Sun Java System Delegated Administrator 6.4 Administration Guide

Enforce Unique Values for Mail Attributes

Messaging Server uses the following mail attributes to identify a user's email address and alternate email addresses:

Each user's mail attributes should be unique across the directory.

The following procedure shows how to modify a Directory Server ldif file to enforce the uniqueness of these attributes. Whenever Delegated Administrator (or any LDAP tool) adds an entry or modifies a mail attribute, the ldif plug-in checks that the mail attribute values are unique. If an operation would cause two entries to have the same mail-attribute values, it is terminated.

For definitions of the mail attributes, see Chapter 3, Messaging Server and Calendar Server Attributes, in Sun Java Communications Suite 5 Schema Reference.

ProcedureTo enforce the uniqueness of mail attributes

Before You Begin

Note –

If you are running Directory Server 5.2.5 (Java ES Release 4) or later, follow the procedures described below.

If you are running Directory Server 5.2.4 (Java ES Release 4), you need to apply patch 5.2_Patch_4_6313027 before you begin the following procedure.

If you are running an earlier version of Directory Server, you need to upgrade to Directory Server 5.2.5 or later before you begin.

To access Directory Server patches, go to

  1. Create a text file with the following lines. Replace the parameters shown in the file with values specific to your installation:

    dn: cn=Uniqueness in Attribute Set,cn=plugins,cn=config
    objectClass: top
    objectClass: nsSlapdPlugin
    objectClass: ds-signedPlugin
    objectClass: extensibleObject
    cn: Uniqueness in Attribute Set
    nssldap-pluginPath: server_root/lif/
    nsslapd-pluginInitfunc: NSUniqueAttrSet_Init
    nsslapd-pluginType: preoperation
    nsslapd-pluginEnabled: on
    nsslapd-pluginarg0: attributeset=mail,mailalternateaddress,mailequivalentaddress
    nsslapd-pluginarg1: ugldapbasedn
    nsslapd-plugin-depends-on-type: database
    nsslapd-pluginId: NSUniqueAttrSet
    nsslapd-pluginVersion: 5.2
    nsslapd-pluginVendor: Sun Microsystems, Inc.
    nsslapd-pluginDescription: Enforce unique values among an attribute set

    Change the following parameters:

    Replace server_root with the directory underneath which your Directory Server is installed. For example: /var/opt/mps/serverroot

    Replace ugldapbasednwith your root suffix. Uniqueness checking is performed on all entries underneath this suffix.

  2. Stop Directory Server.

  3. Add your modified text file to the Directory Server dse.ldif file.

    Location of the dse.ldif File:

    The dse.ldif file is located in the following directory:



    server_root is the directory underneath which Directory Server is installed. For example: /var/opt/mps/serverroot

    machine_name is the name of the host machine where Directory Server is installed.

    Where to Add Your Text File:

    Add your text file after the uid uniqueness section of the dse.ldif file. The first line of this section (the dn) is as follows:

    dn: cn=uid uniquenss,cn=plugins,cn=config

  4. Restart Directory Server.

    When Directory Server starts, it installs the modified dse.ldif file in the directory.


If Directory Server does not start because the dse.ldif file has generated an error, check the values you used to replace the parameters in the sample text file. Your LDAP root suffix and the Directory Server installation path and host machine must be correct for your installation.

If Directory Server still does not start, you can, as a last resort, remove the text file from the dse.ldif file and restart Directory Server.