On 23 Jun 2020, at 17:08, DaV <snowfrs(a)gmail.com> wrote:
Hi,
I find the DNA Plugin NextValue attribute will automatically added every time for same
uid.
version: 389-ds-base-1.3.8.4-15.el7.x86_64
This is the server side configuration:
> dn: cn=uidNumber,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config
> objectClass: top
> objectClass: extensibleObject
> cn: uidNumber
> dnaType: uidNumber
> dnaMagicRegen: 99999
> dnaFilter: (objectclass=posixAccount)
> dnaScope: dc=example,dc=com
> dnaNextValue: 5007
> dnaMaxValue: 9999
> dnaThreshold: 200
> creatorsName: cn=directory manager
> modifiersName: cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config
> createTimestamp: 20190822054416Z
> modifyTimestamp: 20200619040000Z
User attribute source is Windows AD, I have nsDSWindowsReplicationAgreement which sync
posix attribute from AD to 389ds.
When I fill magic number 99999 on AD side, user will get a UidNumber through DNA plugin.
For example, an user get a uidNumber 5007 for the first sync, when I update user entry
attribute(add telephone), this user will get a new uidNumber 5008 for the second sync.
I don't know whether this is normal.
So every time you winsync, it says "oh, ad has uidnumber 99999, 389 is 5007" and
it will change it to 99999. When the dna plugin run it then sees "well it's 9999,
better generate a new id"
The conflict is occuring here because you sync in the 99999 attr from ad. You probably
should remove that, and it will prevent the issue.
How to make this work with DNA though, is another question ...
Sincerely,
--
DaV
_______________________________________________
389-users mailing list -- 389-users(a)lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproje...
—
Sincerely,
William Brown
Senior Software Engineer, 389 Directory Server
SUSE Labs