1 writes: > Let's consider ldap add operation. According to RFC4511 (...) > - attributes: (...) Clients MAY or > MAY NOT include the RDN attribute(s) in this list. > (...) > dn: uid=test,dc=edu,dc=ru > objectClass: testClass > > while testClass classify uid as MAY attribute > is correct. Ain't I wrong? Though if you try to do it via OpenLDAP you get > "Naming violation. Naming attribute uid is not present in entry."
The error message is not about the requirement that an entry must have all 'MUST'-attributes in its object classes. It's about the requirement that all the attributes in the RDN *also* must be present. In RFC 2251 (the previous revision of LDAPv3), the client had to ensure the latter: The "MAY or MAY NOT include..." you quoted was "MUST include". In RFC 4511, that has become the server's job. > Doesn OpenLDAP really violates RFC here? Not RFC 2251:-) -- Regards, Hallvard
