Hi Sébastien, On 6/25/12 7:40 AM, Sébastien Bahloul wrote:
Hi Roy,Sorry but I don't understand what is the problem you are facing.
It is odd isn't it!
Can you try two things :- first try to catch the network stream through a wireshark network capture
PostgreSQL server traffic: I see the initial query (id=getUidPwList) and it returns the result I expect (one column table of all the uids). Then the iteration of the second query (id=getUidPwResult) which does select "uid, unicodepw,cn from usercns where uid=$1" with the bind variable $1 equal to each uid (as expected). This again returns the correct row for every uid.
AD server traffic: Strangely all I see is the bind, which is successful, then there is nothing more!
The entire capture is at http://pastebin.com/a7p4GkeUNote that I had to switch to non-TLS to get the capture, but it does not seem to matter. I changed the destination attribute to "description" so that TLS/SSL to the AD server should not be required.
- second, modify the logback.xml file to active a DEBUG loglevel (instead of INFO)
It is all at DEBUG already (you can see some output tagged DEBUG below) Jun 25 15:29:46 - DEBUG - Loading XML configuration from: /etc/lsc/lsc.xmlJun 25 15:29:46 - INFO - Logging configuration successfully loaded from /etc/lsc/logback.xml Jun 25 15:29:46 - INFO - LSC configuration successfully loaded from /etc/lsc/ Jun 25 15:29:46 - INFO - Connecting to LDAP server ldap://dc1.mdibl.net:389/DC=mdibl,DC=net as CN=lscsync,CN=Users,DC=mdibl,DC=net Jun 25 15:29:46 - DEBUG - Reading sql-map-config.xml from file:/etc/lsc/sql-map-config.xml Jun 25 15:29:47 - WARN - No clean request has been specified for task=syncPasswords. During the clean phase, LSC wouldn't be able to get the right entries and may delete all destination entries !
Jun 25 15:29:47 - INFO - Starting sync for syncPasswords
Jun 25 15:29:47 - DEBUG - Synchronizing syncPasswords for {uid=adent}
Jun 25 15:29:47 - ERROR - Unable to get object for id=adent
Jun 25 15:29:47 - ERROR - All entries: 1, to modify entries: 0, modified
entries: 0, errors: 1
Is there a way to get more verbosity for the AD interactions?Is it relevant that the error says "id=adent" rather than "uid=adent"? The uid is the unique attribute for both source and destination.
Thank you , Roy -- Roy McMorran Systems Administrator MDI Biological Laboratory [email protected] _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
