ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

CA Directory: 'set unique-attrs ' command doesn't work as expected

book

Article ID: 186457

calendar_today

Updated On:

Products

CA Directory DIRECTORY

Issue/Introduction

The "set unique-attrs" command defines the uniqueness of attribute values in CA Directory.

Below is the doc that explains the command:

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/directory/14-1/reference/commands-reference/set-unique-attrs-command-enable-checks-for-uniqueness-of-attribute-values.html

However, if the same attribute is set to have unique values in more than one subtree, only the latest definition works.
For instance the following command is used:

set unique-attrs = cn subtree = <ou ud><ou dev><ou people><ou login>, cn subtree = <ou ud><ou dev><ou device><ou login>;

As a result uniqueness is enforced only in <ou ud><ou dev><ou device><ou login> subtree.

Environment

Release : 12.6, 14.0, 14.1

Component : CA Directory

Resolution

The fix (defect DE442862) will be included in CA Directory 14.1 SP1.
A testfix for Linux based CA Directory 14.1 GA is available now.