The proprietary uniqueness request control may be included in an add, modify, or modify DN request to indicate that the server should impose unique attribute constraints for the operation. The control has an OID of 1.3.6.1.4.1.30221.2.5.52, and it takes a value. The following fields may be present in the value-json representation of the value:

• uniqueness-id: An optional string field that holds a unique identifier for this control instance. This is intended to help distinguish between multiple uniqueness request controls in the same operation, and each response control includes the uniqueness ID of the associated request control. If this is not provided, a uniqueness ID is automatically generated.

• attribute-types: An optional array field whose values are the names of the attribute types for which to impose uniqueness. It may be empty or absent if uniqueness should only be enforced using a filter.

• multiple-attribute-behavior: An optional string field whose value indicates the behavior that should be used if multiple unique attribute types are specified. It may be absent if only a single attribute type is requested, or if the default behavior should be used. If it is present, then the value should be one of the following strings:

  • unique-within-each-attribute: Indicates that the server should treat each of the configured attribute types separately. This is the default behavior that is used if this field is not specified.

  • unique-across-all-attributes-including-in-the-same-entry: Indicates that the server should flag any case in which any entry has a conflicting value in any of the configured attribute types, including in cases in which the same value appears in multiple attributes within the same entry.

  • unique-across-all-attributes-except-in-the-same-entry: Indicates that the server should flag any case in which any entry has a conflicting value in any of the configured attribute types, with the exception that conflicts will be permitted across different attributes in the same entry.

  • unique-in-combination: Indicates that the server should flag any case in which another entry has the same combination of values for all of the configured attribute types.

• base-dn: An optional string field whose value is the base DN that is used for searches used to identify uniqueness conflicts. If this is not specified, then the server performs the searches below all public naming contexts.

• filter: An optional string field whose value is the string representation of a search filter that is used to identify uniqueness conflicts.

• prevent-conflicts-with-soft-deleted-entries: An optional Boolean field that indicates whether the server should consider soft-deleted entries when looking for conflicts. If this is true, then any conflicts within soft-deleted entries are reported. If it is false, or if this field is not provided, then any conflicts in soft-deleted entries are ignored.

• pre-commit-validation-level: A mandatory string field whose value indicates the level of validation the server should perform before attempting to apply the change. The value may be one of the following:

  • none: Indicates that the server should not attempt any pre-commit validation.

  • all-subtree-views: Indicates that the server should check all applicable subtree views. If the request is passing through a Directory Proxy Server, it is possible that only a single server is examined for potential conflicts.

  • all-backend-sets: Indicates that if the request is passing through a Directory Proxy Server that uses entry balancing, then a search for conflicts should be performed in one server in each of the applicable backend sets.

  • all-available-backend-servers: Indicates that if the request is passing through a Directory Proxy Server, then a search for conflicts should be performed in all available backend servers in all applicable backend sets.

• post-commit-validation-level: An mandatory string field whose value indicates the level of validation the server should perform after successfully applying the change, to see if a conflict may have arisen as a result of another operation that was processed concurrently. The set of allowed values for this field are the same as the allowed values for the pre-commit-validation-level field.

• alert-on-post-commit-conflict-detection: An optional Boolean field that indicates whether the server should raise an administrative alert if a conflict was detected during post-commit validation. If this is not specified, a default value of true is used.

• create-conflict-prevention-details-entry: An optional Boolean field that indicates whether the server should create a temporary entry that can improve the server’s ability to detect conflicts before they happen, albeit with more expensive processing. If this is not specified, a default value of false is used.

The following sample shows the JSON encoding for the control:

{ 
    "oid": "1.3.6.1.4.1.30221.2.5.52",
    "control-name": "Uniqueness Request Control",
    "criticality": true,
    "value-json": { 
        "uniqueness-id": "Ensure uid and mail are separately unique",
        "attribute-types": [ 
            "uid",
            "mail"
        ],
        "multiple-attribute-behavior": "unique-within-each-attribute",
        "base-dn": "ou=People,dc=example,dc=com",
        "prevent-conflicts-with-soft-deleted-entries": false,
        "pre-commit-validation-level":"all-available-backend-servers",
        "post-commit-validation-level": "all-backend-sets",
        "alert-on-post-commit-conflict-detection": true,
        "create-conflict-prevention-details-entry": true
    }
}