Le 31/05/2010 11:03, Clément OUDOT a écrit :
Just for trap, i have delete ldaps and use ldap queries. So i have join the new trapLe 31 mai 2010 10:59, Romain<[email protected]> a écrit :Le 31/05/2010 10:54, Clément OUDOT a écrit :Le 31 mai 2010 10:51, Romain<[email protected]> a écrit :Le 31/05/2010 10:43, Clément OUDOT a écrit :Le 31 mai 2010 10:40, Romain<[email protected]> a écrit :Le 31/05/2010 10:27, Clément OUDOT a écrit :Le 31 mai 2010 10:23, Romain<[email protected]> a écrit :Hello, I have succedded to sync Group, and the member of this group, but i have no an error. Indeed, for exemple, i add an user member of a group (or i delete). So after this change, i launch the sync with the AD. But i have an error when i tried to modify. Here is my error --------------------- mai 31 10:19:50 - ERROR - Error while modifying entry CN=Ingenierie,ou=Services in directory :javax.naming.NameAlreadyBoundException: [LDAP: error code 68 - 00000528: UpdErr: DSID-031A0F4B, problem 6005 (ENTRY_EXISTS), data 0 ]; remaining name 'CN=Ingenierie,ou=Services' mai 31 10:19:50 - ERROR - Error while synchronizing ID CN=Ingenierie,ou=Services: java.lang.Exception: Technical problem while applying modifications to directory dn: CN=Ingenierie,ou=Services,dc=nomotech,dc=local changetype: modify replace: member member: CN=Matteo Vivier,OU=Utilisateurs,DC=nomotech,DC=local - replace: objectClass objectClass: group --------------------------I think objectClass should not be replaced. Set objectClass value in create_value only. Clément.Here is my Syncoptions for group ------------------- lsc.syncoptions.group = org.lsc.beans.syncoptions.PropertiesBasedSyncOptions lsc.syncoptions.group.default.action = F lsc.syncoptions.group.objectClass.force_value = "top";"group" lsc.syncoptions.group.default.delimiter = $ lsc.syncoptions.group.member.force_value = \ var umembers = \ srcBean.getAttributeValuesById("uniqueMember").toArray() ; \ for (var i=0; i<umembers.length; i++ ) { \ try { \ umembers[i] = ldap.attribute(ldap.list( "ou=Utilisateurs", \ "(sAMAccountName=" \ + (srcLdap.attribute(umembers[i], 'uid').get(0) \ + ")" \ )).get(0), 'distinguishedname').get(0) \ } catch (e) { \ umembers[i]=null \ } \ } \ var members = new Array(); \ var j=0; \ for (var i=0; i<umembers.length; i++) { \ if (umembers[i]!=null) members[j++]=umembers[i] \ } \ members --------------------- So initialy, this line is like that : lsc.syncoptions.group.objectClass.force_value = "top";"group" But i have replace force_value by create_value, like that : lsc.syncoptions.group.objectClass.create_value = "top";"group" But i have always an error, like that ----------------------- mai 31 10:39:27 - ERROR - Error while modifying entry CN=Ingenierie,ou=Services in directory :javax.naming.NameAlreadyBoundException: [LDAP: error code 68 - 00000528: UpdErr: DSID-031A0F4B, problem 6005 (ENTRY_EXISTS), data 0 ]; remaining name 'CN=Ingenierie,ou=Services' mai 31 10:39:27 - ERROR - Error while synchronizing ID CN=Ingenierie,ou=Services: java.lang.Exception: Technical problem while applying modifications to directory dn: CN=Ingenierie,ou=Services,dc=nomotech,dc=local changetype: modify replace: member member: CN=Matteo Vivier,OU=Utilisateurs,DC=nomotech,DC=local - replace: objectClass objectClass: groupOfUniqueNames objectClass: top -------------------- Its not completely the same.Try lsc.syncoptions.group.default.action = K lsc.syncoptions.group.objectClass.create_value = "top";"group"So I have tried, but in my exemple, i have to groups, and i have modify members for only one. And when i launch the sync with the new configuration, my group who i have modify member do not displayed, and i have no modification in my AD. ----------------------- mai 31 10:47:58 - ERROR - Error while modifying entry CN=Ingenierie,ou=Services in directory :javax.naming.NameAlreadyBoundException: [LDAP: error code 68 - 00000528: UpdErr: DSID-031A0F4B, problem 6005 (ENTRY_EXISTS), data 0 ]; remaining name 'CN=Ingenierie,ou=Services' mai 31 10:47:58 - ERROR - Error while synchronizing ID CN=Ingenierie,ou=Services: java.lang.Exception: Technical problem while applying modifications to directory dn: CN=Ingenierie,ou=Services,dc=nomotech,dc=local changetype: modify add: member member: CN=Matteo Vivier,OU=Utilisateurs,DC=nomotech,DC=local mai 31 10:47:58 - ERROR - All entries: 2, to modify entries: 1, modified entries: 0, errors: 1 ----------------------------------- So this group are not modify.This is strange, because the LDIF output says your are doing a modification, but the AD error (68 - ALREADY EXISTS) should correspond to an add and not a modification... Could you maybe trap network packets to see what is the real LDAP request done? You can use wireshark to do this. Clément.But this group "Ingenierie" was not modify in my OpenLDAP. Only the group "NOC", but he was not displayed ... I have make a trap with wireshark, i have join the fileIt's LDAPS so we cannot see the LDAP queries!
capture.pcap
Description: application/cap
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
