Index Index for
Section 5
Index Alphabetical
listing for S
Bottom of page Bottom of
page		 

SLAPO-UNIQUE(5)


NAME

  slapo-unique - Attribute Uniqueness overlay


SYNOPSIS

  /usr/internet/openldap/etc/slapd.conf


DESCRIPTION

  The Attribute Uniqueness overlay can be used with a backend database such
  as slapd-bdb(5) to enforce the uniqueness of some or all attributes within
  a subtree. This subtree defaults to the base DN of the database for which
  the Uniqueness overlay is configured.

  Uniqueness is enforced by searching the subtree to ensure that the values
  of all attributes presented with an add, modify or modrdn operation are
  unique within the subtree.  For example, if uniqueness were enforced for
  the uid attribute, the subtree would be searched for any other records
  which also have a uid attribute containing the same value. If any are
  found, the request is rejected.


CONFIGURATION

  These slapd.conf options apply to the Attribute Uniqueness overlay.  They
  should appear after the overlay directive.

  unique_base <basedn>
       Configure the subtree against which uniqueness searches will be
       invoked.	 The basedn defaults to the base DN of the database for which
       uniqueness is configured.

  unique_ignore <attribute...>
       Configure one or more attributes for which uniqueness will not be
       enforced.  If not configured, all non-operational (eg, system)
       attributes must be unique. Note that the unique_ignore list should
       generally contain the objectClass, dc, ou and o attributes, as these
       will generally not be unique, nor are they operational attributes.

  unique_attributes <attribute...>
       Specify one or more attributes for which uniqueness will be enforced.
       If not specified, all attributes which are not operational (eg, system
       attributes such as entryUUID ) or specified via the unique_ignore
       directive above must be unique within the subtree.

  unique_strict
       By default, uniqueness is not enforced for null values. Enabling
       unique_strict mode extends the concept of uniqueness to include null
       values, such that only one attribute within a subtree will be allowed
       to have a null value.


CAVEATS

  The search key is generated with attributes that are non-operational, not
  on the unique_ignore list, and included in the unique_attributes list, in
  that order. This makes it possible to create interesting and unusable
  configurations. Usually only one of unique_ignore or unique_attributes
  should be configured; use unique_ignore if the majority of attributes
  should be unique, and use unique_attributes if only a small set of
  attributes should be unique.

  Typical attributes for the unique_ignore directive are intentionally not
  hardcoded into the overlay to allow for maximum flexibility in meeting
  site-specific requirements.


FILES

  /usr/internet/openldap/etc/slapd.conf
       default slapd configuration file


SEE ALSO

  slapd.conf(5).

Index Index for
Section 5
Index Alphabetical
listing for S
Top of page Top of
page