DS 7.2.4

LDAP result codes

An operation result code as defined in RFC 4511 section 4.1.9 is used to indicate the final status of an operation. If a server detects multiple errors for an operation, only one result code is returned. The server should return the result code that best indicates the nature of the error encountered. Servers may return substituted result codes to prevent unauthorized disclosures.

Result code Name Description

-1

Undefined

The result code that should only be used if the actual result code has not yet been determined. Despite not being a standard result code, it is an implementation of the null object design pattern for this type.

0

Success

The result code that indicates that the operation completed successfully.

1

Operations Error

The result code that indicates that the operation is not properly sequenced with relation to other operations (of same or different type). For example, this code is returned if the client attempts to StartTLS [RFC4346] while there are other uncompleted operations or if a TLS layer was already installed.

2

Protocol Error

The result code that indicates that the client sent a malformed or illegal request to the server.

3

Time Limit Exceeded

The result code that indicates that a time limit was exceeded while attempting to process the request.

4

Size Limit Exceeded

The result code that indicates that a size limit was exceeded while attempting to process the request.

5

Compare False

The result code that indicates that the attribute value assertion included in a compare request did not match the targeted entry.

6

Compare True

The result code that indicates that the attribute value assertion included in a compare request did match the targeted entry.

7

Authentication Method Not Supported

The result code that indicates that the requested authentication attempt failed because it referenced an invalid SASL mechanism.

8

Strong Authentication Required

The result code that indicates that the requested operation could not be processed because it requires that the client has completed a strong form of authentication.

10

Referral

The result code that indicates that a referral was encountered. Strictly speaking this result code should not be exceptional since it is considered as a "success" response. However, referrals should occur rarely in practice and, when they do occur, should not be ignored since the application may believe that a request has succeeded when, in fact, nothing was done.

11

Administrative Limit Exceeded

The result code that indicates that processing on the requested operation could not continue because an administrative limit was exceeded.

12

Unavailable Critical Extension

The result code that indicates that the requested operation failed because it included a critical extension that is unsupported or inappropriate for that request.

13

Confidentiality Required

The result code that indicates that the requested operation could not be processed because it requires confidentiality for the communication between the client and the server.

14

SASL Bind in Progress

The result code that should be used for intermediate responses in multi-stage SASL bind operations.

16

No Such Attribute

The result code that indicates that the requested operation failed because it targeted an attribute or attribute value that did not exist in the specified entry.

17

Undefined Attribute Type

The result code that indicates that the requested operation failed because it referenced an attribute that is not defined in the server schema.

18

Inappropriate Matching

The result code that indicates that the requested operation failed because it attempted to perform an inappropriate type of matching against an attribute.

19

Constraint Violation

The result code that indicates that the requested operation failed because it would have violated some constraint defined in the server.

20

Attribute or Value Exists

The result code that indicates that the requested operation failed because it would have resulted in a conflict with an existing attribute or attribute value in the target entry.

21

Invalid Attribute Syntax

The result code that indicates that the requested operation failed because it violated the syntax for a specified attribute.

32

No Such Entry

The result code that indicates that the requested operation failed because it referenced an entry that does not exist.

33

Alias Problem

The result code that indicates that the requested operation failed because it attempted to perform an illegal operation on an alias.

34

Invalid DN Syntax

The result code that indicates that the requested operation failed because it would have resulted in an entry with an invalid or malformed DN.

36

Alias Dereferencing Problem

The result code that indicates that a problem was encountered while attempting to dereference an alias for a search operation.

48

Inappropriate Authentication

The result code that indicates that an authentication attempt failed because the requested type of authentication was not appropriate for the targeted entry.

49

Invalid Credentials

The result code that indicates that an authentication attempt failed because the user did not provide a valid set of credentials.

50

Insufficient Access Rights

The result code that indicates that the client does not have sufficient permission to perform the requested operation.

51

Busy

The result code that indicates that the server is too busy to process the requested operation. This is a transient error which means the operation can safely be retried.

52

Unavailable

The result code that indicates that either the entire server or one or more required resources were not available for use in processing the request. This is a transient error which means the operation can safely be retried.

53

Unwilling to Perform

The result code that indicates that the server is unwilling to perform the requested operation.

54

Loop Detected

The result code that indicates that a referral or chaining loop was detected while processing the request.

60

Sort Control Missing

The result code that indicates that a search request included a VLV request control without a server-side sort control.

61

Offset Range Error

The result code that indicates that a search request included a VLV request control with an invalid offset.

64

Naming Violation

The result code that indicates that the requested operation failed because it would have violated the server’s naming configuration.

65

Object Class Violation

The result code that indicates that the requested operation failed because it would have resulted in an entry that violated the server schema.

66

Not Allowed on Non-Leaf

The result code that indicates that the requested operation is not allowed for non-leaf entries.

67

Not Allowed on RDN

The result code that indicates that the requested operation is not allowed on an RDN attribute.

68

Entry Already Exists

The result code that indicates that the requested operation failed because it would have resulted in an entry that conflicts with an entry that already exists.

69

Object Class Modifications Prohibited

The result code that indicates that the operation could not be processed because it would have modified the objectclasses associated with an entry in an illegal manner.

71

Affects Multiple DSAs

The result code that indicates that the operation could not be processed because it would impact multiple DSAs or other repositories.

76

Virtual List View Error

The result code that indicates that the operation could not be processed because there was an error while processing the virtual list view control.

80

Other

The result code that should be used if no other result code is appropriate.

81

Server Connection Closed

The client-side result code that indicates that the server is down. This is for client-side use only and should never be transferred over protocol. This is a transient error which means the operation can be retried.

82

Local Error

The client-side result code that indicates that a local error occurred that had nothing to do with interaction with the server. This is for client-side use only and should never be transferred over protocol.

83

Encoding Error

The client-side result code that indicates that an error occurred while encoding a request to send to the server. This is for client-side use only and should never be transferred over protocol.

84

Decoding Error

The client-side result code that indicates that an error occurred while decoding a response from the server. This is for client-side use only and should never be transferred over protocol.

85

Client-Side Timeout

The client-side result code that indicates that the client did not receive an expected response in a timely manner. This is for client-side use only and should never be transferred over protocol. This is a transient error which means the operation can be retried.

86

Unknown Authentication Mechanism

The client-side result code that indicates that the user requested an unknown or unsupported authentication mechanism. This is for client-side use only and should never be transferred over protocol.

87

Filter Error

The client-side result code that indicates that the filter provided by the user was malformed and could not be parsed. This is for client-side use only and should never be transferred over protocol.

88

Cancelled by User

The client-side result code that indicates that the user cancelled an operation. This is for client-side use only and should never be transferred over protocol.

89

Parameter Error

The client-side result code that indicates that there was a problem with one or more of the parameters provided by the user. This is for client-side use only and should never be transferred over protocol.

90

Out of Memory

The client-side result code that indicates that the client application was not able to allocate enough memory for the requested operation. This is for client-side use only and should never be transferred over protocol.

91

Connect Error

The client-side result code that indicates that the client was not able to establish a connection to the server. This is for client-side use only and should never be transferred over protocol. This is a transient error which means the operation can be retried.

92

Operation Not Supported

The client-side result code that indicates that the user requested an operation that is not supported. This is for client-side use only and should never be transferred over protocol.

93

Control Not Found

The client-side result code that indicates that the client expected a control to be present in the response from the server but it was not included. This is for client-side use only and should never be transferred over protocol.

94

No Results Returned

The client-side result code that indicates that the requested single entry search operation or read operation failed because the Directory Server did not return any matching entries. This is for client-side use only and should never be transferred over protocol.

95

Unexpected Results Returned

The client-side result code that the requested single entry search operation or read operation failed because the Directory Server returned multiple matching entries (or search references) when only a single matching entry was expected. This is for client-side use only and should never be transferred over protocol.

96

Referral Loop Detected

The client-side result code that indicates that the client detected a referral loop caused by servers referencing each other in a circular manner. This is for client-side use only and should never be transferred over protocol.

97

Referral Hop Limit Exceeded

The client-side result code that indicates that the client reached the maximum number of hops allowed when attempting to follow a referral (i.e., following one referral resulted in another referral which resulted in another referral and so on). This is for client-side use only and should never be transferred over protocol.

118

Canceled

The result code that indicates that a request has been cancelled by a cancel request.

119

No Such Operation

The result code that indicates that a cancel request was unsuccessful because the targeted operation did not exist or had already completed.

120

Too Late

The result code that indicates that a cancel request was unsuccessful because processing on the targeted operation had already reached a point at which it could not be canceled.

121

Cannot Cancel

The result code that indicates that a cancel request was unsuccessful because the targeted operation was one that could not be canceled.

122

Assertion Failed

The result code that indicates that the filter contained in an assertion control failed to match the target entry.

123

Authorization Denied

The result code that should be used if the server will not allow the client to use the requested authorization.

16,654

No Operation

The result code that should be used if the server did not actually complete processing on the associated operation because the request included the LDAP No-Op control.

Copyright © 2010-2023 ForgeRock, all rights reserved.