2012/5/4 Bernard <[email protected]>: > Hey Hello Bernard,
> I'm trying to make an ldap and ad sync but I'm having a problem at this > line: > lsc.task.<taskname>.srcService.filterAll = (&(objectClass=top) > (sAMAccountName=*)) > > which is showing this error: > Empty or non existent source (no IDs found) > > I made some research and I'm quite sure that the objectclass is fine but the > samaccountname is not > In fact when I remove samaccountname i get his error when run: > Unable to get object for id=uid=ben,ou=users,dc=volder,dc=com > > Is there a way around it? Well, of course samaccountname does not exist in OpenLDAP. It is an AD specific attribute. Then, if you intend to synchronize users, you may prefer to use objecClass=person rather than objectClass=top. Indeed, all entries in your directory are "top" objects, as all object classes inherit from "top". For the "Unable to get object" error, configure the filterId with a correct filter. See this page: http://lsc-project.org/wiki/documentation/1.2/configuration/service > > However i do have a hunch that it has something to do with my backend.ldif > (used to setup my ldap server) > Do I have to add samaccountname some where there? > backend.ldif: > # Load dynamic backend modules > dn: cn=module,cn=config > objectClass: olcModuleList > cn: module > olcModulepath: /usr/lib/ldap > olcModuleload: back_hdb > > > # Database settings > dn: olcDatabase=hdb,cn=config > objectClass: olcDatabaseConfig > objectClass: olcHdbConfig > olcDatabase: {1}hdb > olcSuffix: dc=volder,dc=com > olcDbDirectory: /var/lib/ldap > olcRootDN: cn=admin,dc=volder,dc=com > olcRootPW: 11111 > olcDbConfig: set_cachesize 0 2097152 0 > olcDbConfig: set_lk_max_objects 1500 > olcDbConfig: set_lk_max_locks 1500 > olcDbConfig: set_lk_max_lockers 1500 > olcDbIndex: objectClass eq > olcLastMod: TRUE > olcDbCheckpoint: 512 30 > olcAccess: to attrs=userPassword by dn="cn=admin,dc=volder,dc=com" write by > anonymous auth by self write by * none > olcAccess: to attrs=shadowLastChange by self write by * read > olcAccess: to dn.base="" by * read > olcAccess: to * by dn="cn=admin,dc=volder,dc=com" write by * read This configuration seems correct. You have now to learn how do good searches in you directory, and how to configure LSC to match your entries. Clément. _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
