Hi Hugh, LSC doesn't have such feature for ObjectGUID. Can you use the ObjectSID instead ?
I suggest to open an issue and to mention the following page which should help to add support for it : https://forums.oracle.com/forums/thread.jspa?threadID=1155698&tstart=0 Regards, -- Sebastien BAHLOUL IAM / Security specialist Ldap Synchronization Connector : http://lsc-project.org Blog : http://sbahloul.wordpress.com/ 2012/4/24 Hugh Kelley <[email protected]> > On Tue, Apr 24, 2012 at 4:58 AM, Clément OUDOT <[email protected]>wrote: > >> Le 24 avril 2012 01:05, Hugh Kelley <[email protected]> a écrit : >> > I am trying to retrieve AD/ADAM objectGUID attributes in their >> > string-formatted form from the source directory. So far, I'm getting >> some >> > jumbled mess that I assume is a direct translation of the binary >> objectGUID >> > into a character set. >> > >> > Unfortunately, this is really the only unique and immutable attribute >> for >> > OUs in MS directory services. Assuming this attribute has already >> been >> > crammed into a string (by JNDI) by the time the LSC runtime sees it, >> where >> > can I customize this behavior, by inheriting from >> > com.sun.jndi.ldap.LdapCtxFactory ? >> > >> > My LSC excerpt is below: >> > >> > <ldapSourceService> >> > <name>MySyncTask-src</name> >> > <connection reference="src-ldap"/> >> > <baseDn>dc=xyz,dc=net</baseDn> >> > <pivotAttributes> >> > <string>objectGUID</string> >> > </pivotAttributes> >> > <fetchedAttributes> >> > <string>description</string> >> > <string>distinguishedName</string> >> > <string>objectGUID</string> >> > <string>ou</string> >> > </fetchedAttributes> >> > <getAllFilter> >> > >> (&(!(isCriticalSystemObject=TRUE))(objectClass=organizationalUnit))</getAllFilter> >> > <getOneFilter> >> > >> (&(!(isCriticalSystemObject=TRUE))(objectClass=organizationalUnit)(objectGUID={objectGUID}))</getOneFilter> >> > </ldapSourceService> >> >> >> Hello, >> >> can you try to add objectGUID in the binary attributes of your LDAP >> connection? >> >> See binaryAttributes in >> >> http://lsc-project.org/wiki/documentation/2.0/configuration/connections/ldap >> >> Clément. >> > > Thank you, Clément. I had looked under the Task section for a way to > specify binary-ness, not thinking to check the connection. > > The <binaryAttributes> setting has had an impact, but it doesn't entirely > solve the problem. > > The query is now issued as this: > > Filter: (&(!(isCriticalSystemObject= > TRUE))(objectClass=organizationalUnit)(objectGUID=71:0mb#@�}Xê??�P)) > > Without the binary setting it was issued as this. > > Filter: > (&(!(isCriticalSystemObject=TRUE))(objectClass=organizationalUnit)(objectGUID=�j>�� > M��.�Q��)) > > Unfortunately, I need it to look like this (the guid value is a dummy just > to show the format). > > Filter: > (&(!(isCriticalSystemObject=TRUE))(objectClass=organizationalUnit)(objectGUID=(objectGUID=\FFd\D7\F8j\9A\8EA\A6A\B6\F9\96a\A8\D5)) > > > Where can I insert some Java code that will reformat that attribute before > it is used in the <getOneFilter> substitution? > > Regards, > Hugh > > > _______________________________________________________________ > Ldap Synchronization Connector (LSC) - http://lsc-project.org > > lsc-users mailing list > [email protected] > http://lists.lsc-project.org/listinfo/lsc-users > >
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
