LDAP - Not able to create a new person with country

Question

I am trying to create a new Person entry in LDAP (Apache Directory Server). I am able to create a person without a country objectClass like below.

            dn[n]: uid=dduck,ou=people,dc=example,dc=com
            objectClass: top
            objectClass: person
            objectClass: organizationalPerson
            objectClass: inetOrgPerson
            uid: dduck
            sn: Duck
            cn: Donal Duck

But I also want to add a Country to this person. So I added country objectClass as below.

            dn[n]: uid=dduck,ou=people,dc=example,dc=com
            objectClass: country
            objectClass: top
            objectClass: person
            objectClass: organizationalPerson
            objectClass: inetOrgPerson
            uid: dduck
            sn: Duck
            c: FR
            cn: Donal Duck

But it fails with below error, any idea please ?

ERROR Message

            Error while creating entry
             - [LDAP: error code 65 - OBJECT_CLASS_VIOLATION: failed for MessageType : ADD_REQUES
              java.lang.Exception: [LDAP: error code 65 - OBJECT_CLASS_VIOLATION: failed for MessageType : ADD_REQUEST
            Message ID : 26
                Add Request :
            Entry
                dn[n]: uid=dduck,ou=people,dc=example,dc=com
                objectClass: country
                objectClass: top
                objectClass: person
                objectClass: organizationalPerson
                objectClass: inetOrgPerson
                uid: dduck
                sn: Duck
                c: FR
                cn: Donal Duck
            : ERR_61 Entry uid=dduck,ou=people,dc=example,dc=com contains more than one STRUCTURAL ObjectClass: [OBJECT_CLASS ( 2.16.840.1.113730.3.2.2
             NAME 'inetOrgPerson'
             DESC RFC2798: Internet Organizational Person
             SUP 'organizationalPerson'
             STRUCTURAL
             MAY ( 'audio' $ 'businessCategory' $ 'carLicense' $ 'departmentNumber' $ 'displayName' $ 'employeeNumber' $ 'employeeType' $ 'givenName' $ 'homePhone' $ 'homePostalAddress' $ 'initials' $ 'jpegPhoto' $ 'labeledURI' $ 'mail' $ 'manager' $ 'mobile' $ 'o' $ 'pager' $ 'photo' $ 'roomNumber' $ 'secretary' $ 'uid' $ 'userCertificate' $ 'x500UniqueIdentifier' $ 'preferredLanguage' $ 'userSMIMECertificate' $ 'userPKCS12' )
             )
            , OBJECT_CLASS ( 2.5.6.2
             NAME 'country'
             DESC RFC2256: a country
             SUP 'top'
             STRUCTURAL
             MUST 'c'
             MAY ( 'searchGuide' $ 'description' )
             )
            ]]
                at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.checkResponse(DirectoryApiConnectionWrapper.java:1280)
                at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.access$600(DirectoryApiConnectionWrapper.java:109)
                at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper$6.run(DirectoryApiConnectionWrapper.java:928)
                at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.runAndMonitor(DirectoryApiConnectionWrapper.java:1175)
                at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.checkConnectionAndRunAndMonitor(DirectoryApiConnectionWrapper.java:1109)
                at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.createEntry(DirectoryApiConnectionWrapper.java:950)
                at org.apache.directory.studio.ldapbrowser.core.jobs.CreateEntryRunnable.createEntry(CreateEntryRunnable.java:224)
                at org.apache.directory.studio.ldapbrowser.core.jobs.CreateEntryRunnable.run(CreateEntryRunnable.java:124)
                at org.apache.directory.studio.connection.ui.RunnableContextRunner$1.run(RunnableContextRunner.java:112)
                at org.eclipse.jface.operation.ModalContext$ModalContextThread.run(ModalContext.java:121)

              [LDAP: error code 65 - OBJECT_CLASS_VIOLATION: failed for MessageType : ADD_REQUEST
            Message ID : 26
                Add Request :
            Entry
                dn[n]: uid=dduck,ou=people,dc=example,dc=com
                objectClass: country
                objectClass: top
                objectClass: person
                objectClass: organizationalPerson
                objectClass: inetOrgPerson
                uid: dduck
                sn: Duck
                c: FR
                cn: Donal Duck
            : ERR_61 Entry uid=dduck,ou=people,dc=example,dc=com contains more than one STRUCTURAL ObjectClass: [OBJECT_CLASS ( 2.16.840.1.113730.3.2.2
             NAME 'inetOrgPerson'
             DESC RFC2798: Internet Organizational Person
             SUP 'organizationalPerson'
             STRUCTURAL
             MAY ( 'audio' $ 'businessCategory' $ 'carLicense' $ 'departmentNumber' $ 'displayName' $ 'employeeNumber' $ 'employeeType' $ 'givenName' $ 'homePhone' $ 'homePostalAddress' $ 'initials' $ 'jpegPhoto' $ 'labeledURI' $ 'mail' $ 'manager' $ 'mobile' $ 'o' $ 'pager' $ 'photo' $ 'roomNumber' $ 'secretary' $ 'uid' $ 'userCertificate' $ 'x500UniqueIdentifier' $ 'preferredLanguage' $ 'userSMIMECertificate' $ 'userPKCS12' )
             )
            , OBJECT_CLASS ( 2.5.6.2
             NAME 'country'
             DESC RFC2256: a country
             SUP 'top'
             STRUCTURAL
             MUST 'c'
             MAY ( 'searchGuide' $ 'description' )
             )
            ]]

Answer 1

You can't combine two structural object classes. It's like a single inheritance rule. However you can add 'extensibleObject' instead of 'country', then you can use the 'c' attribute.