[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: structural object class modification from X to Y not allowed

At 11:33 PM 2/22/2006, Jehan PROCACCIA wrote:
>$ ldapmodify -f /tmp/add-dept.ldif -h localhost -D cn=admin,dc=int-evry,dc=fr -W -x
>modifying entry "sn=CITI,ou=departements,ou=information,dc=int-evry,dc=fr"
>ldap_modify: Cannot modify object class (69)
>      additional info: structural object class modification from 'person' to 'organizationalPerson' not allowed

In the X.500/LDAP model, the structural object class of an object
is determined at creation (based upon values of objectClass) and
cannot be changed, period (i.e., regardless of how the present and
desired structural object classes might be related).

We understand that this is somewhat inflexible and are working
on an extension which allows this and some other (like
NO-USER-MODIFICATION) model constraints to be overridden.  This
extension is known as the ManageDIT control.  It's still in
development... in fact, there isn't even an Internet-Draft
describing the extension available yet.

Those interested in making ManageDIT code in HEAD
suitable for release are welcomed to contribute to its

-- Kurt