DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH PRINT BOOK
 

slapo-unique(5)



SLAPO-UNIQUE(5)           FILE FORMATS            SLAPO-UNIQUE(5)

NAME

     slapo-unique - Attribute Uniqueness overlay

SYNOPSIS

     /etc/openldap/slapd.conf

DESCRIPTION

     The Attribute Uniqueness overlay can be used with a  backend
     database  such  as slapd-bdb(5) to enforce the uniqueness of
     some or  all  attributes  within  a  subtree.  This  subtree
     defaults  to  the  base  DN  of  the  database for which the
     Uniqueness overlay is configured.

     Uniqueness is enforced by searching the  subtree  to  ensure
     that  the  values  of  all attributes presented with an add,
     modify or modrdn operation are unique  within  the  subtree.
     For  example, if uniqueness were enforced for the uid attri-
     bute, the subtree would be searched for  any  other  records
     which  also  have a uid attribute containing the same value.
     If any are found, the request is rejected.

CONFIGURATION

     These slapd.conf options apply to the  Attribute  Uniqueness
     overlay.  They should appear after the overlay directive.

     unique_base <basedn>
          Configure the subtree against which uniqueness searches
          will be invoked.  The basedn defaults to the base DN of
          the database for which uniqueness is configured.

     unique_ignore <attribute...>
          Configure one or more attributes for  which  uniqueness
          will  not  be  enforced.   If  not configured, all non-
          operational (eg, system)  attributes  must  be  unique.
          Note  that the unique_ignore list should generally con-
          tain the objectClass, dc, ou and o attributes, as these
          will  generally not be unique, nor are they operational
          attributes.

     unique_attributes <attribute...>
          Specify one or more  attributes  for  which  uniqueness
          will  be  enforced.   If  not specified, all attributes
          which are not operational (eg, system  attributes  such
          as  entryUUID  )  or  specified  via  the unique_ignore
          directive above must be unique within the subtree.

     unique_strict
          By default, uniqueness is not enforced for null values.
          Enabling  unique_strict  mode  extends  the  concept of
          uniqueness to include null values, such that  only  one
          attribute  within  a  subtree will be allowed to have a
          null value.

OpenLDAP 2.3.27      Last change: 2006/08/19                    1

SLAPO-UNIQUE(5)           FILE FORMATS            SLAPO-UNIQUE(5)

CAVEATS

     The search key is generated with attributes  that  are  non-
     operational,  not on the unique_ignore list, and included in
     the unique_attributes list, in that  order.  This  makes  it
     possible  to create interesting and unusable configurations.
     Usually  only  one  of  unique_ignore  or  unique_attributes
     should  be  configured; use unique_ignore if the majority of
     attributes should be unique, and  use  unique_attributes  if
     only a small set of attributes should be unique.

     Typical  attributes  for  the  unique_ignore  directive  are
     intentionally  not  hardcoded  into the overlay to allow for
     maximum flexibility in meeting site-specific requirements.

FILES

     /etc/openldap/slapd.conf
          default slapd configuration file

SEE ALSO

     slapd.conf(5).

OpenLDAP 2.3.27      Last change: 2006/08/19                    2
Man(1) output converted with man2html