Administration GuideManage Directory DataUnique Attribute Values › Check for Attribute Value Uniqueness in a Subtree

Previous Topic: Limitation: Uniqueness Is Not Enforced in Pre-existing Data

Next Topic: List the Unique Attributes in a DSA

Check for Attribute Value Uniqueness in a Subtree

You can extend checks for unique attributes to apply to all DSAs in an entire directory backbone.

Checks for uniqueness apply to any number of DSAs in a backbone as long as they are under the specified uniqueness subtree.

Attribute value uniqueness cannot be guaranteed in a distributed environment, because multiple DSAs can be updated at the same time. However this is a slim window.

To check for attribute value uniqueness in a subtree

  1. (Optional) Define the subtree within which the attributes must be unique using the following command: 
    set unique-attrs-subtree = DN;
  2. Define the unique attributes using the following command: 
    set unique-attrs = attribute [subtree = DN] [,attribute [subtree = DN]] [...] ;

    This command lets you specify which subtree each attribute should be unique within, but this is optional.

    If you do not set these subtrees here or in the set unique-attrs-subtree command, attributes are unique within the local prefix.

  3. (Optional) Set the trust flag Trust-DSA-triggered operations in the knowledge of the DSA. Then, if the search extends to another DSA, this other DSA bypasses access controls when it performs uniqueness checking.

More information:

set unique-attrs-subtree Command—Enable Checks for Uniqueness Within a Subtree

set unique-attrs Command—Enable Checks for Uniqueness of Attribute Values