Hi, yes effectively ! i remove it but still the same error about de DN ( no DN SET)
LMP On 10/03/14 20:50, Clément OUDOT wrote: > > 2014-03-10 15:58 GMT+01:00 Plumel Louis-Marie > <[email protected] <mailto:[email protected]>>: > > Hello everybody, > > Since few days i try to synchronize my posix group with AD. > I use lsc 2.0 > > I don't see where my error is, if you can have a look at this, it > should be good. > > <!-- POSIXGROUPS SYNCHRONIZATION TASK --> > > <name>group</name> > <bean>org.lsc.beans.SimpleBean</bean> > <ldapSourceService> > <name>openldap-srce-service</name> > <connection reference="ldap-src-conn" /> > <baseDn>ou=posixgroups,dc=idiap,dc=ch</baseDn> > <pivotAttributes> > <string>cn</string> > </pivotAttributes> > <fetchedAttributes> > <string>cn</string> > <string>description</string> > <string>memberUid</string> > <string>member</string> > </fetchedAttributes> > <getAllFilter><![CDATA[(objectClass=top)]]></getAllFilter> > <getOneFilter><![CDATA[(&(objectClass=top)(cn={cn}))]]></getOneFilter> > </ldapSourceService> > <ldapDestinationService> > <name>ad-dest-service</name> > <connection reference="ldap-dst-conn" /> > <baseDn>OU=groups,OU=LDAP,DC=ad,DC=idiap,DC=ch</baseDn> > <pivotAttributes> > <string>cn</string> > </pivotAttributes> > <fetchedAttributes> > <string>cn</string> > <string>distinguishedName</string> > <string>description</string> > <string>sAMAccountName</string> > <string>objectClass</string> > <string>member</string> > </fetchedAttributes> > <getAllFilter><![CDATA[(objectClass=groups)]]></getAllFilter> > <getOneFilter><![CDATA[(&(objectClass=groups)(cn={cn}))]]></getOneFilter> > </ldapDestinationService> > > <!-- ########################################### > # Syncoptions configuration for Task group# > ########################################### --> > > <propertiesBasedSyncOptions> > <mainIdentifier>"CN=" + > srcBean.getDataSetFirstValueById("cn") + > ",OU=groups,OU=LDAP,DC=ad,DC=idiap,DC=ch"</mainIdentifier> > <defaultDelimiter>$</defaultDelimiter> > <defaultPolicy>FORCE</defaultPolicy> > <dataset> > <name>sAMAccountName</name> > <policy>FORCE</policy> > <createValues> > <string>js:srcBean.getDataSetFirstValueById("cn")</string> > </createValues> > </dataset> > <dataset> > <name>objectClass</name> > <policy>FORCE</policy> > <forceValues> > <string>"top"</string> > <string>"group"</string> > </forceValues> > </dataset> > > <dataset> > <name>member</name> > <policy>FORCE</policy> > <forceValues> > <string><![CDATA[js: > var umembers = > srcBean.getDataSetFirstValueById("memberUid").toArray(); > > for (var i=0; i<umembers.length; i++) > { > try {umembers[i] = > ldap.attribute(ldap.list( "OU=groups", "(sAMAccountName=" + > (umembers[i]) + ")").get(0), 'distinguishedname').get(0) > } > catch (e) { > { umembers[i]=null } > } > var members = new Array(); var j=0; > for (var i=0; i<umembers.length; i++) > { if (umembers[i]!=null) > members[j++]=umembers[i] } members > ]]> > </string> > </forceValues> > </dataset> > </propertiesBasedSyncOptions> > > the error is : > ERROR - Error while synchronizing ID {cn=tecno}: > java.lang.RuntimeException: No DN set ! Read it from the source or > set lsc.tasks.NAME.dn > > > > > Hi, > > I don't understand why you are using a filter (sAMAccountName=xxx) on > ou=groups. > > > Clément.
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
