Re: Adding and objectClass to an existing entry

[Jason Joines <joines@bus.okstate.edu>]

Frank Swasey wrote:

> On Wed, 2004-02-18 at 15:41, Jason Joines wrote:
>
>  
>
> > 	How do you add an objectClass to an existing entry?
> >    
>
> I was going to tell you that in OpenLDAP 2.1, what you are trying to do
> will most likely fail (since inetOrgPerson is a structural objectclass
> and you are NOT allowed to change the structural objectclass of an entry
> after it is created).  However, you stated that you are using openLDAP
> 2.0.23 -- so that argument won't hold any water.
>
> Therefore, I will assume that what you gave us was the full content of
> your LDIF file and therefore the problem has got to be that you need to
> include a few attributes which are required by the inetOrgPerson
> objectclass and are not presently part of the entry you are trying to
> modify.  The inetOrgPerson objectClass requires that you have values for
> the cn and sn attributes (inherited from the Person objectClass).
>  

   That was it.  The existing ldap user had existing objectclasses of  
posixAccount, sambaAccount, and shadowAccount and did have a cn 
attribute but no sn attribute.  This ldif did the trick:

dn: uid=jo,dc=mydomain,dc=net
changetype: modify
add: objectClass
objectClass: inetOrgPerson
-
add: sn
sn: Olson
-
add: givenName
givenName: Jo



Thanks,

Jason
===========