Hi,
try:
lsc.tasks.ADuser.dstService.pivotAttrs = uid
instead of:
lsc.tasks.ADuser.dstService.pivotAttrs = sAMAccountName
and
lsc.tasks.ADuser.dstService.filterId =
(&(objectClass=user)(sAMAccountName={uid}))
also you dont´t have "sAMAccountName" in:
lsc.tasks.ADuser.dstService.attrs = cn givenName sn objectClass
try:
lsc.tasks.ADuser.dstService.attrs = cn sn objectClass sAMAccountName
displayName userPrincipalName mail userAccountControl givenName unicodePwd
So you try to write an attribut which you haven´t classified, I think....
Regards,
Gunter
-----Ursprüngliche Nachricht-----
Von: Alexey Wasilyev [mailto:[email protected]]
Gesendet: Montag, 31. Mai 2010 11:17
An: Gunter Holzer
Betreff: Re: AW: [lsc-users] ad vs ldap
31.05.2010 13:14, Gunter Holzer пишет:
> > Hi,
> >
> > cn=Users is correct for AD, as it is a builtin group. If you make your own
> > new groups ou= would be correct.
> >
>
for first time, i want to sync to builtin OU.
> > Are your users from LDAP correctly synced to AD and then the existing
> > users in AD get deleted by LSC, or get the new users from LDAP deleted.
> > If it is the first then try:
> > lsc.tasks.YOUR_TASK_NAME.condition.delete = false
> >
>
No, it's second case. New users deleted.
31.05.2010 13:14, Gunter Holzer пишет:
> Hi,
>
> cn=Users is correct for AD, as it is a builtin group. If you make your own
> new groups ou= would be correct.
>
> Are your users from LDAP correctly synced to AD and then the existing users
> in AD get deleted by LSC, or get the new users from LDAP deleted.
> If it is the first then try:
> lsc.tasks.YOUR_TASK_NAME.condition.delete = false
>
> Regards,
>
> Gunter
>
> -----Ursprüngliche Nachricht-----
> Von: [email protected]
> [mailto:[email protected]] Im Auftrag von Sebastien
> Bahloul
> Gesendet: Montag, 31. Mai 2010 11:01
> An: Alexey Wasilyev
> Cc: [email protected]
> Betreff: Re: [lsc-users] ad vs ldap
>
> Hi Alexey,
>
> This means that the configuration you have done is incorrect. I think that you
> may have done an error in the following 4 lines :
>
> lsc.tasks.ADuser.dstService.baseDn = cn=users
> lsc.tasks.ADuser.dstService.filterAll =
> (&(sAMAccountName=*)(objectClass=user))
> lsc.tasks.ADuser.dstService.pivotAttrs = sAMAccountName
> lsc.tasks.ADuser.dstService.filterId = (&(objectClass=user)
> (sAMAccountName={sAMAccountName}))
>
> When entries are created in AD, check where they are (the base dn). I suggest
> you check the "cn=users", because as I know it is probably more "ou=users"
>
> Regards,
>
> Le lundi 31 mai 2010 10:53:01, Alexey Wasilyev a écrit :
>
>> Here is config:
>>
>>
>> lsc.tasks = ADuser
>> lsc.tasks.ADuser.srcService = org.lsc.jndi.SimpleJndiSrcService
>> lsc.tasks.ADuser.srcService.baseDn = ou=people,ou=griddynamics
>> lsc.tasks.ADuser.srcService.filterAll =
>> (&(uid=*)(objectClass=inetOrgPerson))
>> lsc.tasks.ADuser.srcService.pivotAttrs = uid
>> lsc.tasks.ADuser.srcService.filterId =
>> (&(objectClass=inetOrgPerson)(uid={uid}))
>> lsc.tasks.ADuser.srcService.attrs = givenName cn sn uid
>> lsc.tasks.ADuser.dstService = org.lsc.jndi.SimpleJndiDstService
>> lsc.tasks.ADuser.dstService.baseDn = cn=users
>> lsc.tasks.ADuser.dstService.filterAll =
>> (&(sAMAccountName=*)(objectClass=user))
>> lsc.tasks.ADuser.dstService.pivotAttrs = sAMAccountName
>> lsc.tasks.ADuser.dstService.filterId =
>> (&(objectClass=user)(sAMAccountName={sAMAccountName}))
>> lsc.tasks.ADuser.dstService.attrs = cn givenName sn objectClass
>> sAMAccountName
>> lsc.tasks.ADuser.bean = org.lsc.beans.SimpleBean
>> lsc.tasks.ADuser.dn = "cn=" + srcBean.getAttributeValueById("cn") +
>> ",cn=Users"
>> lsc.syncoptions.ADuser =
>> org.lsc.beans.syncoptions.PropertiesBasedSyncOptions
>> lsc.syncoptions.ADuser.default.action = F
>> lsc.syncoptions.ADuser.objectClass.action = F
>> lsc.syncoptions.ADuser.objectClass.force_value =
>> "top";"user";"person";"organizationalPerson"
>> lsc.syncoptions.ADuser.sAMAccountName.create_value =
>> srcBean.getAttributeValueById("uid")
>> lsc.syncoptions.ADuser.userPrincipalName.force_value =
>> srcBean.getAttributeValueById("uid") + "@ad.griddynamics.net"
>> lsc.syncoptions.ADuser.userAccountControl.create_value =
>> AD.userAccountControlSet( "0", [AD.UAC_SET_NORMAL_ACCOUNT])
>>
>> after i run
>> lsc -f etc -c all -s all -n
>> all users from ldab created in ad and then all users deleted from ad.
>> whats wrong?
>>
>
--
Alexey Wasilyev
Systems Administrator
Grid Dynamics
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
