| Skip Navigation Links | |
| Exit Print View | |
|
Oracle Directory Server Enterprise Edition Administration Guide 11g Release 1 (11.1.1.5.0) |
| Skip Navigation Links | |
| Exit Print View | |
|
|
Oracle Directory Server Enterprise Edition Administration Guide 11g Release 1 (11.1.1.5.0) |
Part I Directory Server Administration
2. Directory Server Instances and Suffixes
3. Directory Server Configuration
6. Directory Server Access Control
7. Directory Server Password Policy
8. Directory Server Backup and Restore
9. Directory Server Groups, Roles, and CoS
10. Directory Server Replication
13. Directory Server Attribute Value Uniqueness
Overview of Attribute Value Uniqueness
Using the Uniqueness Plug-In With Replication
Single-Master Replication Scenario
Multimaster Replication Scenario
15. Directory Server Monitoring
Part II Directory Proxy Server Administration
16. Directory Proxy Server Tools
17. Directory Proxy Server Instances
19. Directory Proxy Server Certificates
20. Directory Proxy Server Load Balancing and Client Affinity
21. Directory Proxy Server Distribution
22. Directory Proxy Server Virtualization
23. Virtual Data Transformations
24. Connections Between Directory Proxy Server and Back-End LDAP Servers
25. Connections Between Clients and Directory Proxy Server
26. Directory Proxy Server Client Authentication
27. Directory Proxy Server Logging
28. Directory Proxy Server Monitoring and Alerts
Part III Directory Service Control Center Administration
This section explains how to enable and configure the default uniqueness plug-in for the uid attribute and how to enforce uniqueness of any other attribute.
This procedure describes how to enable and configure the UID uniqueness plug-in by using the dsconf command. The DN of the plug-in configuration entry is cn=uid uniqueness,cn=plugins,cn=config.
You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.
When using DSCC, you must not modify the default UID uniqueness plug-in to enforce uniqueness of another attribute. If you do not want to have a UID uniqueness plug-in, leave the plug-in disabled and create a new plug-in instance for another attribute, as described in To Enforce Uniqueness of Another Attribute.
$ dsconf enable-plugin -h host -p port "uid uniqueness"
To specify the base DN of a single subtree, type:
$ dsconf set-plugin-prop -h host -p port "uid uniqueness" argument:uid\ argument:subtreeBaseDN
For example:
$ dsconf set-plugin-prop -h host1 -p 1389 "uid uniqueness" argument:uid \ argument:dc=People,dc=example,dc=com
To specify more than one subtree, add more arguments with the full base DN of a subtree as the value of each argument.
$ dsconf set-plugin-prop -h host -p port "uid uniqueness" argument:uid \ argument:subtreeBaseDN argument:subtreeBaseDN
To specify subtrees according to the object class of their base entries, set the arguments to the following values. Uniqueness of the uid attribute is enforced in the subtree below every entry with the baseObjectClass. Optionally, you can specify the entryObjectClass in the third argument so that the plug-in only enforces uniqueness in operations that target entries with this object class.
$ dsconf set-plugin-prop -h host -p port "uid uniqueness" argument:attribute=uid \ argument:markerObjectClass=baseObjectClass argument:entryObjectClass=baseObjectClass
To add an argument to an existing list of arguments, use the following command:
$ dsconf set-plugin-prop -h host -p port "uid uniqueness" argument+:argument-value
The UID uniqueness plug-in can be used to enforce the uniqueness of any attribute. You must create a new instance of the plug-in by creating a new entry under cn=plugins,cn=config in the directory.
You cannot use DSCC to perform this task. Use the command line, as described in this procedure.
$ dsconf create-plugin -h host -p port -H lib-path -F init-func \ -Y type plugin-name
plugin-name should be a short and descriptive name that includes the name of the attribute. For example, to create a plug-in for the uniqueness of the mail ID attribute, use this command:
$ dsconf create-plugin -h host1 -p 1389 -H /opt/SUNWdsee7/lib/sparcv9/uid-plugin.so \ -F NSUniqueAttr_Init -Y preoperation "mail uniqueness"
$ dsconf set-plugin-prop -h host -p port plugin-name property:value
For example, to set the properties for the mail uniqueness plug-in, :
$ dsconf set-plugin-prop -h host1 -p 1389 "mail uniqueness" \ desc:"Enforce unique attribute values..." version:6.0 \ vendor:"Sun Microsystems, Inc." depends-on-type:database
$ dsconf enable-plugin -h host -p port plugin-name
These arguments depend on how you want to determine the subtrees where uniqueness is enforced.
To define one or more subtrees according to their base DN, the first argument must be the name of the attribute that should have unique values. Subsequent arguments are the full DNs of the base entries of the subtrees.
$ dsconf set-plugin-prop -h host -p port plugin-name argument:attribute-name \ argument:subtreeBaseDN argument:subtreeBaseDN...
To add an argument to an existing list of arguments, use the following command:
$ dsconf set-plugin-prop -h host -p port plugin-name argument+:argument-value
To define subtrees according to the object class of their base entries, the first argument must contain attribute=attribute-name which specifies the name of the attribute that should have unique values. The second argument must be the baseObjectClass that determines the base entry of subtrees where uniqueness is enforced. Optionally, you can specify an entryObjectClass in the third argument so that the plug-in enforces uniqueness only in operations that target entries with this object class.
$ dsconf set-plugin-prop -h host -p port plugin-name\ argument:attribute=attribute-name argument:markerObjectClass=baseObjectClass\ argument:requiredObjectClass=entryObjectClass
In all plug-in arguments, no space can appear before or after the = sign.
|