Jimmy Liang wrote:
I've read that OpenLDAP supports runtime schema modifications but
can't figure out the extensiveness of this feature. On Sun's page
under the header "Adding a New Object Class") it's telling me that
OpenLDAP does not support this kind of modification.
That page is half right. OpenLDAP does not allow direct modification of the
subschema subentry. In OpenLDAP 2.3 you can add new schema elements by adding
them under the "cn=schema,cn=config" branch (but you cannot modify existing
schema). In OpenLDAP 2.4 you can add/delete/modify schema using cn=config.
When I try the code
on that page, I run into
Exception in thread "main"
javax.naming.directory.InvalidAttributeValueException: [LDAP: error code
21 - objectClasses: value #0 invalid per syntax]; remaining name ''
It appears that your request contained invalid data. This check occurs pretty
early, before the server even checks whether you're able to make the change.
Does OpenLDAP allow programmic (hopefully but necessarily Java)
changes at runtime?
Yes, but you have to provide valid data first.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/