On 07/06/2010 10:22 AM, Daniel Maher wrote: > On 07/06/2010 07:04 PM, Nathan Kinder wrote: > > >>> To clarify then, for the uids, instead of this : >>> >>> dnafilter: (|(objectclass=posixAccount)(objectclass=posixGroup)) >>> >>> It should be this : >>> >>> dnafilter: (objectclass=posixAccount) >>> >>> ? >>> >>> >> Yes, that is correct. The current setting you have causes DNA to add a >> "uidNumber" attribute to newly created "posixAccount" and "posixGroup" >> entries. You only want DNA to add the "uidNumber" attribute to >> "posixAccount" entries. >> > That makes sense. Somebody may wish to update the Howto on the > documentation site. :) > I'll update the how-to. In the upcoming 1.2.6 release, I've added support for multi-attribute ranges, which could be used for your use-case as well (I know we've discussed this on list a while back). Basically, you would set up a single DNA range with multiple "dnaType" values, such as uidNumber and gidNumber in this case. You would then set the "dnaFilter" to "(|(objectClass=posixAccount)(objectClass=posixGroup))". With a multi-attribute range, you must specify the magic value for any attribute that you want DNA to generate a value for. This means you could share a single range of values across your posixAccount and posixGroup entries instead of having two separate ranges. > Thanks ! > > > -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
