I need to remove an object class of an old App form a few users which (the App) I removed some time ago.
what I tried to do:
ldapmodify -v -D "cn=admin,$(ucr get ldap/base)" -y /etc/ldap.secret <<__LDIF__
dn: uid=my.username,cn=users,dc=mydomain,dc=mytld
changetype: modify
delete: objectClass
objectClass: guacamoleUser
__LDIF__
this results in the error:
ldap_modify: Invalid syntax (21)
additional info: objectClass: value #0 invalid per syntax
I tried to do this with LDAPAdmin also, “delete row” results in the same error.
just a general question… why do we always use objectclasses instead of groups? wouldn’t groups be easier to administrate?