Issue #881 has been updated by Clément OUDOT.
Hi, you should ask questions on mailing list: http://lists.lsc-project.org/listinfo/lsc-users The problem in your configuration is that userPassword is not defined in fetchedAttributes of destination service. ---------------------------------------- Bug #881: Password from active directory synchronization can't work http://tools.lsc-project.org/issues/881 Author: Hasina Rasoa Status: New Priority: Normal Assigned to: Clément OUDOT Category: Target version: Problem in version: Hi, I am new here and new in synchronizing active directory to ldap. I have set up a synchronization from Active Directory to ldap. I set up Sasl to get the password from Active Directory and testlauthd works well. Then I got the synchronized users successfully. But when i do a test for with their passwords, the problem comes. I am pleased to be helped. Here is my lsc.xml file. <?xml version="1.0" ?> <lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.1.xsd"; revision="0"> <connections> <ldapConnection> <name>AD</name> <url>ldap://192.168.6.128:3268/dc=teknetgroup,dc=mg</url> <username>cn=Administrator,cn=Users,dc=teknetgroup,dc=mg</username> <password>Root2016</password> <authentication>SIMPLE</authentication> <referral>IGNORE</referral> <derefAliases>NEVER</derefAliases> <version>VERSION_3</version> <pageSize>1000</pageSize> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> <tlsActivated>false</tlsActivated> </ldapConnection> <ldapConnection> <name>openldap</name> <url>ldap://localhost:389/dc=teknetgroup,dc=mg</url> <username>cn=admin,dc=teknetgroup,dc=mg</username> <password>root</password> <authentication>SIMPLE</authentication> <referral>THROW</referral> <derefAliases>NEVER</derefAliases> <version>VERSION_3</version> <pageSize>-1</pageSize> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> <tlsActivated>false</tlsActivated> </ldapConnection> </connections> <tasks> <task> <name>adUser</name> <bean>org.lsc.beans.SimpleBean</bean> <ldapSourceService> <name>openldap-source-service</name> <connection reference="AD" /> <baseDn>ou=Comptes,dc=teknetgroup,dc=mg</baseDn> <pivotAttributes> <string>cn</string> </pivotAttributes> <fetchedAttributes> <string>cn</string> <string>description</string> <string>givenName</string> <string>mail</string> <string>sn</string> <string>userPrincipalName</string> <string>name</string> <string>sAMAccountName</string> <string>department</string> <string>telephoneNumber</string> <string>ipphone</string> </fetchedAttributes> <getAllFilter><![CDATA[(&(cn=*)(objectClass=person))]]></getAllFilter> <getOneFilter><![CDATA[(&(objectClass=person)(cn={cn}))]]></getOneFilter> <cleanFilter><![CDATA[(&(objectClass=person)(cn={cn}))]]></cleanFilter> </ldapSourceService> <ldapDestinationService> <name>ad-dst-service</name> <connection reference="openldap" /> <baseDn>ou=people,dc=teknetgroup,dc=mg</baseDn> <pivotAttributes> <string>cn</string> </pivotAttributes> <fetchedAttributes> <string>cn</string> <string>uid</string> <string>description</string> <string>gecos</string> <string>givenName</string> <string>mail</string> <string>homeDirectory</string> <string>objectClass</string> <string>sn</string> <string>cgfDepartmentPrimary</string> <string>userPassword</string> <string>loginShell</string> <string>gidNumber</string> <string>uidNumber</string> <string>cgfDepartmentPrimary</string> <string>telephoneNumber</string> <string>cgfInternalTelephoneNumber</string> </fetchedAttributes> <getAllFilter><![CDATA[(&(cn=*)(objectClass=inetOrgPerson))]]></getAllFilter> <getOneFilter><![CDATA[(&(objectClass=inetOrgPerson)(cn={cn}))]]></getOneFilter> </ldapDestinationService> <propertiesBasedSyncOptions> <mainIdentifier>js:"cn=" + javax.naming.ldap.Rdn.escapeValue(srcBean.getDatasetFirstValueById("cn")) + ",ou=people,dc=teknetgroup,dc=mg"</mainIdentifier> <defaultDelimiter>;</defaultDelimiter> <defaultPolicy>FORCE</defaultPolicy> <conditions> <create>true</create> <update>true</update> <delete>true</delete> <changeId>true</changeId> </conditions> <dataset> <name>objectclass</name> <policy>KEEP</policy> <createValues> <string>"inetOrgPerson"</string> <string>"gosaAccount"</string> <string>"organizationalPerson"</string> <string>"person"</string> <string>"top"</string> </createValues> </dataset> <dataset> <name>uid</name> <forceValues> <string>srcBean.getDatasetFirstValueById("sAMAccountName").toLowerCase()</string> </forceValues> </dataset> <dataset> <name>cgfDepartmentPrimary</name> <forceValues> <string>srcBean.getDatasetFirstValueById("department")</string> </forceValues> </dataset> <dataset> <name>cgfInternalTelephoneNumber</name> <forceValues> <string>srcBean.getDatasetFirstValueById("ipphone")</string> </forceValues> </dataset> <dataset> <name>userPassword</name> <forceValues> <string>"{SASL}" + srcBean.getDatasetFirstValueById("userPrincipalName")</string> </forceValues> </dataset> </propertiesBasedSyncOptions> </task> </tasks> </lsc> -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-dev mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-dev
