Re: LDAP layouts for Heimdal

--On Sonntag, 9. November 2003 05:21 +0800 Chris Hamilton 
<chris@ambigc.com> wrote:

> Well there is my problem then.  I am using the schema at
> http://www.padl.com/~lukeh/XAD/hdb.schema
> on 2.1.22 ldap with BDB backend.  I can add things to a person object.
> However after I add krb5Principal to the entry, inetOrgPerson can not be
> added.  I just tested sambaSamAccount and it adds afterwards, so does
> krb5KDCEntry.  So what is specifically conflicting in this case between
> krb5Principal and inetOrgPerson(organizationalPerson more specifically)?
> I don't see how, but I am new to this.

Are you trying to add inetOrgPerson to the objectClass attribute of an 
existing entry? This is not allowed in LDAP at it would change the 
structural objectclass of the entry. You can add krb5KDCEntry and 
krb5Principal because they are AUXILIARY object classes. However, 
inetOrgPerson ist STRUCTURAL.