2010/6/11 Gunter Holzer <[email protected]>: > Has no one an idea? > > -----Ursprüngliche Nachricht----- > Von: [email protected] > [mailto:[email protected]] Im Auftrag von Gunter Holzer > Gesendet: Donnerstag, 10. Juni 2010 12:45 > An: Jonathan Clarke > Cc: [email protected] > Betreff: Re: [lsc-users] move user to different OU > > Hi, > > thanks to Jonathan for the fast bugfix! > Users can now be found in the whole AD structure. > > But now I have another problem: > If I move a group to another ou lsc seems not to be able to find it and sync > the group members. > I have an ou "lsc". In this ou I have 4 sub ou´s "new", "group", "test1", > "test2". > > Users are synced to "new" and groups to "group". > I can successfully move a user to "test1" and the group membership is still > synced. > > But if I now move the group from ou "group" to ou "test1", the group > membership is no longer synced. > > Here is my config: > > #============================================================================== > # Task "group" > #============================================================================== > > lsc.tasks.group.bean = org.lsc.beans.SimpleBean > > lsc.tasks.group.dn = "cn=" + srcBean.getAttributeValueById("cn") + > ",ou=group,ou=lsc" > > lsc.tasks.group.srcService = org.lsc.jndi.SimpleJndiSrcService > lsc.tasks.group.srcService.attrs = cn description memberUid member > lsc.tasks.group.srcService.baseDn = ou=Groups > lsc.tasks.group.srcService.filterAll = (objectClass=posixGroup) > lsc.tasks.group.srcService.filterId = (&(objectClass=posixGroup)(cn={cn})) > lsc.tasks.group.srcService.pivotAttrs = cn > > lsc.tasks.group.dstService = org.lsc.jndi.SimpleJndiDstService > lsc.tasks.group.dstService.attrs = cn description member objectClass > sAMAccountName > lsc.tasks.group.dstService.baseDn = ou=lsc > lsc.tasks.group.dstService.filterAll = (objectClass=group) > lsc.tasks.group.dstService.filterId = (&(objectClass=group)(cn={cn})) > lsc.tasks.group.dstService.pivotAttrs = cn > > lsc.syncoptions.group = org.lsc.beans.syncoptions.PropertiesBasedSyncOptions > lsc.syncoptions.group.default.action = F > > lsc.syncoptions.group.sAMAccountName.create_value = > srcBean.getAttributeValueById("cn") > > lsc.syncoptions.group.objectClass.force_value = "top";"group" > > lsc.syncoptions.group.member.delimiter = $ > lsc.syncoptions.group.member.force_value = var umembers = > srcBean.getAttributeValuesById("memberUid").toArray() ; for (var i=0; > i<umembers.length; i++ ) { try { umembers[i] = ldap.attribute(ldap.search( > "", "(sAMAccountName=" + (umembers[i]) + ")").get(0), > 'distinguishedname').get(0) } catch (e) { umembers[i]=null } } var members = > new Array(); var j=0; for (var i=0; i<umembers.length; i++) { if > (umembers[i]!=null) members[j++]=umembers[i] } members > > #============================================================================== > # End of Task "group" > #==============================================================================
Hi, I you move the group outside ou=group, LSC will not find it, or will try to rename it (as your DN rule - lsc.tasks.group.dn - explicitely push the group in ou=group). Clément. _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
