On 12/23/10 3:10 PM, Stefan Seelmann wrote: > Hi Emmanuel, > > On Thu, Dec 23, 2010 at 3:06 PM, Emmanuel Lecharny wrote: >> Hi, >> >> I have an issue. When trying to update the seqNumber attribute in an >> AdminsitrativePoint, I get an error : >> org.apache.directory.shared.ldap.exception.LdapNoPermissionException: ERR_52 >> Cannot modify the attribute : ATTRIBUTE_TYPE ( 1.3.6.1.4.1.18060.0.4.1.2.51 >> NAME 'APSeqNumber' >> DESC A sequential number used for Administration Point entries >> EQUALITY integerMatch >> SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 >> SINGLE-VALUE >> NO-USER-MODIFICATION >> USAGE dSAOperation >> ) >> >> There is a check that forbid us to modify such an attribute (it can be >> added, deleted, but not replaced) >> >> I'm using the admin users. >> >> Should we allow such a modification when the user is the admin ? > Is the check located in the SchemaInterceptor? Yes > If so, I think there > are some Interceptor by-passes to avoid such checks. True. No need to check the entry when it's manipulated by the server. Thanks for the heads up ! > Kind Regards, > Stefan > -- Regards, Cordialement, Emmanuel Lécharny www.iktek.com