MAN page from StartCom 5 openldap-servers-overlays-2.3.43-12.SEL5_5.i386.rpm
Section: File Formats (5)
slapo-unique - Attribute Uniqueness overlay
The Attribute Uniqueness overlay can be used with a backend database such asslapd-bdb
(5)to enforce the uniqueness of some or all attributes within a subtree. Thissubtree defaults to the base DN of the database for which the Uniquenessoverlay is configured.
Uniqueness is enforced by searching the subtree to ensure that the values ofall attributes presented with anadd,modifyormodrdnoperation are unique within the subtree.For example, if uniqueness were enforced for theuidattribute, the subtree would be searched for any other records which alsohave auidattribute containing the same value. If any are found, the request isrejected.
options apply to the Attribute Uniqueness overlay.They should appear after theoverlay
- unique_base <basedn>
- Configure the subtree against which uniqueness searches will be invoked.Thebasedndefaults to the base DN of the database for which uniqueness is configured.
- unique_ignore <attribute...>
- Configure one or more attributes for which uniqueness will not be enforced.If not configured, all non-operational (eg, system) attributes must beunique. Note that theunique_ignorelist should generally contain theobjectClass,dc,ouandoattributes, as these will generally not be unique, nor are they operationalattributes.
- unique_attributes <attribute...>
- Specify one or more attributes for which uniqueness will be enforced.If not specified, all attributes which are not operational (eg, systemattributes such asentryUUID )or specified via theunique_ignoredirective above must be unique within the subtree.
- By default, uniqueness is not enforced for null values. Enablingunique_strictmode extends the concept of uniqueness to include null values, such thatonly one attribute within a subtree will be allowed to have a null value.
The search key is generated with attributes that are non-operational, noton theunique_ignorelist, and included in theunique_attributeslist, in that order. This makes it possible to create interesting andunusable configurations. Usually only one ofunique_ignoreorunique_attributesshould be configured; useunique_ignoreif the majority of attributes should be unique, and useunique_attributesif only a small set of attributes should be unique.
Typical attributes for theunique_ignoredirective are intentionally not hardcoded into the overlay to allow formaximum flexibility in meeting site-specific requirements.
- default slapd configuration file
- SEE ALSO
This document was created byman2html,using the manual pages.