Start of changeStart of change

Create a unique attributes list

  1. Expand the Server administration category in the navigation area. Click Manage unique attributes.
  2. Select the attribute that you want to add as a unique attribute from the Available attributes menu. The available attributes listed are those that can be designated as unique; for example, sn.
  3. Click either Add to cn=localhost or Add to cn=IBMpolicies. The difference between these two containers is that cn=IBMpolicies entries are replicated and cn=localhost entries are not. The attribute is displayed in the appropriate list box. You can list the same attribute in both containers.
    Note:
    If an entry is created under both cn=localhost and cn=IBMpolicies, the resultant union of these two entries is the unique attributes list. For example, if the attributes cn and employeeNumber are designated as unique in cn=localhost and the attributes cn and telephoneNumber are designated as unique in cn=IBMploicies, the server treats the attributes cn, employeeNumber, and telephoneNumber as unique attributes.
  4. Repeat this process for each attribute you want to add as a unique attribute.
  5. Click OK to save your changes.

When adding or modifying a unique attribute entry, if establishing a unique constraint for any of the listed unique attribute types results in errors, the entry is not added or created in the directory. The problem must be resolved and the command to add or modify must be reissued before the entry can be created or modified. For example, while adding a unique attribute entry to the directory, if establishing a unique constraint on a table for one of the listed unique attribute types failed (that is, because of having duplicate values in the database), a unique attribute entry is not added to the directory. An error is issued.

When an application tries to add an entry to the directory with a value for the attribute that duplicates an existing directory entry, an error with result code 20 (LDAP: error code 20 - Attribute or Value Exists) from the LDAP server is issued.

When the server starts, it checks the list of unique attributes and determines if the DB2 constraints exist for each of them. If the constraint does not exist for an attribute because it was removed by the bulkload utility or because it was removed manually by the user, it is removed from the unique attributes list and an error message is logged in the error log, ibmslapd.log. For example, if the attribute cn is designated as unique in cn=uniqueattributes,cn=localhost and there is no DB2 constraint for it the following message is logged:

Values for the attribute CN are not unique.
The attribute CN was removed from the unique attribute
entry: CN=UNIQUEATTRIBUTES,CN=LOCALHOST
End of changeEnd of change