[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: structural object class modification from X to Y not allowed

To: Jehan PROCACCIA <jehan.procaccia@int-evry.fr>
Subject: Re: structural object class modification from X to Y not allowed
From: Pierangelo Masarati <ando@sys-net.it>
Date: Fri, 24 Feb 2006 13:12:08 +0100
Cc: openldap-software@OpenLDAP.org
In-reply-to: <45994.131.175.154.56.1140716192.squirrel@131.175.154.56>
References: <43FB46A0.5030409@int-evry.fr> <43FB9D59.8050408@jonanddeb.net> <43FD6566.4010308@int-evry.fr> <7.0.1.0.0.20060223082128.03d36160@OpenLDAP.org> <45994.131.175.154.56.1140716192.squirrel@131.175.154.56>

On Thu, 2006-02-23 at 18:36 +0100, Pierangelo Masarati wrote:

> I was about to reply something like that, as I remember that some
> functionality of manageDIT was present, but I found out that there's no
> structuralObjectClass change capability yet.  I've already added the
> capability to change creatorsName, createTimestamp and entryUUID (which I
> needed to implement cross-database rename in a distributed system); in
> case I might work at structuralObjectClass (based on spare time
> availability, of course).  If anyone is willing to contribute, please
> remember that manageDIT modifications require "manage" access privileges.

I need to partially amend my first posting: you can already change the
structuralObjectClass using the manageDIT; what that control requires is
that the resulting entry complies with the schema.  So, if your entry
initially looks like

dn: sn=CITI,ou=departements,ou=information,dc=int-evry,dc=fr
objectClass: person
cn: Communication and Image
sn: CITI

you can add the organizationalPerson objectClass provided you do
something like

dn: sn=CITI,ou=departements,ou=information,dc=int-evry,dc=fr
changetype: modify
add: objectClass
objectClass: organizationalPerson
-
replace: structuralObjectClass
structuralObjectClass: organizationalPerson
-

and, of course, you need to use the manageDIT control and have "manage"
access to structuralObjectClass.

p.





Ing. Pierangelo Masarati
Responsabile Open Solution
OpenLDAP Core Team

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office:   +39.02.23998309          
Mobile:   +39.333.4963172
Email:    pierangelo.masarati@sys-net.it
------------------------------------------

Follow-Ups:
- Re: structural object class modification from X to Y not allowed
  - From: Jehan PROCACCIA <Jehan.Procaccia@int-evry.fr>

References:
- structural object class modification from X to Y not allowed
  - From: Jehan PROCACCIA <Jehan.Procaccia@int-evry.fr>
- Re: structural object class modification from X to Y not allowed
  - From: Jon Roberts <jon@jonanddeb.net>
- Re: structural object class modification from X to Y not allowed
  - From: Jehan PROCACCIA <Jehan.Procaccia@int-evry.fr>
- Re: structural object class modification from X to Y not allowed
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: structural object class modification from X to Y not allowed
  - From: "Pierangelo Masarati" <ando@sys-net.it>

Prev by Date: Re: OpenLDAP - SASL: user not found: no secret in database - solution
Next by Date: Problem with index
Index(es):
- Chronological
- Thread