Adaptive Server may experience the following transient errors when communicating with the LDAP server. These errors are generally resolved by retrying the connection. If the errors persist after three retry attempts, Adaptive Server marks the LDAP server as FAILED.
LDAP_BUSY – server is busy.
LDAP_CONNECT_ERROR – error during a connection.
LDAP_LOCAL_ERROR – error on the client side.
LDAP_NO_MEMORY – cannot allocate memory on the client side.
LDAP_OPERATIONS_ERROR – error on the server side.
LDAP_OTHER – unknown error code.
LDAP_ADMINLIMIT_EXCEEDED – a search has exceeded a limit.
LDAP_UNAVAILABLE – server cannot process the request.
LDAP_UNWILLING_TO_PERFORM – server is not going to process the request.
LDAP_LOOP_DETECT – a loop has been detected during a referral.
LDAP_SERVER_DOWN – server is not reachable (connection fails).
LDAP_TIMEOUT – LDAP API fails because operation does not complete in the user-specified amount of time.
Transient errors and a large number of simultaneous login requests may lead to a large number of repeated error messages in the error log. To increase the readability of the log, this error message logging algorithm is used:
If a message is being logged for the first time, log it.
If the last time the message was logged was greater than 3 minutes:
Log the error message.
Log the number of times the message was repeated since the message was last printed.
Log the time elapsed, in minutes, since the message was printed.
Authentication failures arising from the following are not considered LDAP errors and are not conditions for retrying the authentication request:
Bind failure due to bad password or an invalid distinguished name.
A search after a successful bind that returns a result set of 0 or no attribute value.
Syntax errors found while parsing the URL are caught when an LDAP URL is set, and therefore do not fall into any of the above categories.
