MyChat Client error #0165: LDAP error: #XXX (error name and description), LDAP errors codes
"Debugging and troubleshooting", "List of MyChat Client errors", "Error #0165"
Error
Error #0165: LDAP error: #XXX (error name and description), LDAP errors codes
Error description
Usually, this error occurs when connecting to a domain via LDAP and importing users from Active Directory to MyChat Server.
Problem solution
The text and number of this error are returned by domain server. As a rule, this message allows you to understand what is going on.
For example, after connection attempt you see a message such as "LDAP error: #49 (Invalid credentials),), 80090308: LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, data 525, v1771".
It means, that the user's login and password are specified incorrectly.
The table contains main errors and recommendations on solution.
Main LDAP code errors with descriptions
|
Network error: connection timed out |
a network error when connecting to a domain controller via LDAP. Possibles solutions: •IP address or server's host for connection specified incorrectly; •AD LDS service is disabled on a Windows server; •domain controller computer is off; •firewall/anti-virus block connection on a Windows server; •TCP port for connection specified incorrectly, or another port (different from a default one) is set for a service AD LDS on Windows Server; |
|
|
|
|
|
|
LDAP_PROTOCOL_ERROR |
•the server received data that is formed incorrectly; •if you perform the command "bind", the error indicates that the server does not support the protocol version you requested; •when performing extended operations, the server the server does not support the operation associated with the requestName; •if the request has multiple control, then the server cannot ignore the order of the controls as specified, or that the combination of the specified controls is invalid (or unspecified at all);
|
|
|
|
|
|
|
LDAP_TIMELIMIT_EXCEEDED |
the operation's timeout (server or client) s been exceeded. If you performed search operations, the server can return some part of results;
|
|
|
|
|
|
|
LDAP_SIZELIMIT_EXCEEDED |
exceeded the maximum limitation of a LDAP request size; |
|
|
|
|
|
|
LDAP_STRONG_AUTH_NOT_SUPPORTED |
LDAP server does not support strict authentication; |
|
|
|
|
|
|
LDAP_STRONG_AUTH_REQUIRED |
strict authentication needed for this operation; |
|
|
|
|
|
|
LDAP_PARTIAL_RESULTS |
only a part of request result returned. Perhaps, your LDAP server has limitation on page size when requesting a big number of data; |
|
|
|
|
|
|
LDAP_ADMINLIMIT_EXCEEDED |
exceeded limitation on a number of entries returned after search. The limitation is set on a domain server; |
|
|
|
|
|
|
LDAP_CONFIDENTIALITY_REQUIRED |
perhaps, you may need secured connection (SSL/TLS); |
|
|
|
|
|
|
LDAP_NO_SUCH_ATTRIBUTE |
a request has a non-existing attribute; |
|
|
|
|
|
|
LDAP_UNDEFINED_TYPE |
a request has invalid attribute type; |
|
|
|
|
|
|
LDAP_INAPPROPRIATE_MATCHING |
a match rule with an extensible match filter is not supported for the specified attribute type; |
|
|
|
|
|
|
LDAP_CONSTRAINT_VIOLATION |
the attribute value in the request violates some restrictions. For example: •the string is too long; •invalid type the string is written to a numeric attribute; •incorrect value. An attribute can only take a specific value, or one from a set of values; |
|
|
|
|
|
|
LDAP_INVALID_SYNTAX |
an invalid attribute value specified in the LDAP request; |
|
|
|
|
|
|
LDAP_NO_SUCH_OBJECT |
the entry does not exist in the directory; |
|
|
|
|
|
|
LDAP_ALIAS_PROBLEM |
a directory alias (NTDS.DIT) in the directory points to a non-existent entry; |
|
|
|
|
|
|
LDAP_INVALID_DN_SYNTAX |
syntactically invalid DN specified. This can happen if you manually change the base request in MyChat Admin Panel settings; |
|
|
|
|
|
|
LDAP_INAPPROPRIATE_AUTH |
specified authentication cannot be performed, for example, LDAP_AUTH_SIMPLE was specified, but the user account does not have the userPassword attribute, so it was not possible to connect to the domain; |
|
|
|
|
|
|
LDAP_INVALID_CREDENTIALS |
•the connection login/password specified incorrectly; •the password expired; •the account is blocked; •the intruder detection system blocked the account. |
|
|
|
|
|
|
LDAP_INSUFFICIENT_ACCESS |
The user does not have sufficient access rights to perform the requested operation. Check the permissions of the domain user with whom you connect to your Windows server via LDAP |
|
|
|
|
|
|
LDAP_BUSY |
The Directory System Agent (DSA) is too busy to complete the requested operation; |
|
|
|
|
|
|
LDAP_UNAVAILABLE |
The Directory System Agent is not available at the moment. It may be stopped, paused, or in the initialization process; |
|
|
|
|
|
|
LDAP_LOOP_DETECT |
a loop occurred due to an invalid request. Check your additional filters; |
|
|
|
|
|
|
LDAP_NAMING_VIOLATION |
perhaps, the request contains a naming violation regarding the current domain database (NTDS.DIT). Check your additional filters; |
|
|
|
|
|
|
LDAP_TIMEOUT |
time limit exceeded while waiting for results. Perhaps, your request involves a lot of data, or is formed incorrectly and the LDAP server is looping while generating results. |