[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: structural object class modification from X to Y not allowed

To: Jehan PROCACCIA <Jehan.Procaccia@int-evry.fr>
Subject: Re: structural object class modification from X to Y not allowed
From: Buchan Milne <bgmilne@staff.telkomsa.net>
Date: Thu, 23 Feb 2006 18:25:26 +0200
Cc: openldap-software@OpenLDAP.org
In-reply-to: <43FD6566.4010308@int-evry.fr>
Organization: Telkom Internet
References: <43FB46A0.5030409@int-evry.fr> <43FB9D59.8050408@jonanddeb.net> <43FD6566.4010308@int-evry.fr>
User-agent: KMail/1.9.1

On Thursday 23 February 2006 09:33, Jehan PROCACCIA wrote:
> Jon Roberts wrote:
> > Jehan PROCACCIA wrote:
> >> I'am surprise that I cannot add or replace  to an existing object a
> >> new objectclass in the same hierarchie of class !?
> >> Can I do that without deleting the object and recreate it from
> >> scratch :-(  ?.
> >
> > AFAIK, no... not since the tighter schema checking that came with 2.1.
> > Back in 2003 I initiated an overlong thread on this list about how
> > OpenLDAP prevented me from extending person entries to use
> > organizationalperson by modifying the objectclass attribute. Since
> > then it's been "delete and readd" as you say.
>
> Do you remember the subject of that thread, I would like to read it from
> the archive.
>  The problem here is that the objeclass person and oranizationalPerson
> are in the same structural Chain, futhermore,  it is exactly the sample
> proposed on that subject in the openldap FAQ and it is supossed to be
> possible to have both ; from
> http://www.openldap.org/faq/data/cache/883.html "Thus, it is OK for an
> objectClass attribute to contain /inetOrgPerson/, /organizationalPerson/,
> and /person/ because they inherit one from another to form a single
> superclass chain. That is, /inetOrgPerson/ SUPs /organizationPerson/ SUPs
> /person/."
> I must admit that I'am lost, did I forgot something  ?
>
> I repost my "bad(?)" experience:
> Here's my sample object on which I want to add the objectclass
> organizationalPerson
> dn: sn=CITI,ou=departements,ou=information,dc=int-evry,dc=fr
> objectClass: person
> cn: Communication and Image
> sn: CITI
>
> $ ldapmodify -f /tmp/add-dept.ldif -h localhost -D
> cn=admin,dc=int-evry,dc=fr -W -x
> modifying entry "sn=CITI,ou=departements,ou=information,dc=int-evry,dc=fr"
> ldap_modify: Cannot modify object class (69)
>        additional info: structural object class modification from
> 'person' to 'organizationalPerson' not allowed
>

We (well, I) can't comment without seeing the contents 
of /tmp/add-dept.ldif ...
-- 
Buchan Milne
ISP Systems Specialist
B.Eng,RHCE(803004789010797),LPIC-2(LPI000074592)

Attachment: pgpsPxJuWBiXL.pgp
Description: PGP signature

Follow-Ups:
- Re: structural object class modification from X to Y not allowed
  - From: Jehan PROCACCIA <Jehan.Procaccia@int-evry.fr>

References:
- structural object class modification from X to Y not allowed
  - From: Jehan PROCACCIA <Jehan.Procaccia@int-evry.fr>
- Re: structural object class modification from X to Y not allowed
  - From: Jon Roberts <jon@jonanddeb.net>
- Re: structural object class modification from X to Y not allowed
  - From: Jehan PROCACCIA <Jehan.Procaccia@int-evry.fr>

Prev by Date: Re: structural object class modification from X to Y not allowed
Next by Date: OpenLDAP with MySQL backend
Index(es):
- Chronological
- Thread