It happened three days ago, that I in the LDAP directory while searching the User Account for the computer, and found that it was twice a uidNumber.
Not in itself a disaster, so yes it does run, but in itself it would be convenient to make a few unique attributes. English to "Unique".
Google also explained to me quickly that there is a good module that has even become standard delivery of OpenLDAP. It refers to the unique overlay.
So quickly
unique overlay unique_uri ldap: / / / ou = subtree, dc = my, dc = domain Attribute1, attribute2 sub?
written in the config, plus a few indexes for performance and off we went.
First test was not working, so what would be new if something would work right away. It joined many other tests. Many more ....
.... It was really long hours.
Well at least it was not and went, even the sporadic responses in # openldap did not help further on Freenode. That's why I made the next day to the debug. I was surprised they were in the log files of vermek unique that it has searched but found no hits. 0 results found ... So good were allowed to continue double uidNumber.
But now I have found solution to the puzzle. unique_search not work if you have not registered rootdn in the slapd.conf. The tricky thing is the rootdn, and unchecking the openLDAP running. In itself it is even an additional security. At the same time, however, nowhere in the man pages or elsewhere in the documentation indicated that a rootdn is necessary.
Since again, uncomment the rootdn everything works.
Recent Comments