Full_Name: Hallvard B Furuseth Version: HEAD OS: Linux URL: Submission from: (NULL) (129.240.6.233) Submitted by: hallvard
If objectclass B is a subclass of A, and an entry contains objectclass B but not A, slapd returns attributeOrValueExists to a request to add A. OTOH it allows replace(objectClass: <A, B>), and after that it allows delete(objectClass: A). This is inconsistent. If the objectClass attribute contains B, does it "really" contain A as well? I couldn't find such a statement in the RFCs, so my guess is that add(objectClass: A) should be allowed. Though I haven't looked all that hard. Example: ldapadd -cx <<'EOF' # Create initial object dn: c=NO objectClass: friendlyCountry c: NO co: Norway # error dn: c=NO changetype: modify add: objectClass objectClass: top - # error dn: c=NO changetype: modify add: objectClass objectClass: country - # success dn: c=NO changetype: modify replace: objectClass objectClass: top objectClass: country objectClass: friendlyCountry - # success dn: c=NO changetype: modify delete: objectClass objectClass: top - # success dn: c=NO changetype: modify delete: objectClass objectClass: country - EOF
