Hi Denis, Il giorno 09/lug/2014, alle ore 18:56, Denis Signoretto <denis.signore...@intesys.it> ha scritto:
> Hi Marco, > > thanks for your response! Unfortunatly I can't use other attributes, I don't > have it. > > So I'm trying to map objectGUID to a Syncope user attribute to use as account > link > but seems that with Syncope 1.1.X I can't handle objectGUID correctly because > it's a byte array (this feature will be available from Syncope 1.2 [1] if > I'm not wrong). > > ATM, trying reading objectGUID from AD connector it's returned as reference > value e.g. "[B@3144ec20" that it's always a different value so I can't > solve... > > I think it shoud be useful a new feature for AD connector to choose if > objectGUID can be returned as byte array or using it's String > representation, do you agree? > > Do you have any other suggestion? The connector actually doesn’t implement the conversion from binary to string. A possible solution is to implement a Sync Action class that takes as input a byte array and converts it into a string. Regards Marco > > Thanks! > Denis. > > [1] https://issues.apache.org/jira/browse/SYNCOPE-123 > > -----Messaggio originale----- > Da: Marco Di Sabatino Di Diodoro [mailto:marco.disabat...@tirasa.net] > Inviato: mercoledì 9 luglio 2014 09:50 > A: dev@syncope.apache.org > Oggetto: Re: Synchronization of renamed user (or group) > > Hi Denis, > > Il giorno 07/lug/2014, alle ore 15:23, Denis Signoretto > <denis.signore...@intesys.it> ha scritto: > >> Hi everyone, >> >> I'm trying to sync users and groups from AD. When a user or a group >> it's renamed on AD, the next sync task creates new entities (user/group and >> related memberships) with modified names but do not remove previously >> created entities. >> > Is necessary to see how you have configured the mapping and sync task. If you > rename a entry, Apache Syncope loses the link to the entry. > At the next synchronization if Apache Syncope doesn't find a match it creates > a new entry. > >> I tried the same operation using 1.1.7 standalone distribution on the >> preconfigured ApacheDS Sync Task and I get same result. >> >> I'd like to know if Apache Syncope can handle rename of user/groups or if I >> need a particular configuration to get it working. > > There are different solutions: > - you can use objectGUID (AD) or entryUUID (Ldap) which uniquely identifies > the object even after it is renamed or moved. > - create a correlation rule (Synchronization Policy). > - add to the mapping an attribute as AccountId that does not change (tax > identification number, employee number, etc etc). > > Regards > Marco > >> >> Thanks, >> Best regards >> Denis. > > -- > Dott. Marco Di Sabatino Di Diodoro > Tel. +39 3939065570 > > Tirasa S.r.l. > Viale D'Annunzio 267 - 65127 Pescara > Tel +39 0859116307 / FAX +39 0859111173 > http://www.tirasa.net > > Apache Syncope PMC Member > http://people.apache.org/~mdisabatino/ > -- Dott. Marco Di Sabatino Di Diodoro Tel. +39 3939065570 Tirasa S.r.l. Viale D'Annunzio 267 - 65127 Pescara Tel +39 0859116307 / FAX +39 0859111173 http://www.tirasa.net Apache Syncope PMC Member http://people.apache.org/~mdisabatino/
