CODEWITHSUNDEEP
javaldap
vikas27
vikas27

Reputation: 573

Ldap insertion exception

I am trying add an entry to a directory server database. These are the values i am inserting: 

userName=[[email protected]]
driverEmail=[[email protected]]
driverPassword=[ben]
firstName=[Ben]
lastName=[Hur]
newsletter=[false]

And i am getting this exception:

SEVERE: Cannot create new LDAP entry
LDAPException(resultCode=object class violation, errorMessage='Entry mwUniqueIdentifier=5f9e7597-8a5f-42b0-985b-7d196040689e,ou=People,dc=mobilewarrio
r,dc=com violates the Directory Server schema configuration because it includes     multiple conflicting structural objectclasses inetOrgPerson and mwUser
Account.  Only a single structural objectclass is allowed in an entry')

Can anyone tell me what is wrong in it.

Upvotes: 2

Views: 2544

Answers (1)

ig0774
ig0774

Reputation: 41287

You don't show exactly how you're going about inserting those values, so it's hard to be too specific. However, the exception is pretty clear.

You tried to assign the entry both the inetOrgPerson object class and the mwUser object class, which doesn't work as they are both defined as structural object classes and neither inherits from the other (most likely mwUser is defined as a structural object class because your schema did not specify it as a AUXILIARY or ABSTRACT object class).

Per RFC 4512:

An object or alias entry is characterized by precisely one structural object class superclass chain which has a single structural object class as the most subordinate object class.

There are two possible fixes which should involve simple changes to your LDAP schema:

  1. If you intend all mwUser objects to be inetOrgPerson objects, simply declare mwUser a sub-object class of inetOrgPerson like so (taken from the OpenLDAP documentation):

    objectclass ( 1.1.2.2.2 NAME 'myPerson' DESC 'my person' SUP inetOrgPerson MUST ( myUniqueName $ givenName ) MAY myPhoto )

In this situation, you will only need to assign the mwUser object class to your entry.

  1. If you do not want all mwUser objects to be inetOrgPerson objects, then declare it a mixin by specifying that it is an auxiliary object class like so:

    objectclass ( 1.1.2.2.1 NAME 'myPhotoObject' DESC 'mixin myPhoto' AUXILIARY MAY myPhoto )

In this situation, you will have to assign both the inetOrgPerson (or another structural object class) as well as the mwUser object class to the object.

Upvotes: 4

Related Questions