Skip Headers

Oracle® Internet Directory Administrator's Guide
10g (9.0.4)
Part Number B12118-01
Go To Documentation Library
Home		 Go To Product List
Solution Area		 Go To Table Of Contents
Contents		 Go To Index
Index

Go to previous page Go to beginning of chapter Go to next page

Attribute Uniqueness in the Directory, 4 of 5

Managing Attribute Uniqueness

This section contains these topics:

Location of Attribute Uniqueness Entries

Attribute uniqueness constraint entries are stored under cn=unique,cn=Common,cn=Products,cn=OracleContext.

Managing Attribute Uniqueness by Using Oracle Directory Manager

You can use Oracle Directory Manager to create, modify, and delete attribute uniqueness constraint entries.

Creating an Attribute Uniqueness Constraint Entry

  1. In the navigator pane, expand in succession Oracle Internet Directory Servers, directory server instance, and Attribute Uniqueness Management. The Attribute Uniqueness Management window displays a list of existing attribute uniqueness constraint entries in the right pane.

  2. On the toolbar, choose Create. This displays the New Constraint window.

    In the New Constraint dialog box, enter values for the fields. These are described in Table C-6.

  3. Choose OK. This returns you to the Attribute Uniqueness Management window. The entry you just created appears in the list of attribute uniqueness constraint entries.

  4. Choose Apply.

Modifying an Attribute Uniqueness Constraint Entry by Using Oracle Directory Manager

To modify an attribute uniqueness constraint entry:

  1. In the navigator pane, expand in succession Oracle Internet Directory Servers, directory server instance, and Attribute Uniqueness Management. The Attribute Uniqueness Management window displays a list of existing attribute uniqueness constraint entries in the right pane.

  2. In the Attribute Uniqueness Management window, select the attribute uniqueness constraint entry you want to modify, then choose Edit. The Attribute Uniqueness Constraint window for that attribute appears.

  3. In the Attribute Uniqueness Constraint window, enter your modifications in the appropriate fields, then choose OK. This returns you to the Attribute Uniqueness Management window.

  4. Choose Apply.

Deleting an Attribute Uniqueness Constraint Policy by Using Oracle Directory Manager

To delete an attribute uniqueness constraint policy:

  1. In the navigator pane, expand in succession Oracle Internet Directory Servers, directory server instance, and Attribute Uniqueness Management. The Attribute Uniqueness Management window displays a list of existing attribute uniqueness constraint entries in the right pane.

  2. In the Attribute Uniqueness Management window, select the attribute uniqueness constraint entry you want to delete, then choose Edit. The Attribute Uniqueness Constraint window for this attribute appears.

  3. Choose Delete, then, when prompted, confirm the deletion. This returns you to the Attribute Uniqueness Constraint window. The entry you deleted no longer appears in the list of attribute uniqueness constraint entries.

Managing Attribute Uniqueness by Using Command-Line Tools

This section contains these topics:

Enabling and Disabling Attribute Uniqueness by Using Command-Line Tools

You can enable or disable attribute uniqueness for an existing attribute uniqueness constraint entry.

To enable attribute uniqueness for an existing attribute uniqueness constraint entry:

  1. Set the orcluniqueenable attribute to 1 by using ldapmodify.

  2. Restart the directory server to enable the policy.

To disable attribute uniqueness:

  1. Set the orcluniqueenable attribute to 0 by using ldapmodify.

  2. Restart the directory server to disable the policy.

Creating Attribute Uniqueness Constraint Entries by Using Command-Line Tools

To enable attribute uniqueness, specify an attribute uniqueness constraint entry with the attributes listed in Table 8-1.

Creating Attribute Uniqueness Across an Entire Directory by Using Command-Line Tools

To create an instance of attribute uniqueness across an entire directory, specify an attribute name for which you want to enforce value uniqueness.

For example, to make employee identifiers unique for all US employees at MyCompany, you would follow these steps.

  1. Create an attribute uniqueness constraint entry (in LDIF format) as follows: 

    dn: cn=constraint1, cn=unique, cn=common, cn=products, cn=oraclecontext
objectclass: orclUniqueConfig
orcluniqueattrname: employeenumber
orcluniquesubtree: o=MyCompany, c=US
orcleuniqueobjectclass: person
  2. To apply the attribute uniqueness feature, load the attribute uniqueness constraint entry as follows: 

    ldapadd -h host -p port -D DN -w password -f constraint1.dat
  3. Restart the directory server.

Creating Attribute Uniqueness Across One Subtree by Using Command-Line Tools

To create an instance of attribute uniqueness across one or more subtrees, specify:

For example, suppose that MyCompany hosts the directories for SubscriberCompany1 and SubscriberCompany2, and you want to enforce the uniqueness of the employee identifier attribute in SubscriberCompany1 only. When you add an entry such as uid=dlin,ou=people,o=SubscriberCompany1,dc=MyCompany,
dc=com, you must enforce uniqueness only in the o=SubscriberCompany1,dc=MyCompany,dc=com subtree. Do this by listing the DN of the subtree explicitly in the attribute uniqueness constraint configuration.

In this case, the LDIF file would look like this: 

dn: cn=constraint1, cn=unique, cn=common, cn=products, cn=oraclecontext
objectclass: orclUniqueConfig
orcluniqueattrname: employeenumber
orcluniquesubtree: o=SubscriberCompany1,dc=MyCompany,	dc=com
Creating Attribute Uniqueness Across One Object Class by Using Command-Line Tools

To create an instance of attribute uniqueness across one object class, specify:

In this case, the LDIF file would look like this: 

dn: cn=constraint1, cn=unique, cn=common, cn=products, cn=oraclecontext
objectclass: orclUniqueConfig
orcluniqueattrname: employeenumber
orcleuniqueobjectclass: person

Modifying Attribute Uniqueness Constraint Entries by Using Command-Line Tools

To modify an attribute uniqueness entry, use create an LDIF file for the entry, then use ldapmodify to upload it into the directory.

For example, suppose there is an existing attribute uniqueness constraint entry: 

dn: cn=constraint1, cn=unique, cn=common, cn=products, cn=oraclecontext
objectclass: orclUniqueConfig
orcluniqueattrname: employeenumber
orcluniquesubtree: o=MyCompany, c=US
orcleuniqueobjectclass: person

To enforce the constraint against c=US, instead of o=MyCompany, you would perform these steps:

  1. Create an LDIF entry to change the orcluniquenesssubtree: 

    dn: cn=constraint1, cn=unique, cn=common, cn=products, cn=oraclecontext
changetype: modify
replace: orcluniquesubtree
orcluniquesubtree: o=Oracle Corporation, c=US
  2. Use ldapmodify to apply the change to directory server. 

    ldapmodify -p port -D user -w password -f file_name
  3. Restart the directory server to effect this change.

Deleting Attribute Uniqueness Constraint Entries by Using Command-Line Tools

Use the ldapdelete command-line tool to delete an attribute uniqueness constraint policy.

  1. Remove the attribute uniqueness constraint entry from the directory by using ldapdelete. 

    ldapdelete -p port -D bind_DN -w password 
"cn=constraint1,cn=unique,cn=common,cn=products,cn=oraclecontext"
  2. Restart the directory server to effect this change.

Go to previous page Go to beginning of chapter Go to next page
Oracle
Copyright © 1999, 2003 Oracle Corporation.
All Rights Reserved.
Go To Documentation Library
Home		 Go To Product List
Solution Area		 Go To Table Of Contents
Contents		 Go To Index
Index