Re: Referential Integrity

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

we use the referential integrity plug-in successfully in the configuration
of 3 replicated read-write master servers. The plug-in is enabled on each
server, the configuration is :

dn: cn=referential integrity postoperation,cn=plugins,cn=config
objectClass: top
objectClass: nsSlapdPlugin
objectClass: extensibleObject
cn: referential integrity postoperation
nsslapd-pluginPath: libreferint-plugin
nsslapd-pluginInitfunc: referint_postop_init
nsslapd-pluginType: postoperation
nsslapd-pluginEnabled: on
nsslapd-pluginarg0: 3600
nsslapd-pluginarg1:
/Local/dirsrv/var/lib/dirsrv/slapd-ens/db/refer_integrity_
 log
nsslapd-pluginarg2: 0
nsslapd-pluginarg3: ou
nsslapd-pluginarg4: member
nsslapd-pluginarg5: uniquemember
nsslapd-pluginarg6: owner
nsslapd-plugin-depends-on-type: database
nsslapd-pluginId: referint
nsslapd-pluginVersion: 1.1.3
nsslapd-pluginVendor: Fedora Project
nsslapd-pluginDescription: referential integrity plugin
nsslapd-pluginarg7: seeAlso
nsslapd-pluginarg8: manager
nsslapd-pluginarg9: secretary


The attributes monitored by the plug-in in our case are, as you can see :
ou
member
uniquemember
owner
seeAlso
manager
secretary

We have also put a 1-hour (3600s) pause between the modification of the
attribute and the cascading changes in referencing attributes. It is a
precaution in case the modification was erroneous, in this case we can
delete the referint  file to avoid the trigger of changes.

All these attributes contain the DN of other entries. It is important. I am
not sure that your "memberuid" attribute contains the WHOLE DN (not just the
RDN part). Your /var/log/dirsrv/slapd-us72/referint file should be writeable
by the user of the ldap server (as well as the folder
/var/log/dirsrv/slapd-us72/). The file is created automatically, you don't
need to do anything manually. The plug-in should also be activated (be
default i think it is disabled).

There is however a bug in the plug-in - only the first rename of the entry
will be taken into account (
https://bugzilla.redhat.com/show_bug.cgi?id=431607). So for the production
purposes we use the patched version.


Hope it helps you...




2009/2/3 Tim Hartmann <hartmann at fas.harvard.edu>

> John A. Sullivan III wrote:
> > Hi, Tim.  I didn't have time to peruse this (still under a nasty
> > deadline) but I was looking for one thing I didn't see in your post.
> > I'm pulling this from memory so please double check it but did you
> > enable the presence attribute (?) for indexing on all the items listed i
> > the referential integrity plugin?
> >
> > By the way, if I might mention it, would you kindly post to the bottom
> > of future threads.  Top posting makes it very difficult for newcomers to
> > the list to follow.  Thanks - John
> >
> >
>
> Whoops! Clearly an indication of my own newness! Bottom posting it shall
> be!
>
> Presence shows up as enabled by default in the index that I created.
> When I created the the index for memberuid both "equality" and
> "presence" were preselected, so I figured I'd just stick with the defaults.
>
> No worries about time, thank you very much for looking at this with me
> at all!  I'll look forward to hearing from you when time permits!
>
> Tim
>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20090203/a2e0dec3/attachment.html 


[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux