Adaptive Server may experience the following transient errors when communicating with the LDAP server. These errors are generally resolved by trying the connection again. If the errors persist after three retry attempts, Adaptive Server marks the LDAP server as FAILED.
LDAP_BUSY – server is busy.
LDAP_CONNECT_ERROR – error during a connect.
LDAP_LOCAL_ERROR – an error on the client side.
LDAP_NO_MEMORY – cannot allocate memory on the client side.
LDAP_OPERATIONS_ERROR – error on the server side.
LDAP_OTHER – unknown error code.
LDAP_ADMINLIMIT_EXCEEDED – a search has exceed a limit.
LDAP_UNAVAILABLE – server cannot process the request.
LDAP_UNWILLING_TO_PERFORM – server is not going to process the request.
LDAP_LOOP_DETECT – a loop detected during a referral.
LDAP_SERVER_DOWN – server is not reachable (connection fails).
LDAP_TIMEOUT – LDAP API fails because operation does not complete in the user-specified amount of time.
Transient errors and a large number of simultaneous login requests could lead errorlog with a large number of repeated error messages. To increase the readability of the log, the following error message logging algorithm is used:
If a message is being logged for the first time, log it.
If the last time the message was logged was greater than 3 minutes:
Log the error message.
Log the number of times the message was repeated since the message was last printed.
Log the time in minutes elapsed since the message was printed.
Authentication failures arising from the following are not considered LDAP errors and are not conditions for retrying the authentication request.
Bind failure due to bad password or an invalid distinguished name.
A search after a successful bind that returns a result set of 0 or no attribute value.
Syntax errors found while parsing the URL are caught when an LDAP URL is set, and therefore do not fall in any of the above categories.