Ferenc Wagner wrote: > Hi, > > We use (among others) this unique domain in a database: > > olcUniqueURI: ldap:///?gidNumber?sub?objectClass=posixGroup > > so that we can't create two groups with the same gidNumber. The problem > is that this rule also denies the creation of a posixAccount belonging > to an already existing posixGroup. Of course there is no problem > creating the account first and the group later. How could we overcome > this ordering limitation? This is a bug in slapo-unique ignoring the filter part: http://www.openldap.org/its/index.cgi?findid=6825 You can work around this if your group entries all reside in a separate subtree and you use the DN portion in the olcUniqueURI value. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature