ldap_add: Object class violation (65) when adding posixGroup

Question

I try to move some posixGroup-Definitions from one ldap-server to a new one using

ldapadd -x -v -W -D cn=ldapAdmin,dc=ibk,dc=local -f groups_ldap_20151028.ldif

This produces the following error:

ldap_initialize( <DEFAULT> )
Enter LDAP Password: 
add objectClass:
        posixGroup
        sambaGroupMapping
add cn:
        users
add displayName:
        users
add sambaGroupType:
        2
add sambaSID:
        S-1-5-21-4027309494-1722177077-478768286-513
add gidNumber:
        100
adding new entry "cn=users,ou=groups,dc=ibk,dc=local"
ldap_add: Object class violation (65)
        additional info: no structural object class provided

I do not understand what happens here, so please give me a hint. As i found posixGroup' is a structural object, sambaGroupMapping not. Adding 'top' as objectClass did not help. All necessary attributes are set and the old setting worked. Importing users the same way worked also well. Both ldap-version are the same.

EDIT: The primary Problem was the wrong schema which had posixGroup an as structural class. The modern uses the configuration in the description below. The rest was a mess of duplicate names and whitespace in the ldif-file. Thank you!

jwilleke jwilleke · Accepted Answer · 2015-10-29T00:33:43

Try adding group or groupOfName or groupofUniqueName (depends on LDAP implementation) as an added objectClass. posixGroup is typically an Auxiliary Group

'posixGroup' SUP top AUXILIARY DESC 'Abstraction of a group of accounts' MUST gidNumber MAY ( authPassword $ userPassword $ memberUid $ description ) X-ORIGIN 'draft-howard-rfc2307bis' )

ldap_add: Object class violation (65) when adding posixGroup

1 Answers