[Date Prev][Date Next]
Re: OpenLDAP: Object class modification
At 10:47 AM 4/11/2006, Kurt D. Zeilenga wrote:
>First, I note that 2.1 is historic. However, 2.3 behaves in the
>same manner. See <http://www.openldap.org/faq/index.cgi?file=883>
>for a discussion of this error.
Actually, this answer is too a related question. I've added
which specifically addresses this common error.
>I note that, in 2.4, we hope to introduce a control which will allow administrators (and other authorized users) to request this (and other)
>restrictions be temporarily relaxed. In 2.3 (and earlier releases),
>the only way to change the structural class of an object is to
>re-create the object (e.g., delete the old, add the new).
>At 04:37 PM 4/10/2006, John Quigley wrote:
>>Here's my scenario: I've got several hundred user accounts, stored as
>>OpenLDAP records. Here's an example:
>># test user
>>sn: test user
>>Now, I'm looking to add a 'mail' field, for which I require the
>>objectclass inetOrgPerson. I've been trying to ldapmodify all the
>>users, as such:
>>Which generates the following error:
>>ldap_modify: Cannot modify object class (69)
>> additional info: structural object class modification from
>>'organizationalPerson' to 'inetOrgPerson' not allowed
>>I understand that it is forbidden in OpenLDAP 2.1 to change the
>>objectclass of an entry by adding a new structural class through a modify.
>>So, my question to you is: can somebody step me through the process by
>>which I could add this objectclass? Is this even possible? Thanks so
>>much for your time and consideration, it's tremendously appreciated.