Oh I forgot about that! I had the cleanfilter misconfigured, but I fixed it now and it works like a charm. Just to remember to run -s all -c all.
Thank you! On 14 November 2012 15:23, Joel Foote <[email protected]> wrote: > Hi Emilio, > > If you run LSC with -c for clean mode, does this do the deletions? > > Thanks, > Joel > > On Wed, Nov 14, 2012 at 7:02 AM, Emilio García < > [email protected]> wrote: > >> Good day everyone! >> >> I have a working configuration for OpenLDAP ---> AD which works fine for >> creating and updating the users... but the problem I have is if I remove >> the users from the source it doesn't get deleted in the destination. How >> can I do this? Also I just want the users to be deleted within the >> destination baseDN. >> >> My configuration is: >> >> <?xml version="1.0" ?> >> >> <lsc xmlns="http://lsORc-project.org/XSD/lsc-core-2.0.xsd"; revision="0"> >> >> <connections> >> >> <ldapConnection> >> >> <name>ldap-src-conn</name> >> >> <url>ldap://10.11.10.70:389/o=OR</url> >> >> <username>cn=Manager,o=OR</username> >> >> <password>secret</password> >> >> <authentication>SIMPLE</authentication> >> >> <referral>IGNORE</referral> >> >> <derefAliases>NEVER</derefAliases> >> >> <version>VERSION_3</version> >> >> <pageSize>900</pageSize> >> >> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> >> >> <tlsActivated>false</tlsActivated> >> >> </ldapConnection> >> >> <ldapConnection> >> >> <name>ldap-dst-conn</name> >> >> <url>ldaps:// >> WIN-ADBOX.testdir.Organization.com:636/dc=testdir,dc=Organization,dc=com >> </url> >> >> <username>[email protected]</username> >> >> <password>password!</password> >> >> <authentication>SIMPLE</authentication> >> >> <referral>IGNORE</referral> >> >> <derefAliases>NEVER</derefAliases> >> >> <version>VERSION_3</version> >> >> <pageSize>900</pageSize> >> >> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> >> >> <tlsActivated>false</tlsActivated> >> >> </ldapConnection> >> >> </connections> >> >> <tasks> >> >> <task> >> >> <name>Users</name> >> >> <bean>org.lsc.beans.SimpleBean</bean> >> >> <ldapSourceService> >> >> <name>openldap-source-service</name> >> >> <connection reference="ldap-src-conn" /> >> >> <baseDn>o=OR</baseDn> >> >> <pivotAttributes> >> >> <string>entryUUID</string> >> >> </pivotAttributes> >> >> <fetchedAttributes> >> >> <string>entryUUID</string> >> >> <string>cn</string> >> >> <string>sn</string> >> >> <string>givenName</string> >> >> <string>objectClass</string> >> >> <string>mail</string> >> >> <!--<string>userPassword</string>--> >> >> </fetchedAttributes> >> >> >> <getAllFilter>(&(objectClass=inetorgperson)(groupMembership=cn=ReplGroup,ou=GROUPS,ou=CORP,o=OR))</getAllFilter> >> >> >> <getOneFilter>(&(&(objectClass=inetorgperson)(entryUUID={entryUUID}))(groupMembership=cn=ReplGroup,ou=GROUPS,ou=CORP,o=OR))</getOneFilter> >> >> >> <cleanFilter>(&(groupMembership=cn=ReplGroup,ou=CORP,o=OR)(&(objectClass=inetorgperson)(entryUUID={entryUUID}))</cleanFilter> >> >> </ldapSourceService> >> >> <ldapDestinationService> >> >> <name>ad-dst-service</name> >> >> <connection reference="ldap-dst-conn" /> >> >> >> <baseDn>OU=IDVault,DC=testdir,DC=Organization,dc=com</baseDn> >> >> <pivotAttributes> >> >> <string>description</string> >> >> </pivotAttributes> >> >> <fetchedAttributes> >> >> <string>description</string> >> >> <string>cn</string> >> >> <string>sn</string> >> >> <string>givenName</string> >> >> <string>objectClass</string> >> >> <string>samAccountName</string> >> >> <string>userPrincipalName</string> >> >> <string>mail</string> >> >> <string>displayName</string> >> >> <string>userAccountControl</string> >> >> <string>unicodePwd</string> >> >> <!--<string>userPassword</string>--> >> >> </fetchedAttributes> >> >> <getAllFilter>(objectClass=user)</getAllFilter> >> >> >> <getOneFilter>(&(objectClass=user)(description={entryUUID}))</getOneFilter> >> >> </ldapDestinationService> >> >> <propertiesBasedSyncOptions> >> >> <mainIdentifier>"CN=" + >> srcBean.getDatasetFirstValueById("cn") + >> >> >> ",OU=IDVault,DC=testdir,DC=Organization,DC=com"</mainIdentifier> >> >> <defaultDelimiter>;</defaultDelimiter> >> >> <defaultPolicy>FORCE</defaultPolicy> >> >> <conditions> >> >> <create>true</create> >> >> <delete>true</delete> >> >> </conditions> >> >> <dataset> >> >> <name>description</name> >> >> <policy>FORCE</policy> >> >> <forceValues> >> >> >> <string>js:srcBean.getDatasetFirstValueById("entryUUID")</string> >> >> </forceValues> >> >> </dataset> >> >> <dataset> >> >> <name>samAccountName</name> >> >> <policy>KEEP</policy> >> >> <createValues> >> >> <string><![CDATA[js: >> >> var result = srcBean.getDatasetFirstValueById("cn"); >> >> <!-- >> java.lang.System.out.println("DEBUG++++++++++++++++:"+result+result.length().toString());--> >> >> if (result.length() > 20){ >> >> var result = result.substring(0,19); >> >> } >> >> <!-- >> java.lang.System.out.println("DEBUG++++++++++++++++++++++++++++++:"+result); >> --> >> >> result >> >> ]]></string> >> >> </createValues> >> >> </dataset> >> >> <dataset> >> >> <name>objectClass</name> >> >> <policy>KEEP</policy> >> >> <createValues> >> >> <string>"user"</string> >> >> </createValues> >> >> </dataset> >> >> <dataset> >> >> <name>unicodePwd</name> >> >> <policy>KEEP</policy> >> >> <createValues> >> >> <string>AD.getUnicodePwd("Changeth1s!")</string> >> >> </createValues> >> >> </dataset> >> >> <dataset> >> >> <name>userPrincipalName</name> >> >> <policy>KEEP</policy> >> >> <forceValues> >> >> <string><![CDATA[js: >> >> var result = srcBean.getDatasetFirstValueById("cn"); >> >> >> java.lang.System.out.println("DEBUG++++++++++++++++:"+result+result.length().toString()); >> >> if (result.length() > 20){ >> >> var result = result.substring(0,19); >> >> } >> >> >> java.lang.System.out.println("DEBUG++++++++++++++++++++++++++++++:"+result); >> >> var result = result + "@testdir.Organization.com"; >> >> result >> >> ]]></string> >> >> </forceValues> >> >> </dataset> >> >> <dataset> >> >> <name>userAccountControl</name> >> >> <policy>KEEP</policy> >> >> <createValues> >> >> <string>AD.userAccountControlSet( "0", >> [AD.UAC_SET_NORMAL_ACCOUNT])</string> >> >> </createValues> >> >> </dataset> >> >> </propertiesBasedSyncOptions> >> >> </task> >> >> </tasks> >> >> </lsc> >> >> >> Cloudreach Limited is a limited company registered in England with >> registered number 06975407 >> >> The above terms reflect a potential business arrangement, are provided >> solely as a basis for further discussion, >> and are not intended to be and do not constitute a legally binding >> obligation. No legally binding obligations >> will be created, implied, or inferred until an agreement in final form is >> executed in writing by all parties involved. >> >> This email may be confidential or privileged. If you received this >> communication by mistake, please don't forward >> it to anyone else, please erase all copies and attachments, and please let >> us know that it has gone to the wrong person. >> >> >> >> _______________________________________________________________ >> Ldap Synchronization Connector (LSC) - http://lsc-project.org >> >> lsc-users mailing list >> [email protected] >> http://lists.lsc-project.org/listinfo/lsc-users >> >> > Cloudreach Limited is a limited company registered in England with registered number 06975407 The above terms reflect a potential business arrangement, are provided solely as a basis for further discussion, and are not intended to be and do not constitute a legally binding obligation. No legally binding obligations will be created, implied, or inferred until an agreement in final form is executed in writing by all parties involved. This email may be confidential or privileged. If you received this communication by mistake, please don't forward it to anyone else, please erase all copies and attachments, and please let us know that it has gone to the wrong person.
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
