[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: posixAccount entry differences in OpenLDAP 2.0.x and 2.1.x

To: marc.bigler@day.com
Subject: Re: posixAccount entry differences in OpenLDAP 2.0.x and 2.1.x
From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Date: Thu, 12 Jun 2003 10:48:38 +0200
Cc: openldap-software@OpenLDAP.org
In-reply-to: <OFBA2A54D6.227C5F92-ONC1256D43.002D98DF@day.com>
References: <OFBA2A54D6.227C5F92-ONC1256D43.002D98DF@day.com>

marc.bigler@day.com writes:

> Using OpenLDAP 2.0.x I used to enter such kind of entries:
> 
> dn: uid=test,ou=users,dc=domain,dc=tld
> objectclass: posixAccount
> (...)
> 
> Now I am testing a new installation of OpenLDAP 2.1.17 and I simply cannot
> enter this LDIF, ldapadd gives the following error:
> 
> ldapadd: update failed: dn: uid=test,ou=users,dc=domain,dc=tld
> ldap_add: Object class violation (65)
>         additional info: no structural object class provided
> 
> But now if I try using the following LDIF instead (I've simply added top
> and account objectclass): (...)

Your original entry was not valid according to rfc2252, which says that
each entry must have a structural object class.  (posixAccount is
auxiliary, account is structural.)  OpenLDAP 2.0 did not check this.
OpenLDAP 2.1 does.

You don't need to add 'top', though.  That gets added implicitly because
it is the superclass of both object classes.

-- 
Hallvard

References:
- posixAccount entry differences in OpenLDAP 2.0.x and 2.1.x
  - From: marc.bigler@day.com

Prev by Date: Can't Search on Entries
Next by Date: Re: correct structural object class for ou=People
Index(es):
- Chronological
- Thread