Adaptive Server may experience the following transient errors when communicating with the LDAP server. These errors are generally resolved by retrying the connection. If the errors persist after three retry attempts, Adaptive Server marks the LDAP server as FAILED.
LDAP_BUSY – server is busy
LDAP_CONNECT_ERROR – error during a connect
LDAP_LOCAL_ERROR – error on the client side
LDAP_NO_MEMORY – cannot allocate memory on the client side
LDAP_OPERATIONS_ERROR – error on the server side
LDAP_OTHER – unknown error code
LDAP_ADMINLIMIT_EXCEEDED – a search has exceeded a limit
LDAP_UNAVAILABLE – server cannot process the request
LDAP_UNWILLING_TO_PERFORM – server is not going to process the request
LDAP_LOOP_DETECT – a loop has been detected during a referral
LDAP_SERVER_DOWN – server is not reachable (connection fails)
LDAP_TIMEOUT – LDAP API fails because operation does not complete in the user-specified amount of time
Transient errors and a large number of simultaneous login requests could lead to a large number of repeated error messages in the error log. To increase the readability of the log, the following error message logging algorithm is used:
If a message is being logged for the first time, log it.
If the last time the message was logged was greater than 3 minutes:
Log the error message.
Log the number of times the message was repeated since the message was last printed.
Log the time elapsed, in minutes, since the message was printed.
Authentication failures arising from the following are not considered LDAP errors and are not conditions for retrying the authentication request.
Bind failure due to bad password or an invalid distinguished name.
A search after a successful bind that returns a result set of 0 or no attribute value.
Syntax errors found while parsing the URL are caught when an LDAP URL is set, and therefore do not fall into any of the above categories.
