Red Hat Directory Server 8.0 Administrator's Guide
4.3. Configuring Attribute Uniqueness Plug-ins from the
Command-Line
This section provides information about configuring the plug-in from the command line.
• Section 4.3.1, “Turning the Plug-in On or Off”
• Section 4.3.2, “Specifying a Suffix or Subtree”
• Section 4.3.3, “Using the markerObjectClass and requiredObjectClass Keywords”
4.3.1. Turning the Plug-in On or Off
1. To turn the plug-in on from the command line, run ldapmodify using an LDIF update
statement to change the nsslapd-pluginenabled attribute. For example:
ldapmodify -p 389 -D "cn=directory manager" -w secret -h ldap.example.com
dn: cn=descriptive_plugin_name,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginenabled
nsslapd-pluginenabled: on
For detailed information on the ldapmodify command, see the Directory Server
Configuration, Command, and File Reference.
To disable the plug-in, change the LDIF update statements to replace the on with off.
2. Whenever a plug-in is enabled or disabled, the server must be restarted.
service dirsrv restart instance_name
For information on restarting the server, see Section 3, “Starting and Stopping Servers”.
4.3.2. Specifying a Suffix or Subtree
The suffix or subtrees which the plug-in checks to ensure attribute uniqueness are defined using
the nsslapd-pluginarg attribute in the entry defining the plug-in.
To specify the subtree or subtrees, use ldapmodify to send LDIF update statements, similar to
this example:
ldapmodify -p 389 -D "cn=directory manager" -w secret -h ldap.example.com
dn: cn=mail uniqueness,cn=plugins,cn=config
changetype: modify
add: nsslapd-pluginarg2 nsslapd-pluginarg3
Configuring Attribute Uniqueness Plug-ins
509