Cannot perform an LDAP search for a specific context
(Last modified: 16Jul2003)
This document (10085147) is provided subject to the disclaimer at the end of this document.
fact
Novell eDirectory 8.6 for All Platforms
symptom
Cannot perform an LDAP search for a specific context
Other LDAP searches are successfull
LDAP Error: 80 when performing the LDAP search or query with an LDAP browser tool
fix
There are a couple solutions for this issue
1. This issue has been resolved in eDirectory 8.6.2 patch EDIR862FP5SP4.EXE or greater, see TID #10083750 for the information.
If patching is not an option and you would like to be able to troubleshoot the issue then follow these steps.
Note: We have noticed many customers developing LDAP controls with Active X, and running into LDAP issues.
2. The easiest way to check LDAP and isolate the issue to devlopment tools or to find the cause as described in the above TID is to try and perform a simple LDAP query.
This can be done in several ways; Netscape web browser, or any other LDAP search tool. Once the tool has been selected set the BASE DN for the search to be the top of the tree, then begin walking down the tree, as you do this the browsing tool re-queries the directory tree for the information. Select each O or OU as you walk down the tree this will attempt to query and return information for all the objects in that context. At some point we will most likely receive the "LDAP Error: 80" returned. When we see that error we know we are in the correct partition and now we can begin narrowing down on the object that is the problem further narrow this down by performing the following:
Use the DSTRACE.NLM to trace LDAP activity, you can use TID #10080854 to setup the trace options. Once this has been done you can perform the query again and watching the DSTRACE console screen we will be able to see the activity scrolling by, including any problems or errors. What we may see is something like this:
Sending search result entry "cn=JSMITH,ou=CORP,o=NOVELL" to connection 0xa85b27a0
[2003/07/16 12:40:36] Searching "": NDS error:-649 returned.
[2003/07/16 12:40:36] LDAPSearchToCB failed, err = -649
[2003/07/16 12:40:36] Sending operation result 80:"":"NDS error: insufficient buffer (-649)" to connection 0xa85b27a0
This alerts us that the JSMITH user is having some type of problem, we will no assume the problem is related to a stream file, and we may see -128 error in the trace screen on this object as well. We know that the most common stream file type is "login script" and so if we use ConsoleOne of NWADMIN then we can look at this user object and go the properties and view the login script attribute for this user. Now we want to check and see if there are any illegal or odd characters in the login script. If so remove them and apply the change, repeat these steps for any other users we may see returning errors.
Now perform the query again and it should be successful.
document
| Document Title: | Cannot perform an LDAP search for a specific context |
| Document ID: | 10085147 |
| Solution ID: | NOVL91064 |
| Creation Date: | 16Jul2003 |
| Modified Date: | 16Jul2003 |
| Novell Product Class: | NetWare Novell eDirectory |
disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.