Thank, you. That is a good tip (that no dataset is needed for as-is
propagation). In that case, I must have some larger configuration issue.
I am creating new objects, so there is no existing value. I have taken out
the superfluous dataset elements but still I get only this (whether the
default policy is KEEP or FORCE):
dn: CN=abc,OU=Users,OU=US Scottsdale,dc=xyz,dc=qa1
changetype: add
unicodePwd:: IgAxAHEAYQB6ACEAUQBBAFoAIgA=
My entire <task> element is below:
<task>
<name>SyncTask-Users</name>
<bean>org.lsc.beans.SimpleBean</bean>
<ldapSourceService>
<name>SyncTask-Users-src</name>
<connection reference="src-ldap"/>
<baseDn>ou=US Scottsdale,dc=xyz,dc=net</baseDn>
<pivotAttributes>
<string>sAMAccountName</string>
</pivotAttributes>
<fetchedAttributes>
<string>description</string>
<string>cn</string>
<string>givenName</string>
<string>sn</string>
<string>objectClass</string>
<string>mail</string>
<string>sAMAccountName</string>
<string>userAccountControl</string>
</fetchedAttributes>
<getAllFilter>(&(!(isCriticalSystemObject=TRUE))(objectCategory=person)(objectClass=user)(sAMAccountName=*))</getAllFilter>
<getOneFilter>(&(!(isCriticalSystemObject=TRUE))(objectCategory=person)(objectClass=user)(sAMAccountName={sAMAccountName}))</getOneFilter>
<cleanFilter>(&(!(isCriticalSystemObject=TRUE))(objectCategory=person)(objectClass=user)(sAMAccountName={sAMAccountName}))</cleanFilter>
</ldapSourceService>
<ldapDestinationService>
<name>SyncTask-Users-dst</name>
<connection reference="dst-ldap"/>
<baseDn>dc=xyz,dc=qa1</baseDn>
<pivotAttributes>
<string>sAMAccountName</string>
</pivotAttributes>
<fetchedAttributes>
<string>description</string>
<string>cn</string>
<string>givenName</string>
<string>sn</string>
<string>objectClass</string>
<string>mail</string>
<string>sAMAccountName</string>
<string>unicodePwd</string>
<string>userAccountControl</string>
</fetchedAttributes>
<getAllFilter>(&(!(isCriticalSystemObject=TRUE))(objectCategory=person)(objectClass=user)(sAMAccountName=*))</getAllFilter>
<getOneFilter>(&(!(isCriticalSystemObject=TRUE))(objectCategory=person)(objectClass=user)(sAMAccountName={sAMAccountName}))</getOneFilter>
</ldapDestinationService>
<propertiesBasedSyncOptions>
<mainIdentifier>
<![CDATA[
var pattern = "(?i)dc=xyz,dc=net" ;
var substitute = "dc=xyz,dc=qa1";
var dn=srcBean.getMainIdentifier();
dn = dn.replaceAll(pattern,substitute);
dn; // "emit" the result
]]>
</mainIdentifier>
<defaultDelimiter>;</defaultDelimiter>
<defaultPolicy>KEEP</defaultPolicy>
<dataset>
<name>unicodePwd</name>
<policy>KEEP</policy>
<createValues>
<string>AD.getUnicodePwd("XXXXXXX")</string><!-- set unicodePwd
only at object creation (requires SSL connection to AD) -->
</createValues>
</dataset>
</propertiesBasedSyncOptions>
</task>
On Wed, May 16, 2012 at 8:08 AM, Clément OUDOT <[email protected]> wrote:
> 2012/5/16 Sébastien Bahloul <[email protected]>:
> > Hi Hugh,
> >
> > This looks like LSC has read objectclass values from source entry and
> found
> > the same values in destination entry so it won't try to update it. Am I
> > wrong regarding the data you are trying to synchronize ?
> >
>
> I just want to add that if you want a direct mapping between attribute
> from source and destination, just declare the attribute in the
> <fetchedAttributes> in source and destination, and do no write any
> <dataset> for it.
>
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
