Red Hat Directory Server 8.0 Administrator's Guide
object class. For example, a check may be performed only if the updated entry includes
objectclass=inetorgperson.
This configuration option is explained in more detail in Section 4.3.3, “Using the
markerObjectClass and requiredObjectClass Keywords”.
For information on using the Attribute Uniqueness Plug-in in a replicated environment, see
Section 6, “Replication and the Attribute Uniqueness Plug-in”.
Directory Server provides a default instance of the Attribute Uniqueness Plug-in, the UID
Uniqueness Plug-in, to ensure that values given to the uid attribute are unique in the root suffix
(the suffix corresponding to the userRoot database) configured when the Directory Server was
first set up.
This plug-in is disabled by default because it affects the operation of multi-master replication.
For information on using the attribute uniqueness plug-in in a replicated environment, refer to
Section 6, “Replication and the Attribute Uniqueness Plug-in”.
2. Attribute Uniqueness Plug-in Syntax
Configuration information for the Attribute Uniqueness Plug-in is specified in an entry under
cn=plugins,cn=config entry. There are two possible syntaxes for nsslapd-pluginarg
attributes.
NOTE
To enforce uniqueness of another attribute than the ones in these example, copy
and paste the default Attribute Uniqueness Plug-in entry, and being care to
change only the attributes described here.
Use the following syntax to perform the uniqueness check under a suffix or subtree:
dn: cn=descriptive_plugin_name,cn=plugins,cn=config
...
nsslapd-pluginEnabled: state
nsslapd-pluginarg0: attribute_name
nsslapd-pluginarg1: dn1
nsslapd-pluginarg2: dn2
...
• Any value can be given to the cn attribute to name the plug-in. The name should be
descriptive.
• The cn attribute does not contain the name of the attribute which is checked for uniqueness.
Chapter 18. Using the Attribute Uniqueness Plug-in
504