At 12:43 AM 7/22/2005, Raphaël Ouazana-Sustowski wrote: >Hi, > >Whereas I understand that someone shouldn't modify a person into a >country, as indicated in RFC2251, I don't see why OpenLDAP (2.1+) disallow >to modify an objectclass of the same "chain". For example I can't modify >an organizationalPerson into a residentialPerson, nor an >arganizationalPerson into a Person, nor a Person into an >organizationalPerson.
See X.501(93). >Is there a solution to allow to change parent structural objectclasses ? I am preparing an extension to LDAP which will allow limited override of X.500 constraints by the administrator. However, it's not terribly high on my priority list, so it might be a while before the code shows up in HEAD and the spec shows up at the IETF. Kurt
