Adding requests with the
ignore-no-user-modification control enable a
client to include attributes that are not normally allowed from external sources. For
example, the
userPassword attribute is a user-modifiable attribute.
An add request with the
ignore-no-user-modification control allows
a one-time exception to the password policy, even if the requesting client does not
have the
bypass-pw-policy privilege. This exception enables
specifying pre-encoded passwords.
Note: When adding an entry, the server can ensure that the entry's RDN is unique and
does not contain any sensitive information by replacing the provided entry's RDN
with the server-generated entryUUID value. An LDAP client written with the
LDAP SDK for Java can use the
NameWithEntryUUIDRequestControl to
explicitly indicate which add requests should be named in this way, or the
ldapmodify tool with the
--nameWithEntryUUID argument.
Also, the
auto-name-with-entry-uuid-connection-criteria and
auto-name-with-entry-uuid-request-criteria global configuration
properties can be used to identify which add requests should be automatically named this way.
The uniqueness request control can also be used with ldapmodify for enforcing
uniqueness on a per-request basis. Provide at least one of the uniquenessAttribute
or uniquenessFilter arguments with the request. For more information about this
control, see the LDAP SDK documentation and the
com.unboundid.ldap.sdk.unboundidds.controls.UniquenessResponseControl class
for using the control.