My Oracle Support Banner

OUD "UID Unique Attribute" Plugin is Not Enforcing Uniqueness Of The UID Attribute (Doc ID 2797120.1)

Last updated on AUGUST 24, 2021

Applies to:

Oracle Unified Directory - Version 11.1.2.3.0 to 12.2.1.4.200827 [Release 11g to 12c]
Information in this document applies to any platform.

Goal

On : 12.2.1.4.200827 version, Configuration

OUD "UID Unique Attribute" Plugin Not Enforcing Uniqueness of the UID Attribute

After enabling the OUD "UID Unique Attribute" Plugin it is still possible to add extra values to the UID attribute. The following shows a sample user before and after enabling the plugin with additional UID values added after enabling:

$ ldapsearch -h <OUD_hostname> -p <OUD_non_ssl_port> -D "cn=<DIRECTORY_ADMIN>" -w "<Password>" -b "<user base DN>" -s sub '(uid=<userid_1>)' uid
dn: uid=<userid_1>,ou=<OU-1>,dc=<Company>
uid: <userid_1>

$ ${OUD_HOME}/bin/dsconfig --trustAll --port <Admin_port> get-plugin-prop --plugin-name "UID Unique Attribute"
Property : Value(s)
---------:-----------------------------------------
base-dn : "ou=<OU1>,dc=<Company>"
enabled : true
type : uid

 

$ ldapsearch -h <OUD_hostname> -p <OUD_non_ssl_port> -D "cn=<DIRECTORY_ADMIN>" -w "<Password>" -b "<user base DN>" -s sub '(uid=<userid_1>)' uid
dn: uid=<userid_1>,ou=<OU-1>,dc=<Company>
uid: <userid_2>
uid: <userid_3>
uid: <userid_1>


There are no warnings or errors in the OUD logs.
 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.