Hi Clement,
I added the {}
And I still get:
Sep 25 15:44:37 - ERROR - Unable to get object for
id=CN=Username,OU=Users,OU=JHB,OU=Infrastructure,OU=Divisions,DC=RTT,DC=co,DC=za
The only difference now is that it gives an error for the service accounts
(Which I don't really worry about):
Sep 25 15:44:37 - ERROR - Error while synchronizing ID {samaccountname=MFS$}:
java.lang.StringIndexOutOfBoundsException: String index out of range: 4
I assume it is due to the $ in the username.
Any other ideas?
[Description: Description: Description: image001]
[Description: Description: Description: image002]
Chris Visser
Linux/Network Infrastructure
|
Group IT
mobile
+ 27 83 645 2025
email
[email protected]
tel
+ 27 11 552 2644
Please consider the environment before printing this email
|
DISCLAIMER at
www.rtt.co.za<http://www.rtt.co.za/>
From: Clément OUDOT [mailto:[email protected]]
Sent: Tuesday, September 25, 2012 3:39 PM
To: Chris Visser
Cc: lsc-userslsc-users
Subject: Re: [lsc-users] AD to OpenLDAP sync
2012/9/25 Chris Visser <[email protected]<mailto:[email protected]>>
Hi,
I'm trying to sync from my AD to a local OpenLDAP server.
According the output of lsc -f /etc/lsc/ -c all -s all -n LSC connects fine to
both servers but I get the following error:
Sep 25 14:42:50 - INFO - Starting sync for ad-src-task
Sep 25 14:42:50 - ERROR - Unable to get object for id=CN=Username
OU=Users,OU=JHB,OU=Infrastructure,OU=Divisions,DC=RTT,DC=co,DC=za
And proceeds to list every user in the AD like that and ending with:
Sep 25 14:42:50 - ERROR - All entries: 49, to modify entries: 0, modified
entries: 0, errors: 49
Sep 25 14:42:50 - INFO - Starting clean for ad-src-task
Sep 25 14:42:50 - ERROR - Empty or non existant destination (no IDs found)
My tasks are:
<task>
<name>ad-src-task</name>
<bean>org.lsc.beans.SimpleBean</bean>
<ldapSourceService>
<name>ad-src-service</name>
<connection reference="AD" />
<baseDn>ou=Divisions,dc=rtt,dc=co,dc=za</baseDn>
<pivotAttributes>
<string>samAccountName</string>
</pivotAttributes>
<fetchedAttributes>
<string>sAMAccountName</string>
<string>mail</string>
</fetchedAttributes>
<getAllFilter>(objectClass=person)</getAllFilter>
<getOneFilter>(&(objectClass=person)(uid=sAMAccountName))</getOneFilter>
<getCleanFilter>(&(objectClass=person)(uid=sAMAccountName))</getCleanFilter>
<interval>15</interval>
</ldapSourceService>
<ldapDestinationService>
<name>ldap-dst-service</name>
<connection reference="OpenLDAP" />
<baseDn>ou=Divisions,dc=rtt,dc=co,dc=za</baseDn>
<pivotAttributes>
<string>uid</string>
</pivotAttributes>
<fetchedAttributes>
<string>objectClass</string>
<string>uid</string>
<string>mail</string>
</fetchedAttributes>
<getAllFilter>(objectClass=user)</getAllFilter>
<getOneFilter>((objectClass=user))</getOneFilter>
<getCleanFilter>((objectClass=user))</getCleanFilter>
</ldapDestinationService>
<propertiesBasedSyncOptions>
<mainIdentifier>"mail=" +
srcBean.getDatasetFirstValueById("mail")</mainIdentifier>
<defaultDelimiter>;</defaultDelimiter>
<defaultPolicy>FORCE</defaultPolicy>
<dataset>
<name>objectClass</name>
<policy>FORCE</policy>
<forceValues>
<string>"top";"user";"person";"organizationalPerson"</string>
</forceValues>
</dataset>
<dataset>
<name>uid</name>
<policy>KEEP</policy>
<createValues>
<string>srcBean.getDatasetFirstValueById("sAMAccountName")</string>
</createValues>
</dataset>
</propertiesBasedSyncOptions>
</task>
Check you configuration. In Source filters, you do not have { } around the
pivot attribute.
Read this example:
http://lsc-project.org/wiki/documentation/2.0/tutorials/openldaptoactivedirectory
Clément.
==================
Please read our Email Disclaimer :
http://www.rtt.co.za/disclaimer.html
<<inline: image001.jpg>>
<<inline: image002.jpg>>
<<inline: image003.jpg>>
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
