RE: Can't add directoryOperation attribute type

["Howard Chu" <hyc@highlandsun.com>]

> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Chris Brook

> I need to add an attribute type: accessTimeStamp which is exactly like
> createTimeStamp and modifyTimeStamp but slapd refuses it with
> the error:
> attribute type "xx.xx....xx" is operational
> and shuts down.  I have defined the attribute type as SINGLE-VALUE
> NO-USER-MODIFICATION USAGE directoryOperation.  Is this not
> allowed in a
> schema included via slapd.conf.  Is there any way to get around this?
> Chris Brook

Attributes whose usage is "directoryOperation" or which do not allow user
modification can not be meaningfully specified in slapd.conf, since they must
necessarily be implemented by code inside slapd. That is, if you specify an
attributetype that doesn't allow user modification, then there's really
nothing you can do with it at all, unless you implement the code for it.

Currently, all operational attributes are implemented by code in slapd, and
their schema is hardcoded in slapd. Only user-modifiable schema may be
specified in slapd.conf. You can also write a dynamically loaded module to
add your schema if that's really what you want, but this one in particular
may require some invasive code changes.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support