Closed JesseCoretta closed 1 month ago
Just to offer some additional clarity ...
adding new entry "mail=user@example.com,ou=Consultants,ou=Accounts,dc=example,dc=com"
ldap_add: Object class violation (65)
additional info: Entry mail=user@example.com,ou=Consultants,ou=Accounts,dc=example,dc=com
violates the Directory Server schema configuration because its RDN does not contain attribute uid that
is required by name form accountForm
This is actually a naming violation (64) because it makes direct reference to an attribute required by a Name Form that is missing.
On the other hand, if someone tries to add an entry bearing an unauthorized STRUCTURAL class (e.g: organizationalRole
) where only organizationalUnit
(for instance) is allowed, that is still a naming violation because the Name Form is the element that mandates the organizationalUnit
.
However, through the years I've seen vendors bounce between Object Class Violation and Naming Violation in this case specifically (seems to be a gray area).
So ... dealers choice 😄
please check artifact from https://github.com/OpenIdentityPlatform/OpenDJ/actions/runs/10990761899
@vharseko
Seems to work!!
adding new entry "mail=user@example.com,ou=Consultants,ou=Accounts,dc=example,dc=com" ldap_add: Naming violation (64) additional info: Entry mail=user@example.com,ou=Consultants,ou=Accounts,dc=example,dc=com violates the Directory Server schema configuration because its RDN does not contain attribute uid that is required by name form accountForm
Thank you 😃
Describe the bug
Additional research underway
Consider that when attempting to write a new entry to a DIT that is presently governed by DIT structure rules, and the new entry violates one of those rules by rite of name form attribute violation, the following result should ensue:
Unfortunately, OpenDJ returns:
... which is not accurate for this scenario.
I recommend this be changed in the distant future, but as some users may be scanning for this result code in static fashion via custom clients, it may inadvertently become a breaking change.
I am currently writing a rough draft for a new subsection to Section 16. In this new subsection is a practical overview of name forms and structure rules. Perhaps what I will do is put a disclaimer in the new draft section, e.g.:
Let me know what you think 😃
Jesse