No dice. I now am trying this:
33 <tasks>
34 <task>
35 <name>Sync_Active_Directory_Users</name>
36 <bean>org.lsc.beans.SimpleBean</bean>
37
38 <ldapSourceService>
39 <name>ad-src-service</name>
40 <connection reference="Active_Directory" />
41 <baseDn>ou=staff users,dc=linkedin,dc=biz</baseDn>
42 <pivotAttributes><string>cn</string></pivotAttributes>
43 <fetchedAttributes>
44 <string>cn</string>
45 <string>description</string>
46 <string>name</string>
47 <string>objectClass</string>
48 <string>sn</string>
49 <string>givenName</string>
50 </fetchedAttributes>
51 <getAllFilter>(objectClass=user)</getAllFilter>
52 <getOneFilter>(&(objectClass=user)(cn={cn}))</getOneFilter>
53 </ldapSourceService>
54
55 <ldapDestinationService>
56 <name>openldap-dst-service</name>
57 <connection reference="OpenLDAP" />
58 <baseDn>ou=staff users,dc=linkedin,dc=biz</baseDn>
59 <pivotAttributes><string>uid</string></pivotAttributes>
60 <fetchedAttributes>
61 <string>description</string>
62 <string>cn</string>
63 <string>sn</string>
64 <string>givenName</string>
65 <string>objectClass</string>
66 <string>uid</string>
67 <string>mail</string>
68 </fetchedAttributes>
69 <getAllFilter>(objectClass=*)</getAllFilter>
70 <getOneFilter>(&(objectClass=*)(cn={cn}))</getOneFilter>
71 </ldapDestinationService>
72
73 <propertiesBasedSyncOptions>
74 <mainIdentifier>"cn=" + srcBean.getDatasetFirstValueById("cn") +
",ou=Staff Users,dc=linkedin,dc=biz"</mainIdentifier>
75 <defaultDelimiter>;</defaultDelimiter>
76 <defaultPolicy>FORCE</defaultPolicy>
77 <dataset>
78 <name>objectclass</name>
79 <policy>FORCE</policy>
80 <forceValues>
81 <string>"cn"</string>
82 </forceValues>
83 </dataset>
84 </propertiesBasedSyncOptions>
85
86 </task>
87 </tasks>
Output of executing LSC:
Oct 20 01:04:25 - ERROR - Error while looking for (&(objectClass=*)(cn=Jay
Ramamurthi)) in ou=staff users,dc=linkedin,dc=biz:
javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object];
remaining name 'ou=staff users'
Oct 20 01:04:25 - ERROR - Error while looking for
(&(objectClass=*)(cn=Christopher Abrams)) in ou=staff users,dc=linkedin,dc=biz:
javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object];
remaining name 'ou=staff users'
Oct 20 01:04:25 - ERROR - Error while synchronizing ID {cn=Jay Ramamurthi}:
org.lsc.exception.LscServiceException: javax.naming.NameNotFoundException:
[LDAP: error code 32 - No Such Object]; remaining name 'ou=staff users'
Oct 20 01:04:25 - ERROR - Error while synchronizing ID {cn=Christopher Abrams}:
org.lsc.exception.LscServiceException: javax.naming.NameNotFoundException:
[LDAP: error code 32 - No Such Object]; remaining name 'ou=staff users'
Oct 20 01:04:25 - ERROR - All entries: 3999, to modify entries: 0, successfully
modified entries: 0, errors: 3999
Output from syslog on the OpenLDAP server.
Oct 20 01:04:25 slapd[22055]: conn=1067 op=3997 SRCH base="ou=staff
users,dc=linkedin,dc=biz" scope=2 deref=0 filter="(&(objectClass=*)(cn=justin
church))"
Oct 20 01:04:25 slapd[22055]: conn=1067 op=3997 SRCH attr=description cn sn
givenName objectClass uid mail
Oct 20 01:04:25 slapd[22055]: conn=1067 op=3997 SEARCH RESULT tag=101 err=32
nentries=0 text=
Oct 20 01:04:25 slapd[22055]: conn=1067 op=3998 SRCH base="ou=staff
users,dc=linkedin,dc=biz" scope=2 deref=0 filter="(&(objectClass=*)(cn=jay
ramamurthi))"
Oct 20 01:04:25 slapd[22055]: conn=1067 op=3998 SRCH attr=description cn sn
givenName objectClass uid mail
Oct 20 01:04:25 slapd[22055]: conn=1067 op=3998 SEARCH RESULT tag=101 err=32
nentries=0 text=
Oct 20 01:04:25 slapd[22055]: conn=1067 op=3999 SRCH base="ou=staff
users,dc=linkedin,dc=biz" scope=2 deref=0
filter="(&(objectClass=*)(cn=christopher abrams))"
Oct 20 01:04:25 slapd[22055]: conn=1067 op=3999 SRCH attr=description cn sn
givenName objectClass uid mail
Oct 20 01:04:25 slapd[22055]: conn=1067 op=3999 SEARCH RESULT tag=101 err=32
nentries=0 text=
I'm guessing I have something wrong in my propertiesBasedSyncOptions stanza.
From: Joel Foote <[email protected]<mailto:[email protected]>>
Date: Friday, October 19, 2012 2:56 PM
To: Mike Svoboda <[email protected]<mailto:[email protected]>>
Cc: "[email protected]<mailto:[email protected]>"
<[email protected]<mailto:[email protected]>>
Subject: Re: [lsc-users] Sync AD --> OpenLDAP help needed
Overall this looks pretty clean, nice straight forward setup. Your LDAP
getonefilter is wrong though, could that be your snag?
<getOneFilter>(objectclass=*)(cn={cn})</getOneFilter>
should be
<getOneFilter>(& (objectclass=*)(cn={cn}))</getOneFilter>
-Joel
On Fri, Oct 19, 2012 at 5:43 PM, Mike Svoboda
<[email protected]<mailto:[email protected]>> wrote:
I'm trying to get a sync of active directory to dump into OpenLDAP. I can see
Active Directory being queried, and it looks like LSC is querying OpenLDAP at
the destination saying that entries don't exist, but, LSC isn't creating them.
Can someone please help? I'm going nuts here trying to figure this out. I'm
3x days into this and haven't figured it out yet. Here's my lsc.xml
1 <?xml version="1.0" ?>
2 <lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.0.xsd"; id="1"
xmlns:nis="http://lsc-project.org/XSD/lsc-nis-plugin-1.0"; revision="0">
3 <connections>
4 <ldapConnection>
5 <name>Active_Directory</name>
6 <url>xxxxxxx</url>
7 <username>xxxxxxxx</username>
8 <password>xxxxxxxxx</password>
9 <authentication>SIMPLE</authentication>
10 <referral>IGNORE</referral>
11 <derefAliases>NEVER</derefAliases>
12 <version>VERSION_3</version>
13 <pageSize>1000</pageSize>
14 <factory>com.sun.jndi.ldap.LdapCtxFactory</factory>
15 <tlsActivated>false</tlsActivated>
16 </ldapConnection>
17
18 <ldapConnection>
19 <name>OpenLDAP</name>
20 <url>xxxxxxxxx</url>
21 <username>xxxxxxxxxx</username>
22 <password>xxxxxxxx</password>
23 <authentication>SIMPLE</authentication>
24 <referral>IGNORE</referral>
25 <derefAliases>NEVER</derefAliases>
26 <version>VERSION_3</version>
27 <pageSize>-1</pageSize>
28 <factory>com.sun.jndi.ldap.LdapCtxFactory</factory>
29 <tlsActivated>false</tlsActivated>
30 </ldapConnection>
31 </connections>
32
33 <tasks>
34 <task>
35 <name>Sync_Active_Directory_Users</name>
36 <bean>org.lsc.beans.SimpleBean</bean>
37
38 <ldapSourceService>
39 <name>ad-src-service</name>
40 <connection reference="Active_Directory" />
41 <baseDn>ou=staff users,dc=linkedin,dc=biz</baseDn>
42 <pivotAttributes><string>cn</string></pivotAttributes>
43 <fetchedAttributes>
44 <string>cn</string>
45 <string>description</string>
46 <string>name</string>
47 <string>objectclass</string>
48 </fetchedAttributes>
49 <getAllFilter>(objectClass=organizationalPerson)</getAllFilter>
50
<getOneFilter>(&(objectClass=organizationalPerson)(cn={cn}))</getOneFilter>
51 </ldapSourceService>
52
53 <ldapDestinationService>
54 <name>openldap-dst-service</name>
55 <connection reference="OpenLDAP" />
56 <baseDn>ou=staff users,dc=linkedin,dc=biz</baseDn>
57 <pivotAttributes><string>cn</string></pivotAttributes>
58 <fetchedAttributes>
59 <string>cn</string>
60 <string>description</string>
61 <string>objectclass</string>
62 <string>gidNumber</string>
63 </fetchedAttributes>
64 <getAllFilter>(objectclass=*)</getAllFilter>
65 <getOneFilter>(objectclass=*)(cn={cn})</getOneFilter>
66 </ldapDestinationService>
67
68 <propertiesBasedSyncOptions>
69 <mainIdentifier>"cn=" + srcBean.getDatasetFirstValueById("cn") +
",ou=Staff Users,dc=linkedin,dc=biz"</mainIdentifier>
70 <defaultDelimiter>;</defaultDelimiter>
71 <defaultPolicy>FORCE</defaultPolicy>
72 <dataset>
73 <name>objectclass</name>
74 <policy>FORCE</policy>
75 <forceValues>
76 <string>"cn"</string>
77 </forceValues>
78 </dataset>
79 </propertiesBasedSyncOptions>
80
81 </task>
82 </tasks>
83 </lsc>
When I execute, I get this:
Oct 20 00:34:17 - INFO - Reflections took 149 ms to scan 1 urls, producing 60
keys and 226 values
Oct 20 00:34:17 - INFO - Logging configuration successfully loaded from
/etc/lsc/logback.xml
Oct 20 00:34:17 - INFO - LSC configuration successfully loaded from /etc/lsc/
Oct 20 00:34:17 - INFO - Connecting to LDAP server xxxxxxx
Oct 20 00:34:17 - INFO - Connecting to LDAP server xxxxxxxx
Oct 20 00:34:17 - WARN - No clean filter has been specified for
task=Sync_Active_Directory_Users. During the clean phase, LSC wouldn't be able
to get the right entries and may delete all destination entries !
Oct 20 00:34:17 - INFO - Starting sync for Sync_Active_Directory_Users
Oct 20 00:38:45 - ERROR - Error while looking for (objectclass=*)(cn=Heather
Wright) in ou=staffu users,dc=linkedin,dc=biz:
javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object];
remaining name 'ou=staffu users'
Oct 20 00:38:45 - ERROR - Error while looking for (objectclass=*)(cn=Anita
Akemi) in ou=staffu users,dc=linkedin,dc=biz:
javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object];
remaining name 'ou=staffu users'
Oct 20 00:38:45 - ERROR - Error while synchronizing ID {cn=Heather Wright}:
org.lsc.exception.LscServiceException: javax.naming.NameNotFoundException:
[LDAP: error code 32 - No Such Object]; remaining name 'ou=staffu users'
…
…..
Oct 20 00:38:53 - ERROR - All entries: 4000, to modify entries: 0, successfully
modified entries: 0, errors: 4000
>From the OpenLDAP server, I see it complaining about not being able to find
>the entries, which I expect, because the OpenLDAP server is empty at this
>point. I'm wanting LSC to populate the OpenLDAP server from information that
>its discovered from Active Directory.
Here's some of the syslog messages from the OpenLDAP server
Oct 20 00:38:45 slapd[22055]: conn=1038 op=1 SRCH base="ou=staffu
users,dc=linkedin,dc=biz" scope=2 deref=0 filter="(objectClass=*)"
Oct 20 00:38:45 slapd[22055]: conn=1038 op=1 SRCH attr=cn Heather Wright
Oct 20 00:38:45 slapd[22055]: conn=1038 op=1 SEARCH RESULT tag=101 err=32
nentries=0 text=
Oct 20 00:38:45 slapd[22055]: conn=1038 op=2 SRCH base="ou=staffu
users,dc=linkedin,dc=biz" scope=2 deref=0 filter="(objectClass=*)"
Oct 20 00:38:45 slapd[22055]: conn=1038 op=2 SRCH attr=cn Anita Akemi
Oct 20 00:38:45 slapd[22055]: conn=1038 op=3 SRCH base="ou=staffu
users,dc=linkedin,dc=biz" scope=2 deref=0 filter="(objectClass=*)"
Oct 20 00:38:45 slapd[22055]: conn=1038 op=3 SRCH attr=cn Viktor Stanchev
Oct 20 00:38:45 slapd[22055]: conn=1038 op=2 SEARCH RESULT tag=101 err=32
nentries=0 text=
Oct 20 00:38:45 slapd[22055]: conn=1038 op=3 SEARCH RESULT tag=101 err=32
nentries=0 text=
Can someone help point me in the right direction to get LSC to create and
update these objects as needed?
Thanks
Mike
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]<mailto:[email protected]>
http://lists.lsc-project.org/listinfo/lsc-users
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
