Great,
It took me a while to use the ldapsearch, but it worked.Also works if you add
the "cn=users"
I just need to compare the src baseDN and dst baseDN... think there might be
some mistake. Or I'll try the full DN again :)
Jan 03 15:24:53 - ERROR - Error while looking for
(&(objectClass=user)(sAMAccountName=userX)),(uid=userX) in ou=cc:
javax.naming.directory.InvalidSearchFilterException: invalid attribute
description; remaining name 'ou=cc'Jan 03 15:24:53 - ERROR - Error while
synchronizing ID {uid=userX}:
javax.naming.directory.InvalidSearchFilterException: invalid attribute
description; remaining name 'ou=cc'
Thanks ! !
Date: Tue, 3 Jan 2012 14:54:27 +0100
Subject: Re: [lsc-users] errors running the example: synchronizing to/from
Active Directory
From: [email protected]
To: [email protected]
CC: [email protected]
you can use ldapsearch tool provided by ldaputils
However it's odd to have cn=administrator,dc=foo,dc=bar. Maybe ldp.exe works
negotiating, without specifiying the entire security context.
Try to use cn=administrator,cn=users,dc=foo,dc=bar. Normally you find there the
default administrative account in active directory
Alternativerly maybe you 389 port is not listening in the right interface. Test
from your Ubuntu machine if you are able to do a "telnet someIP 389". If it
works then you are facing ldap security context issues...
On Tue, Jan 3, 2012 at 2:45 PM, Che H M <[email protected]> wrote:
Hi Natan,
Thansk for the correctionFoolish of me not noticing the "(", anyway I have a
syncronization error now, mainly caused by the connection error.
If I manually connect using ldp.exe (from my windows 7 to my AD server) with
the same credentials, it works.
Thus CN=administrator is existing.
I wonder if I must use SSL or not, it was not required when I connect
manually....
dst.java.naming.provider.url =
ldap://someIP:389/dc=foo,dc=bardst.java.naming.security.principal =
cn=administrator,dc=foo,dc=bar
Is there anything in Ubuntu which I can use to test an ldap connection to AD?
Thanks
Date: Tue, 3 Jan 2012 14:19:00 +0100
Subject: Re: [lsc-users] errors running the example: synchronizing to/from
Active Directory
From: [email protected]
To: [email protected]
CC: [email protected]
Hi Che, your ldap filter seems wrong
Try (&(objectClass=inetOrgPerson)(uid=userX)) instead of
(&objectClass=inetOrgPerson)(uid=userX))
And about " Connecting to LDAP server ldap://someIP:389/dc=foo,dc=bar as
cn=administrator,dc=foo,dc=bar", it seems your credentials are rejected or the
admin distinguished name does not exist.
Hope it helps
Natan
On Tue, Jan 3, 2012 at 2:08 PM, Che H M <[email protected]> wrote:
Dear,
I am currently testing the LSC stable version 1.2.1.and I'm using the Howto,
described on the lsc-project.org.
When I perform a dry run I come across several problems.
root@ldap:/home/user/lsc# bin/lsc -f etc -c all -s all -nJan 03 13:57:51 - INFO
- Starting sync for ADuser
Jan 03 13:57:51 - INFO - Connecting to LDAP server
ldap://localhost:389/dc=fooz,dc=barz as cn=superUser,dc=fooz,dc=barzJan 03
13:57:51 - ERROR - Error while looking for
(&objectClass=inetOrgPerson)(uid=userX)) in ou=cc:
javax.naming.directory.InvalidSearchFilterException: Unbalanced parenthesis;
remaining name 'ou=cc'
Jan 03 13:57:51 - ERROR - Error while synchronizing ID {uid=userX}:
javax.naming.directory.InvalidSearchFilterException: Unbalanced parenthesis;
remaining name 'ou=cc'Jan 03 13:57:51 - ERROR - Error while looking for
(&objectClass=inetOrgPerson)(uid=userY)) in ou=cc:
javax.naming.directory.InvalidSearchFilterException: Unbalanced parenthesis;
remaining name 'ou=cc'
Jan 03 13:57:51 - ERROR - Error while synchronizing ID {uid=userY}:
javax.naming.directory.InvalidSearchFilterException: Unbalanced parenthesis;
remaining name 'ou=cc'Jan 03 13:57:51 - ERROR - All entries: 2, to modify
entries: 0, modified entries: 0, errors: 2
Jan 03 13:57:51 - INFO - Starting clean for ADuserJan 03 13:57:51 - INFO -
Connecting to LDAP server ldap://someIP:389/dc=foo,dc=bar as
cn=administrator,dc=foo,dc=barJan 03 13:57:51 - ERROR - Error opening the LDAP
connection to the destination!
Jan 03 13:57:51 - ERROR - java.lang.RuntimeException:
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr:
DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1]Last log
file line: Jan 03 13:57:51 - ERROR - java.lang.RuntimeException:
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr:
DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1]
I've noticed that someone else posted such error before and no reply has been
given...
Thanks in advance.
Kind regards
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
