Type safe LDAP message envelope result code enumeration. The resultCode is a
parameter of the LDAPResult which is the construct used in this protocol to
return success or failure indications from servers to clients. In response to
various requests servers will return responses containing fields of type
LDAPResult to indicate the final status of a protocol operation request. This
enumeration represents the various status codes associated with an
LDAPResult, hence it is called the ResultCodeEnum. Here are the definitions
and values for error codes from section 4.1.10 of
RFC 2251:
resultCode
ENUMERATED {
success (0),
operationsError (1),
protocolError (2),
timeLimitExceeded (3),
sizeLimitExceeded (4),
compareFalse (5),
compareTrue (6),
authMethodNotSupported (7),
strongAuthRequired (8),
partialResults (9), -- new
referral (10), -- new
adminLimitExceeded (11), -- new
unavailableCriticalExtension (12), -- new
confidentialityRequired (13), -- new
saslBindInProgress (14), -- new
noSuchAttribute (16),
undefinedAttributeType (17),
inappropriateMatching (18),
constraintViolation (19),
attributeOrValueExists (20),
invalidAttributeSyntax (21),
-- 22-31 unused --
NO_SUCH_OBJECT (32),
aliasProblem (33),
invalidDNSyntax (34),
-- 35 reserved for undefined isLeaf --
aliasDereferencingProblem (36),
-- 37-47 unused --
inappropriateAuthentication (48),
invalidCredentials (49),
insufficientAccessRights (50),
busy (51),
unavailable (52),
unwillingToPerform (53),
loopDetect (54),
-- 55-63 unused --
namingViolation (64),
objectClassViolation (65),
notAllowedOnNonLeaf (66),
notAllowedOnRDN (67),
entryAlreadyExists (68),
objectClassModsProhibited (69),
-- 70 reserved for CLDAP --
affectsMultipleDSAs (71), -- new
-- 72-79 unused --
other (80) },
-- 81-90 reserved for APIs --
All the result codes with the exception of success, compareFalse and
compareTrue are to be treated as meaning the operation could not be completed
in its entirety. Most of the result codes are based on problem indications
from X.511 error data types. Result codes from 16 to 21 indicate an
AttributeProblem, codes 32, 33, 34 and 36 indicate a NameProblem, codes 48,
49 and 50 indicate a SecurityProblem, codes 51 to 54 indicate a
ServiceProblem, and codes 64 to 69 and 71 indicates an UpdateProblem. If a
client receives a result code which is not listed above, it is to be treated
as an unknown error condition. The majority of this javadoc was pasted in
from RFC 2251. There's and expired draft out there on error codes which makes
alot of sense:
ietf (expired) draft on error codes (read at your discretion).
Result codes have been identified and split into categories:
- Non-Erroneous: Five result codes that may be returned in LDAPResult are
not used to indicate an error.
- General: returned only when no suitable specific error exists.
- Specific: Specific errors are used to indicate that a particular type of
error has occurred. These error types are:
- Name,
- Update,
- Attribute
- Security, and
- Service
The result codes are also grouped according to the following LDAP operations
which return responses:
- bind
- search
- modify
- modifyDn
- add
- delete
- compare
- extended