[lsc-users] moving disabled users

Wed, 02 Jan 2013 02:36:49 -0800 

hi and happy new year,

i have a working config for syncing openldap to active directory and also 
disabling users that were deleted from openldap.
now i want to move the disabled users in AD to another subcontainer. therefore 
i think about adding a task for that with
the same source and destination.
would this work or are my thoughts complete nonsense?

regards,
chris

    <task>
      <name>move-disabled</name>
      <bean>org.lsc.beans.SimpleBean</bean>

      <asyncLdapSourceService>
        <name>src-ad-disabled</name>
        <connection reference="active-directory" />
        <baseDn>OU=FHusers,DC=ad,DC=abc,DC=net</baseDn>
        <pivotAttributes>
          <string>sAMAccountName</string>
        </pivotAttributes>
        <fetchedAttributes>
          <string>sAMAccountName</string>
        </fetchedAttributes>
        
<getAllFilter>(&amp;(userAccountControl=66050)(objectClass=user))</getAllFilter>
        <getOneFilter>(sAMAccountName={sAMAccountName})</getOneFilter>
        
<cleanFilter>(&amp;(objectClass=inetorgperson)(sAMAccountName={samAccountName}))</cleanFilter>
        <serverType>ActiveDirectory</serverType>
      </asyncLdapSourceService>

      <ldapDestinationService>
        <name>dst-ad-disabled</name>
        <connection reference="active-directory" />
        <baseDn>OU=FHusers,DC=ad,DC=abc,DC=net</baseDn>
        <pivotAttributes>
          <string>sAMAccountName</string>
        </pivotAttributes>
        <fetchedAttributes>
          <string>sAMAccountName</string>
        </fetchedAttributes>
        <getAllFilter>(&amp;(sAMAccountName=*)(objectClass=user))</getAllFilter>
        <getOneFilter>(sAMAccountName={sAMAccountName})</getOneFilter>
      </ldapDestinationService>

      <propertiesBasedSyncOptions>
        <mainIdentifier><![CDATA[
          var mainident = "";
          mainident = "CN=" + 
srcBean.getDatasetFirstValueById("sAMAccountName") + 
",OU=FHusersDisabled,DC=ad,DC=abc,DC=net";
          mainident
        ]]></mainIdentifier>
        <defaultDelimiter>;</defaultDelimiter>
        <defaultPolicy>KEEP</defaultPolicy>
        <conditions>
                <create>false</create>
                <update>false</update>
                <delete>false</delete>
                <changeId>true</changeId>
        </conditions>
      </propertiesBasedSyncOptions>
    </task>

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org

lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users

Reply via email to