The server only generates composed attributes for entries in which that attribute is allowed to be present. For user attributes, tist means that the target attribute type must be permitted by at least one of the object classes associated with the entry. If an entry does not have any object class that permits the target attribute, then an attempt to generate composed values for the entry will fail with an objectClassViolation (65) result. This restriction does not exist for operational attributes.
The server allows composed attributes to satisfy mandatory attribute requirements. That is, if the target attribute is declared as a MUST type for any of the entry’s object classes, then it must be possible for a client to add an entry that does not include any values for that attribute type as long as the server will compose a value for that attribute.
The server should also enforce the SINGLE-VALUE constraint for the target attribute type. If an attribute type is defined with this constraint, it is not possible to configure the composed attribute plugin in a manner that could generate multiple values for that attribute and any operation that would result in multiple values for the target attribute is rejected.
Composed attributescannot set values for operational attributes that are defined with the NO-USER-MODIFICATION constraint.