ldap接触(3)之LDAP特定错误以及错误一览表

2019独角兽企业重金招聘Python工程师标准>>> hot3.png

LDAP的特定错误

  1. Error: com.macromedia.contribute.server.exception.DBException: Error in bind() from LDAP source: [server]:[port] 错误:com.macromedia.contribute.server.exception.DBException:绑定错误的()从LDAP来源:[服务器]:[端口]

    Cause: This is a very general error, and it means something went wrong when trying to bind to LDAP/AD. 原因:这是一个非常普遍的错误,它意味着出事时试图绑定到LDAP /广告。 Check to see if the LDAP/AD server name and/or port number you have specified is incorrect or an incorrect DN was specified as the administrator username.请检查是否在LDAP / AD服务器名称和/或您指定的端口号是不正确或不正确的DN作为管理员的用户名指定。

    Notes: For more detail look at the sub-exception, which can be 1,2,3,4 or 5 below. 注:如需例外的细节来看分,可1,2,3,4或5以下。
  2. Error: javax.naming.CommunicationException: [server]:[port] [Root exception is java.net.ConnectException: Connection refused: connect] 错误:javax.naming.CommunicationException:[服务器]:[端口] [根异常java.net.ConnectException:连接被拒绝:连接]

    Cause: The port name you have specified for the LDAP/AD server is incorrect. 原因:你有服务器的端口名指定为LDAP / AD是不正确的。
  3. Error: javax.naming.CommunicationException: [server]:[port] [Root exception is java.net.UnknownHostException: [server]] 错误:javax.naming.CommunicationException:[服务器]:[端口] [根异常java.net.UnknownHostException:[服务器]]

    Cause: The LDAP/AD server name you have specified is incorrect. 原因:的LDAP / AD服务器名称指定是不正确的。
  4. Error: javax.naming.NamingException: Cannot parse url: [protocol]://[server]:[port] [Root exception is java.net.MalformedURLException: Not an LDAP URL: [protocol]://[server]:[port]] 错误:javax.naming.NamingException:无法解析网址:[协议]://[服务器]:[端口] [根异常java.net.MalformedURLException:不是一个LDAP网址:[协议]://[服务器]: [港口]]

    Cause: The protocol you have specified is not correct. 原因:您指定的协议的,是不正确的。

    Note: Currently if you specify anything besides ldap for the protocol, you will receive this error. 注:目前,如果您指定的LDAP协议的任何内容,除了对,您将收到此错误。
  5. Error: javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials] 错误:javax.naming.AuthenticationException:[LDAP的:错误代码49 -无效证书]

    Cause: The DN path or password which you have specified for the administrator is invalid. 原因:DN路径或管理员密码,你必须指定为无效。 Any of the below will result in this error:任何下文将导致此错误:
    • Pointed to non-user DN指出,非用户的DN
    • Pointed to a non-existent user, but in existing DN指出了一个不存在的用户,但在现有的DN
    • Pointed to non existent DN指出不存在的DN
    • Pointed to an existing user, but non existing DN指出,现有的用户,但现有的DN非
    • Pointed to an incorrect admin DN, uid instead of cn指出,一个不正确的管理员的DN,而不是架CN的UID
    • Pointed to a non administrator user指着一个非管理员用户
    • Pointed to a valid admin but password is incorrect指出了一个有效的管理员密码是不正确的,但
  6. Error: com.macromedia.contribute.server.exception.DBException: Error in searchForUserList from LDAP plugin: [LDAP: error code 32 - No Such Object] 错误:com.macromedia.contribute.server.exception.DBException:插件错误的LDAP searchForUserList来自:[LDAP的:错误代码32 -没有这样的对象]

    Cause: Very general error when there is a problem finding the users in LDAP/AD. 原因:很一般的错误,当发现有问题/ AD的用户的LDAP。 Could be that the DN pointing to the users is pointing to the wrong place or is just incorrect and does not exist.可能是因为用户的DN指向指向错误的地方,或只是不正确,不存在。

    Note: For more detail look at the sub-exception, which can be 7 below. 注:如需例外的细节来看分,可7所示。
  7. Error: javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name '[DN]' 错误:javax.naming.NameNotFoundException:[LDAP的:错误代码32 -没有这样的对象];余下的名字'[肾病]'

    Cause: The DN path which points to where the users are located in the directory is invalid. 原因:DN路径指向的地方的用户目录位于无效。
  8. Error: com.macromedia.contribute.server.exception.DBException: Error in searchForUserList from LDAP plugin: [LDAP: error code 2 - Bad search filter] 错误:com.macromedia.contribute.server.exception.DBException:插件错误的LDAP searchForUserList来自:[LDAP的:错误代码2 -错误的搜索过滤器]

    Cause: Invalid search filter passed to the LDAP/AD server. 原因:无效的搜索过滤器传递到LDAP / AD服务器。

    Note: For more detail look at the sub-exception, which can be 9, or 10 below. 注:如需例外的细节来看分,它可以是9或10以下。
  9. Error: javax.naming.directory.InvalidSearchFilterException: Missing 'equals'; remaining name '[DN]' 错误:javax.naming.directory.InvalidSearchFilterException:缺少'等于';余下的名字'[肾病]'

    Cause: The filter specified is wrong or CPS constructed a bad filter. 原因:指定的过滤器或过滤准则是错误的构造坏。
  10. Error: javax.naming.directory.InvalidSearchFilterException: Unbalanced parenthesis; remaining name [DN] 错误:javax.naming.directory.InvalidSearchFilterException:括号不平衡;其余名称[肾病]

    Cause: You did not have correct opening and closing of parenthesis in your search filter. 原因:您没有正确的开启和关闭括号在您的搜索过滤器。
  11. Error: Error in bind from LDAP source: [LDAP: error code 49 - Invalid Credentials] javax.naming.AuthenticationException 错误:源错误的LDAP绑定来自:[LDAP的:错误代码49 -无效凭据] javax.naming.AuthenticationException

    Cause: Could not authenticate the user trying to login. 原因:无法验证的用户试图登录。 This can be the result of an incorrect username or password, or an incorrect prefix and/or suffix specified in the Settings tab, depending on the type of LDAP/AD system.这可以是一个不正确的用户名或密码,或不正确的前缀和结果/或后缀指定在设置选项卡,根据的LDAP /广告系统类型。 Could also mean the authentication type is incorrect.可能也意味着是不正确的身份验证类型。
  12. Error: Error in bind from LDAP source: [LDAP: error code 34 - invalid DN] javax.naming.InvalidNameException 错误:源错误的LDAP绑定来自:[LDAP的:错误代码34 -无效的DN] javax.naming.InvalidNameException

    Cause: This is caused by a bad prefix specified in the Settings tab, on most LDAP/AD systems. 原因:这是系统设置造成坏指定前缀广告标签,大多数LDAP /。 This could mean you did not specify a prefix at all, which means the LDAP/AD server did not receive a full DN from CPS or that you did not specify a correct prefix, such as CN instead of UID, which results in the LDAP/AD server not receiving a correct DN from CPS.这可能意味着你没有在所有指定的前缀,这意味着在LDAP / AD服务器没有收到完整DN从准则,或者你没有指定,如不是的UID,它在LDAP结果架CN正确的前缀,/ AD服务器没有收到来自准则正确的DN。 Can also be caused by a missing comma at the beginning of the suffix or an extra comma at the end of the suffix.也可以是由一个在后缀或一个额外的逗号在后缀月底开始失踪逗号。 This error could also mean the authentication type is incorrect.此错误可能也意味着是不正确的身份验证类型。
  13. Error: NoSuchAttributeException 错误:NoSuchAttributeException

    Cause: This is caused by providing a name for an attribute which is not correct or does not exist. 原因:这是由于不存在提供一个名称的属性是不正确或。

Active Directory Specific Errors Active Directory中的特定错误

  1. Error: com.macromedia.contribute.server.exception.DBException: Error in bind() from LDAP source: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030F, comment: AcceptSecurityContext error, data 525, vece] javax.naming.AuthenticationException 错误:com.macromedia.contribute.server.exception.DBException:绑定错误的()从LDAP来源:[LDAP的:错误代码49 - 80090308:LdapErr:DSID - 0C09030F,评论:AcceptSecurityContext错误,数据525韦切] javax。 naming.AuthenticationException

    Cause: The administrator domain name, username, and or password is incorrect in the Settings tab. 原因:管理员域名,用户名和密码是不正确的选项卡设置。
  2. Error: com.macromedia.contribute.server.exception.DBException: Error in searchForUserList from LDAP plugin: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001C6, problem 2001 (NO_OBJECT), data 0, best match of: '[DN]' ] javax.naming.NameNotFoundException 错误:com.macromedia.contribute.server.exception.DBException:插件错误的LDAP searchForUserList来自:[LDAP的:错误代码32 - 0000208D:NameErr:DSID - 031001C6,问题2001(NO_OBJECT),数据0,最佳匹配:' [肾病]'] javax.naming.NameNotFoundException

    Cause: A non-existent DN specified in the User Search field. 原因:不存在的DN字段中指定的用户搜索。
  3. Error: javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: [server]:[port] [Root exception is java.net.UnknownHostException: [server]]] 错误:javax.naming.PartialResultException [根异常javax.naming.CommunicationException:[服务器]:[端口] [根异常java.net.UnknownHostException:[服务器]]]

    Cause: An incorrect DN was specified in the User Search field. 原因:不正确的DN指定了在用户搜索领域。
  4. Error: com.macromedia.contribute.server.exception.DBException: Error in searchForUserList from LDAP plugin: [DN]: [LDAP: error code 34 - 0000208F: NameErr: DSID-031001B3, problem 2006 (BAD_NAME), data 8350, best match of: '[DN],' ] javax.naming.InvalidNameException 错误:com.macromedia.contribute.server.exception.DBException:插件错误的LDAP searchForUserList来自:[肾病]:[LDAP的:错误代码34 - 0000208F:NameErr:DSID - 031001B3,问题2006(BAD_NAME),数据8350,最佳匹配:'[肾病],'] javax.naming.InvalidNameException

    Cause: An incorrectly formatted DN was specified. 原因:一个格式不正确的DN指定。
  5. Error: javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-03100198, problem 2001 (NO_OBJECT), data 0, best match of: '']; remaining name '' 错误:javax.naming.NameNotFoundException:[LDAP的:错误代码32 - 0000208D:NameErr:DSID - 03100198,问题2001(NO_OBJECT),数据0,最佳匹配:''];其余的名称''

    Cause: This error appears if you do not have Group settings filled in, but have User Search filled in. Some systems do not care, while some systems experience problems with the empty DN. 原因:出现此错误,如果你没有填写组设置,但用户搜索照顾填写有些系统不这样做,而有些系统的经验与问题的DN空。
  6. Error: Error in bind from LDAP source: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030F, comment: AcceptSecurityContext error, data 52e, vece ] javax.naming.AuthenticationException 错误:源错误的LDAP绑定来自:[LDAP的:错误代码49 - 80090308:LdapErr:DSID - 0C09030F,评论:AcceptSecurityContext错误,数据52e,韦切] javax.naming.AuthenticationException

    Cause: Could not authenticate the user trying to login. 原因:无法验证的用户试图登录。 This can be the result of an incorrect username or password, or an incorrect prefix and/or suffix specified in the Settings tab, depending on the type of LDAP/AD system.这可以是一个不正确的用户名或密码,或不正确的前缀和结果/或后缀指定在设置选项卡,根据的LDAP /广告系统类型。 Could also mean the authentication type is incorrect.可能也意味着是不正确的身份验证类型。 Also an incorrect username attribute or incorrect name attribute can cause this.另外一个不正确的用户名属性或属性名称不正确可能导致此。 Common cause of this error is a user trying to login with DOMAIN\login instead of just login.此错误的常见原因是用户试图登录的域\而不是只登录登录。
  7. Error: javax.naming.NamingException: [LDAP: error code 1 - 000020D6: SvcErr: DSID-03100690, problem 5012 (DIR_ERROR), data 0 ]; 错误:javax.naming.NamingException:[LDAP的:错误代码1 - 000020D6:SvcErr:DSID - 03100690,问题5012(DIR_ERROR),数据0];

    Cause: The DN specified in the User Search tab is incorrect, wrong, or incorrectly formatted. 原因:选项卡上指定的DN在用户搜索是不正确的,错误的,或者格式不正确的。
  8. Error: Error 12: Server.ActionProcessException: Error in authenticateUser in user plugin. 错误:错误12:Server.ActionProcessException:插件错误用户authenticateUser研究。 Error in searchForUser from LDAP plugin: [LDAP: error code 1 - 000020D6: SvcErr: DSID-031006C5, problem 5012 (DIR_ERROR), data 0从LDAP中的错误插件searchForUser:[LDAP的:错误代码1 - 000020D6:SvcErr:DSID - 031006C5,问题5012(DIR_ERROR),数据0

    Cause: User could not be found. 原因:用户无法找到。 Most likely due to DN settings in the User Search tab or the suffix or prefix fields in the Settings tab.极可能是由于在用户搜索的DN选项卡或后缀或前缀的设置选项卡领域设置。
  9. Error: com.macromedia.contribute.server.exception.DomainException: Error in authenticateUser in user plugin. 错误:com.macromedia.contribute.server.exception.DomainException:插件错误用户authenticateUser研究。 Error in searchForUser from LDAP plugin: [LDAP: error code 1 - 000020D6: SvcErr: DSID-03100690, problem 5012 (DIR_ERROR), data 0] javax.naming.NamingException从LDAP中的错误插件searchForUser:[LDAP的:错误代码1 - 000020D6:SvcErr:DSID - 03100690,问题5012(DIR_ERROR),数据0] javax.naming.NamingException

    Cause: Most likely caused by a bad username or password. 原因:很可能造成一个不好的密码或用户名。 Common cause of this error is a user trying to login with DOMAIN\login instead of just login.此错误的常见原因是用户试图登录的域\而不是只登录登录。

General Errors: 一般错误:

  1. Error: Error 12: Server.ActionProcessException: Error in authenticateUser in user plugin. 错误:错误12:Server.ActionProcessException:插件错误用户authenticateUser研究。 No user found for username in user database --- 100 .没有用户发现用户在数据库用户名<用户名--- 100。

    Cause: Most likely the result of a bad prefix or suffix in the settings tab or a bad DN or username or name attribute in the User Search attribute. 原因:最有可能的结果不好属性前缀或后缀搜索在设置选项卡或坏的DN或用户名的用户或名称属性在。

 

 

 

LDAP error Code 及解决方法

  1. error code 53

  ===========================================================================

  问题:创建新用户时出现数据后端异常

  在 WebSphere Portal Express 中,您可以设置密码的最短和最长长度。如果设置的密码长度与 LDAP 服务器的策略不相同,则在创建用户时您可能会看到以下异常:

  EJPSG0015E: Data Backend Problem com.ibm.websphere.wmm.exception.WMMSystemException:

  The following Naming Exception occurred during processing:

  "javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 0000052D:

  SvcErr: DSID-031A0FBC, problem 5003 (WILL_NOT_PERFORM), data 0

  ]; remaining name 'cn=see1anna,cn=users,dc=wps510,dc=rtp,dc=raleigh,dc=ibm,dc=com';

  resolved object com.sun.jndi.ldap.LdapCtx@7075b1b4".

  原因:这是由于“密码不能满足密码策略的要求”导致

  解决方案:

  1. 打开域安全策略-安全设置-账户策略-密码策略-密码必须符合复杂性要求。定义这个策略设置为:已禁用。/ 密码长度最小值:定义这个策略设置为0。

  2. 打开域控制器安全策略-安全设置-账户策略-密码策略-密码必须符合复杂性要求。定义这个策略设置为:已禁用。/ 密码长度最小值:定义这个策略设置为0。

  3. 最后运行刷新组策略命令为:gpupdate /force

  ===========================================================================

  2. Need to specify class name

  ===========================================================================

  javax.naming.NoInitialContextException: Need to specify class name in environment or system property, or as an applet parameter, or in an application resource file: java.naming.factory.initial

  原因:LdapContext在处理完上个环节被close(),LdapContext=null;

  解决方案:不close;

  3. error code 50

  ===========================================================================

  javax.naming.NoPermissionException: [LDAP: error code 50 - 00002098: SecErr: DSID-03150A45, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0

  4. error code 68

  ===========================================================================

  javax.naming.NameAlreadyBoundException: [LDAP: error code 68 - 00000524: UpdErr: DSID-031A0F4F, problem 6005 (ENTRY_EXISTS), data 0

  原因:创建的用户已经存在了

  5. No trusted certificate

  ===========================================================================

  javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found

  1.cas机器A,A上a,b,c服务运行良好

  2.website 位于B机器,cas可以截获请求,跳转javax.net.ssl.SSLHandshakeException

  将A上生生成的客户端密钥,导入B

  A运行

  sudo keytool -genkey -alias tomcat -keyalg RSA -keypass changeit -storepass changeit -keystore server.keystore -validity 3600

  $ keytool -export -trustcacerts -alias tomcat -file server.cer -keystore server.keystore -storepass changeit

  $ sudo keytool -import -trustcacerts -alias tomcat -file server.cer -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit

  B运行最后一句即可

  建立信任关系,客户,服务密钥,客户多处

  6. error code 1

  ===========================================================================

  javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090AE2, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece

  原因:新增域用户的时候,ctx没有绑定管理员用户

  解决方法:ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, adminUser + "@" + ldapProperty.getDomain());

  ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, adminPwd);

  7. error code 50

  ==========================================================================

  javax.naming.NoPermissionException: [LDAP: error code 50 - 00000005: SecErr: DSID-03151E04, problem 4003 (INSUFF_ACCESS_RIGHTS)

  原因:新建域用户时候,ctx绑定到一个普通用户(该用户没有新建用户的权限)

  解决方法:使用管理员用户进行绑定:

  ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, adminUser + "@" + ldapProperty.getDomain());

  ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, adminPwd);

  8. error code 19

  ==========================================================================

  javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 19 - 0000052D: AtrErr: DSID-03190F00, #1:

  0: 0000052D: DSID-03190F00, problem 1005 (CONSTRAINT_ATT_TYPE)

  原因:这个最大的可能是不满足域安全策略:如密码复杂性、密码最短使用期限、强制密码历史。即长度、包含的字符、多久可以修改密码、是否可以使用历史密码等。

  9. LDAP: error code 50

  ==========================================================================

  javax.naming.NoPermissionException: [LDAP: error code 50 - 00000005: SecErr: DSID-031A0F44, problem 4003 (INSUFF_ACCESS_RIGHTS)

  原因:这个是最初代码使用的replace操作,这个在AD里对应的是密码重设(普通用户默认没有这个权限,管理员可以操作),另外remove操作时提供的旧密码错误也可能报这个异常

  10. RSA premaster secret error

  ==========================================================================

  javax.naming.CommunicationException: simple bind failed: 172.18.20.4:636 [Root exception is javax.net.ssl.SSLKeyException: RSA premaster secret error]

  原因:Tomcat 配置的JDK与添加证书的的JDK不一致。如:证书存放路径为C:\Java\jdk1.6.0_10\jre\lib\cacerts 而Tomcat 配置的JDK为C:\Java\jre6 ,使得两者路径不一致,SSL验证的时候,找不到证书

  11.No trusted certificate found

  ==========================================================================

  javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found

  原因:信任证书库文件路径不正确

  解决方法:将正确工程中 \WEB-INF\classes目录下

  12. error code 49

  ==========================================================================

  javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece

  原因:用户名或密码错误

转载于:https://my.oschina.net/zhangph89/blog/844507

你可能感兴趣的:(ldap接触(3)之LDAP特定错误以及错误一览表)