Hi,
I think I had the same problem.
The Names of the the groupmembers look like:
memberUid: username
and not:
member: cn=username,ou=people,dc=ldap,dc=test
So here is my configuration:
lsc.syncoptions.group.member.force_value = var umembers =
srcBean.getAttributeValuesById("memberUid").toArray() ; for (var i=0;
i<umembers.length; i++ ) { try { umembers[i] = ldap.attribute(ldap.list(
"OU=lsc", "(sAMAccountName=" + (umembers[i]) + ")").get(0),
'distinguishedname').get(0) } catch (e) { umembers[i]=null } } var members =
new Array(); var j=0; for (var i=0; i<umembers.length; i++) { if
(umembers[i]!=null) members[j++]=umembers[i] } members
So, because you already can match memberUid with sAMAccountName you can change
##(sAMAccountName=" + (srcLdap.attribute(umembers[i], 'uid').get(0) + ")"))##
to ##(sAMAccountName=" + (umembers[i])##
Good luck!
Regards,
Gunter
-----Ursprüngliche Nachricht-----
Von: [email protected]
[mailto:[email protected]] Im Auftrag von Alexey Wasilyev
Gesendet: Freitag, 4. Juni 2010 08:22
An: [email protected]
Betreff: [lsc-users] groups ad/openldap
Hello
With your help, syncing of users from ldap to ad works ok. Now it's tyme
to sync groups.
I try to write config according to
http://lsc-project.org/wiki/documentation/1.1/tutorials/synchronizegroups
Can you explain me javascript, used for
lsc.syncoptions.group.member.force_value?
Here is my config:
lsc.tasks.group.bean = org.lsc.beans.SimpleBean
lsc.tasks.group.dn = "cn=" + srcBean.getAttributeValueById("cn") +
",ou=groups"
lsc.tasks.group.srcService = org.lsc.jndi.SimpleJndiSrcService
lsc.tasks.group.srcService.attrs = cn description memberUid
lsc.tasks.group.srcService.baseDn = ou=groups
lsc.tasks.group.srcService.filterAll = (objectClass=groupOfNames)
lsc.tasks.group.srcService.filterId = (&(objectClass=groupOfNames)(cn={cn}))
lsc.tasks.group.srcService.pivotAttrs = cn
lsc.tasks.group.dstService = org.lsc.jndi.SimpleJndiDstService
lsc.tasks.group.dstService.attrs = cn description member objectClass
lsc.tasks.group.dstService.baseDn = ou=groups
lsc.tasks.group.dstService.filterAll = (objectClass=group)
lsc.tasks.group.dstService.filterId = (&(objectClass=group)(cn={cn}))
lsc.tasks.group.dstService.pivotAttrs = cn
lsc.syncoptions.group = org.lsc.beans.syncoptions.PropertiesBasedSyncOptions
lsc.syncoptions.group.default.action = F
lsc.syncoptions.group.objectClass.force_value = "top";"group"
lsc.syncoptions.group.member.delimiter = $
lsc.syncoptions.group.member.force_value = \
var umembers = srcBean.getAttributeValuesById("member").toArray() ; \
for (var i=0; i<umembers.length; i++ ) { \
try { \
umembers[i] = ldap.attribute(ldap.list(
"cn=users","(sAMAccountName=" + (srcLdap.attribute(umembers[i],
'uid').get(0) + ")")).get(0), 'distinguishedname').get(0) \
} catch (e) { \
umembers[i]=null \
} \
} \
var members = new Array(); \
var j=0; \
for (var i=0; i<umembers.length; i++) { \
if (umembers[i]!=null) members[j++]=umembers[i] \
} \
members
Our openldap don't have uniqueMember attribute, i change it with Member.
Same thing for groupOfUniqueNames -> groupOfNames.
Also, we don't have distinguishedname attribute in openldap, and i don't
know how to replace it.
In this configuration groups syncing ok, but withous memberships.
--
Alexey Wasilyev
Systems Administrator
Grid Dynamics
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
