I need to sync all users with all hierarchical structure from ad to openldap. This code is correct?
2014-04-04 1:20 GMT-07:00 Sébastien Bahloul <[email protected]>: > So what ? > > Sebastien BAHLOUL > IAM / Security specialist > Ldap Synchronization Connector : http://lsc-project.org > Blog : http://sbahloul.wordpress.com/ > > > 2014-04-04 10:17 GMT+02:00 Deividas haspo <[email protected]>: > >> 2 - 0000208D: NameErr: DSID-03100213, problem 2001 (NO_OBJECT), data 0, >> best match of: >> 'DC=homeserver2012,DC=org' >> ]; remaining name 'OU=Internal,OU=Users,OU=Accounts' >> Apr 04 10:21:52 - ERROR - Empty or non existant source (no IDs found) >> Apr 04 10:21:52 - INFO - Starting clean for AD2OpenLDAP >> Apr 04 10:21:52 - ERROR - javax.naming.NameNotFoundException: [LDAP: >> error code 32 - No Such Object]; remaining name 'ou=users' >> Apr 04 10:21:52 - ERROR - Empty or non existant destination (no IDs found) >> >> Code goes like this: >> >> <?xml version="1.0" ?> >> >> <lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.0.xsd"; >> revision="0"> >> <connections> >> >> <!-- Source: Active Directory --> >> >> <ldapConnection> >> <name>landcareADConnection</name> >> <url>ldap://haspo:389/dc=homeserver2012,dc=org</url> >> <username>[email protected]</username> >> <password>MyPass99</password> >> <authentication>SIMPLE</authentication> >> <referral>IGNORE</referral> >> <derefAliases>NEVER</derefAliases> >> <version>VERSION_3</version> >> <pageSize>1000</pageSize> >> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> >> <tlsActivated>false</tlsActivated> >> </ldapConnection> >> >> <!-- Destination: OpenLDAP Server --> >> >> <ldapConnection> >> <name>openldapConnection</name> >> <url>ldap://localhost:9009/dc=manoserveris,dc=lt</url> >> <username>cn=Manager,dc=manoserveris,dc=lt</username> >> <password>secret</password> >> <authentication>SIMPLE</authentication> >> <referral>IGNORE</referral> >> <derefAliases>NEVER</derefAliases> >> <version>VERSION_3</version> >> <pageSize>-1</pageSize> >> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> >> <tlsActivated>false</tlsActivated> >> </ldapConnection> >> </connections> >> >> <tasks> >> >> <!-- Import from AD to OpenLAP --> >> >> <task> >> <name>AD2OpenLDAP</name> >> <bean>org.lsc.beans.SimpleBean</bean> >> <ldapSourceService> >> <name>landcareAD</name> >> <connection reference="landcareADConnection"/> >> >> <baseDn>OU=Internal,OU=Users,OU=Accounts,DC=homeserver2012,DC=org</baseDn> >> <pivotAttributes><string>cn</string></pivotAttributes> >> <fetchedAttributes> >> <string>cn</string> >> <string>sn</string> >> <string>givenName</string> >> <string>mail</string> >> <string>mailNickname</string> >> <string>userPassword</string> >> <string>displayName</string> >> </fetchedAttributes> >> <getAllFilter>(objectClass=user)</getAllFilter> >> >> <getOneFilter>(&(objectClass=user)(cn={cn}))</getOneFilter> >> >> <cleanFilter>(&(objectClass=user)(cn={cn}))</cleanFilter> >> </ldapSourceService> >> <ldapDestinationService> >> <name>openldap</name> >> <connection reference="openldapConnection"/> >> <baseDn>ou=users,dc=manoserveris,dc=lt</baseDn> >> <pivotAttributes><string>cn</string></pivotAttributes> >> <fetchedAttributes> >> <string>cn</string> >> <string>gidNumber</string> >> <string>givenName</string> >> <string>homeDirectory</string> >> <string>loginShell</string> >> <string>objectClass</string> >> <string>Password</string> >> <string>sn</string> >> <string>uidNumber</string> >> <string>userid</string> >> <string>objectClass</string> >> </fetchedAttributes> >> <getAllFilter>(objectClass=posixAccount)</getAllFilter> >> >> <getOneFilter>(&(objectClass=posixAccount)(cn={cn}))</getOneFilter> >> </ldapDestinationService> >> <propertiesBasedSyncOptions> >> <mainIdentifier>"cn=" + >> srcBean.getDatasetFirstValueById("displayName") + >> ",ou=users,dc=landcareresearch,dc=co,dc=nz"</mainIdentifier> >> <defaultDelimiter>$</defaultDelimiter> >> <defaultPolicy>FORCE</defaultPolicy> >> <conditions> >> <create>true</create> >> <update>true</update> >> <delete>false</delete> >> </conditions> >> <dataset> >> <name>objectClass</name> >> <policy>FORCE</policy> >> <forceValues> >> <string>"inetOrgPerson"</string> >> <string>"posixAccount"</string> >> <string>"top"</string> >> </forceValues> >> </dataset> >> <dataset> >> <name>cn</name> >> <policy>FORCE</policy> >> <createValues> >> <string>"cn=" + >> srcBean.getDatasetFirstValueById("mailNickname").toLowerCase().trim(); + >> ",ou=users,dc=landcareresearch,dc=co,dc=nz"</string> >> </createValues> >> </dataset> >> <dataset> >> <name>gidNumber</name> >> <policy>FORCE</policy> >> <forceValues> >> <string>"502"</string> >> </forceValues> >> </dataset> >> <dataset> >> <name>givenName</name> >> <createValues> >> >> <string>srcBean.getDatasetFirstValueById("givenName");</string> >> </createValues> >> </dataset> >> <dataset> >> <name>homeDirectory</name> >> <createValues> >> <string>"/home/users/" + >> srcBean.getDatasetFirstValueById("mailNickname").toLowerCase().trim();</string> >> </createValues> >> </dataset> >> <dataset> >> <name>loginShell</name> >> <policy>FORCE</policy> >> <forceValues> >> <string>"/bin/bash"</string> >> </forceValues> >> </dataset> >> <dataset> >> <name>sn</name> >> <policy>FORCE</policy> >> <createValues> >> >> <string>srcBean.getDatasetFirstValueById("sn");</string> >> </createValues> >> </dataset> >> <dataset> >> <name>uidNumber</name> >> <policy>KEEP</policy> >> <createValues> >> >> <string>SequencesFactory.getInstance(ldap.getJndiServices()).getNextValue("cn=uidNumberSequence,ou=Sequences,ou=HiddenTree,dc=landcareresearch,dc=co,dc=nz","serialNumber");</string> >> </createValues> >> </dataset> >> <dataset> >> <name>userid</name> >> <policy>FORCE</policy> >> <createValues> >> >> <string>srcBean.getDatasetFirstValueById("mailNickname").toLowerCase().trim();</string> >> </createValues> >> </dataset> >> </propertiesBasedSyncOptions> >> </task> >> </tasks> >> </lsc> >> >> >> Thanks for reading >> >> _______________________________________________________________ >> Ldap Synchronization Connector (LSC) - http://lsc-project.org >> >> lsc-users mailing list >> [email protected] >> http://lists.lsc-project.org/listinfo/lsc-users >> >> >
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
