Problem:

“LDAP-Fehler Object class violation: no objectClass attribute” during the creation of computers or when adding teachers to classes

Investigation:

ucr set directory/manager/cmd/debug/level='4'; pkill -f cli-server
less /var/log/univention/directory-manager-cmd.log

mod dn=cn=Computers,cn=groups,dc=schein,dc=me ml=[(‘uniqueMember’, ‘’, [b’cn=gsm-testpc,cn=computers,ou=sun, dc=schein,dc=me’]), (‘memberUid’, ‘’, [b’sun-testpc$’]), (‘objectClass’, [b’sambaGroupMapping’, b’top’, b’univentionGroup’, b’univentionObject’, b’posixGroup’, b’univentionPolicyReference’], b’’)]

This is an old/new list
meaning memberUid and uniqueMember were empty and will be added.
objectClass was filled and should be removed

Solution:

There was a self created extended attribute for isNextcloudGroup, that differs from the default one shipped by nextcloud itself (Customer did not use the nextcloud app, but an external one)

DN: cn=isNextcloudGroup,cn=custom attributes,cn=univention,dc=schein,dc=me
  CLIName: isNextcloudGroup
  copyable: 0
  default: None  
  deleteObjectClass: 0
  disableUDMWeb: 0
  doNotSearch: 0 
  fullWidth: 0   
  groupName: None
  groupPosition: None
  hook: None
  ldapMapping: objectClass
  longDescription: None
  mayChange: 1   
  module: groups/group
  multivalue: 0
  name: isNextcloudGroup
  notEditable: 0
  objectClass: nextcloudGroup
  overwritePosition: None
  overwriteTab: 0
  shortDescription: isNextcloudGroup
  syntax: boolean
  tabAdvanced: 0
  tabName: Nextcloud
  tabPosition: 1
  valueRequired: 0
  version: 2

ldapMapping: objectClass was the wrong part here. Change this to nextcloudEnabled and it was working again.