Michael Ströder wrote:
Brad Hartlove wrote:
The core problem is why can I not add the operational attribute to my custom objectclass.
Operational attributes are simply not normal user attributes.
If your LDAP client is supposed to alter an attribute via LDAP it has to be a user attribute. Period.
That's only a partial answer.
Brad, the answer is "go read the LDAP spec" - operational attributes are never part of any objectclass definition, and the server is free to use them in any entry regardless of objectclass.
The OpenLDAP manpages are not here to teach you the basics of LDAP. You're expected to read the specs and know the basics of LDAP.