- An object class violation occurred (e.g., a "must" attribute was missing from the entry).
- The operation is not allowed on a nonleaf object.
- The operation is not allowed on an RDN.
- The entry already exists.
- Object class modifications are not allowed.
- An unknown error occurred.
- The LDAP library can't contact the LDAP server.
- Some local error occurred. This is usually a failed dynamic memory allocation.
- An error was encountered encoding parameters to send to the LDAP server.
- An error was encountered decoding a result from the LDAP server.
- A timelimit was exceeded while waiting for a result.
- The authentication method specified to ldap_bind() is not known.
- An invalid filter was supplied to ldap_search() (e.g., unbalanced parentheses).
- An ldap routine was called with a bad parameter.
- An memory allocation (e.g., malloc(3) or other dynamic memory allocator) call failed in an ldap library routine.
SEE ALSOldap(3), perror(3)
ACKNOWLEDGEMENTSOpenLDAP is developed and maintained by The OpenLDAP Project (http://www.openldap.org/). OpenLDAP is derived from University of Michigan LDAP 3.3 Release.