HI Martin, I think that you may have in issue because you add 1000 to your group_id before returning it while listing objects (getPosixGroupList) but you try and search for this value inside the original table in the getPosixGroup request (WHERE ug.group_id = #gidnumber# ... AND g.group_id = #gidnumber#)
Maybe you should try WHERE ug.group_id + 1000 = #gidnumber# ... AND g.group_id + 1000 = #gidnumber# Regards, Sebastien BAHLOUL IAM / Security specialist Ldap Synchronization Connector : http://lsc-project.org Blog : http://sbahloul.wordpress.com/ 2014/1/16 Martin Hamant <[email protected]> > Hi there ! > > I need to synchronize users and groups from a set of MySQL tables to an > LDAP directory. > users sync works well. Then I tried to replicate the thing for groups but > it seems I miss something (I get an empty "cn" field). > Also I am not sure if I have to use "cn" or "gidNumber" as a pivot > attribute... Originally I wanted to use gidNumber everywhere so the > distinction is guaranteed. > > Once I'll have the above solved I'll need to inject the memberUid field to > the LDAP directory , so I wrote an SQL query that returns memberUid as a > comma separated membership list. Would it be sufficient enough ? > > > Here is my GroupSync LSC task : > > http://pastebin.com/QtqPcNca > > And the SQL map : > > http://pastebin.com/yZhiFtpm > > And LSC debug output (you can see 'In object "cn=,ou' than cn field gets > empty !?) : > > Jan 16 08:21:46 - DEBUG - Loading XML configuration from: > /home/lsc/sql2ldap/etc/lsc.xml > Jan 16 08:21:46 - INFO - Reflections took 254 ms to scan 1 urls, > producing 51 keys and 103 values > Jan 16 08:21:46 - DEBUG - Importing XML schema file: > schemas/lsc-core-2.0.xsd > Jan 16 08:21:46 - INFO - Logging configuration successfully loaded from > /home/lsc/sql2ldap/etc/logback.xml > Jan 16 08:21:46 - INFO - LSC configuration successfully loaded from > /home/lsc/sql2ldap/etc/ > Jan 16 08:21:46 - INFO - Connecting to LDAP server > ldap://localhost:389/dc=my,dc=domain,dc=ltd as > cn=admin,dc=my,dc=domain,dc=ltd > Jan 16 08:21:46 - DEBUG - Reading sql-map-config.xml from > file:/home/lsc/sql2ldap/etc/sql-map-config.xml > Jan 16 08:21:47 - INFO - Starting sync for GroupSync > Jan 16 08:21:47 - DEBUG - Synchronizing GroupSync for {gidnumber=1001, > cn=admin} > Jan 16 08:21:47 - DEBUG - Synchronizing GroupSync for {gidnumber=1046, > cn=sitenews} > Jan 16 08:21:47 - DEBUG - Synchronizing GroupSync for {gidnumber=1100, > cn=none} > Jan 16 08:21:47 - DEBUG - Synchronizing GroupSync for {gidnumber=1101, > cn=stest} > Jan 16 08:21:47 - DEBUG - Synchronizing GroupSync for {gidnumber=1099, > cn=imadmingroup} > Jan 16 08:21:47 - DEBUG - In object "cn=,ou=groups,dc=my,dc=domain,dc=ltd": > List of attributes considered for writing in destination: [cn, > description, memberUid, gidNumber, objectClass] > Jan 16 08:21:47 - DEBUG - In object "cn=,ou=groups,dc=my,dc=domain,dc=ltd": > Attribute "cn" is in FORCE status > Jan 16 08:21:47 - DEBUG - In object "cn=,ou=groups,dc=my,dc=domain,dc=ltd": > Attribute "cn" will not be written to the destination > Jan 16 08:21:47 - DEBUG - In object "cn=,ou=groups,dc=my,dc=domain,dc=ltd": > Attribute "description" is in FORCE status > Jan 16 08:21:47 - DEBUG - In object "cn=,ou=groups,dc=my,dc=domain,dc=ltd": > List of attributes considered for writing in destination: [cn, > description, memberUid, gidNumber, objectClass] > (...) > > Thanks for your help ! > > -- > Martin > > _______________________________________________________________ > Ldap Synchronization Connector (LSC) - http://lsc-project.org > > lsc-users mailing list > [email protected] > http://lists.lsc-project.org/listinfo/lsc-users >
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
