Le 31/05/2010 10:54, Clément OUDOT a écrit :
But this group "Ingenierie" was not modify in my OpenLDAP. Only the group "NOC", but he was not displayed ...Le 31 mai 2010 10:51, Romain<[email protected]> a écrit :Le 31/05/2010 10:43, Clément OUDOT a écrit :Le 31 mai 2010 10:40, Romain<[email protected]> a écrit :Le 31/05/2010 10:27, Clément OUDOT a écrit :Le 31 mai 2010 10:23, Romain<[email protected]> a écrit :Hello, I have succedded to sync Group, and the member of this group, but i have no an error. Indeed, for exemple, i add an user member of a group (or i delete). So after this change, i launch the sync with the AD. But i have an error when i tried to modify. Here is my error --------------------- mai 31 10:19:50 - ERROR - Error while modifying entry CN=Ingenierie,ou=Services in directory :javax.naming.NameAlreadyBoundException: [LDAP: error code 68 - 00000528: UpdErr: DSID-031A0F4B, problem 6005 (ENTRY_EXISTS), data 0 ]; remaining name 'CN=Ingenierie,ou=Services' mai 31 10:19:50 - ERROR - Error while synchronizing ID CN=Ingenierie,ou=Services: java.lang.Exception: Technical problem while applying modifications to directory dn: CN=Ingenierie,ou=Services,dc=nomotech,dc=local changetype: modify replace: member member: CN=Matteo Vivier,OU=Utilisateurs,DC=nomotech,DC=local - replace: objectClass objectClass: group --------------------------I think objectClass should not be replaced. Set objectClass value in create_value only. Clément.Here is my Syncoptions for group ------------------- lsc.syncoptions.group = org.lsc.beans.syncoptions.PropertiesBasedSyncOptions lsc.syncoptions.group.default.action = F lsc.syncoptions.group.objectClass.force_value = "top";"group" lsc.syncoptions.group.default.delimiter = $ lsc.syncoptions.group.member.force_value = \ var umembers = \ srcBean.getAttributeValuesById("uniqueMember").toArray() ; \ for (var i=0; i<umembers.length; i++ ) { \ try { \ umembers[i] = ldap.attribute(ldap.list( "ou=Utilisateurs", \ "(sAMAccountName=" \ + (srcLdap.attribute(umembers[i], 'uid').get(0) \ + ")" \ )).get(0), 'distinguishedname').get(0) \ } catch (e) { \ umembers[i]=null \ } \ } \ var members = new Array(); \ var j=0; \ for (var i=0; i<umembers.length; i++) { \ if (umembers[i]!=null) members[j++]=umembers[i] \ } \ members --------------------- So initialy, this line is like that : lsc.syncoptions.group.objectClass.force_value = "top";"group" But i have replace force_value by create_value, like that : lsc.syncoptions.group.objectClass.create_value = "top";"group" But i have always an error, like that ----------------------- mai 31 10:39:27 - ERROR - Error while modifying entry CN=Ingenierie,ou=Services in directory :javax.naming.NameAlreadyBoundException: [LDAP: error code 68 - 00000528: UpdErr: DSID-031A0F4B, problem 6005 (ENTRY_EXISTS), data 0 ]; remaining name 'CN=Ingenierie,ou=Services' mai 31 10:39:27 - ERROR - Error while synchronizing ID CN=Ingenierie,ou=Services: java.lang.Exception: Technical problem while applying modifications to directory dn: CN=Ingenierie,ou=Services,dc=nomotech,dc=local changetype: modify replace: member member: CN=Matteo Vivier,OU=Utilisateurs,DC=nomotech,DC=local - replace: objectClass objectClass: groupOfUniqueNames objectClass: top -------------------- Its not completely the same.Try lsc.syncoptions.group.default.action = K lsc.syncoptions.group.objectClass.create_value = "top";"group"So I have tried, but in my exemple, i have to groups, and i have modify members for only one. And when i launch the sync with the new configuration, my group who i have modify member do not displayed, and i have no modification in my AD. ----------------------- mai 31 10:47:58 - ERROR - Error while modifying entry CN=Ingenierie,ou=Services in directory :javax.naming.NameAlreadyBoundException: [LDAP: error code 68 - 00000528: UpdErr: DSID-031A0F4B, problem 6005 (ENTRY_EXISTS), data 0 ]; remaining name 'CN=Ingenierie,ou=Services' mai 31 10:47:58 - ERROR - Error while synchronizing ID CN=Ingenierie,ou=Services: java.lang.Exception: Technical problem while applying modifications to directory dn: CN=Ingenierie,ou=Services,dc=nomotech,dc=local changetype: modify add: member member: CN=Matteo Vivier,OU=Utilisateurs,DC=nomotech,DC=local mai 31 10:47:58 - ERROR - All entries: 2, to modify entries: 1, modified entries: 0, errors: 1 ----------------------------------- So this group are not modify.This is strange, because the LDIF output says your are doing a modification, but the AD error (68 - ALREADY EXISTS) should correspond to an add and not a modification... Could you maybe trap network packets to see what is the real LDAP request done? You can use wireshark to do this. Clément.
I have make a trap with wireshark, i have join the file Thanks for help
capture.pcap
Description: application/cap
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
