I'm using the unique overlay in OpenLDAP 2.4.16 and finding it too easy to violate the uniqueness constraints I have defined.
For example, if I have the following in my slapd.conf (taken from slapo-unique man page):
overlay unique
unique_uri ldap:///?cn?sub?(sn=e*)
I can violate the uniqueness constraints as follows:
1. Add an entry with cn=a and sn=e.
2. Add a second entry with cn=a and sn=f.
3. Modify the sn of the second entry so that sn=e.
The attribute modification succeeds but causes a violation of the uniqueness constraints.
Is there any way to configure OpenLDAP so that the attribute modification fails due to a constraint violation?
Kyle Blaney