2013/3/15 Aziza Lichir <[email protected]>: > > > Hello, > > I'm a beginner student and my project is to install an openldap server and > to synchronise it with an AD so i followed the demo that is in the LSC > website and everything was working well. Then i was trying to sync some > attributes from AD to openDj, at first everything seemed simple but when i > tried to sync some multi-values attributes it didn't work and i had this > message error: > > > mars 14 09:31:48 - ERROR - Error while modifying entry > [email protected],ou=Sample,dc=lsc-project,dc=org in > directory :javax.naming.directory.SchemaViolationException: [LDAP: error > code 65 - Entry > [email protected],ou=Sample,dc=lsc-project,dc=org cannot not > be modified because the resulting entry would have violated the server > schema: Entry > [email protected],ou=Sample,dc=lsc-project,dc=org violates > the Directory Server schema configuration because it includes attribute > member which is not allowed by any of the objectclasses defined in that > entry]; remaining name '[email protected],ou=Sample' > mars 14 09:31:48 - ERROR - Error while synchronizing ID > [email protected],ou=Sample,dc=lsc-project,dc=org: > java.lang.Exception: Technical problem while applying modifications to the > destination > dn: [email protected],ou=Sample,dc=lsc-project,dc=org > changetype: modify > replace: member > member: CN=GG_Commercial,OU=LEVALLOIS,OU=Groupe_Securite,DC=meyclub,DC=net > member: CN=GG_ALL,OU=Groupe_Securite,DC=meyclub,DC=net > > > So I realy need some help understanding this problem, you find enclosed my > configuration file. >
Hi Aziza, the error is quite clear: LDAP: error code 65 - Entry [email protected],ou=Sample,dc=lsc-project,dc=org cannot not be modified because the resulting entry would have violated the server schema: Entry [email protected],ou=Sample,dc=lsc-project,dc=org violates the Directory Server schema configuration because it includes attribute member which is not allowed by any of the objectclasses defined in that entry -> member attribute is not allowed in inetOrgPerson objectClass You can't sync group membership like this, you have to create a second task to synchronize groups. Clément. _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
