Configuring how the LDAP service responds to multiple name matches when processing write and compare operations

You specify the rules to follow when a directory is the primary directory and there are multiple matches on the distinguished name being compared or modified for all servers in the domain that run the LDAP service.

About this task

The LDAP service uses the rules you configure to determine how to responds in either of these situations:

  • It receives an LDAP modify, modify DN, delete, or compare request and finds more than one entry, within one directory or across directories, with a distinguished name that matches the one specified in the request.
  • It receives an LDAP add request and finds more than one IBM® Domino® Directory enabled for LDAP clients in its directory assistance database with a directory assistance naming rule that most specifically matches the distinguished name specified in the request.

    Note that if there is no Domino Directory enabled for LDAP clients in directory assistance with a rule that matches the distinguished name specified in an add operation, the LDAP service adds the entry to its primary Domino Directory. If there is only one Domino Directory enabled for LDAP clients in directory assistance with a rule that matches the distinguished name specified in an add operation, the LDAP service adds the entry to that directory.

Procedure

  1. From the Domino Administrator, open the server that runs the LDAP service, or a server in the same domain as the one that runs the LDAP service.
  2. Click the Configuration tab.
  3. In the navigation pane, expand Directory, then LDAP, and then select Settings.
  4. Do one of the following:
    • If you see the prompt Unable to locate a Server Configuration document for this domain. Would you like to create one now? click Yes, then click the LDAP tab on the document.
    • If you do not see the prompt, click Edit LDAP Settings.
  5. For the field Rules to follow when this directory is the primary directory and there are multiple matches on the distinguished name being compared/modified, choose how the LDAP service responds in the two situations described in the section About this task.
    Table 1. LDAP Settings
    Option Results

    Don't modify any

    (default) Prevents the operation from occurring. The LDAP service returns an error, and you can investigate the duplicate names/naming rules.

    Modify first match

    • Carries out the LDAP modify, delete, or compare operation on the first entry encountered in a directory enabled for LDAP write operations that matches the distinguished name specified in the operation.
    • Carries out the LDAP add operation in the Domino Directory configured in directory assistance database that is enabled for LDAP write operations and has the most specific matching rule and the lowest search order

    Modify all matches

    • Carries out the LDAP modify, delete, or compare operation on all the entries encountered that match the distinguished name specified in the operation.
    • Carries out the LDAP add operation in all the Domino Directories configured in the directory assistance database with a matching rule that most specifically matches the distinguished name specified in the add operation, and that are enabled for LDAP write operations.
  6. Click Save & Close.