[Date Prev][Date Next] [Chronological] [Thread] [Top]

Unique overlay usage with filter

Title: Unique overlay usage with filter

I'm using the unique overlay in OpenLDAP 2.4.16 and finding it too easy to violate the uniqueness constraints I have defined.

For example, if I have the following in my slapd.conf (taken from slapo-unique man page):

overlay unique
unique_uri ldap:///?cn?sub?(sn=e*)

I can violate the uniqueness constraints as follows:

1.  Add an entry with cn=a and sn=e.
2.  Add a second entry with cn=a and sn=f.
3.  Modify the sn of the second entry so that sn=e.

The attribute modification succeeds but causes a violation of the uniqueness constraints.

Is there any way to configure OpenLDAP so that the attribute modification fails due to a constraint violation?

Kyle Blaney