------------------------------
Rudy Santos
------------------------------

I do not know the how that class works but my guess is that you would need to list all objectclasses on the put request - that would explain the object class violation at least :-)  

------------------------------
Franz Wolfhagen
WW IAM Solution Architect - Certified Consulting IT Specialist
IBM Expert Labs
------------------------------

Original Message:
Sent: Wed September 24, 2025 11:36 AM
From: Rudy Santos
Subject: Verify Access (IVIA) using NativeLDAPHelper class with auxiliary class

Hi,

 

I'm trying to create a user via a mapping rule, using the NativeLDAP Helper class (Package com.ibm.security.access.ldap.utils). However, when I try to create the user by adding an auxiliary class to the objectclass attribute (ex.: addAttrs.put(new BasicAttribute("objectclass", "myauxclass"));), JavaScript throws the following error:

 

LDAP: error code 65 - Object Class Violation

 

I have already created this auxiliary class in ISVD, and all added attributes are optional.

I am able to create the user with this auxiliary class using the ldapadd command line and Apache Directory Studio.

 

Any ideas on what might be causing this issue?

------------------------------
Rudy Santos
------------------------------

Hello Franz,

I already inserted all object classes in the PUT request. Below is part of the code. If I comment out the auxiliary class, the user is created.

I was wondering if it is necessary to update the schema into IVIA for this class, as I'm using the server connection, but I couldn't find anything related.

I have created this class as an auxiliary class type, and all attributes are optional in ISVD.

    addAttrs.put(new BasicAttribute("objectclass", "top"));
    addAttrs.put(new BasicAttribute("objectclass", "person"));
    addAttrs.put(new BasicAttribute("objectclass", "organizationalPerson"));
    addAttrs.put(new BasicAttribute("objectclass", "inetorgperson"));
    //addAttrs.put(new BasicAttribute("objectclass", "myauxclass"));

------------------------------
Rudy Santos
------------------------------

Original Message:
Sent: Wed September 24, 2025 04:23 PM
From: Franz Wolfhagen
Subject: Verify Access (IVIA) using NativeLDAPHelper class with auxiliary class

I do not know the how that class works but my guess is that you would need to list all objectclasses on the put request - that would explain the object class violation at least :-)  

------------------------------
Franz Wolfhagen
WW IAM Solution Architect - Certified Consulting IT Specialist
IBM Expert Labs

Original Message:
Sent: Wed September 24, 2025 11:36 AM
From: Rudy Santos
Subject: Verify Access (IVIA) using NativeLDAPHelper class with auxiliary class

Hi,

 

I'm trying to create a user via a mapping rule, using the NativeLDAP Helper class (Package com.ibm.security.access.ldap.utils). However, when I try to create the user by adding an auxiliary class to the objectclass attribute (ex.: addAttrs.put(new BasicAttribute("objectclass", "myauxclass"));), JavaScript throws the following error:

 

LDAP: error code 65 - Object Class Violation

 

I have already created this auxiliary class in ISVD, and all added attributes are optional.

I am able to create the user with this auxiliary class using the ldapadd command line and Apache Directory Studio.

 

Any ideas on what might be causing this issue?

------------------------------
Rudy Santos
------------------------------

I performed another test and I could add the auxiliary class, after creating the user:

    addAttrs.put(new BasicAttribute("objectclass", "top"));
    addAttrs.put(new BasicAttribute("objectclass", "person"));
    addAttrs.put(new BasicAttribute("objectclass", "organizationalPerson"));
    addAttrs.put(new BasicAttribute("objectclass", "inetorgperson"));
    var res4 = attrUtil.createSubContext(name,addAttrs);

    var res4 = attrUtil.addAttributeValue(name,"objectclass", "myauxclass");
    var res4 = attrUtil.addAttributeValue(name,"myauxAttribute", "attribute value");

------------------------------
Rudy Santos
------------------------------

Original Message:
Sent: Thu September 25, 2025 05:18 AM
From: Rudy Santos
Subject: Verify Access (IVIA) using NativeLDAPHelper class with auxiliary class

Hello Franz,

I already inserted all object classes in the PUT request. Below is part of the code. If I comment out the auxiliary class, the user is created.

I was wondering if it is necessary to update the schema into IVIA for this class, as I'm using the server connection, but I couldn't find anything related.

I have created this class as an auxiliary class type, and all attributes are optional in ISVD.

    addAttrs.put(new BasicAttribute("objectclass", "top"));
    addAttrs.put(new BasicAttribute("objectclass", "person"));
    addAttrs.put(new BasicAttribute("objectclass", "organizationalPerson"));
    addAttrs.put(new BasicAttribute("objectclass", "inetorgperson"));
    //addAttrs.put(new BasicAttribute("objectclass", "myauxclass"));

------------------------------
Rudy Santos

Original Message:
Sent: Wed September 24, 2025 04:23 PM
From: Franz Wolfhagen
Subject: Verify Access (IVIA) using NativeLDAPHelper class with auxiliary class

I do not know the how that class works but my guess is that you would need to list all objectclasses on the put request - that would explain the object class violation at least :-)  

------------------------------
Franz Wolfhagen
WW IAM Solution Architect - Certified Consulting IT Specialist
IBM Expert Labs

Original Message:
Sent: Wed September 24, 2025 11:36 AM
From: Rudy Santos
Subject: Verify Access (IVIA) using NativeLDAPHelper class with auxiliary class

Hi,

 

I'm trying to create a user via a mapping rule, using the NativeLDAP Helper class (Package com.ibm.security.access.ldap.utils). However, when I try to create the user by adding an auxiliary class to the objectclass attribute (ex.: addAttrs.put(new BasicAttribute("objectclass", "myauxclass"));), JavaScript throws the following error:

 

LDAP: error code 65 - Object Class Violation

 

I have already created this auxiliary class in ISVD, and all added attributes are optional.

I am able to create the user with this auxiliary class using the ldapadd command line and Apache Directory Studio.

 

Any ideas on what might be causing this issue?

------------------------------
Rudy Santos
------------------------------

Have a look to the isavd audit log, very helpful for understanding what really happens. 

------------------------------
Jens Petersen
------------------------------

Original Message:
Sent: Wed September 24, 2025 11:36 AM
From: Rudy Santos
Subject: Verify Access (IVIA) using NativeLDAPHelper class with auxiliary class

Hi,

 

I'm trying to create a user via a mapping rule, using the NativeLDAP Helper class (Package com.ibm.security.access.ldap.utils). However, when I try to create the user by adding an auxiliary class to the objectclass attribute (ex.: addAttrs.put(new BasicAttribute("objectclass", "myauxclass"));), JavaScript throws the following error:

 

LDAP: error code 65 - Object Class Violation

 

I have already created this auxiliary class in ISVD, and all added attributes are optional.

I am able to create the user with this auxiliary class using the ldapadd command line and Apache Directory Studio.

 

Any ideas on what might be causing this issue?

------------------------------
Rudy Santos
------------------------------