modify objectclass - Object class violation

[halostatue]

Originally submitted by Rubyforge user cuzic4n on 2010-09-02:

I am adding and deleting all sorts of ldap entries. I can even make new entries with objectclasses, but when I want
to remove an existing one or add another one I get 'object class violation'. Before you say that the ldap server is
correct. I can do it with softerra ldap administrator just fine. They have a special menu option for adding/removing
objectclasses to existing entries.

The entry log from the ldap server when using softerra to remove posixAccount and shadowaccount objectclasses from already existing entries.

AuditV3--2010-09-02-18:36:52.865+00:00DST--V3 SSL Modify--bindDN: cn=root--client: x.x.x.x:22795--connectionID:
1943--received: 2010-09-02-18:36:52.470+00:00DST--Success
operationResponseTime: 395
timeOnWorkQ: 0
rdbmLockWaitTime: 1
clientIOTime: 0
object: cn=myname,ou=internal,O=stuff
delete: gidNumber
delete: homeDirectory
delete: loginShell
delete: shadowFlag
delete: uidNumber
delete: userid
replace: objectClass

The entry log from the ldap server when trying using net-ldap:

AuditV3--2010-09-02-18:02:34.520+00:00DST--V3 Modify--bindDN: cn=root--client: x.x.x.x:65284--connectionID: 1935--received:
2010-09-02-18:02:34.516+00:00DST--Object class violation
operationResponseTime: 4
timeOnWorkQ: 0
rdbmLockWaitTime: 0
clientIOTime: 0
object: cn=myname,ou=internal,o=stuff
delete: userid
delete: gidnumber
delete: uidnumber
delete: loginshell
delete: homedirectory
delete: objectclass

I notice they are using a replace action. I looked at the net-ldap replace api but it doesn't support this type of call.
I tried ldap.mod with ops array with even just the objectclasses listed. no luck. ldap.delete_attibute won't work for
objectclasses.. ldap.replace_attribute won't work for objectclasses..

Tried the ldap.add with the attr array for adding new objectclasses to no avail. tried ldap.add_attribute for objectclass
to no avail. tried ldap.replace_attribute for objectclass to no avail.

Is there any work being done for supporting adding/removing objectclasses to already existing entries?

[halostatue]

Comment by Austin Ziegler on 2010-09-25:

There is no work in progress on this at this point; if you'd like to contribute a patch, that would help it reach production much faster.

[halostatue]

Comment from cuzic4n on 2011-01-07:

I would like to contribute but I would need someone to help me along a here and there. Is there someone senior that would help guide me?

[halostatue]

Comment by Austin Ziegler on 2011-03-23:

Sorry that I didn't get back to you before now; we haven't really monitored this tracker as well as we should have.

Someone might be able to help you figure this out and see if there's a change that can be made to the Net::LDAP library if you join us at the ruby-ldap Google Group: groups.google.com/group/ruby-ldap/.

[dashmoho]

I know that this issue is rather old, but I wanted to share my success story. I was able to add and remove entries from 'objectclass' attribute. I used modify function, with :add and :remove and it worked.

It is possible that along objectclass you would need to remove other attributes required by those.