- LDAP protocol error handling functions
cc[ flag... ] file... -lldap[ library... ] #include <lber.h> #include <ldap.h> char *ldap_err2string(int err);
void ldap_perror(LDAP *ld, const char *s);
int ldap_result2error(LDAP *ld, LDAPMessage *res, int freeit);
These functions interpret the error codes that are returned by the LDAP API routines. The ldap_perror() and ldap_result2error() functions are deprecated for all new development. Use ldap_err2string() instead.
You can also use ldap_parse_sasl_bind_result(3LDAP), ldap_parse_extended_result(3LDAP), and ldap_parse_result(3LDAP) to provide error handling and interpret error codes returned by LDAP API functions.
The ldap_err2string() function takes err, a numeric LDAP error code, returned either by ldap_parse_result(3LDAP) or another LDAP API call. It returns an informative, null-terminated, character string that describes the error.
The ldap_result2error() function takes res, a result produced by ldap_result(3LDAP) or other synchronous LDAP calls, and returns the corresponding error code. If the freeit parameter is non-zero, it indicates that the res parameter should be freed by a call to ldap_result(3LDAP) after the error code has been extracted.
Similar to the way perror(3C) works, the ldap_perror() function can be called to print an indication of the error to standard error.
The possible values for an LDAP error code are:
The request was successful.
An operations error occurred.
A protocol violation was detected.
An LDAP time limit was exceeded.
An LDAP size limit was exceeded.
A compare operation returned false.
A compare operation returned true.
The LDAP server does not support strong authentication.
Strong authentication is required for the operation.
Only partial results are returned.
The attribute type specified does not exist in the entry.
The attribute type specified is invalid.
The filter type is not supported for the specified attribute.
An attribute value specified violates some constraint. For example, a postalAddress has too many lines, or a line that is too long.
An attribute type or attribute value specified already exists in the entry.
An invalid attribute value was specified.
The specified object does not exist in the directory.
An alias in the directory points to a nonexistent entry.
A syntactically invalid DN was specified.
The object specified is a leaf.
A problem was encountered when dereferencing an alias.
Inappropriate authentication was specified. For example, LDAP_AUTH_SIMPLE was specified and the entry does not have a userPassword attribute.
Invalid credentials were presented, for example, the wrong password.
The user has insufficient access to perform the operation.
The DSA is busy.
The DSA is unavailable.
The DSA is unwilling to perform the operation.
A loop was detected.
A naming violation occurred.
An object class violation occurred. For example, a must attribute was missing from the entry.
The operation is not allowed on a nonleaf object.
The operation is not allowed on an RDN.
The entry already exists.
Object class modifications are not allowed.
An unknown error occurred.
The LDAP library cannot contact the LDAP server.
Some local error occurred. This is usually the result of a failed malloc(3C) call or a failure to fflush(3C) the stdio stream to files, even when the LDAP requests were processed successfully by the remote server.
An error was encountered encoding parameters to send to the LDAP server.
An error was encountered decoding a result from the LDAP server.
A time limit was exceeded while waiting for a result.
The authentication method specified to ldap_bind(3LDAP) is not known.
An invalid filter was supplied to ldap_search(3LDAP), for example, unbalanced parentheses.
An LDAP function was called with a bad parameter, for example, a NULL ld pointer, and the like.
A memory allocation call failed in an LDAP library function, for example, malloc(3C).
The LDAP client has either lost its connetion to an LDAP server or it cannot establish a connection.
The requested functionality is not supported., for example, when an LDAPv2 client requests some LDAPv3 functionality.
An LDAP client requested a control not found in the list of supported controls sent by the server.
The LDAP server sent no results.
More results are chained in the message chain.
A loop has been detected, for example, when following referrals.
The referral exceeds the hop limit. The hop limit determines the number of servers that the client can hop through to retrieve data.
See attributes(5) for a description of the following attributes:
fflush(3C), ldap(3LDAP), ldap_bind(3LDAP), ldap_result(3LDAP), ldap_parse_extended_result(3LDAP), ldap_parse_result(3LDAP), ldap_parse_sasl_bind_result(3LDAP), ldap_search(3LDAP), malloc(3C), perror(3C) , attributes(5)