Le 31/05/2010 11:03, Clément OUDOT a écrit :
Le 31 mai 2010 10:59, Romain<[email protected]> a écrit :
Le 31/05/2010 10:54, Clément OUDOT a écrit :
Le 31 mai 2010 10:51, Romain<[email protected]> a écrit :
Le 31/05/2010 10:43, Clément OUDOT a écrit :
Le 31 mai 2010 10:40, Romain<[email protected]> a écrit :
Le 31/05/2010 10:27, Clément OUDOT a écrit :
Le 31 mai 2010 10:23, Romain<[email protected]> a écrit :
Hello,
I have succedded to sync Group, and the member of this group, but i
have
no
an error. Indeed, for exemple, i add an user member of a group (or i
delete). So after this change, i launch the sync with the AD. But i
have
an
error when i tried to modify.
Here is my error
---------------------
mai 31 10:19:50 - ERROR - Error while modifying entry
CN=Ingenierie,ou=Services in directory
:javax.naming.NameAlreadyBoundException: [LDAP: error code 68 -
00000528:
UpdErr: DSID-031A0F4B, problem 6005 (ENTRY_EXISTS), data 0
]; remaining name 'CN=Ingenierie,ou=Services'
mai 31 10:19:50 - ERROR - Error while synchronizing ID
CN=Ingenierie,ou=Services: java.lang.Exception: Technical problem
while
applying modifications to directory
dn: CN=Ingenierie,ou=Services,dc=nomotech,dc=local
changetype: modify
replace: member
member: CN=Matteo Vivier,OU=Utilisateurs,DC=nomotech,DC=local
-
replace: objectClass
objectClass: group
--------------------------
I think objectClass should not be replaced. Set objectClass value in
create_value only.
Clément.
Here is my Syncoptions for group
-------------------
lsc.syncoptions.group =
org.lsc.beans.syncoptions.PropertiesBasedSyncOptions
lsc.syncoptions.group.default.action = F
lsc.syncoptions.group.objectClass.force_value = "top";"group"
lsc.syncoptions.group.default.delimiter = $
lsc.syncoptions.group.member.force_value = \
var umembers = \
srcBean.getAttributeValuesById("uniqueMember").toArray() ; \
for (var i=0; i<umembers.length; i++ ) { \
try { \
umembers[i] = ldap.attribute(ldap.list( "ou=Utilisateurs", \
"(sAMAccountName=" \
+ (srcLdap.attribute(umembers[i], 'uid').get(0) \
+ ")" \
)).get(0), 'distinguishedname').get(0) \
} catch (e) { \
umembers[i]=null \
} \
} \
var members = new Array(); \
var j=0; \
for (var i=0; i<umembers.length; i++) { \
if (umembers[i]!=null) members[j++]=umembers[i] \
} \
members
---------------------
So initialy, this line is like that :
lsc.syncoptions.group.objectClass.force_value = "top";"group"
But i have replace force_value by create_value, like that :
lsc.syncoptions.group.objectClass.create_value = "top";"group"
But i have always an error, like that
-----------------------
mai 31 10:39:27 - ERROR - Error while modifying entry
CN=Ingenierie,ou=Services in directory
:javax.naming.NameAlreadyBoundException: [LDAP: error code 68 -
00000528:
UpdErr: DSID-031A0F4B, problem 6005 (ENTRY_EXISTS), data 0
]; remaining name 'CN=Ingenierie,ou=Services'
mai 31 10:39:27 - ERROR - Error while synchronizing ID
CN=Ingenierie,ou=Services: java.lang.Exception: Technical problem while
applying modifications to directory
dn: CN=Ingenierie,ou=Services,dc=nomotech,dc=local
changetype: modify
replace: member
member: CN=Matteo Vivier,OU=Utilisateurs,DC=nomotech,DC=local
-
replace: objectClass
objectClass: groupOfUniqueNames
objectClass: top
--------------------
Its not completely the same.
Try
lsc.syncoptions.group.default.action = K
lsc.syncoptions.group.objectClass.create_value = "top";"group"
So I have tried, but in my exemple, i have to groups, and i have modify
members for only one. And when i launch the sync with the new
configuration,
my group who i have modify member do not displayed, and i have no
modification in my AD.
-----------------------
mai 31 10:47:58 - ERROR - Error while modifying entry
CN=Ingenierie,ou=Services in directory
:javax.naming.NameAlreadyBoundException: [LDAP: error code 68 - 00000528:
UpdErr: DSID-031A0F4B, problem 6005 (ENTRY_EXISTS), data 0
]; remaining name 'CN=Ingenierie,ou=Services'
mai 31 10:47:58 - ERROR - Error while synchronizing ID
CN=Ingenierie,ou=Services: java.lang.Exception: Technical problem while
applying modifications to directory
dn: CN=Ingenierie,ou=Services,dc=nomotech,dc=local
changetype: modify
add: member
member: CN=Matteo Vivier,OU=Utilisateurs,DC=nomotech,DC=local
mai 31 10:47:58 - ERROR - All entries: 2, to modify entries: 1, modified
entries: 0, errors: 1
-----------------------------------
So this group are not modify.
This is strange, because the LDIF output says your are doing a
modification, but the AD error (68 - ALREADY EXISTS) should correspond
to an add and not a modification...
Could you maybe trap network packets to see what is the real LDAP
request done? You can use wireshark to do this.
Clément.
But this group "Ingenierie" was not modify in my OpenLDAP. Only the group
"NOC", but he was not displayed ...
I have make a trap with wireshark, i have join the file
It's LDAPS so we cannot see the LDAP queries!
Its no good. I have succedded with this modification :
----------------
lsc.syncoptions.group.default.action = F
lsc.syncoptions.group.objectClass.action = K
lsc.syncoptions.group.objectClass.force_value = "top";"group"
-------------
At the begin i have no this line :
lsc.syncoptions.group.objectClass.action = K
So its good, the modification was now apply.
Thanks for your help Clement.
Regards
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
