Sun Java System Directory Server Enterprise Edition 6.2 Administration Guide

Creating and Configuring Join Data Views

A join data view is an aggregation of multiple data views. For information about how a join data view works, see Join Data Views in Sun Java System Directory Server Enterprise Edition 6.2 Reference.

For information about how to create and configure join data views, see the following procedures.

ProcedureTo Create a Join Data View

You cannot use DSCC to perform this task. Use the command line, as described in this procedure.

  1. Identify the primary and secondary data views that will be aggregated to form the join view.

    The primary and secondary data views must exist before the join view can be created. The primary and secondary views can be any type of data view, including an LDAP data view, LDIF data view, JDBC data view, or another join data view. Specific properties must be configured on the secondary view to allow it to function as the source for a join view. For more information, see To Configure the Secondary View of a Join View.

  2. Create the join data view.


    $ dpconf create-join-data-view -h host -p port view-name primary-view secondary-view \
     suffix-dn
    
  3. (Optional) View the list of join views to check that your data view has been created successfully.


    $ dpconf list-join-data-views -h host -p port
    

ProcedureTo Configure a Join Data View

You cannot use DSCC to perform this task. Use the command line, as described in this procedure.

  1. View the properties of a join data view.


    $ dpconf get-join-data-view-prop -h host -p port view-name
    

    The default properties of a join data view are as follows:


    alternate-search-base-dn                    :  ""
    alternate-search-base-dn                    :  dc=com
    attr-name-mappings                          :  none
    base-dn                                     :  suffixDN
    contains-shared-entries                     :  -
    description                                 :  -
    distribution-algorithm                      :  -
    dn-join-rule                                :  -
    dn-mapping-attrs                            :  none
    dn-mapping-source-base-dn                   :  none
    excluded-subtrees                           :  -
    filter-join-rule                            :  -
    is-enabled                                  :  true
    is-read-only                                :  false
    is-routable                                 :  true
    join-rule-control-enabled                   :  false
    lexicographic-attrs                         :  all
    lexicographic-lower-bound                   :  none
    lexicographic-upper-bound                   :  none
    non-viewable-attr                           :  -
    non-writable-attr                           :  -
    numeric-attrs                               :  all
    numeric-default-data-view                   :  false
    numeric-lower-bound                         :  none
    numeric-upper-bound                         :  none
    pattern-matching-base-object-search-filter  :  all
    pattern-matching-dn-regular-expression      :  all
    pattern-matching-one-level-search-filter    :  all
    pattern-matching-subtree-search-filter      :  all
    primary-view                                :  primary-view
    process-bind                                :  -
    replication-role                            :  master
    secondary-view                              :  secondary-view
    viewable-attr                               :  all except non-viewable-attr
    writable-attr                               :  all except non-writable-attr
  2. Change one or more of the properties that are listed in Step 1.


    $ dpconf set-join-data-view-prop -h host -p port view-name property:value \
     [property:value ... ]

    For example, to change the primary data view of a data source to myLDAPDataView, use the following command:


    $ dpconf set-join-data-view-prop -h host1 -p 1389 -D cn="Proxy Manager" \
     myJoinDataView primary-view:myLDAPDataView
  3. When a join data view is configured, set viewable-attr and writable-attr properties on primary data view and secondary data view.

    Setting of these properties helps in splitting the search filters appropriately on primary and secondary data views. Otherwise, there might be discrepancies in search results when search filter contains attributes from secondary data view.

  4. If necessary, restart the instance of Directory Proxy Server for the changes to take effect.

    For information about restarting Directory Proxy Server, see To Restart Directory Proxy Server.

ProcedureTo Configure a Join Data View to Enable Referencing of a Data View by Multiple Join Data Views

Setting join rule configuration information in the join data view makes the data view to be referenced by multiple join data views. To do so, perform the following:

  1. Set join-rule-control-enabled to true on the join data view.


    $ dpconf set-join-data-view-prop view-name join-rule-control-enabled:true

    After setting join-rule-control-enabled to true, join rule configuration information stored in the join data view is used by the server. If you have a join data view with the join rule configuration information stored in the secondary data view then this information is not used by the server. To have this information used by the server, you will have to manually add the configuration information at the join data view level.

  2. Define a join rule that determines how the secondary view is related to the primary view.

    The join rule can be one of the following:

    • DN join rule


      $ dpconf set-join-data-view-prop view-name \
      dn-join-rule:uid=\${primary-view-name.uid},ou=People,dc=example
    • Filter join rule


      $ dpconf set-join-data-view-prop view-name \
      filter-join-rule:uid=\${primary-view-name.uid}

ProcedureTo Configure the Secondary View of a Join View

Specific properties must be configured on the secondary data view to allow it to function as the source for a join view. Because the secondary view can be any type of data view, the command you use will depend on the data view type. The following sample commands assume that the secondary view is an LDAP data view. For more information about the properties described here, see Additional Secondary Data View Properties in Sun Java System Directory Server Enterprise Edition 6.2 Reference.

You cannot use DSCC to perform this task. Use the command line, as described in this procedure.

  1. Define a join rule that determines how the secondary view is related to the primary view.

    The join rule can be one of the following:

    • DN join rule


      $ dpconf set-ldap-data-view-prop -h host -p port secondary-view-name \
      dn-join-rule:uid=\${primary-view-name.uid},ou=People,dc=example
    • Filter join rule


      $ dpconf set-ldap-data-view-prop -h host -p port secondary-view-name \
      filter-join-rule:uid=\${primary-view-name.uid}

    The configuration for the dn-join-rule and filter-join-rule properties is used by the server only if the join-rule-control-enabled property on the join data view is set to false. Otherwise, if the join-rule-control-enabled property is set to true on the join data view, then the information set on the secondary view will be ignored.

  2. If the filter join rule is set on the join data view, you need to set a virtual transformation rule on the secondary data view to be able to add an entry on the join data view.


    dpconf add-virtual-transformation secondary-view-name \
    write add-attr-value dn uid=\${uid}

    Note –

    Without setting this rule, addition of entries to join data view would not be possible.


  3. (Optional) Specify whether binds are allowed on the secondary view.

    By default, binds are permitted on all data views. If you want to prohibit binds to the secondary data view, run the following command:


    $ dpconf set-ldap-data-view-prop -h host -p port secondary-view-name process-bind:false

    For more information about this property, see Handling of Binds in Sun Java System Directory Server Enterprise Edition 6.2 Reference.

  4. (Optional) Specify whether the secondary view contains shared entries.


    $ dpconf set-ldap-data-view-prop -h host -p port secondary-view-name \
    contains-shared-entries:true

    For more information about this property, see Handling of Shared Entries in Sun Java System Directory Server Enterprise Edition 6.2 Reference.