Hello, I'm still trying to synchronise AD with Openldap server and i still dont understand how to populate openldap server from AD especialy passwords and memberof attributs.
Thanking you for your help. this is my lsc.xml file : <?xml version="1.0" ?> <lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.0.xsd"; revision="0"> <connections> <ldapConnection> <name>dst-ldap</name> <url>ldap://localhost:33389/dc=lsc-project,dc=org</url> <username>cn=Directory Manager</username> <password>secret</password> <authentication>SIMPLE</authentication> <referral>IGNORE</referral> <derefAliases>NEVER</derefAliases> <version>VERSION_3</version> <pageSize>-1</pageSize> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> <tlsActivated>false</tlsActivated> <saslMutualAuthentication>false</saslMutualAuthentication> </ldapConnection> <ldapConnection> <name>src-ad</name> <url>ldap://srv-ad-06.meyclub.net:389/dc=meyclub,dc=net</url> <username>cn=Aziza LICHIR,ou=Informatique,ou=SMH,ou=Utilisateurs,dc=meyclub,dc=net</username> <password>Proweb38</password> <authentication>SIMPLE</authentication> <pageSize>1000</pageSize> </ldapConnection> </connections> <audits/> <tasks> <task> <name>MySyncTask</name> <bean>org.lsc.beans.SimpleBean</bean> <ldapSourceService> <name>MySyncTask-src</name> <connection reference="src-ad" /> <baseDn>ou=STRASBOURG,ou=Utilisateurs,dc=meyclub,dc=net</baseDn> <pivotAttributes> <string>mail</string> </pivotAttributes> <fetchedAttributes> <string>cn</string> <string>sn</string> <string>givenName</string> <string>mail</string> <string>sAMAccountName</string> </fetchedAttributes> <getAllFilter>(&(mail=*)(objectClass=user))</getAllFilter> <getOneFilter>(&(objectClass=organizationalPerson)(mail={mail}))</getOneFilter> <cleanFilter>(&(objectClass=organizationalPerson)(mail={mail}))</cleanFilter> <interval>6</interval> </ldapSourceService> <ldapDestinationService> <name>MySyncTask-dst</name> <connection reference="dst-ldap"/> <baseDn>ou=Sample,dc=lsc-project,dc=org</baseDn> <pivotAttributes> <string>mail</string> </pivotAttributes> <fetchedAttributes> <string>cn</string> <string>sn</string> <string>objectClass</string> <string>givenName</string> <string>mail</string> <string>uid</string> </fetchedAttributes> <getAllFilter>(objectClass=inetOrgPerson)</getAllFilter> <getOneFilter>(&(objectClass=inetOrgPerson)(mail={mail}))</getOneFilter> </ldapDestinationService> <propertiesBasedSyncOptions> <mainIdentifier>"mail=" + srcBean.getDatasetFirstValueById("mail") + ",ou=Sample,dc=lsc-project,dc=org"</mainIdentifier> <defaultDelimiter>;</defaultDelimiter> <defaultPolicy>FORCE</defaultPolicy> <dataset> <name>objectClass</name> <policy>FORCE</policy> <forceValues> <string>"inetOrgPerson"</string> <string>"organizationalPerson"</string> <string>"person"</string> <string>"top"</string> </forceValues> <delimiter>,</delimiter> </dataset> <dataset> <name>uid</name> <policy>FORCE</policy> <forceValues> <string> srcBean.getDatasetFirstValueById("sAMAccountName")</string> </forceValues> </dataset> <dataset> <name>default</name> <policy>FORCE</policy> </dataset> </propertiesBasedSyncOptions> </task> <task> <name>GroupSyncTask</name> <bean>org.lsc.beans.SimpleBean</bean> <ldapSourceService> <name>GroupSyncTask-src</name> <connection reference="src-ad" /> <baseDn>ou=STRASBOURG,ou=Utilisateurs,dc=meyclub,dc=net</baseDn> <pivotAttributes> <string>sn</string> </pivotAttributes> <fetchedAttributes> <string>memberof</string> <string>mail</string> </fetchedAttributes> <getAllFilter>(&(mail=*)(objectClass=user))</getAllFilter> <getOneFilter>(&(objectClass=organizationalPerson)(mail={mail}))</getOneFilter> <cleanFilter>(&(objectClass=organizationalPerson)(mail={mail}))</cleanFilter> <interval>6</interval> </ldapSourceService> <ldapDestinationService> <name>GroupSyncTask-dst</name> <connection reference="dst-ldap"/> <baseDn>ou=Sample,dc=lsc-project,dc=org</baseDn> <pivotAttributes> <string>sn</string> </pivotAttributes> <fetchedAttributes> <string>member</string> <string>mail</string> </fetchedAttributes> <getAllFilter>(objectClass=groupOfNames)</getAllFilter> <getOneFilter>(&(objectClass=inetOrgPerson)(mail={mail}))</getOneFilter> </ldapDestinationService> <propertiesBasedSyncOptions> <mainIdentifier>"mail=" + srcBean.getDatasetFirstValueById("sn")+ ",ou=Sample,dc=lsc-project,dc=org" </mainIdentifier> <defaultDelimiter>;</defaultDelimiter> <defaultPolicy>FORCE</defaultPolicy> <dataset> <name>objectClass</name> <policy>FORCE</policy> <forceValues> <string>"inetOrgPerson"</string> <string>"organizationalPerson"</string> <string>"person"</string> <string>"groupOfNames"</string> <string>"top"</string> </forceValues> <delimiter>,</delimiter> </dataset> <dataset> <name>member</name> <policy>FORCE</policy> <forceValues> <string> srcBean.getDatasetValuesById("memberof")</string> </forceValues> </dataset> <dataset> <name>default</name> <policy>FORCE</policy> </dataset> </propertiesBasedSyncOptions> </task> </tasks> </lsc> -- *___________________________________________________________* ** *AL* * *
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
