Have you got an 'ou' LSC in your AD ? The DN are test.local ?
It can be a little error, and i think that it was the case.
Here is my task 'user' in lsc.properties, and it works :
---------------------------
### User ###
lsc.tasks.user.bean=org.lsc.beans.SimpleBean
lsc.tasks.user.dn = "cn=" + srcBean.getAttributeValueById("cn") +
",cn=Users"
lsc.tasks.user.condition.create = true
lsc.tasks.user.condition.update = true
lsc.tasks.user.condition.delete = false
lsc.tasks.user.condition.modrdn = false
# Source
lsc.tasks.user.srcService=org.lsc.jndi.SimpleJndiSrcService
lsc.tasks.user.srcService.filterAll=(&(sn=*)(objectClass=inetOrgPerson))
lsc.tasks.user.srcService.baseDn=ou=Users
lsc.tasks.user.srcService.attrs= cn sn uid givenName mail userPassword
telephoneNumber
lsc.tasks.user.srcService.filterId =
(&(objectClass=inetOrgPerson)(uid={uid}))
lsc.tasks.user.srcService.pivotAttrs = uid
# Destination
lsc.tasks.user.dstService=org.lsc.jndi.SimpleJndiDstService
lsc.tasks.user.dstService.filterAll=(&(sn=*)(objectClass=user))
lsc.tasks.user.dstService.baseDn=cn=Users
lsc.tasks.user.dstService.attrs = cn sn sAMAccountName objectClass
userPrincipalName mail unicodePwd userAccountControl givenName mail
lsc.tasks.user.dstService.filterId =
(&(objectClass=user)(sAMAccountName={uid}))
lsc.tasks.user.dstService.pivotAttrs = uid
----------------------------------------
The filterId line and filterAll are not the same, but you can let the same.
Next, my syncoptions :
--------------------------------------------------
### User ###
lsc.syncoptions.user = org.lsc.beans.syncoptions.PropertiesBasedSyncOptions
lsc.syncoptions.user.default.action = F
### objectClass <- top/user/person/organizationalperson
lsc.syncoptions.user.objectClass.action = F
lsc.syncoptions.user.objectClass.force_value =
"top";"user";"person";"organizationalPerson"
### sAMAccountName <- uid
lsc.syncoptions.user.sAMAccountName.create_value =
srcBean.getAttributeValueById("uid")
### userPrincipalName <- uid + "@nomotech.local"
lsc.syncoptions.user.userPrincipalName.force_value =
srcBean.getAttributeValueById("uid") + "@nomotech.local"
### userAccountControl
lsc.syncoptions.user.userAccountControl.create_value =
AD.userAccountControlSet( "0", [AD.UAC_SET_NORMAL_ACCOUNT])
#lsc.syncoptions.user.userAccountControl.create_value =
AD.userAccountControlSet( "0",
[AD.UAC_SET_NORMAL_ACCOUNT,AD.UAC_PASSWORD_DONT_EXPIRE])
### pwdLastSet <- 0 to force user to change password on next connection
lsc.syncoptions.user.pwdLastSet.create_value = "0"
### unicodePwd <- "changeit" at creation (requires SSL connection to AD)
lsc.syncoptions.user.unicodePwd.action = F
lsc.syncoptions.user.unicodePwd.force_value =
AD.getUnicodePwd(srcBean.getAttributeValueById("userPassword"))
-------------------------------------------
For unicodePWD, it don't works if you don't use SSL (so install
certificate, etc...), but to test, ou can use the userPassword attribute
in dst.
So try, and say we all
Regards
Le 27/05/2010 12:05, Gunter Holzer a écrit :
Hi Clément,
Thank you for your answer.
I have changed the following lines:
lsc.tasks.ADuser.srcService.attrs = cn sn uid
lsc.tasks.ADuser.dstService.attrs = cn sn uid objectClass sAMAccountName
userPrincipalName userAccountControl pwdLastSet unicodePwd
lsc.syncoptions.ADuser.default.delimiter = ;
But I am still getting the same error....
Any other ideas?
------------------------------------------------------------------------------------------------------
Hi,
several things :
* you change the default delimiter to '$' but your objectClass value
contains ';' as separator. So keep ';' as delimiter (comment
lsc.syncoptions.ADuser.default.delimiter)
* you do not declare saMAccountName and some other attributes in
destination attributes (lsc.tasks.ADuser.dstService.attrs)
Clément.
--------------------------------------------------------------------------------------------
2010/5/27 Gunter Holzer<[email protected]>:
Hi,
I am trying a sync connection from OpenLDAP to AD. I am using LSC 1.2 and I
have used the tutorial "Populating Active Directory from OpenLDAP".
But now I am getting an error:
lsc -f c:\lsc-openldap2ad\etc -c all -s all
Mai 10 10:51:38 - INFO - Starting sync for ADuser
Mai 10 10:51:38 - INFO - Connecting to LDAP server
ldap://141.69.121.114:389/dc
=ldap,dc=test as cn=admin,dc=ldap,dc=test
Mai 10 10:51:39 - INFO - Connecting to LDAP server
ldap://141.69.121.117:389/dc
=test,dc=local as CN=Administrator,CN=Users,DC=test,DC=local
Mai 10 10:51:40 - ERROR - Error while adding entry cn=Pavel Chekov,ou=LSC in
dir
ectory :javax.naming.directory.SchemaViolationException: [LDAP: error code
65 -
0000207B: UpdErr: DSID-030511CF, problem 6002 (OBJ_CLASS_VIOLATION), data 0
]; remaining name 'cn=Pavel Chekov,ou=LSC'
Mai 10 10:51:40 - ERROR - Error while synchronizing ID cn=Pavel
Chekov,ou=LSC: j
ava.lang.Exception: Technical problem while applying modifications to
directory
dn: cn=Pavel Chekov,ou=LSC,dc=test,dc=local
changetype: add
sn: Chekov
cn: Pavel Chekov
Btw.:
Is it possible that there is an error in the Task section of the tutorial?
Shouldn´t we read from OpenLDAP??
If we want to read from the source all Active Directory users with a
sAMAccountName, and from the destination all inetOrgPerson entries from
ou=People with a uid, we could do this:
lsc.tasks.ADuser.srcService.baseDn = cn=Users
lsc.tasks.ADuser.srcService.filterAll =
(&(sAMAccountName=*)(objectClass=user))
lsc.tasks.ADuser.dstService.baseDn = ou=People
lsc.tasks.ADuser.dstService.filterAll =
(&(uid=*)(objectClass=inetOrgPerson))
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
