Add LDAP entry to Active Directory via ext / ldap

Using ext / ldap I am trying to add entries to Active Directory. So far I only use one structured objectClass, everything works as expected, but as soon as I try to add an entry with a second auxiliary objectClass, the server reports an error:

The server does not want to execute; 00002040: SvcErr: DSID-030F0AA0, problem 5003 (WILL_NOT_PERFORM), data 0

The following code works:

ldap_add($ldap, 'OU=Test,OU=Test,DC=domain,DC=example,DC=local', array(
    'ou' => 'Test',
    'objectClass' => 'organizationalUnit',
    'l' => 'location'
));

      

        
        
        
      

    

It does not mean:

ldap_add($ldap, 'OU=Test,OU=Test,DC=domain,DC=example,DC=local', array(
    'ou' => 'Test',
    'associatedDomain' => 'domain',
    'objectClass' => array('organizationalUnit', 'domainRelatedObject'),
    'l' => 'location'
));

      

        
        
        
      

    

The same thing happens if I try to add an additional objectClass to an existing entry:

ldap_mod_add($ldap, 'OU=Test,OU=Test,DC=domain,DC=example,DC=local', array(
    'associatedDomain' => 'domain',
    'objectClass' => 'domainRelatedObject'
));

      

        
        
        
      

    

The corresponding error message is essentially the same

The server does not want to execute; 00002040: SvcErr: DSID-030508F8, problem 5003 (WILL_NOT_PERFORM), data 0

Like all other update and add operations, I think the problem must be related to the objectClass attribute.

Since I don't have enough experience with Active Directory (I'm used to OpenLDAP): Are there any known issues with objectClasses in Active Directory? Am I missing something? Are there any restrictions prohibiting adding, eg. domainRelatedObject

before organizationalUnit

? What's going on here, -)?

Just in case you're wondering: is domainRelatedObject

present in the Active Directory schema.