I have a LDAP database we have been using for managing user accounts on our hosts, these entries have account and posixAccount as objectClass. Now we'd like to extend this to also use it as an adress book. As far as I understand, this means I should add inetOrgPerson objectClass, as well as required attributes, to the people entries.
But this is not possible with phpLdapAdmin for some reason. It does not pop up when I click the add value button on objectClass, and if I type it in manually, it wants to remove account and posixAccount objectClasses. I have read on various places that it should be possible to assign both objectClass:es to entries, so why does phpLdapAdmin complain? Is there a real reason this doesn't work or is it only phpLdapAdmin that is being silly?
Best Answer
The objectClass account is structural, and can't be combined with inetOrgPerson, since this objectClass is also structural. To accomplish the desired effect, instead make the entries have inetOrgPerson as structural objectClass, and then add posixAccount as an auxiliary objectClass. This will produce entries with the required attributes.