I've read that OpenLDAP supports runtime schema modifications but I can't figure out the extensiveness of this feature. On Sun's page ( http://java.sun.com/products/jndi/tutorial/ldap/schema/object.html under the header "Adding a New Object Class") it's telling me that OpenLDAP does not support this kind of modification. When I try the code on that page, I run into
Exception in thread "main" javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 21 - objectClasses: value #0 invalid per syntax]; remaining name ''
And in the syslog I noticed this
Apr 24 15:38:14 localhost slapd[6532]: daemon: read activity on 12 Apr 24 15:38:14 localhost slapd[6532]: connection_get(12) Apr 24 15:38:14 localhost slapd[6532]: connection_get(12): got connid=14 Apr 24 15:38:14 localhost slapd[6532]: connection_read(12): checking for input on id=14 Apr 24 15:38:14 localhost slapd[6540]: do_modify Apr 24 15:38:14 localhost slapd[6540]: do_modify: dn (cn=Subschema) Apr 24 15:38:14 localhost slapd[6540]: => get_ctrls Apr 24 15:38:14 localhost slapd[6540]: => get_ctrls: oid="2.16.840.1.113730.3.4.2" (noncritical) Apr 24 15:38:14 localhost slapd[6532]: ber_get_next on fd 12 failed errno=11 (Resource temporarily unavailable) Apr 24 15:38:14 localhost slapd[6540]: <= get_ctrls: n=1 rc=0 err="" Apr 24 15:38:14 localhost slapd[6540]: >>> dnPrettyNormal: <cn=Subschema> Apr 24 15:38:14 localhost slapd[6540]: <<< dnPrettyNormal: <cn=Subschema>, <cn=subschema> Apr 24 15:38:14 localhost slapd[6540]: send_ldap_result: conn=14 op=3 p=3 Apr 24 15:38:14 localhost slapd[6540]: send_ldap_result: err=21 matched="" text="objectClasses: value #0 invalid per syntax" Apr 24 15:38:14 localhost slapd[6540]: send_ldap_response: msgid=4 tag=103 err=21 Apr 24 15:38:14 localhost slapd[6540]: conn=14 op=3 RESULT tag=103 err=21 text=objectClasses: value #0 invalid per syntax Apr 24 15:38:14 localhost slapd[6532]: daemon: select: listen=6 active_threads=0 tvp=NULL Apr 24 15:38:14 localhost slapd[6532]: daemon: activity on 1 descriptor Apr 24 15:38:14 localhost slapd[6532]: daemon: activity on: Apr 24 15:38:14 localhost slapd[6532]: 13r
Does OpenLDAP allow programmic (hopefully but necessarily Java) schema changes at runtime?