Hi, cn=Users is correct for AD, as it is a builtin group. If you make your own new groups ou= would be correct.
Are your users from LDAP correctly synced to AD and then the existing users in AD get deleted by LSC, or get the new users from LDAP deleted. If it is the first then try: lsc.tasks.YOUR_TASK_NAME.condition.delete = false Regards, Gunter -----Ursprüngliche Nachricht----- Von: [email protected] [mailto:[email protected]] Im Auftrag von Sebastien Bahloul Gesendet: Montag, 31. Mai 2010 11:01 An: Alexey Wasilyev Cc: [email protected] Betreff: Re: [lsc-users] ad vs ldap Hi Alexey, This means that the configuration you have done is incorrect. I think that you may have done an error in the following 4 lines : lsc.tasks.ADuser.dstService.baseDn = cn=users lsc.tasks.ADuser.dstService.filterAll = (&(sAMAccountName=*)(objectClass=user)) lsc.tasks.ADuser.dstService.pivotAttrs = sAMAccountName lsc.tasks.ADuser.dstService.filterId = (&(objectClass=user) (sAMAccountName={sAMAccountName})) When entries are created in AD, check where they are (the base dn). I suggest you check the "cn=users", because as I know it is probably more "ou=users" Regards, Le lundi 31 mai 2010 10:53:01, Alexey Wasilyev a écrit : > Here is config: > > > lsc.tasks = ADuser > lsc.tasks.ADuser.srcService = org.lsc.jndi.SimpleJndiSrcService > lsc.tasks.ADuser.srcService.baseDn = ou=people,ou=griddynamics > lsc.tasks.ADuser.srcService.filterAll = > (&(uid=*)(objectClass=inetOrgPerson)) > lsc.tasks.ADuser.srcService.pivotAttrs = uid > lsc.tasks.ADuser.srcService.filterId = > (&(objectClass=inetOrgPerson)(uid={uid})) > lsc.tasks.ADuser.srcService.attrs = givenName cn sn uid > lsc.tasks.ADuser.dstService = org.lsc.jndi.SimpleJndiDstService > lsc.tasks.ADuser.dstService.baseDn = cn=users > lsc.tasks.ADuser.dstService.filterAll = > (&(sAMAccountName=*)(objectClass=user)) > lsc.tasks.ADuser.dstService.pivotAttrs = sAMAccountName > lsc.tasks.ADuser.dstService.filterId = > (&(objectClass=user)(sAMAccountName={sAMAccountName})) > lsc.tasks.ADuser.dstService.attrs = cn givenName sn objectClass > sAMAccountName > lsc.tasks.ADuser.bean = org.lsc.beans.SimpleBean > lsc.tasks.ADuser.dn = "cn=" + srcBean.getAttributeValueById("cn") + > ",cn=Users" > lsc.syncoptions.ADuser = > org.lsc.beans.syncoptions.PropertiesBasedSyncOptions > lsc.syncoptions.ADuser.default.action = F > lsc.syncoptions.ADuser.objectClass.action = F > lsc.syncoptions.ADuser.objectClass.force_value = > "top";"user";"person";"organizationalPerson" > lsc.syncoptions.ADuser.sAMAccountName.create_value = > srcBean.getAttributeValueById("uid") > lsc.syncoptions.ADuser.userPrincipalName.force_value = > srcBean.getAttributeValueById("uid") + "@ad.griddynamics.net" > lsc.syncoptions.ADuser.userAccountControl.create_value = > AD.userAccountControlSet( "0", [AD.UAC_SET_NORMAL_ACCOUNT]) > > after i run > lsc -f etc -c all -s all -n > all users from ldab created in ad and then all users deleted from ad. > whats wrong? -- Sebastien BAHLOUL IAM and Security Solutions Manager LINAGORA : http://www.linagora.com/ Tel / Phone : +33 810 251 251 Mobile : +33 (0)6 45 63 27 39 74/80 rue Roque de Fillol 92800 Puteaux ----------- http://linid.org/ - http://linpki.org/ IAM and security Open Source projects _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
