Im sorry, i missed that part.
using modrdn with deleteOldRDN: 0 worked perfectly.

Thanks
From: Nathan Kinder <nkinder@redhat.com>
To: General discussion list for the 389 Directory server project. <fedora-directory-users@redhat.com>
Sent: Monday, June 22, 2009 4:46:44 PM
Subject: Re: [389-users] using uid rather then cn in the binddn

Dumbo Q
 wrote:
> Thanks.  I tried that, but now it tells me
> ldapmodify: Object class violation (65)
>         additional info: missing attribute "cn" required by object class "inetOrgPerson"
> 
> Being that the entry has a 'cn', I guess this means that somewhere I have it setup where dn requires the cn to be in it ???  Anythoughts
Are you still specifying "deleteOldRDN: 1"?  As I mentioned, you shouldn't be doing that as it will delete the old RDN value from the entry, which is your "cn".  Since "cn" is required by the "inetOrgPerson" objectclass, this is an objectclass violation.  Try specifying "deleteOldRDN: 0".
> 
> 
> 
> ------------------------------------------------------------------------
> *From:* Nathan Kinder <nkinder@redhat.com>
> *To:* General
 discussion list for the 389 Directory server project. <fedora-directory-users@redhat.com>
> *Sent:* Monday, June 22, 2009 4:30:53 PM
> *Subject:* Re: [389-users] using uid rather then cn in the binddn
> 
> Dumbo Q wrote:
> > Erg.    I thought I had it but it's something is blocking me from doing this update. Can anyone help me find where my constraint is?
> >
> <snip>
> >
> > [root@rhds ~]# ldapmodify -x -W -D cn=DirectoryManager
> > dn: cn=testy,ou=users,ou=people,dc=mydomain,dc=com
> > changetype: modify
> > newRDN: uid=testy
> > deleteOldRDN: 1
> >
> > modifying entry "cn=testy,ou=users,ou=people,dc=mydomain,dc=com"
> > ldapmodify: Object class violation (65)
> >       
 additional info: attribute "newRdn" not allowed
> You need to perform a "modrdn" operation instead of a regular modify.  Try the above, but change your "changetype" to "modrdn".  You may also find that you don't want to delete the old RDN from the entry, particularly if that is the only "cn" value present in your entry.  Doing so would cause an objectclass violation since "cn" is likely required for the objectclass you are using.
> >
> >
> >
> > ------------------------------------------------------------------------
> >
> > --
> > 389 users mailing list
> > 389-users@redhat.com <mailto:389-users@redhat.com>
> > https://www.redhat.com/mailman/listinfo/fedora-directory-users
> > 
> --
> 389 users mailing list
> 389-users@redhat.com <mailto:389-users@redhat.com>
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
> 
> ------------------------------------------------------------------------
> 
> --
> 389 users mailing list
> 389-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>  
 

--
389 users mailing list
389-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users