Edward Konetzko wrote:
Sorry if this already posted, I seem to be having trouble with email
today.
I have read the following pages and cannot exactly figure out how to
do what I want.
http://directory.fedoraproject.org/wiki/DNA_Plugin
http://www.redhat.com/docs/manuals/dir-server/8.1/admin/dna.html
I have 2 companies I want to set ranges for company 1gets range
uidNumber and gidNumber 1Million - (2Million -1) and Company 2 gets
Range uidNumber and gidNumber 2 Million - (3Million -1). DIT layout
is {ou=people,ou=groups,ou=ranges}, ou= Company{1,2}, dc=example, dc=com.
I Setup company 1 on master1 with the following ldifs.
dn: ou=Ranges,ou=Company1 dc=example, dc=com
objectclass: top
objectclass: extensibleObject
objectclass: organizationalUnit
ou: Ranges
dn: cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginEnabled
nsslapd-pluginEnabled: on
dn: cn=Company1 Account UIDs,cn=Distributed Numeric Assignment
Plugin,cn=plugins,cn=config
objectClass: top
objectClass: extensibleObject
cn: Company1 Account UIDs
dnatype: uidNumber
dnafilter: (objectclass=posixAccount)
dnascope: ou=Company1 , dc=example,dc=com
dnanextvalue: 1000000
dnaMaxValue: 1000500
dnasharedcfgdn: cn=Company1 Account UIDs,ou=Ranges,dc=example,dc=com
dnathreshold: 100
dnaRangeRequestTimeout: 60
dnaMagicRegen: magic
dnaNextRange: 1000501 - 1999999
I then repeat this on master2 but then when I add users to both
servers Master1 hands out uidNumber = 1 and Master2 hands out
uidNumber = 1 for their first adds and keep adding numbers
incrementing by one thus overlapping numbers. For gidNumber I
basically use the same Ldifs except I substitue Group UID for Account
UID and gidNumber for uidNumber.
User add ldif looks as the following
dn: uid=test,ou=people,ou=Region1, dc=example,dc=com
objectClass: posixAccount
objectClass: shadowAccount
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: test
gecos: test
gidNumber: magic
givenName: test
homeDirectory: /home/test
loginShell: /bin/bash
mail: test@xxxxxxxxxxx
o: test
shadowLastChange: 14098
shadowMax: 99999
shadowWarning: 7
sn: test
uid: test
uidNumber: magic
userPassword:: <password>
Question is what I am doing wrong?
Server is Redhat DS 8.1 on rhel 5 64bit.
If you configure both masters to use the same range, then they will both
assign the same values. You need to split the range for company1 in
half and assign half to each of your two masters (1,000,000-1,499,999
for master1 and 1,500,000-1,999,999 for master2). You need to use
dnaNextValue and dnaMaxValue to set these upper and lower boundries.
You should not be setting dnaNextRange at all for what you are trying to do.
Thanks
Edward
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
