Most calls to the Novell® Identity Manager Fan-Out Driver AS Client API return a value that describes the outcome of the call. These return code values are defined in the C language ascauth.h header file and are provided as fields in the JAscAuth class in the Java interface. The C language API function ASC_STRERROR() and the Java interface method strError() can be used to return a text string that corresponds to the return code. This text string is included in many of the messages that are written to the platform log file for errors involving API calls.
The Java interface uses exceptions for most non-affirmative API call outcomes.
The following table lists the return codes and their corresponding text string, and suggests actions to take for them.
Table C-1 Return Codes for Troubleshooting
|
Return Code |
Symbol Text String |
Explanation and Suggested Action |
|---|---|---|
|
0 |
AS_OK Action successful |
The operation returned a positive response. For calls such as check password, this corresponds to an answer of “Yes.” |
|
1 |
AS_NO Action not successful |
The operation returned a negative response. For calls such as check password, this corresponds to an answer of “No.” |
|
2 |
AS_NOUSER Unknown user |
The Enterprise User ID specified on the call is inactive or is not in the Census. Action: If you expect this user to be active in the Census, see Section II, Core Driver Administration for additional information. |
|
3 |
AS_NOAGENT No Core Drivers are available for authentication |
No Core Drivers could be contacted to process the request. Action: This is generally caused by a configuration problem.
For more information, see parts 2 and 3 in this guide. |
|
4 |
AS_BADCLIENT Local host is not authorized to query the Core Driver |
The network address used by the platform to contact a Core Driver did not match the network address listed in the Platform Configuration object in the ASAM System container. Action: For information about managing Platform objects with the Web interface, see. For an administrative password reset, this can indicate that the administrator user ID/password is not valid or that the administrator does not have rights to change the password. |
|
5 |
AS_REVOKED User is disabled/revoked |
The specified Enterprise User ID corresponds to a User object that has been disabled. |
|
6 |
AS_INTRUDER Intruder detection is active |
The specified Enterprise User ID corresponds to a User object that has been locked because of intruder detection. |
|
7 |
AS_INVALIDARGS Invalid arguments |
The arguments specified on the call are not valid. Action: Make certain that the arguments passed to the call are of the correct type and value. For example, an argument that specifies the name of an object cannot be blank or null, and an argument that specifies a buffer size to hold a result cannot be zero. |
|
8 |
AS_INVALIDOBJ Invalid object |
An object specified as an argument was not of the correct type or was not found. Action: Verify that the objects specified on arguments to the call are of the proper type. Handle the not-found condition as appropriate for your application. |
|
9 |
AS_INVALIDOBJLEN Invalid object length |
An object name specified as an argument was longer than the maximum allowable eDirectory™ object name. Action: Check object names that are specified as arguments to be sure that they do not exceed the maximum length for an eDirectory object name. |
|
10 |
AS_PASSDUPLICATE Password has been previously used |
The new password that was specified to the change password API function has been previously used for this User object and the User object is required to specify unique passwords. Action: Specify a password that has not been previously used. |
|
11 |
AS_PASSTOOSHORT Password does not meet password rules |
The new password that was specified to the change password API function is shorter than the minimum password length set for the User object. Action: Specify a password that meets the password rules for the User object. |
|
12 |
AS_TOOSMALL Buffer is too small |
The size specified for a buffer argument is too small to hold the result. The result is truncated. Action: Allocate a larger buffer, and issue the request again. |
|
13 |
AS_ATTRNOTFOUND Attribute not found |
The attribute specified was not found for the specified object. Action: Process this response accordingly, or specify the name of an attribute that exists for the specified object. |
|
14 |
AS_WSOCKUP WINSOCK not initialized |
Not used in the Identity Manager Fan-Out Driver. |
|
15 |
AS_WSOCKDOWN WINSOCK not terminated |
Not used in the Identity Manager Fan-Out Driver. |
|
16 |
AS_NOAUTHENV No authentication environment established |
The asce argument did not specify a valid environment item. C Action: Verify that a successful call to ASC_INIT() or ASC_INIT_EXT() has been made. Successful calls return a pointer to a valid environment item. Unsuccessful calls return NULL. Verify that the pointer to the environment item is correctly specified as an argument to this call. Java Action: Verify that a successful call to init() has been made. |
|
17 |
AS_PRODUCTEXPIRED Ascauth client has expired |
The expiration date for the platform has passed. Action: Install a current version of Platform Services. |
|
18 |
AS_INCLUDED User matched an INCLUDE statement |
The Enterprise User ID specified on a call to ASC_USER_INCLUDE_EXCLUDE() matched an AS.USER.INCLUDE statement in the platform configuration file. |
|
19 |
AS_EXCLUDED User matched an EXCLUDE statement |
The Enterprise User ID specified on a call to ASC_USER_INCLUDE_EXCLUDE() matched an AS.USER.EXCLUDE statement in the platform configuration file. |
|
20 |
AS_NOMATCH User did not match any INCLUDE/EXCLUDE statement |
The Enterprise User ID specified on a call to ASC_USER_INCLUDE_EXCLUDE() did not match any AS.USER.INCLUDE or AS.USER.EXCLUDE statement in the platform configuration file. The user is included because AS.USER.INCLUDE * is implicit if AS.USER.EXCLUDE * is not specified. |
|
21 |
AS_NOLICENSE Client is not licensed to use the driver |
Not used in the Identity Manager Fan-Out Driver. |
|
22 |
AS_INVALIDREQ API request is not valid or unsupported |
The AS Client API call was not recognized by the Core Driver. Action: Ensure that the version of Platform Services and the version of the Core Driver are compatible. |
|
23 |
AS_KEYEXPIRED Client is using an expired DES key |
The DES encryption key used by a non-SSL version of Platform Services has expired. Action: Update the KEY statement in the platform configuration file with the same encryption key that is specified for the Platform in the Platform object in the ASAM System container. For information about managing Platform objects with the Web interface, see Section II, Core Driver Administration. |
|
24 |
AS_INSUFFICIENTRIGHTS Client is using an expired DES key |
An administrative password reset was rejected. The administrative user does not exist, the password given for the administrative user is not valid, or the administrative user does not have rights to change the target user's password. |