Hi Roy, I've looked inside the code to check why this occured and the only reason I found is that the API we use to search inside the database is providing us a 0 entries result even if according to the network capture, one entry is returned after the correponsding SQL request. Can you pastebin your complete SQL configuration file ?
FYI: The message that include id=adent is only because LSC uses one main identifier which is in your case the uid attribute value. Regards, -- Sebastien BAHLOUL IAM / Security specialist Ldap Synchronization Connector : http://lsc-project.org Blog : http://sbahloul.wordpress.com/ 2012/6/25 Roy McMorran <[email protected]> > Hi Sébastien, > > > On 6/25/12 7:40 AM, Sébastien Bahloul wrote: > >> Hi Roy, >> >> Sorry but I don't understand what is the problem you are facing. >> > > It is odd isn't it! > > > Can you try two things : >> - first try to catch the network stream through a wireshark network >> capture >> > > PostgreSQL server traffic: I see the initial query (id=getUidPwList) and > it returns the result I expect (one column table of all the uids). Then > the iteration of the second query (id=getUidPwResult) which does select > "uid, unicodepw,cn from usercns where uid=$1" with the bind variable $1 > equal to each uid (as expected). This again returns the correct row for > every uid. > > AD server traffic: Strangely all I see is the bind, which is successful, > then there is nothing more! > > The entire capture is at http://pastebin.com/a7p4GkeU > > Note that I had to switch to non-TLS to get the capture, but it does not > seem to matter. I changed the destination attribute to "description" so > that TLS/SSL to the AD server should not be required. > > > - second, modify the logback.xml file to active a DEBUG loglevel (instead >> of INFO) >> > > It is all at DEBUG already (you can see some output tagged DEBUG below) > > Jun 25 15:29:46 - DEBUG - Loading XML configuration from: /etc/lsc/lsc.xml > Jun 25 15:29:46 - INFO - Logging configuration successfully loaded from > /etc/lsc/logback.xml > Jun 25 15:29:46 - INFO - LSC configuration successfully loaded from > /etc/lsc/ > Jun 25 15:29:46 - INFO - Connecting to LDAP server ldap:// > dc1.mdibl.net:389/DC=**mdibl,DC=net<http://dc1.mdibl.net:389/DC=mdibl,DC=net>as > CN=lscsync,CN=Users,DC=mdibl, > **DC=net > Jun 25 15:29:46 - DEBUG - Reading sql-map-config.xml from > file:/etc/lsc/sql-map-config.**xml > Jun 25 15:29:47 - WARN - No clean request has been specified for > task=syncPasswords. During the clean phase, LSC wouldn't be able to get the > right entries and may delete all destination entries ! > Jun 25 15:29:47 - INFO - Starting sync for syncPasswords > Jun 25 15:29:47 - DEBUG - Synchronizing syncPasswords for {uid=adent} > Jun 25 15:29:47 - ERROR - Unable to get object for id=adent > Jun 25 15:29:47 - ERROR - All entries: 1, to modify entries: 0, modified > entries: 0, errors: 1 > > Is there a way to get more verbosity for the AD interactions? > > Is it relevant that the error says "id=adent" rather than "uid=adent"? > The uid is the unique attribute for both source and destination. > > Thank you , > Roy > > > -- > Roy McMorran > Systems Administrator > MDI Biological Laboratory > [email protected] > >
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
