Hallo Werner!
werner mueller wrote:
I've successfully created a new partition and a users and groups
organizationUnit. I was able to assign users into groups using
uniqueMember on a group (objectClass: groupOfUniqueNames)
I am now trying to assign users into groups using the uniqueMember
attribute on (inetOrgPerson). When i try to create a new user with
apache ds studio i get the following error message (full error message
below):
Entry [...] contains more than one STRUCTURAL ObjectClass:
[<groupOfUniqueNames>, <inetOrgPerson>]]
The way you assigned users to groups by adding an attribute to the group
entry is the "normal" one.
Sometimes addition of group entries to user entries as an attribute is
used as well or in addition (see Active Directory with the memberOf
attribute).
I've seen examples that do the very same thing (for ex. at
http://www.liferay.com/web/guest/community/forums/-/message_boards/message/1284894)
i don't understand why this does not work for me. some objectClasses
seem to dont work with each other.
Exactly, an entry is only allowed two have one structural class. If it a
new entry to be added contains two structural abject classes, which have
no inheritance, it fails. This holds true for person and
groupOfUniqueNames. Therefore addition of the entry fails
[email protected],2.5.4.11=users,0.9.2342.19200300.100.1.25=domain,0.9.2342.19200300.100.1.25=org
objectclass: inetOrgPerson
objectclass: organizationalPerson
objectclass: person
objectclass: groupOfUniqueNames
objectclass: top
mail: [email protected]
sn: sn
uniquemember: cn=admins,ou=groups,dc=domain,dc=org
cn: cn
This is an illegal entry for the schema deployed with ApacheDS (and many
other standard LDAP servers).
Greetings from Hamburg,
Stefan
