Manualshelf

Red Hat Directory Server 8.0 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Red Hat Directory Server Software
521522523524525526527528529530
nsslapd-pluginarg2: ou=Engineering,dc=example,dc=com
nsslapd-pluginarg3: ou=Sales,dc=example,dc=com
This example LDIF statement modified the Attribute Uniqueness Plug-in to check the
uniqueness of the mail attribute under the subtrees dc=example,dc=com,
ou=Engineering,dc=example,dc=com, and ou=Sales,dc=example,dc=com.
Use the ldapmodify command to import the LDIF file into the directory. For detailed information
on the ldapmodify command, see the Directory Server Configuration, Command, and File
Reference.
Whenever this type of configuration change is made, restart the server.
service dirsrv restart instance_name
For information on restarting the server, see Section 3, “Starting and Stopping Servers”.
4.3.3. Using the markerObjectClass and requiredObjectClass
Keywords
Instead of specifying a suffix or subtree in the configuration of an Attribute Uniqueness Plug-in,
perform the check under the entry belonging to the DN of the updated entry that has the object
class given in the markerObjectClass keyword.
To specify to perform the uniqueness check under the entry in the DN of the updated entry that
contains the organizational unit (ou) object class, copy and paste an existing Attribute
Uniqueness Plug-in entry, and change the following attributes:
ldapmodify -p 389 -D "cn=directory manager" -w secret -h ldap.example.com
dn: cn=mail uniqueness,cn=plugins,cn=config
...
nsslapd-pluginEnabled: on
nsslapd-pluginarg0: attribute=mail
nsslapd-pluginarg1: markerObjectClass=ou
...
If the server should not check every entry in the organization unit, limit the scope by setting the
check to be performed only if the updated entry contains a specified object class.
For example, if the uniqueness of the mail attribute is checked, it is probably only necessary to
perform the check when adding or modifying entries with the person or inetorgperson object
class.
Restrict the scope of the check by using the requiredObjectClass keyword, as shown in the
following example:
Chapter 18. Using the Attribute Uniqueness Plug-in
510