Hi, I see nothing wrong in your configuration. As mentionned here : http://lsc-project.org/wiki/documentation/2.0/configuration/service/sourceasyncldap async services can only work with a 2.4+ OpenLDAP server, since the synchronization mechanism is different for older versions... What is your OpenLDAP version ?
David Le 20/02/2013 14:39, SB MK a écrit : > 2013/2/20 David Coutadeur <[email protected]> > >> >> Hi, >> >> Could you give us : >> >> 1. your configuration >> >> > I've just removed users, password and other infos : > > > <lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.0.xsd"; revision="1"> > <connections> > <ldapConnection> > <name>annuaire</name> > <url>ldap://url</url> > <username>USER</username> > <password>PWD</password> > <authentication>SIMPLE</authentication> > <referral>IGNORE</referral> > <derefAliases>NEVER</derefAliases> > <version>VERSION_3</version> > <pageSize>-1</pageSize> > <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> > <tlsActivated>false</tlsActivated> > </ldapConnection> > > <ldapConnection> > <name>bureautique</name> > <url>ldap://url</url> > <username>cn=USER</username> > <password>PWD</password> > <authentication>SIMPLE</authentication> > <referral>IGNORE</referral> > <derefAliases>NEVER</derefAliases> > <version>VERSION_3</version> > <pageSize>-1</pageSize> > <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> > <tlsActivated>false</tlsActivated> > </ldapConnection> > </connections> > > <audits> > </audits> > > <tasks> > > <task> > <name>groupesOpenLDAPOracle</name> > <bean>org.lsc.beans.SimpleBean</bean> > <asyncLdapSourceService> > <name>openldap-source-service-groupes</name> > <connection reference="bureautique" /> > <baseDn>BASE_DN</baseDn> > <pivotAttributes> > <string>cn</string> > </pivotAttributes> > <fetchedAttributes> > <string>cn</string> > <string>description</string> > <string>gidNumber</string> > <string>memberUid</string> > </fetchedAttributes> > <getAllFilter>(&(objectClass=posixgroup)(!(cn=Administrateurs)))</getAllFilter> > <getOneFilter>(&(objectClass=posixgroup)(cn={cn}))</getOneFilter> > <cleanFilter>(&(objectClass=posixgroup)(cn={cn}))</cleanFilter> > <serverType>OpenLDAP</serverType> > </asyncLdapSourceService> > > <ldapDestinationService> > <name>oracle-dst-service-groupes</name> > <connection reference="annuaire"/> > <baseDn>ou=groupes,ou=,ou=AD,ou=Groupes Techniques,ou=....</baseDn> > <pivotAttributes> > <string>cn</string> > </pivotAttributes> > <fetchedAttributes> > <string>cn</string> > <string>description</string> > <string>gidNumber</string> > <string>objectClass</string> > <string>uniqueMember</string> > </fetchedAttributes> > <getAllFilter>(&(objectClass=groupOfUniqueNames))</getAllFilter> > <getOneFilter>(&(objectClass=groupOfUniqueNames)(cn={cn}))</getOneFilter> > </ldapDestinationService> > > <propertiesBasedSyncOptions> > <mainIdentifier>"cn=" + srcBean.getDatasetFirstValueById("cn") + > ",ou=groupes,ou=......"</mainIdentifier> > <defaultDelimiter>;</defaultDelimiter> > <defaultPolicy>FORCE</defaultPolicy> > > <dataset> > <name>cn</name> > <policy>FORCE</policy> > <forceValues> > <string>js:srcBean.getDatasetFirstValueById("cn")</string> > </forceValues> > </dataset> > > <dataset> > <name>description</name> > <policy>FORCE</policy> > <forceValues> > <string>js:srcBean.getDatasetFirstValueById("description")</string> > </forceValues> > </dataset> > > <dataset> > <name>gidNumber</name> > <policy>FORCE</policy> > <forceValues> > <string>js:srcBean.getDatasetFirstValueById("gidNumber")</string> > </forceValues> > </dataset> > > <dataset> > <name>objectClass</name> > <policy>FORCE</policy> > <forceValues> > <string>"top"</string> > <string>"posixgroup"</string> > <string>"groupOfUniqueNames"</string> > </forceValues> > </dataset> > > > <!--<dataset> > <name>uniqueMember</name> > <policy>FORCE</policy> > <forceValues> > <string> > var fromMembers = srcBean.getAttributeValuesById("memberUid").toArray() ; > var sourceUserDn; > var sourceUserId; > var destUserDn; > for (var i=0; i < fromMembers.length; i++ ) { > try { > sourceUserDn = srcLdap.search( "", "(uid=" + fromMembers[i] + ")" ).get(0); > sourceUserId = srcLdap.attribute(sourceUserDn , "uid").get(0); > destUserDn = ldap.search("", "(uid=" + > ExternalJSFileHelper.invoke("/usr/local/lsc/etc/conf.d/scripts/mappings.js","users", > new Array(sourceUserId)) + ")" ).get(0) + "," + ldap.getContextDn(); > fromMembers[i] = destUserDn > } catch (e) { > fromMembers[i]=null; > } > } > var toMembers = new Array(); > var j=0; > for (var i=0; i < fromMembers.length; i++) { > if (fromMembers[i]!=null) { > toMembers[j++]=fromMembers[i]; > } > } > toMembers > </string> > </forceValues> > </dataset>--> > </propertiesBasedSyncOptions> > </task> > </tasks> > </lsc> > > > When running it sync, it's working as expected. > > >> 2. an example of entry it synchronizes each time. If possible give us >> the entry calculated in the log file (ie the entry to be written in the >> destination) AND the real entry already in the destination. >> >> > Maybe I wasn't clear enough : it doesn't synchronize entries each time, as > it would do with incorrect get*Filter. With my other directories, when I > launch that kind of tasks async, it runs a first "scan", syncs if needed > and waits quietly, until some change in the source directory triggers it. > Here, it runs the first scan, and runs it again when it's over, and again, > ... syncing correctly what needs to be synced (or just scanning if there is > nothing to sync). > It loops, even if nothing has changed on the source, instead of waiting. > > > >> Thank you, >> >> David >> >> >> Le 20/02/2013 14:09, SB MK a écrit : >>> Hi, >>> >>> I'm trying to sync an old OpenLDAP directory to a new OracleDS. I'm using >>> LSC for several other synchro tasks (sync and async) , so my >> configuration >>> directives are mostly the same, except for connection parameters, and >>> everything works flawlessy. >>> >>> But with this one, I have a situation : if i run an async task (even in >> dry >>> run mode), it works great but when the first sync is over, it tries to >> sync >>> again, and again, even if there is no change on the source that should >>> trigger it (but of course, it syncs correctly when needed). >>> >>> It's just like I was running the synchronous task in a loop ! So I'm >> using >>> a cron to run it often, but it's not a clean solution. >>> >>> I'am using the Manager account on the OpenLDAP side, time is correctly >> set >>> on both servers. >>> >>> What could this behaviour be due to ? >>> >>> Regards >>> >>> >>> >>> >>> _______________________________________________________________ >>> Ldap Synchronization Connector (LSC) - http://lsc-project.org >>> >>> lsc-users mailing list >>> [email protected] >>> http://lists.lsc-project.org/listinfo/lsc-users >> >> > > > > _______________________________________________________________ > Ldap Synchronization Connector (LSC) - http://lsc-project.org > > lsc-users mailing list > [email protected] > http://lists.lsc-project.org/listinfo/lsc-users -- David Coutadeur - intégrateur LinID Groupe LINAGORA - BU LGS +33 1 46 96 63 63 / poste 601 +33 6 42 00 63 19 80 rue Roque de Fillol 92800 PUTEAUX "/La présente transmission contient des informations confidentielles appartenant à Linagora, exclusivement destinées au(x) destinataire(s) identifié(s) ci-dessus. Si vous n'en faites pas partie, toute reproduction, distribution ou divulgation de tout ou partie des informations de cette transmission, ou toute action effectuée sur la base de celles-ci vous sont formellement interdites. Si vous avez reçu cette transmission par erreur, nous vous remercions de nous en avertir et de la détruire de votre système d'information. The present transmission contains privileged and confidential information belonging to Linagora, exclusively intended for the recipient(s) thereabove identified. If you are not one of these aforementioned recipients, any reproduction, distribution, disclosure of said information in whole or in part, as well as any action undertaken on the basis of said information are strictly prohibited. If you received the present transmission by mistake, please inform us and destroy it from your messenging and information systems./" _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
