Thanks for your feedback. Kind regards, Le 22 janv. 2014 12:11, "Martin Hamant" <[email protected]> a écrit : > > Hi Sébastien and thank you > > I was about to post a reply, to mention how I solved the problem. > You got it right :) > > Here is my new sql map : > > http://pastebin.com/r4qwTgUx > > I also had to do a type cast on gidNumber to make getPosixGroup compatible with, as the value is processed as a string within LSC : > > CAST(g.group_id+1000 AS CHAR) AS gidNumber > > And it was 'g' table, not 'ug' > > info: SQL tables are those from Tuleap software (http://tuleap.net) > > > To inject comma separated group members list resulting from the SQL query to memberUid in the LDAP directory, I also had to specify the following dataset: > <propertiesBasedSyncOptions> > ... > <dataset> > <name>memberUid</name> > <delimiter>,</delimiter> > </dataset> > > > Thanks again !! > > Le 21/01/2014 00:08, Sébastien Bahloul a écrit : >> >> HI Martin, >> >> I think that you may have in issue because you add 1000 to your group_id before returning it while listing objects (getPosixGroupList) but you try and search for this value inside the original table in the getPosixGroup request (WHERE ug.group_id = #gidnumber# ... AND g.group_id = #gidnumber#) >> >> Maybe you should try WHERE ug.group_id + 1000 = #gidnumber# ... AND g.group_id + 1000 = #gidnumber# >> >> Regards, >> >> Sebastien BAHLOUL >> IAM / Security specialist >> Ldap Synchronization Connector : http://lsc-project.org >> Blog : http://sbahloul.wordpress.com/ >> >> >> 2014/1/16 Martin Hamant <[email protected]> >>> >>> Hi there ! >>> >>> I need to synchronize users and groups from a set of MySQL tables to an LDAP directory. >>> users sync works well. Then I tried to replicate the thing for groups but it seems I miss something (I get an empty "cn" field). >>> Also I am not sure if I have to use "cn" or "gidNumber" as a pivot attribute... Originally I wanted to use gidNumber everywhere so the distinction is guaranteed. >>> >>> Once I'll have the above solved I'll need to inject the memberUid field to the LDAP directory , so I wrote an SQL query that returns memberUid as a comma separated membership list. Would it be sufficient enough ? >>> >>> >>> Here is my GroupSync LSC task : >>> >>> http://pastebin.com/QtqPcNca >>> >>> And the SQL map : >>> >>> http://pastebin.com/yZhiFtpm >>> >>> And LSC debug output (you can see 'In object "cn=,ou' than cn field gets empty !?) : >>> >>> Jan 16 08:21:46 - DEBUG - Loading XML configuration from: /home/lsc/sql2ldap/etc/lsc.xml >>> Jan 16 08:21:46 - INFO - Reflections took 254 ms to scan 1 urls, producing 51 keys and 103 values >>> Jan 16 08:21:46 - DEBUG - Importing XML schema file: schemas/lsc-core-2.0.xsd >>> Jan 16 08:21:46 - INFO - Logging configuration successfully loaded from /home/lsc/sql2ldap/etc/logback.xml >>> Jan 16 08:21:46 - INFO - LSC configuration successfully loaded from /home/lsc/sql2ldap/etc/ >>> Jan 16 08:21:46 - INFO - Connecting to LDAP server ldap://localhost:389/dc=my,dc=domain,dc=ltd as cn=admin,dc=my,dc=domain,dc=ltd >>> Jan 16 08:21:46 - DEBUG - Reading sql-map-config.xml from file:/home/lsc/sql2ldap/etc/sql-map-config.xml >>> Jan 16 08:21:47 - INFO - Starting sync for GroupSync >>> Jan 16 08:21:47 - DEBUG - Synchronizing GroupSync for {gidnumber=1001, cn=admin} >>> Jan 16 08:21:47 - DEBUG - Synchronizing GroupSync for {gidnumber=1046, cn=sitenews} >>> Jan 16 08:21:47 - DEBUG - Synchronizing GroupSync for {gidnumber=1100, cn=none} >>> Jan 16 08:21:47 - DEBUG - Synchronizing GroupSync for {gidnumber=1101, cn=stest} >>> Jan 16 08:21:47 - DEBUG - Synchronizing GroupSync for {gidnumber=1099, cn=imadmingroup} >>> Jan 16 08:21:47 - DEBUG - In object "cn=,ou=groups,dc=my,dc=domain,dc=ltd": List of attributes considered for writing in destination: [cn, description, memberUid, gidNumber, objectClass] >>> Jan 16 08:21:47 - DEBUG - In object "cn=,ou=groups,dc=my,dc=domain,dc=ltd": Attribute "cn" is in FORCE status >>> Jan 16 08:21:47 - DEBUG - In object "cn=,ou=groups,dc=my,dc=domain,dc=ltd": Attribute "cn" will not be written to the destination >>> Jan 16 08:21:47 - DEBUG - In object "cn=,ou=groups,dc=my,dc=domain,dc=ltd": Attribute "description" is in FORCE status >>> Jan 16 08:21:47 - DEBUG - In object "cn=,ou=groups,dc=my,dc=domain,dc=ltd": List of attributes considered for writing in destination: [cn, description, memberUid, gidNumber, objectClass] >>> (...) >>> >>> Thanks for your help ! >>> >>> -- >>> Martin >>> >>> _______________________________________________________________ >>> Ldap Synchronization Connector (LSC) - http://lsc-project.org >>> >>> lsc-users mailing list >>> [email protected] >>> http://lists.lsc-project.org/listinfo/lsc-users >> >> >
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
