Next: Authentication and Authorization
Up: Kerberos Administration System KADM5
Previous: Constants, Header Files, Libraries
Contents
The error codes that can be returned by admin functions are listed
below. Error codes indicated with a ``*'' can be returned by every
admin function and always have the same meaning; these codes are
omitted from the list presented with each function.
The admin system guarantees that a function that returns an error code
has no other side effect.
The Admin system will use #1
for error codes. Note that this
means #1
codes may be returned from functions that the admin
routines call (e.g. the kerberos library). Callers should not expect
that only KADM5 errors will be returned. The Admin system error code
table name will be ``ovk'', and the offsets will be the same as the
order presented here. As mentioned above, the error table include file
will be
kadm5/kadm_err.h
.
Note that these error codes are also used as protocol error code
constants and therefore must not change between product releases.
Additional codes should be added at the end of the list, not in the
middle. The integer value of KADM5_FAILURE is 43787520; the
remaining values are assigned in sequentially increasing order.
- * KADM5_FAILURE
- Operation failed for unspecified reason
- * KADM5_AUTH_GET
- Operation requires ``get'' privilege
- * KADM5_AUTH_ADD
- Operation requires ``add'' privilege
- * KADM5_AUTH_MODIFY
- Operation requires ``modify'' privilege
- * KADM5_AUTH_DELETE
- Operation requires ``delete'' privilege
- * KADM5_AUTH_INSUFFICIENT
- Insufficient authorization for
operation
- * KADM5_BAD_DB
- Database inconsistency detected
- KADM5_DUP
- Principal or policy already exists
- KADM5_RPC_ERROR
- Communication failure with server
- KADM5_NO_SRV
- No administration server found for realm
- KADM5_BAD_HIST_KEY
- Password history principal key version
mismatch
- KADM5_NOT_INIT
- Connection to server not initialized
- KADM5_UNK_PRINC
- Principal does not exist
- KADM5_UNK_POLICY
- Policy does not exist
- KADM5_BAD_MASK
- Invalid field mask for operation
- KADM5_BAD_CLASS
- Invalid number of character classes
- KADM5_BAD_LENGTH
- Invalid password length
- KADM5_BAD_POLICY
- Illegal policy name
- KADM5_BAD_PRINCIPAL
- Illegal principal name.
- KADM5_BAD_AUX_ATTR
- Invalid auxillary attributes
- KADM5_BAD_HISTORY
- Invalid password history count
- KADM5_BAD_MIN_PASS_LIFE
- Password minimum life is greater
then password maximum life
- KADM5_PASS_Q_TOOSHORT
- Password is too short
- KADM5_PASS_Q_CLASS
- Password does not contain enough
character classes
- KADM5_PASS_Q_DICT
- Password is in the password dictionary
- KADM5_PASS_REUSE
- Cannot resuse password
- KADM5_PASS_TOOSOON
- Current password's minimum life has not
expired
- KADM5_POLICY_REF
- Policy is in use
- KADM5_INIT
- Connection to server already initialized
- KADM5_BAD_PASSWORD
- Incorrect password
- KADM5_PROTECT_PRINCIPAL
- Cannot change protected principal
- * KADM5_BAD_SERVER_HANDLE
- Programmer error! Bad Admin server handle
- * KADM5_BAD_STRUCT_VERSION
- Programmer error! Bad API structure version
- * KADM5_OLD_STRUCT_VERSION
- API structure version specified by application is no longer supported (to fix, recompile application against current Admin API header files and libraries)
- * KADM5_NEW_STRUCT_VERSION
- API structure version specified by application is unknown to libraries (to fix, obtain current Admin API header files and libraries and recompile application)
- * KADM5_BAD_API_VERSION
- Programmer error! Bad API version
- * KADM5_OLD_LIB_API_VERSION
- API version specified by application is no longer supported by libraries (to fix, update application to adhere to current API version and recompile)
- * KADM5_OLD_SERVER_API_VERSION
- API version specified by application is no longer supported by server (to fix, update application to adhere to current API version and recompile)
- * KADM5_NEW_LIB_API_VERSION
- API version specified by application is unknown to libraries (to fix, obtain current Admin API header files and libraries and recompile application)
- * KADM5_NEW_SERVER_API_VERSION
- API version specified by
application is unknown to server (to fix, obtain and install newest
Admin Server)
- KADM5_SECURE_PRINC_MISSING
- Database error! Required principal missing
- KADM5_NO_RENAME_SALT
- The salt type of the specified principal
does not support renaming
- KADM5_BAD_CLIENT_PARAMS
- Illegal configuration parameter for
remote KADM5 client
- KADM5_BAD_SERVER_PARAMS
- Illegal configuration parameter for
local KADM5 client.
- KADM5_AUTH_LIST
- Operation requires ``list'' privilege
- KADM5_AUTH_CHANGEPW
- Operation requires ``change-password'' privilege
- KADM5_BAD_TL_TYPE
- Programmer error! Illegal tagged data list
element type
- KADM5_MISSING_CONF_PARAMS
- Required parameters in kdc.conf missing
- KADM5_BAD_SERVER_NAME
- Bad krb5 admin server hostname
- KADM5_AUTH_SETKEY
- Operation requires ``set-key'' privilege
- KADM5_SETKEY_DUP_ENCTYPES
- Multiple values for single or folded enctype
Next: Authentication and Authorization
Up: Kerberos Administration System KADM5
Previous: Constants, Header Files, Libraries
Contents
Autobuild
2009-09-05