Enforce Unique Values for Mail Attributes (Sun Java System Delegated Administrator 6.4 Administration Guide)

Sun Java System Delegated Administrator 6.4 Administration Guide

Enforce Unique Values for Mail Attributes

Messaging Server uses the following mail attributes to identify a user's email address and alternate email addresses:

mail
mailAlternateAddress
mailEquivalentAddress

Each user's mail attributes should be unique across the directory.

The following procedure shows how to modify a Directory Server ldif file to enforce the uniqueness of these attributes. Whenever Delegated Administrator (or any LDAP tool) adds an entry or modifies a mail attribute, the ldif plug-in checks that the mail attribute values are unique. If an operation would cause two entries to have the same mail-attribute values, it is terminated.

For definitions of the mail attributes, see Chapter 3, Messaging Server and Calendar Server Attributes, in Sun Java Communications Suite 5 Schema Reference.

To enforce the uniqueness of mail attributes

Before You Begin

Note –

If you are running Directory Server 5.2.5 (Java ES Release 4) or later, follow the procedures described below.

If you are running Directory Server 5.2.4 (Java ES Release 4), you need to apply patch 5.2_Patch_4_6313027 before you begin the following procedure.

If you are running an earlier version of Directory Server, you need to upgrade to Directory Server 5.2.5 or later before you begin.

To access Directory Server patches, go to http://sunsolve.sun.com.

Create a text file with the following lines. Replace the parameters shown in the file with values specific to your installation:

dn: cn=Uniqueness in Attribute Set,cn=plugins,cn=config
objectClass: top
objectClass: nsSlapdPlugin
objectClass: ds-signedPlugin
objectClass: extensibleObject
cn: Uniqueness in Attribute Set
nssldap-pluginPath: server_root/lif/uid-plugin.so
nsslapd-pluginInitfunc: NSUniqueAttrSet_Init
nsslapd-pluginType: preoperation
nsslapd-pluginEnabled: on
nsslapd-pluginarg0: attributeset=mail,mailalternateaddress,mailequivalentaddress
nsslapd-pluginarg1: ugldapbasedn
nsslapd-plugin-depends-on-type: database
nsslapd-pluginId: NSUniqueAttrSet
nsslapd-pluginVersion: 5.2
nsslapd-pluginVendor: Sun Microsystems, Inc.
nsslapd-pluginDescription: Enforce unique values among an attribute set

Change the following parameters:

Replace server_root with the directory underneath which your Directory Server is installed. For example: /var/opt/mps/serverroot

Replace ugldapbasednwith your root suffix. Uniqueness checking is performed on all entries underneath this suffix.

Stop Directory Server.

Add your modified text file to the Directory Server dse.ldif file.

Location of the dse.ldif File:

The dse.ldif file is located in the following directory:

server_root/slapd-machine_name/config

where

server_root is the directory underneath which Directory Server is installed. For example: /var/opt/mps/serverroot

machine_name is the name of the host machine where Directory Server is installed.

Where to Add Your Text File:

Add your text file after the uid uniqueness section of the dse.ldif file. The first line of this section (the dn) is as follows:

dn: cn=uid uniquenss,cn=plugins,cn=config

Restart Directory Server.

When Directory Server starts, it installs the modified dse.ldif file in the directory.

Troubleshooting

If Directory Server does not start because the dse.ldif file has generated an error, check the values you used to replace the parameters in the sample text file. Your LDAP root suffix and the Directory Server installation path and host machine must be correct for your installation.

If Directory Server still does not start, you can, as a last resort, remove the text file from the dse.ldif file and restart Directory Server.