Description of problem: The documentation states that the attribute uniqueness plugin is supposed to enforce uniqueness individually within each subtree that it is configured for. For example, if you configure the plugin to enforce uid uniqueness in both the "ou=sales,dc=example,dc=com" and "ou=engineering,dc=example,dc=com" subtrees, you should be able to create a "uid=test" entry in both subtrees, but not twice in the same one. What actually happens is that the plugin checks all of the subtrees it is configured to work against for a conflict, and rejects the operation if it finds a conflict, regardless of what suffix the incoming operation affects. -------------------------------------------------------------------------------- Steps to Reproduce: 1. Create "ou=sales,dc=example,dc=com" and "ou=engineering,dc=example,dc=com" entries. 2. Enable the attribute uniqueness plugin to enforce uid uniqueness within the "ou=sales,dc=example,dc=com" subtree. 3. Add "uid=tuser,ou=sales,dc=example,dc=com" to your database. 4. Attempt to add "uid=tuser,ou=engineering,dc=example,dc=com" to your database. -------------------------------------------------------------------------------- Actual results: The operation will be rejected by the plugin with a constraint violation. Expected results: The entry should be added.
Created attachment 117086 [details] CVS Diffs This makes the plugin check if the target DN for the incoming operation applies to a subtree before searching for a conflict within it.
Created attachment 117350 [details] CVS Commit Checked into ldapserver. Reviewed by Noriko.
Verified Fixed.