Re: Feeling stupid: cannot understand error

[Buchan Milne <bgmilne@obsidian.co.za>]

On Wed, 21 Apr 2004, Alex Povolotsky wrote:

> Hello!
> 
> I've installed openldap 2.1, and run into strange problem.
> 
> [12:37] server:/tmp # ldapadd -D "cn=Manager,dc=sub,dc=ru" -w password
> dn: uid=tarkhil, dc=sub, dc=ru
> objectClass: shadowAccount
> uid: tarkhil
> 
> adding new entry "uid=tarkhil, dc=sub, dc=ru"
> ldap_add: Object class violation (65)
>         additional info: no structural object class provided

The entry above does not have a structural objectclass. RFC-comliance 
requires that each entry have one structural objectclass (and all 
structural objectclasses must belong to the same chain).

You probably need to add something like objectclasss inetorgperson (or 
similar) and any attributes they require.

> 
> [12:37] server:/tmp # ldapadd -D "cn=Manager,dc=sub,dc=ru" -w password
> dn: cn=test2, dc=sub, dc=ru
> objectClass: posixGroup
> cn: test2
> gidNumber: 1024
> 
> adding new entry "cn=test2, dc=sub, dc=ru"
> 

posixgroup is a structural objectclass

> 
> As far as I understand man ld_errno, in the first example slapd complaints:
> 
>        
> LDAP_OBJECT_CLASS_VIOLATION
>                            
> An  object class violation occurred (e.g., a "must"
> attribute was missing from the entry).
> 
> 
> but I cannot understand what exactly the problem is.
> 
> The same setup worked quite well on openldap 2.0...
> 

OpenLDAP 2.0.x did not enforce the structural objectclass requirement.

Regards,
Buchan