I've read that OpenLDAP supports runtime schema modifications but I can't figure out the extensiveness of this feature. On Sun's page (http://java.sun.com/products/jndi/tutorial/ldap/schema/object.html under the header "Adding a New Object Class") it's telling me that OpenLDAP does not support this kind of modification. When I try the code on that page, I run into
Exception in thread "main" javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 21 - objectClasses: value #0 invalid per syntax]; remaining name ''
And in the syslog I noticed this
Apr 24 15:38:14 localhost slapd[6532]: daemon: read activity on 12
Apr 24 15:38:14 localhost slapd[6532]: connection_get(12)
Apr 24 15:38:14 localhost slapd[6532]: connection_get(12): got connid=14
Apr 24 15:38:14 localhost slapd[6532]: connection_read(12): checking for input on id=14
Apr 24 15:38:14 localhost slapd[6540]: do_modify
Apr 24 15:38:14 localhost slapd[6540]: do_modify: dn (cn=Subschema)
Apr 24 15:38:14 localhost slapd[6540]: => get_ctrls
Apr 24 15:38:14 localhost slapd[6540]: => get_ctrls: oid="2.16.840.1.113730.3.4.2" (noncritical)
Apr 24 15:38:14 localhost slapd[6532]: ber_get_next on fd 12 failed errno=11 (Resource temporarily unavailable)
Apr 24 15:38:14 localhost slapd[6540]: <= get_ctrls: n=1 rc=0 err=""
Apr 24 15:38:14 localhost slapd[6540]: >>> dnPrettyNormal: <cn=Subschema>
Apr 24 15:38:14 localhost slapd[6540]: <<< dnPrettyNormal: <cn=Subschema>, <cn=subschema>
Apr 24 15:38:14 localhost slapd[6540]: send_ldap_result: conn=14 op=3 p=3
Apr 24 15:38:14 localhost slapd[6540]: send_ldap_result: err=21 matched="" text="objectClasses: value #0 invalid per syntax"
Apr 24 15:38:14 localhost slapd[6540]: send_ldap_response: msgid=4 tag=103 err=21
Apr 24 15:38:14 localhost slapd[6540]: conn=14 op=3 RESULT tag=103 err=21 text=objectClasses: value #0 invalid per syntax
Apr 24 15:38:14 localhost slapd[6532]: daemon: select: listen=6 active_threads=0 tvp=NULL
Apr 24 15:38:14 localhost slapd[6532]: daemon: activity on 1 descriptor
Apr 24 15:38:14 localhost slapd[6532]: daemon: activity on:
Apr 24 15:38:14 localhost slapd[6532]: 13r
Does OpenLDAP allow programmic (hopefully but necessarily Java) schema changes at runtime?