How to create a new objectClass in LDAP3?

Question

I'm trying to add entries into a 'policy' container I've created like so:

ldap_connection.add('OU=Policy, DC=BERT, DC=LOCAL', 'organizationalUnit'))

and can't find any good documentation on how to create a new objectClass to accommodate these entries. If I try to add the entry using an objectClass that already exists like this:

ldap_connection.add('CN=policy1, OU=Policy, DC=BERT, DC=LOCAL',attributes={'objectClass': 'person'})

that works. But I'd like to do something like this:

ldap_connection.add('CN=policy1, OU=Policy, DC=BERT, DC=LOCAL',attributes={'objectClass': 'policy'})

I've tried using MODIFY_ADD:

ldap_connection.modify('OU=Policy1, DC=BERT, DC=LOCAL',{'organizationalUnit': (MODIFY_ADD, ['policy'])})

but this returns an 'invalid attribute type in attribute' error that seems to persist no matter what values I switch out for 'organizationalUnit'. I scoured the internet for some sort of help regarding this matter, but the documentation on LDAP3 is quite sparse. Any help is much appreciated.

Answer 1

In OpenLDAP you can't create new object classes through an ldap request - you will have to add them to the server configuration.

See http://www.openldap.org/doc/admin24/schema.html for the documentation of OpenLDAP 2.4 about schema changes.

---

Creating your own objectClass requires careful planning:

• should it be an ABSTRACT, a STRUCTURAL or an AUXILIARY objectClass?
• Which attributes does your objectClass provide?
• Which of those attributes are required?