Enforcing uniqueness for uid attribute prevent to move users to delete
users subtree.
Patch attached.
--
Martin Basti
From 1445d6adaae9844c6f7f51e46e357dc9bfd8741b Mon Sep 17 00:00:00 2001
From: Martin Basti <mba...@redhat.com>
Date: Wed, 20 May 2015 14:51:09 +0200
Subject: [PATCH] Uid uniqueness: fix: exclude compat tree from uniqueness
Without this commit it is not possible to move user to staged area.
---
install/updates/10-uniqueness.update | 2 ++
1 file changed, 2 insertions(+)
diff --git a/install/updates/10-uniqueness.update b/install/updates/10-uniqueness.update
index dd8ec3a752f857cecc4e1b71cc3893a7497c4338..050bfd55ec2e6a09c44700ae40757ee1d72c136f 100644
--- a/install/updates/10-uniqueness.update
+++ b/install/updates/10-uniqueness.update
@@ -60,6 +60,7 @@ default:nsslapd-pluginType: preoperation
default:nsslapd-pluginEnabled: on
default:uniqueness-attribute-name: uid
default:uniqueness-subtrees: $SUFFIX
+default:uniqueness-exclude-subtrees: cn=compat,$SUFFIX
default:uniqueness-exclude-subtrees: cn=staged users,cn=accounts,cn=provisioning,$SUFFIX
default:uniqueness-across-all-subtrees: on
default:uniqueness-subtree-entries-oc: posixAccount
@@ -71,6 +72,7 @@ default:nsslapd-pluginDescription: Enforce unique attribute values
# uid uniqueness scopes Active/Delete containers
dn: cn=uid uniqueness,cn=plugins,cn=config
+add:uniqueness-exclude-subtrees: cn=compat,$SUFFIX
add:uniqueness-exclude-subtrees: cn=staged users,cn=accounts,cn=provisioning,$SUFFIX
remove:uniqueness-across-all-subtrees: off
add:uniqueness-across-all-subtrees: on
--
2.1.0
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
