[Date Prev][Date Next] [Chronological] [Thread] [Top]

OpenLDAP: Object class modification



Hey Folks!

Here's my scenario: I've got several hundred user accounts, stored as
OpenLDAP records.  Here's an example:

# test user
dn: cn=tuser,ou=employee,ou=csinternal,dc=hostname,dc=com
cn: tuser
sn: test user
objectclass: person
objectclass: organizationalperson
objectclass: posixaccount
uid: tuser
uidnumber: 1034
gidnumber: 1034
homedirectory: /home/tuser

Now, I'm looking to add a 'mail' field, for which I require the
objectclass inetOrgPerson.  I've been trying to ldapmodify all the
users, as such:

dn: cn=tuser,ou=employee,ou=CSinternal,dc=hostname,dc=com
changetype: modify
replace: objectclass
objectclass: top
objectclass: person
objectclass: inetorgperson
objectclass: organizationalperson
objectClass: posixAccount

Which generates the following error:

ldap_modify: Cannot modify object class (69)
        additional info: structural object class modification from
'organizationalPerson' to 'inetOrgPerson' not allowed

I understand that it is forbidden in OpenLDAP 2.1 to change the
objectclass of an entry by adding a new structural class through a modify.

So, my question to you is: can somebody step me through the process by
which I could add this objectclass?  Is this even possible?  Thanks so
much for your time and consideration, it's tremendously appreciated.

Regards,
John Quigley
https://chicagolug.org/~jquigley/