To Configure the Secondary View of a Join View (Sun Java System Directory Server Enterprise Edition 6.3 Administration Guide)

Sun Java System Directory Server Enterprise Edition 6.3 Administration Guide

To Configure the Secondary View of a Join View

Specific properties must be configured on the secondary data view to allow it to function as the source for a join view. Because the secondary view can be any type of data view, the command you use will depend on the data view type. The following sample commands assume that the secondary view is an LDAP data view. For more information about the properties described here, see Additional Secondary Data View Properties in Sun Java System Directory Server Enterprise Edition 6.3 Reference.

You cannot use DSCC to perform this task. Use the command line, as described in this procedure.

Define a join rule that determines how the secondary view is related to the primary view.

Never set the filter-join-rule and dn-join-rule on the primary data view of a join view.

The join rule can be one of the following:
- DN join rule
  $ dpconf set-ldap-data-view-prop -h host -p port secondary-view-name \ dn-join-rule:uid=\${primary-view-name.uid},ou=People,dc=example
- Filter join rule
  $ dpconf set-ldap-data-view-prop -h host -p port secondary-view-name \ filter-join-rule:uid=\${primary-view-name.uid}
The configuration for the dn-join-rule and filter-join-rule properties is used by the server only if the join-rule-control-enabled property on the join data view is set to false. Otherwise, if the join-rule-control-enabled property is set to true on the join data view, then the information set on the secondary view will be ignored.

If the filter join rule is set on the join data view, you need to set a virtual transformation rule on the secondary data view to be able to add an entry on the join data view.
dpconf add-virtual-transformation secondary-view-name \ write add-attr-value dn uid=\${uid}
Note –
Without setting this rule, addition of entries to join data view would not be possible.

(Optional) Specify whether binds are allowed on the secondary view.

By default, binds are permitted on all data views. If you want to prohibit binds to the secondary data view, run the following command:
$ dpconf set-ldap-data-view-prop -h host -p port secondary-view-name process-bind:false
For more information about this property, see Handling of Binds in Sun Java System Directory Server Enterprise Edition 6.3 Reference.

(Optional) Specify whether the secondary view contains shared entries.
$ dpconf set-ldap-data-view-prop -h host -p port secondary-view-name \ contains-shared-entries:true
For more information about this property, see Handling of Shared Entries in Sun Java System Directory Server Enterprise Edition 6.3 Reference.