On 4/12/11 10:08 AM, Hallvard B Furuseth wrote:
Ok, get it. It would be cool (tm) that OpenLDAP accepts direct modifications of the schema through LDAP requests.
Eh? You can, that's why cn=config exists. Just set up some DN to have write access to it. Normally a rootdn for database config.
No, you can't if you want to use the syntax for AttributeType/OvjecClass. You have to use a specific LDIF format, and this is the key we were discussing with some peeps : how to modify schema for existing Ldap server in a portable way (more specifically, it would be useful in Apache Directory Studio).
Of course, using a LDIF format with olcXXX AT is working, but it's non standard.
As I said, it would be very cool if OpenLDAP were allowing the schema modification through direct LDAP modify request on cn=subschema... (of course, ths has many implication : saving the data into cn=schema, make the server switch the schema internally without restarting it, etc, etc...)
Not a piece of cake !