>>> MJ J <mikedotjack...@gmail.com> schrieb am 14.11.2017 um 20:36 in Nachricht <canceyfnns0cc-kxbv4ks3v3qrlfroksp4buemqrhozxgz1d...@mail.gmail.com>: > Hi, > > You don't need a special object class or schema, you can use this: > > dn: cn=user,ou=increment,dc=foo,dc=bar > objectClass: top > objectClass: account > objectClass: posixAccount > cn: user > gidNumber: 99999 > homeDirectory: /no/such/location > uid: user > uidNumber: 1000 > description: Modify-increment user > > > And here is a python method to do the job for you: > > def increment_uidnumber(l, base): > """ Perform LDAP modify-increment operation on uidNumber tracking object
> """ > modlist = [(ldap.MOD_INCREMENT, "uidNumber", "1")] > l.modify_s("cn=user,{0}".format(base), modlist) > r = l.search_s(base, ldap.SCOPE_SUBTREE, "(objectClass=posixAccount)", > ['uidNumber']) > next_number = r[0][1]['uidNumber'][0] > > return next_number Out of curiosity: How does it play with concurrency on different multi-master nodes? Is there a chance to assign the same number multiple times? Regards, Ulrich > > > Hope that helps, > Mike > > On Tue, Nov 14, 2017 at 9:13 PM, John Lewis <j...@hyperbolicinnovation.com> > wrote: >> Hello Everyone. >> >> I was trying to implement uidNumber Attribute Auto-Incrementing Method >> and I read http://www.rexconsulting.net/ldap-protocol-uidNumber.html . >> >> I specifically want to point to this line here. >> >>> Create a “uidNext” entry (objectClass: uidNext) at an specific >>> location in the directory to store the incrementing value. Publish >>> this location in your application programming guides as the well- >>> known location for obtaining the next UID. Also publish this method >>> as the required method to retrieve a next UID. >> >> But I already know from http://www.openldap.org/doc/admin23/schema.html >> & http://www.zytrax.com/books/ldap/ch3/ that object classes are >> defined only. So the writer left out that they defined a schema and >> what name the called the schema. Maybe it isn't important. What is >> important is that they used object class "objectclass ( >> 1.3.6.1.4.1.19173.2.2.2.8" to define it, but I can't find the >> registration of the object identifier on https://www.ldap.com/ldap-oid- >> reference or https://www.iana.org/assignments/ldap-parameters/ldap-para >> meters.xhtml#ldap-parameters-3. >> >> It makes perfect scene because it is a PRIVATE ENTERPRISE NUMBER. It >> would mean that anyone outside of Rex Consulting, Inc. https://www.iana >> .org/assignments/enterprise-numbers/enterprise-numbers would be using >> the wrong OID and that the specific object wouldn't be listed. >> >>> Under no circumstances should you hijack OID namespace! >> - OpenLDAP Software 2.4 Administrator's Guide >> >> That is a lot of data from a lot of different websites to string >> together that information. I have a good idea how to implement >> uidNumber, but I haven't seen it done and I can't do it CORRECT today >> because I would have to register for a Private Enterprise Number so I >> won't hijack an OID namespace and that would take up to 30 days and >> there is no documented contingency plan anywhere. >> >> We are all familiar with the the LDAP call out articles that come out >> every year. All of the articles seem to come from a place of >> frustration. To be fair I think call out articles are a trend with >> databases. >> >> Do you think existing documentation is kind of vague? >>