Hello,
I had success to import user from OpenLdap to AD. I populate some
attributs but when i want to update these attributs it doesn't work.
I put all my syncoptions actions to F and force_value, and also
*.condition.xxxx to true but nothing change.
_Here log from creation operation :_
juil. 08 10:22:38 - INFO - # Adding new entry cn=Frédéric TRUCTIN-MAVRE
for FirstTask
dn::
Y249RnLDqWTDqXJpYyBUUlVDVElOLU1BVlJFLE9VPVZNX1VzZXJzLE9VPVZJRVcsREM9ZXR1ZGlhbnRzLERDPWNmYQ==
changetype: add
userPrincipalName: [email protected]
mail: [email protected]
sn: TRUCTIN-MAVRE
cn:: RnLDqWTDqXJpYyBUUlVDVElOLU1BVlJF
sAMAccountName: ftructin
userAccountControl: 512
unicodePwd:: IgBxAHMAZABmAGcAaABBADEALwAiAA==
objectClass: user
juil. 08 10:22:38 - INFO - All entries: 1, to modify entries: 1,
modified entries: 1, errors: 0
juil. 08 10:22:38 - INFO - Starting clean for FirstTask
_Here log from update operation :_
juil. 08 10:22:55 - WARN - WARNING: updating the RDN of the entry will
cancel other modifications! Relaunch synchronization to complete update.
juil. 08 10:22:55 - INFO - # Renaming entry CN=Frédéric
TRUCTIN-MAVRE,OU=VM_Users,OU=VIEW,DC=etudiants,DC=cfa for FirstTask
dn::
Q049RnLDqWTDqXJpYyBUUlVDVElOLU1BVlJFLE9VPVZNX1VzZXJzLE9VPVZJRVcsREM9ZXR1ZGlhbnRzLERDPWNmYQ==
changetype: modrdn
newrdn: cn=Frédéric TRUCTIN-MAVRE
deleteoldrdn: 1
newsuperior: OU=VM_Users,OU=VIEW,DC=etudiants,DC=cfa
juil. 08 10:22:55 - INFO - All entries: 1, to modify entries: 1,
modified entries: 1, errors: 0
_Here my code :_
###############
# Tasks configuration #
###############
lsc.tasks = FirstTask
# Java class name for the service to read objects from the source
# Either "org.lsc.jndi.SimpleJndiSrcService" for ldap2ldap, or
# "org.lsc.service.SimpleJdbcSrcService" for db2ldap
# According to which service you use here, you only need *one* of the
following sections
lsc.tasks.FirstTask.srcService = org.lsc.jndi.SimpleJndiSrcService
# Filter to list all entries to synchronize
lsc.tasks.FirstTask.srcService.filterAll =
(&(uid=ftructin)(objectClass=inetOrgPerson))
# Attributes to read from all entries used to match objects between
source and destination
lsc.tasks.FirstTask.srcService.pivotAttrs = uid
# Filter to read one entry to synchronize, based on pivotAttrs above
lsc.tasks.FirstTask.srcService.filterId =
(&(objectClass=inetOrgPerson)(uid={uid}))
# Attributes to read from each entry used to read and write data
lsc.tasks.FirstTask.srcService.attrs = description cn sn userPassword
uid mail
### SimpleJdbcSrcService parameters
# Request name from a file in CONFIGURATION_DIR/sql-map-config.d/
# to read a full list of pivot attributes for all objects to be synchronized
lsc.tasks.FirstTask.srcService.requestNameForList = getAllPeoplePivots
# Request name from a file in CONFIGURATION_DIR/sql-map-config.d/
# to read a single entry to be synchronized given a set of pivot attributes
lsc.tasks.FirstTask.srcService.requestNameForObject = getOnePerson
# Java class name for the service to read and write objects in the
destination
# Usually "org.lsc.jndi.SimpleJndiDstService".
lsc.tasks.FirstTask.dstService = org.lsc.jndi.SimpleJndiDstService
# Base DN for searches in the directory
lsc.tasks.FirstTask.dstService.baseDn =
OU=VM_Users,OU=VIEW,DC=etudiants,DC=cfa
# Filter to list all entries to synchronize
lsc.tasks.FirstTask.dstService.filterAll =
(&(uid=*)(objectClass=inetOrgPerson))
# Attributes to read from all entries used to match objects between
source and destination
lsc.tasks.FirstTask.dstService.pivotAttrs = uid
# Filter to read one entry to synchronize, based on pivotAttrs above
lsc.tasks.FirstTask.dstService.filterId =
(&(objectClass=user)(sAMAccountName={uid}))
# Attributes to read from each entry used to read and write data
lsc.tasks.FirstTask.dstService.attrs = description cn sn objectClass
sAMAccountName mail unicodePwd userAccountControl userPrincipalName memberOf
# Java class name for the LDAP objectClass to compare source and
destination objects
# This should be the LDAP objectClass of entries in the destination
directory
lsc.tasks.FirstTask.bean = org.lsc.beans.SimpleBean
# Construct a DN for new entries in the destination directory
# This is a JavaScript expression, and can access any utility functions
and the srcBean.
# It should be relative to the LDAP context specified in
dst.java.naming.provider.url
lsc.tasks.FirstTask.dn = "cn=" + srcBean.getAttributeValueById("cn") + ""
dn.real_root = dc=lsc-project,dc=org
#############################
# Syncoptions configuration #
#############################
# This section defines synchronization rules for each task, attribute by
attribute
# Define the implementation to use. PropertiesBasedSyncOptions is
usually what you want.
# The only current alternative is ForceSyncOptions, which don't take any
configuration.
lsc.syncoptions.FirstTask =
org.lsc.beans.syncoptions.PropertiesBasedSyncOptions
# Set default behavior for all attributes not explicitly specified below
# See documentation at
http://lsc-project.org/wiki/documentation/1.2/configuration/syncoptions
lsc.syncoptions.FirstTask.default.action = F
# Set default delimiter for multiple values for an attribute.
# This is normally a semi-colon (;) but can be problematic when writing
complex JavaScript
lsc.syncoptions.FirstTask.default.delimiter = $
# Sample syncoption for the SN attribute: force update, and put value
from source in capitals
lsc.syncoptions.FirstTask.sn.action = F
lsc.syncoptions.FirstTask.sn.force_value =
srcBean.getAttributeValueById("sn").toUpperCase()
# Many other possibilities are available in SyncOptions.
# You can write any JavaScript code in a default_value, force_value or
create_value.
# See http://lsc-project.org/wiki/documentation/1.2/configuration/start
for more.
# objectClass <- top/user/person/organizationalperson
lsc.syncoptions.FirstTask.objectClass.action = F
lsc.syncoptions.FirstTask.objectClass.force_value = \
"user"
# sAMAccountName <- uid
lsc.syncoptions.FirstTask.sAMAccountName.force_value = \
srcBean.getAttributeValueById("uid")
# Ajout de mail
lsc.syncoptions.FirstTask.mail.force_value = \
srcBean.getAttributeValueById("mail")
# userPrincipalName <- uid
lsc.syncoptions.FirstTask.userPrincipalName.force_value = \
srcBean.getAttributeValueById("uid")
# userAccountControl
lsc.syncoptions.FirstTask.userAccountControl.force_value = \
AD.userAccountControlSet( "0", [AD.UAC_SET_NORMAL_ACCOUNT])
# pwdLastSet <- 0 to force user to change password on next connection
#lsc.syncoptions.FirstTask.pwdLastset.create_value = "0"
# unicodePwd <- "changeit" at creation (requires SSL connection to AD)
lsc.syncoptions.FirstTask.unicodePwd.action = F
lsc.syncoptions.FirstTask.unicodePwd.force_value =
AD.getUnicodePwd(srcBean.getAttributeValueById("userPassword"))
# Force userPrincipalName
lsc.syncoptions.FirstTask.userPrincipalName.action = F
lsc.syncoptions.FirstTask.userPrincipalName.force_value = \
srcBean.getAttributeValueById("uid")+"@etudiants.cfa"
Thanks you in advance
Fred
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
