Le 31 mai 2010 10:59, Romain <[email protected]> a écrit : > Le 31/05/2010 10:54, Clément OUDOT a écrit : >> >> Le 31 mai 2010 10:51, Romain<[email protected]> a écrit : >> >>> >>> Le 31/05/2010 10:43, Clément OUDOT a écrit : >>> >>>> >>>> Le 31 mai 2010 10:40, Romain<[email protected]> a écrit : >>>> >>>> >>>>> >>>>> Le 31/05/2010 10:27, Clément OUDOT a écrit : >>>>> >>>>> >>>>>> >>>>>> Le 31 mai 2010 10:23, Romain<[email protected]> a écrit : >>>>>> >>>>>> >>>>>> >>>>>>> >>>>>>> Hello, >>>>>>> >>>>>>> I have succedded to sync Group, and the member of this group, but i >>>>>>> have >>>>>>> no >>>>>>> an error. Indeed, for exemple, i add an user member of a group (or i >>>>>>> delete). So after this change, i launch the sync with the AD. But i >>>>>>> have >>>>>>> an >>>>>>> error when i tried to modify. >>>>>>> >>>>>>> Here is my error >>>>>>> --------------------- >>>>>>> mai 31 10:19:50 - ERROR - Error while modifying entry >>>>>>> CN=Ingenierie,ou=Services in directory >>>>>>> :javax.naming.NameAlreadyBoundException: [LDAP: error code 68 - >>>>>>> 00000528: >>>>>>> UpdErr: DSID-031A0F4B, problem 6005 (ENTRY_EXISTS), data 0 >>>>>>> ]; remaining name 'CN=Ingenierie,ou=Services' >>>>>>> mai 31 10:19:50 - ERROR - Error while synchronizing ID >>>>>>> CN=Ingenierie,ou=Services: java.lang.Exception: Technical problem >>>>>>> while >>>>>>> applying modifications to directory >>>>>>> dn: CN=Ingenierie,ou=Services,dc=nomotech,dc=local >>>>>>> changetype: modify >>>>>>> replace: member >>>>>>> member: CN=Matteo Vivier,OU=Utilisateurs,DC=nomotech,DC=local >>>>>>> - >>>>>>> replace: objectClass >>>>>>> objectClass: group >>>>>>> -------------------------- >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> I think objectClass should not be replaced. Set objectClass value in >>>>>> create_value only. >>>>>> >>>>>> Clément. >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>> >>>>> Here is my Syncoptions for group >>>>> ------------------- >>>>> lsc.syncoptions.group = >>>>> org.lsc.beans.syncoptions.PropertiesBasedSyncOptions >>>>> lsc.syncoptions.group.default.action = F >>>>> lsc.syncoptions.group.objectClass.force_value = "top";"group" >>>>> lsc.syncoptions.group.default.delimiter = $ >>>>> lsc.syncoptions.group.member.force_value = \ >>>>> var umembers = \ >>>>> srcBean.getAttributeValuesById("uniqueMember").toArray() ; \ >>>>> for (var i=0; i<umembers.length; i++ ) { \ >>>>> try { \ >>>>> umembers[i] = ldap.attribute(ldap.list( "ou=Utilisateurs", \ >>>>> "(sAMAccountName=" \ >>>>> + (srcLdap.attribute(umembers[i], 'uid').get(0) \ >>>>> + ")" \ >>>>> )).get(0), 'distinguishedname').get(0) \ >>>>> } catch (e) { \ >>>>> umembers[i]=null \ >>>>> } \ >>>>> } \ >>>>> var members = new Array(); \ >>>>> var j=0; \ >>>>> for (var i=0; i<umembers.length; i++) { \ >>>>> if (umembers[i]!=null) members[j++]=umembers[i] \ >>>>> } \ >>>>> members >>>>> --------------------- >>>>> So initialy, this line is like that : >>>>> lsc.syncoptions.group.objectClass.force_value = "top";"group" >>>>> But i have replace force_value by create_value, like that : >>>>> lsc.syncoptions.group.objectClass.create_value = "top";"group" >>>>> >>>>> But i have always an error, like that >>>>> ----------------------- >>>>> mai 31 10:39:27 - ERROR - Error while modifying entry >>>>> CN=Ingenierie,ou=Services in directory >>>>> :javax.naming.NameAlreadyBoundException: [LDAP: error code 68 - >>>>> 00000528: >>>>> UpdErr: DSID-031A0F4B, problem 6005 (ENTRY_EXISTS), data 0 >>>>> ]; remaining name 'CN=Ingenierie,ou=Services' >>>>> mai 31 10:39:27 - ERROR - Error while synchronizing ID >>>>> CN=Ingenierie,ou=Services: java.lang.Exception: Technical problem while >>>>> applying modifications to directory >>>>> dn: CN=Ingenierie,ou=Services,dc=nomotech,dc=local >>>>> changetype: modify >>>>> replace: member >>>>> member: CN=Matteo Vivier,OU=Utilisateurs,DC=nomotech,DC=local >>>>> - >>>>> replace: objectClass >>>>> objectClass: groupOfUniqueNames >>>>> objectClass: top >>>>> -------------------- >>>>> Its not completely the same. >>>>> >>>>> >>>>> >>>> >>>> Try >>>> >>>> lsc.syncoptions.group.default.action = K >>>> lsc.syncoptions.group.objectClass.create_value = "top";"group" >>>> >>>> >>>> >>>> >>> >>> So I have tried, but in my exemple, i have to groups, and i have modify >>> members for only one. And when i launch the sync with the new >>> configuration, >>> my group who i have modify member do not displayed, and i have no >>> modification in my AD. >>> ----------------------- >>> mai 31 10:47:58 - ERROR - Error while modifying entry >>> CN=Ingenierie,ou=Services in directory >>> :javax.naming.NameAlreadyBoundException: [LDAP: error code 68 - 00000528: >>> UpdErr: DSID-031A0F4B, problem 6005 (ENTRY_EXISTS), data 0 >>> ]; remaining name 'CN=Ingenierie,ou=Services' >>> mai 31 10:47:58 - ERROR - Error while synchronizing ID >>> CN=Ingenierie,ou=Services: java.lang.Exception: Technical problem while >>> applying modifications to directory >>> dn: CN=Ingenierie,ou=Services,dc=nomotech,dc=local >>> changetype: modify >>> add: member >>> member: CN=Matteo Vivier,OU=Utilisateurs,DC=nomotech,DC=local >>> >>> mai 31 10:47:58 - ERROR - All entries: 2, to modify entries: 1, modified >>> entries: 0, errors: 1 >>> ----------------------------------- >>> So this group are not modify. >>> >> >> This is strange, because the LDIF output says your are doing a >> modification, but the AD error (68 - ALREADY EXISTS) should correspond >> to an add and not a modification... >> >> Could you maybe trap network packets to see what is the real LDAP >> request done? You can use wireshark to do this. >> >> Clément. >> >> >> > > But this group "Ingenierie" was not modify in my OpenLDAP. Only the group > "NOC", but he was not displayed ... > > I have make a trap with wireshark, i have join the file
It's LDAPS so we cannot see the LDAP queries! _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
