Hello !
i do not know what to do with this error :
____________________________________
mars 25 10:06:15 - ERROR - Error while modifying entry
uid=xxxx.xxxx,ou=people,dc=yyyy,dc=zzzz,dc=fr in directory
:javax.naming.directory.SchemaViolationException: [LDAP: error code 65 -
attribute 'supannAutreMail' not allowed]; remaining name 'uid=xxxx.xxxx'
mars 25 10:06:15 - ERROR - Error while synchronizing ID
uid=xxxx.xxxx,ou=people,dc=yyyy,dc=zzzz,dc=fr: java.lang.Exception:
Technical problem while applying modifications to the destination
# Tue Mar 25 10:06:15 CET 2014
dn: uid=xxxx.xxxx,ou=people,dc=yyyy,dc=zzzz,dc=fr
changetype: modify
replace: supannAutreMail
supannAutreMail: [email protected]
mars 25 10:06:15 - ERROR - All entries: 180, to modify entries: 68,
successfully modified entries: 0, errors: 68
mars 25 10:06:15 - INFO - Starting clean for ldap2ldapTask
mars 25 10:06:15 - INFO - All entries: 180, to modify entries: 0,
successfully modified entries: 0, errors: 0
root@max4:/etc/ldap/schema#
___________________________________
My lsc.xml is following
___________________________________
<?xml version="1.0" ?>
<!--
In the following file, comments are describing each node. Elements are
referenced through XPath expression, whereas attributes are
prefixed with
'@'
//lsc Root node of the XML configuration file
@xmlns XML Schema validation is not ready yet (Reserved for futur use)
@id optional, added by XML API
@revision mandatory, used by the Web Administration Interface to
version
this file
-->
<lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.0.xsd"; revision="0">
<!-- ./connections Connections list node, must contain at least two
connections -->
<connections>
<!--
./connection Connection node, include definition of the required
parameters.
Depending on the connection type, properties vary.
Existing class type are : ldapConnection,
databaseConnnection
Plugins also provides : nisConnection,
jndiExecDstConnection
-->
<ldapConnection>
<name>ldap-adonis-conn</name>
<url>ldap://ldap.zzzz.fr:389/ou=people,dc=zzzz,dc=fr</url>
<username></username>
<password></password>
<authentication>NONE</authentication>
<referral>IGNORE</referral>
<derefAliases>NEVER</derefAliases>
<version>VERSION_3</version>
<pageSize>-1</pageSize>
<factory>com.sun.jndi.ldap.LdapCtxFactory</factory>
<tlsActivated>false</tlsActivated>
</ldapConnection>
<ldapConnection>
<name>ldap-dst-conn</name>
<!-- ./url mandatory, the JNDI URL -->
<url>ldap://max4.yyyy.zzzz.fr:389/ou=people,dc=yyyy,dc=zzzz,dc=fr</url>
<!-- ./username mandatory, the DN to bind with -->
<username>cn=admin,dc=yyyy,dc=zzzz,dc=fr</username>
<!-- ./password mandatory, credentials to bind with -->
<password>mypassword</password>
<!-- ./authentication mandatory, must contain either ANONYMOUS, SIMPLE,
SASL, GSSAPI or DIGEST_MD5 -->
<authentication>SIMPLE</authentication>
<!-- ./referral mandatory, must contain either IGNORE, THROUGH, THROW
or FOLLOW -->
<referral>IGNORE</referral>
<!-- ./derefAliases mandatory, must contain either NEVER, SEARCH, FIND,
ALWAYS -->
<derefAliases>NEVER</derefAliases>
<!-- ./version mandatory, must contain either VERSION_2, VERSION_3 -->
<version>VERSION_3</version>
<!-- ./pageSize optional, specify the paged size when searching -->
<pageSize>-1</pageSize>
<!-- ./factory mandatory, points to LDAP Context Factory,
com.sun.jndi.ldap.LdapCtxFactory for a SUN JDK -->
<factory>com.sun.jndi.ldap.LdapCtxFactory</factory>
<!-- ./tlsActivated optional, specify if SSL/TLS is activated to
connect to the LDAP server -->
<tlsActivated>false</tlsActivated>
</ldapConnection>
</connections>
<!-- ./audits Audits list node -->
<audits>
<!--./audit Audit node, here a CSV audit, may also be a LDIF or any
contributed audit type -->
<csvAudit>
<!-- ./name mandatory, audit name -->
<name>csv</name>
<!-- ./append optional, default to false, specify to create a new log
file or to append to the existing one -->
<append>true</append>
<!-- ./operations optional, comma separated list of operations
(create, delete, update or rename) -->
<operations>create, delete</operations>
<!-- ./file mandatory, define the location of the file where the CSV
data will be written -->
<file>/tmp/dump.csv</file>
<!-- ./datasets optional, comma separated list of datasets
modification to log -->
<datasets>cn, dn</datasets>
<!-- ./separator optional, default to ";", specify the values
separator -->
<separator>,</separator>
</csvAudit>
</audits>
<!-- ./tasks Task list node, must contain at least one task -->
<tasks>
<!-- ./task Task node, this is the main node, in which synchronization
is defined -->
<task>
<!-- ./name mandatory task node this is the main node, in which
synchronization is defined -->
<name>ldap2ldapTask</name>
<!-- ./bean optional bean node, default to org.lsc.beans.SimpleBean,
define the pivot object used to store datasets and values -->
<bean>org.lsc.beans.SimpleBean</bean>
<!-- ./sourceService mandatory node containing definition of the source
service settings
possible builtin types are :
databaseSourceService, ldapSourceService
Plugins also provides: syncreplSourceService,
nisSourceService
-->
<ldapSourceService>
<name>ldap-src-service</name>
<connection reference="ldap-adonis-conn" />
<baseDn>ou=people,dc=zzzz,dc=fr</baseDn>
<pivotAttributes>
<string>uid</string>
<string>departmentNumber</string>
</pivotAttributes>
<fetchedAttributes>
<string>displayName</string>
<string>title</string>
<string>cn</string>
<string>givenName</string>
<string>mail</string>
<string>uid</string>
<string>objectClass</string>
<string>userPassword</string>
<string>sn</string>
<string>departmentNumber</string>
<string>Telephone</string>
<string>o</string>
<string>ou</string>
<string>postalAddress</string>
<string>postalCode</string>
<string>postOfficeBox</string>
<string>labeledURI</string>
<string>roomNumber</string>
<!--<string>supannAliasLogin</string>-->
<!--<string>supannAutreMail</string>-->
<!--<string>supannAutreTelephone</string>-->
<!--<string>supannCivilite</string>-->
<!--<string>supannCodeINE</string>-->
<!--<string>supannEmpCorps</string>-->
<!--<string>supannEmpId</string>-->
<!--<string>supannEntiteAffectation</string>-->
<!--<string>supannEntiteAffectationPrincipale</string>-->
<!--<string>supannEtablissement</string>-->
<!--<string>supannEtuId</string>-->
<!--<string>supannListeRouge</string>-->
<!--<string>supannParrainDN</string>-->
<!--<string>supannRefId</string>-->
<!--<string>supannRoleEntite</string>-->
<!--<string>supannRoleGenerique</string>-->
<!--<string>supannTypeEntiteAffectation</string>-->
<!--<string>eduPersonAffiliation</string>-->
<!--<string>eduPersonPrimaryAffiliation</string>-->
<!--<string>eduPersonPrincipalName</string>-->
<!--<string>uidNumber</string>-->
<!--<string>gidNumber</string>-->
<!--<string>homeDirectory</string>-->
<!--<string>gecos</string>-->
</fetchedAttributes>
<getAllFilter><![CDATA[(&(objectClass=*)(departmentNumber=75))]]></getAllFilter>
<getOneFilter><![CDATA[(&(objectClass=*)(uid={uid})(departmentNumber=75))]]></getOneFilter>
<!-- Use the destination pivot -->
<cleanFilter><![CDATA[(&(objectClass=*)(uid={uid})(departmentNumber=75))]]></cleanFilter>
</ldapSourceService>
<!-- ./destinationService mandatory node containing definition of the
source service settings
possible builtin types are :
databaseDestinationService, ldapDestinationService
Plugins also provides: jndiExecDstService
-->
<ldapDestinationService>
<!-- A ldap destination service will have to contain at least a
name, a connection reference, a base DN, a filter to list
entries, a filter to get a particular entry, a list of
pivot attributes and a list of fetched attributes -->
<name>ldap-dst-service</name>
<connection reference="ldap-dst-conn" />
<!-- ./baseDn This mandatory node provide the directory base branch
that will be used to look for entries (list and get) -->
<baseDn>ou=people,dc=yyyy,dc=zzzz,dc=fr</baseDn>
<!-- ./pivotAttributes This mandatory node must include string nodes
with attributes name that will be used with their values
as pivot datasets (used to get the corresponding entry and
to identify the counter-part object, here in the source database
used during the clean phase to delete the corresponding
entry if no corresponding object is found)-->
<pivotAttributes>
<string>uid</string>
<string>departmentNumber</string>
</pivotAttributes>
<!-- ./fetchedAttributes This mandatory node must include string
nodes with attributes name that will fill the full object.
In a LDAP destination service, fetched attributes will be
written to the target directory, whereas source provided datasets
that are not listed their will silently be canceled, i.e.
not synchronized with the directory. -->
<fetchedAttributes>
<string>displayName</string>
<string>title</string>
<string>cn</string>
<string>givenName</string>
<string>mail</string>
<string>uid</string>
<string>objectClass</string>
<string>userPassword</string>
<string>sn</string>
<string>departmentNumber</string>
<string>Telephone</string>
<string>o</string>
<string>ou</string>
<string>postalAddress</string>
<string>postalCode</string>
<string>postOfficeBox</string>
<string>labeledURI</string>
<string>roomNumber</string>
<string>supannAliasLogin</string>
<string>supannAutreMail</string>
<string>supannAutreTelephone</string>
<string>supannCivilite</string>
<string>supannCodeINE</string>
<string>supannEmpCorps</string>
<string>supannEmpId</string>
<string>supannEtuId</string>
<string>supannEntiteAffectation</string>
<string>supannEntiteAffectationPrincipale</string>
<string>supannEtablissement</string>
<string>supannListeRouge</string>
<string>supannParrainDN</string>
<string>supannRefId</string>
<string>supannRoleEntite</string>
<string>supannRoleGenerique</string>
<string>supannTypeEntiteAffectation</string>
<string>eduPersonAffiliation</string>
<string>eduPersonPrimaryAffiliation</string>
<string>eduPersonPrincipalName</string>
<string>uidNumber</string>
<string>gidNumber</string>
<string>homeDirectory</string>
<string>gecos</string>
</fetchedAttributes>
<!-- ./getAllFilter This mandatory node must include the filter that
will be used to list all target objects. In a LDAP destination service
this value is used during the clean phase to look
for every object that it has a corresponding object in the source
database -->
<getAllFilter>(&(objectClass=*)(departmentNumber=75))</getAllFilter>
<!-- ./getOneFilter This mandatory node must include the filter that
will be used to get a particular entry. In a LDAP destination service
this value is used during the synchronization phase
to get the object - in conjonction with fetchedAttributes to synchronize
them -->
<getOneFilter>(&(objectClass=*)(uid={uid})(departmentNumber=75))</getOneFilter>
</ldapDestinationService>
<!-- ./syncOptions This mandatory node describes how to handle the
various situations encountered while synchronizing datasets.
It must contains a main identifier construction rule and a
default policy.
It may contains synchronization conditions, a default
delimiter and datasets synchronization rules (attribute nodes) -->
<propertiesBasedSyncOptions>
<!-- ./mainIdentifier This mandatory node must contain a string
Javascript expression that will enforce the object main identifier.-->
<mainIdentifier>"uid=" + srcBean.getDatasetFirstValueById("uid") +
",ou=people,dc=yyyy,dc=zzzz,dc=fr"</mainIdentifier>
<!-- ./defaultDelimiter This mandatory node must contain a string
Javascript expression that will enforce the object main identifier.-->
<defaultDelimiter>;</defaultDelimiter>
<!-- ./defaultPolicy This mandatory node must contain a string
Javascript expression that will enforce the object main identifier.-->
<defaultPolicy>FORCE</defaultPolicy>
<!-- ./conditions This optional node may contain one or more of the
four node : create, update, delete and changeId -->
<conditions>
<!-- ./create This optional node may contain a boolean Javascript
expression that will indicate whenever a new entry must be created or
not -->
<create>true</create>
<!-- ./update This optional node may contain a boolean Javascript
expression that will indicate whenever a existing entry must be updated
or not -->
<update>true</update>
<!-- ./delete This optional node may contain a boolean Javascript
expression that will indicate whenever a existing entry must be deleted
or not -->
<delete>true</delete>
<!-- ./changeId This optional node may contain a boolean
Javascript expression that will indicate whenever an existing object
main identifier must be changed or not -->
<changeId>false</changeId>
</conditions>
<!-- ./dataset This multi-valued node may contain a structure that
will describe how to synchronize the corresponding dataset -->
<dataset>
<!-- ./name Mandatory node containing the dataset name -->
<name>objectClass</name>
<!-- ./policy Mandatory node containing the policy to apply to this
dataset. Contains KEEP, FORCE or MERGE value -->
<policy>FORCE</policy>
<!-- ./defaultValues Optional node containing a list of string
values that will be used if noone is provided by datasource -->
<defaultValues></defaultValues>
<!-- ./forceValues Optional node containing a list of string values
that will be used to force destination service dataset values -->
<forceValues>
<!--<string>"top";"person";"organizationalPerson";"inetOrgPerson";"eduPerson";"supannPerson";"posixAccount"</string>-->
<string>"top";"person";"organizationalPerson";"inetOrgPerson"</string>
</forceValues>
<!-- ./createValues Optional node containing a list of string
values that will be used to force destination service dataset values
when creating object -->
<createValues>
<string>"top"</string>
<string>"person"</string>
<string>"organizationalPerson"</string>
<string>"inetOrgPerson"</string>
<!--<string>"eduPerson"</string>
<string>"supannPerson"</string>
<string>"posixAccount"</string>-->
</createValues>
</dataset>
<!-- ./dataset This multi-valued node may contain a structure that
will describe how to synchronize the corresponding dataset -->
<dataset>
<!-- ./name Mandatory node containing the dataset name -->
<name>uidNumber</name>
<!-- ./policy Mandatory node containing the policy to apply to this
dataset. Contains KEEP, FORCE or MERGE value -->
<policy>FORCE</policy>
<!-- ./defaultValues Optional node containing a list of string
values that will be used if noone is provided by datasource -->
<defaultValues></defaultValues>
<!-- ./forceValues Optional node containing a list of string values
that will be used to force destination service dataset values -->
<forceValues><string>js:srcBean.getDatasetFirstValueById("uidNumber")</string></forceValues>
<!-- ./createValues Optional node containing a list of string
values that will be used to force destination service dataset values
when creating object -->
<!--<createValues><string>js:srcBean.getAttributeValueById("userPassword")</string></createValues>-->
<createValues><string>js:srcBean.getDatasetFirstValueById("uidNumber")</string></createValues>
</dataset>
<!-- ./dataset This multi-valued node may contain a structure that
will describe how to synchronize the corresponding dataset -->
<dataset>
<!-- ./name Mandatory node containing the dataset name -->
<name>gidNumber</name>
<!-- ./policy Mandatory node containing the policy to apply to this
dataset. Contains KEEP, FORCE or MERGE value -->
<policy>FORCE</policy>
<!-- ./defaultValues Optional node containing a list of string
values that will be used if noone is provided by datasource -->
<defaultValues></defaultValues>
<!-- ./forceValues Optional node containing a list of string values
that will be used to force destination service dataset values -->
<forceValues><string>js:srcBean.getDatasetFirstValueById("gidNumber")</string></forceValues>
<!-- ./createValues Optional node containing a list of string
values that will be used to force destination service dataset values
when creating object -->
<!--<createValues><string>js:srcBean.getAttributeValueById("userPassword")</string></createValues>-->
<createValues><string>js:srcBean.getDatasetFirstValueById("gidNumber")</string></createValues>
</dataset>
<!-- ./dataset This multi-valued node may contain a structure that
will describe how to synchronize the corresponding dataset -->
<dataset>
<!-- ./name Mandatory node containing the dataset name -->
<name>homeDirectory</name>
<!-- ./policy Mandatory node containing the policy to apply to this
dataset. Contains KEEP, FORCE or MERGE value -->
<policy>FORCE</policy>
<!-- ./defaultValues Optional node containing a list of string
values that will be used if noone is provided by datasource -->
<defaultValues></defaultValues>
<!-- ./forceValues Optional node containing a list of string values
that will be used to force destination service dataset values -->
<forceValues><string>js:srcBean.getDatasetFirstValueById("homeDirectory")</string></forceValues>
<!-- ./createValues Optional node containing a list of string
values that will be used to force destination service dataset values
when creating object -->
<!--<createValues><string>js:srcBean.getAttributeValueById("userPassword")</string></createValues>-->
<createValues><string>js:srcBean.getDatasetFirstValueById("homeDirectory")</string></createValues>
</dataset>
<!-- ./dataset This multi-valued node may contain a structure that
will describe how to synchronize the corresponding dataset -->
<dataset>
<!-- ./name Mandatory node containing the dataset name -->
<name>userPassword</name>
<!-- ./policy Mandatory node containing the policy to apply to this
dataset. Contains KEEP, FORCE or MERGE value -->
<policy>FORCE</policy>
<!-- ./defaultValues Optional node containing a list of string
values that will be used if noone is provided by datasource -->
<defaultValues></defaultValues>
<!-- ./forceValues Optional node containing a list of string values
that will be used to force destination service dataset values -->
<forceValues></forceValues>
<!-- ./createValues Optional node containing a list of string
values that will be used to force destination service dataset values
when creating object -->
<!--<createValues><string>js:srcBean.getAttributeValueById("userPassword")</string></createValues>-->
<createValues><string>"tata"</string></createValues>
</dataset>
</propertiesBasedSyncOptions>
</task>
</tasks>
<!-- ./security This mandatory node contains the security settings used
by LSC -->
<security>
<!-- ./encryption This optional node contains the encryption settings -->
<encryption>
<!-- ./keyfile This optional node contains the keyfile location -->
<keyfile>etc/lsc.key</keyfile>
<!-- ./algorithm This optional node contains the encryption algorithm -->
<algorithm>AES</algorithm>
<!-- ./strength This optional node contains the algorithm key length -->
<strength>128</strength>
</encryption>
</security>
</lsc>
______________________________________________________
After several days, some help to pass through this will be appreciated !
Nicolas
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
